[0/6] Netfilter/IPVS updates for net-next

Message ID	20201012013819.23128-1-pablo@netfilter.org
Headers	show Return-Path: <SRS0=Yue4=DT=vger.kernel.org=netdev-owner@kernel.org> sender: pneira@us.es) by entrada.int (Postfix) with ESMTPSA id 1FFEA41FF201; Mon, 12 Oct 2020 03:38:25 +0200 (CEST) From: Pablo Neira Ayuso <pablo@netfilter.org> To: netfilter-devel@vger.kernel.org Cc: davem@davemloft.net, netdev@vger.kernel.org, kuba@kernel.org Subject: [PATCH 0/6] Netfilter/IPVS updates for net-next Date: Mon, 12 Oct 2020 03:38:13 +0200 Message-Id: <20201012013819.23128-1-pablo@netfilter.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Netfilter/IPVS updates for net-next \| expand [0/6] Netfilter/IPVS updates for net-next [1/6] ipvs: inspect reply packets from DR/TUN real servers [2/6] netfilter: add nf_static_key_{inc,dec} [3/6] netfilter: add nf_ingress_hook() helper function [4/6] netfilter: add inet ingress support [5/6] netfilter: nf_tables: add inet ingress support [6/6] netfilter: flowtable: reduce calls to pskb_may_pull()

Message ID

20201012013819.23128-1-pablo@netfilter.org

Headers

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org, kuba@kernel.org
Subject: [PATCH 0/6] Netfilter/IPVS updates for net-next
Date: Mon, 12 Oct 2020 03:38:13 +0200
Message-Id: <20201012013819.23128-1-pablo@netfilter.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Netfilter/IPVS updates for net-next | expand

Message

Pablo Neira Ayuso Oct. 12, 2020, 1:38 a.m. UTC

Hi,

The following patchset contains Netfilter/IPVS updates for net-next:

1) Inspect the reply packets coming from DR/TUN and refresh connection
   state and timeout, from longguang yue and Julian Anastasov.

2) Series to add support for the inet ingress chain type in nf_tables.

Please, pull these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git

Thank you.

----------------------------------------------------------------

The following changes since commit bc081a693a56061f68f736c5d596134ee3c87689:

  Merge branch 'Offload-tc-vlan-mangle-to-mscc_ocelot-switch' (2020-10-11 11:19:25 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git HEAD

for you to fetch changes up to 793d5d61242695142460ce74f124281e0681fbc7:

  netfilter: flowtable: reduce calls to pskb_may_pull() (2020-10-12 01:58:10 +0200)

----------------------------------------------------------------
Pablo Neira Ayuso (5):
      netfilter: add nf_static_key_{inc,dec}
      netfilter: add nf_ingress_hook() helper function
      netfilter: add inet ingress support
      netfilter: nf_tables: add inet ingress support
      netfilter: flowtable: reduce calls to pskb_may_pull()

longguang.yue (1):
      ipvs: inspect reply packets from DR/TUN real servers

 include/net/netfilter/nf_tables.h      |   6 ++
 include/net/netfilter/nf_tables_ipv4.h |  33 +++++++++
 include/net/netfilter/nf_tables_ipv6.h |  46 ++++++++++++
 include/uapi/linux/netfilter.h         |   1 +
 net/netfilter/core.c                   | 129 ++++++++++++++++++++++++++-------
 net/netfilter/ipvs/ip_vs_conn.c        |  18 ++++-
 net/netfilter/ipvs/ip_vs_core.c        |  19 ++---
 net/netfilter/nf_flow_table_core.c     |  12 +--
 net/netfilter/nf_flow_table_ip.c       |  45 +++++++-----
 net/netfilter/nf_tables_api.c          |  14 ++--
 net/netfilter/nft_chain_filter.c       |  35 ++++++++-
 11 files changed, 282 insertions(+), 76 deletions(-)

Comments

Jakub Kicinski Oct. 12, 2020, 11:14 p.m. UTC | #1

On Mon, 12 Oct 2020 03:38:13 +0200 Pablo Neira Ayuso wrote:
> Hi,

> 

> The following patchset contains Netfilter/IPVS updates for net-next:

> 

> 1) Inspect the reply packets coming from DR/TUN and refresh connection

>    state and timeout, from longguang yue and Julian Anastasov.

> 

> 2) Series to add support for the inet ingress chain type in nf_tables.


Pulled, thanks!