On Tue, Oct 30, 2018 at 05:57:53PM +0100, Phil Sutter wrote:
> Due to xtables_parse_interface() and parse_ifname() being misaligned
> regarding interface mask setting, rules containing a wildcard interface
> added with iptables-nft could neither be checked nor deleted.
>
> Signed-off-by: Phil
Due to xtables_parse_interface() and parse_ifname() being misaligned
regarding interface mask setting, rules containing a wildcard interface
added with iptables-nft could neither be checked nor deleted.
Signed-off-by: Phil Sutter
---
iptables/nft-shared.c| 2 +-
On Tue, Oct 30, 2018 at 06:45:20PM +0100, Phil Sutter wrote:
> Hi Pablo,
>
> On Tue, Oct 30, 2018 at 06:01:19PM +0100, Pablo Neira Ayuso wrote:
> > On Tue, Oct 30, 2018 at 05:57:53PM +0100, Phil Sutter wrote:
> > > Due to xtables_parse_interface() and parse_ifname() being misaligned
> > >
Hi Pablo,
On Tue, Oct 30, 2018 at 06:01:19PM +0100, Pablo Neira Ayuso wrote:
> On Tue, Oct 30, 2018 at 05:57:53PM +0100, Phil Sutter wrote:
> > Due to xtables_parse_interface() and parse_ifname() being misaligned
> > regarding interface mask setting, rules containing a wildcard interface
> >
On Tue, 30 Oct 2018 at 08:00, Pablo Neira Ayuso wrote:
>
Hi Pablo,
Thank you for review!
> On Fri, Oct 19, 2018 at 12:27:57AM +0900, Taehee Yoo wrote:
> > xt_rateest_net_exit() was added to check whether rules are flushed
> > successfully. but ->net_exit() callback is called earlier than
> >
Thanks to all reviewer!
On Tue, 30 Oct 2018 at 08:41, Florian Westphal wrote:
>
> Pablo Neira Ayuso wrote:
> > On Thu, Oct 25, 2018 at 11:56:12PM +0900, Taehee Yoo wrote:
> > > conn_free() holds lock with spin_lock(). and it is called by both
> > > nf_conncount_lookup() and
The ip_set() macro is called when either ip_set_ref_lock held only
or no lock/nfnl mutex is held at dumping. Take this into account
properly. Also, use Pablo's suggestion to use rcu_dereference_raw(),
the ref_netlink protects the set.
Signed-off-by: Jozsef Kadlecsik
---
On Mon, Oct 29, 2018 at 09:58:00PM +0100, Pablo Neira Ayuso wrote:
> Otherwise we end up displaying things that we cannot parse as input.
> Moreover, in a range, it's relevant to the user the values that are
> enclosed in the range, so let's print this numerically.
>
> Fixes: baa4e0e3fa5f ("src:
On Mon, Oct 29, 2018 at 09:57:58PM +0100, Pablo Neira Ayuso wrote:
> This patch adds NFT_CTX_OUTPUT_NUMERIC_SYMBOL, which replaces the last
> client of the numeric level approach.
>
> This patch updates `-n' option semantics to display all output
> numerically.
>
> Note that monitor code was
On Mon, Oct 29, 2018 at 05:52:51PM -0700, Cameron Norman wrote:
> Yes, we can do that.
Would you send me a patch? Please, add your Signed-off-by: tag.
Or I can just mangle this patch here if you prefer this.
Thanks.
> On Mon, Oct 29, 2018 at 2:11 PM Pablo Neira Ayuso wrote:
> >
> > Hi,
> >
>
10 matches
Mail list logo