diff options
author | David S. Miller <davem@davemloft.net> | 2012-12-29 02:24:14 +0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-12-29 02:28:17 +0400 |
commit | ac196f8c92948deb0fc9ae617f3a453c6d71fa69 (patch) | |
tree | f79d08264a3d6e8c49ab4f20c98e7885f71d4183 /include | |
parent | 101e5c7470eb7f77ae87f966b9155f0dbb5b4698 (diff) | |
parent | 1310b955c804975651dca6c674ebfd1cb2b4c7ff (diff) | |
download | linux-ac196f8c92948deb0fc9ae617f3a453c6d71fa69.tar.xz |
Merge branch 'master' of git://1984.lsi.us.es/nf
Pablo Neira Ayuso says:
====================
The following batch contains Netfilter fixes for 3.8-rc1. They are
a mixture of old bugs that have passed unnoticed (I'll pass these to
stable) and more fresh ones from the previous merge window, they are:
* Fix for MAC address in 6in4 tunnels via NFLOG that results in ulogd
showing up wrong address, from Bob Hockney.
* Fix a comment in nf_conntrack_ipv6, from Florent Fourcot.
* Fix a leak an error path in ctnetlink while creating an expectation,
from Jesper Juhl.
* Fix missing ICMP time exceeded in the IPv6 defragmentation code, from
Haibo Xi.
* Fix inconsistent handling of routing changes in MASQUERADE for the
new connections case, from Andrew Collins.
* Fix a missing skb_reset_transport in ip[6]t_REJECT that leads to
crashes in the ixgbe driver (since it seems to access the transport
header with TSO enabled), from Mukund Jampala.
* Recover obsoleted NOTRACK target by including it into the CT and spot
a warning via printk about being obsoleted. Many people don't check the
scheduled to be removal file under Documentation, so we follow some
less agressive approach to kill this in a year or so. Spotted by Florian
Westphal, patch from myself.
* Fix race condition in xt_hashlimit that allows to create two or more
entries, from myself.
* Fix crash if the CT is used due to the recently added facilities to
consult the dying and unconfirmed conntrack lists, from myself.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/net/netns/conntrack.h | 1 | ||||
-rw-r--r-- | include/net/netns/x_tables.h | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index a1d83cc8bf85..923cb20051ed 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h @@ -71,6 +71,7 @@ struct netns_ct { struct hlist_head *expect_hash; struct hlist_nulls_head unconfirmed; struct hlist_nulls_head dying; + struct hlist_nulls_head tmpl; struct ip_conntrack_stat __percpu *stat; struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; struct nf_exp_event_notifier __rcu *nf_expect_event_cb; diff --git a/include/net/netns/x_tables.h b/include/net/netns/x_tables.h index 591db7d657a3..c24060ee411e 100644 --- a/include/net/netns/x_tables.h +++ b/include/net/netns/x_tables.h @@ -8,6 +8,7 @@ struct ebt_table; struct netns_xt { struct list_head tables[NFPROTO_NUMPROTO]; + bool notrack_deprecated_warning; #if defined(CONFIG_BRIDGE_NF_EBTABLES) || \ defined(CONFIG_BRIDGE_NF_EBTABLES_MODULE) struct ebt_table *broute_table; |