diff options
| author | David S. Miller <davem@davemloft.net> | 2012-12-28 17:24:14 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2012-12-28 17:28:17 -0500 |
| commit | ac196f8c92948deb0fc9ae617f3a453c6d71fa69 (patch) | |
| tree | f79d08264a3d6e8c49ab4f20c98e7885f71d4183 /include | |
| parent | 101e5c7470eb7f77ae87f966b9155f0dbb5b4698 (diff) | |
| parent | 1310b955c804975651dca6c674ebfd1cb2b4c7ff (diff) | |
Merge branch 'master' of git://1984.lsi.us.es/nf
Pablo Neira Ayuso says:
====================
The following batch contains Netfilter fixes for 3.8-rc1. They are
a mixture of old bugs that have passed unnoticed (I'll pass these to
stable) and more fresh ones from the previous merge window, they are:
* Fix for MAC address in 6in4 tunnels via NFLOG that results in ulogd
showing up wrong address, from Bob Hockney.
* Fix a comment in nf_conntrack_ipv6, from Florent Fourcot.
* Fix a leak an error path in ctnetlink while creating an expectation,
from Jesper Juhl.
* Fix missing ICMP time exceeded in the IPv6 defragmentation code, from
Haibo Xi.
* Fix inconsistent handling of routing changes in MASQUERADE for the
new connections case, from Andrew Collins.
* Fix a missing skb_reset_transport in ip[6]t_REJECT that leads to
crashes in the ixgbe driver (since it seems to access the transport
header with TSO enabled), from Mukund Jampala.
* Recover obsoleted NOTRACK target by including it into the CT and spot
a warning via printk about being obsoleted. Many people don't check the
scheduled to be removal file under Documentation, so we follow some
less agressive approach to kill this in a year or so. Spotted by Florian
Westphal, patch from myself.
* Fix race condition in xt_hashlimit that allows to create two or more
entries, from myself.
* Fix crash if the CT is used due to the recently added facilities to
consult the dying and unconfirmed conntrack lists, from myself.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
| -rw-r--r-- | include/net/netns/conntrack.h | 1 | ||||
| -rw-r--r-- | include/net/netns/x_tables.h | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index a1d83cc8bf85..923cb20051ed 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h | |||
| @@ -71,6 +71,7 @@ struct netns_ct { | |||
| 71 | struct hlist_head *expect_hash; | 71 | struct hlist_head *expect_hash; |
| 72 | struct hlist_nulls_head unconfirmed; | 72 | struct hlist_nulls_head unconfirmed; |
| 73 | struct hlist_nulls_head dying; | 73 | struct hlist_nulls_head dying; |
| 74 | struct hlist_nulls_head tmpl; | ||
| 74 | struct ip_conntrack_stat __percpu *stat; | 75 | struct ip_conntrack_stat __percpu *stat; |
| 75 | struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; | 76 | struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; |
| 76 | struct nf_exp_event_notifier __rcu *nf_expect_event_cb; | 77 | struct nf_exp_event_notifier __rcu *nf_expect_event_cb; |
diff --git a/include/net/netns/x_tables.h b/include/net/netns/x_tables.h index 591db7d657a3..c24060ee411e 100644 --- a/include/net/netns/x_tables.h +++ b/include/net/netns/x_tables.h | |||
| @@ -8,6 +8,7 @@ struct ebt_table; | |||
| 8 | 8 | ||
| 9 | struct netns_xt { | 9 | struct netns_xt { |
| 10 | struct list_head tables[NFPROTO_NUMPROTO]; | 10 | struct list_head tables[NFPROTO_NUMPROTO]; |
| 11 | bool notrack_deprecated_warning; | ||
| 11 | #if defined(CONFIG_BRIDGE_NF_EBTABLES) || \ | 12 | #if defined(CONFIG_BRIDGE_NF_EBTABLES) || \ |
| 12 | defined(CONFIG_BRIDGE_NF_EBTABLES_MODULE) | 13 | defined(CONFIG_BRIDGE_NF_EBTABLES_MODULE) |
| 13 | struct ebt_table *broute_table; | 14 | struct ebt_table *broute_table; |