| Message ID | 20190601182340.2662-1-pablo@netfilter.org |
|---|---|
| State | Accepted |
| Delegated to: | David Miller |
| Headers | show |
From: Pablo Neira Ayuso <pablo@netfilter.org> Date: Sat, 1 Jun 2019 20:23:25 +0200 > The following patchset container Netfilter/IPVS update for net-next: Pulled, thanks Pablo.
Hi David, The following patchset container Netfilter/IPVS update for net-next: 1) Add UDP tunnel support for ICMP errors in IPVS. Julian Anastasov says: This patchset is a followup to the commit that adds UDP/GUE tunnel: "ipvs: allow tunneling with gue encapsulation". What we do is to put tunnel real servers in hash table (patch 1), add function to lookup tunnels (patch 2) and use it to strip the embedded tunnel headers from ICMP errors (patch 3). 2) Extend xt_owner to match for supplementary groups, from Lukasz Pawelczyk. 3) Remove unused oif field in flow_offload_tuple object, from Taehee Yoo. 4) Release basechain counters from workqueue to skip synchronize_rcu() call. From Florian Westphal. 5) Replace skb_make_writable() by skb_ensure_writable(). Patchset from Florian Westphal. 6) Checksum support for gue encapsulation in IPVS, from Jacky Hu. You can pull these changes from: git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git Thanks! ---------------------------------------------------------------- The following changes since commit 7b3ed2a137b077bc0967352088b0adb6049eed20: Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue (2019-05-30 15:17:05 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git HEAD for you to fetch changes up to 29930e314da3833437a2ddc7b17f6a954f38d8fb: ipvs: add checksum support for gue encapsulation (2019-05-31 18:23:52 +0200) ---------------------------------------------------------------- Florian Westphal (9): netfilter: nf_tables: free base chain counters from worker netfilter: bridge: convert skb_make_writable to skb_ensure_writable netfilter: ipvs: prefer skb_ensure_writable netfilter: conntrack, nat: prefer skb_ensure_writable netfilter: ipv4: prefer skb_ensure_writable netfilter: nf_tables: prefer skb_ensure_writable netfilter: xt_HL: prefer skb_ensure_writable netfilter: tcpmss, optstrip: prefer skb_ensure_writable netfilter: replace skb_make_writable with skb_ensure_writable Jacky Hu (1): ipvs: add checksum support for gue encapsulation Julian Anastasov (3): ipvs: allow rs_table to contain different real server types ipvs: add function to find tunnels ipvs: strip udp tunnel headers from icmp errors Lukasz Pawelczyk (1): netfilter: xt_owner: Add supplementary groups option Taehee Yoo (1): netfilter: nf_flow_table: remove unnecessary variable in flow_offload_tuple include/linux/netfilter.h | 5 - include/net/ip_vs.h | 8 ++ include/net/netfilter/nf_flow_table.h | 2 - include/uapi/linux/ip_vs.h | 7 ++ include/uapi/linux/netfilter/xt_owner.h | 7 +- net/bridge/netfilter/ebt_dnat.c | 2 +- net/bridge/netfilter/ebt_redirect.c | 2 +- net/bridge/netfilter/ebt_snat.c | 2 +- net/ipv4/netfilter/arpt_mangle.c | 2 +- net/ipv4/netfilter/ipt_ECN.c | 4 +- net/ipv4/netfilter/nf_nat_h323.c | 2 +- net/ipv4/netfilter/nf_nat_snmp_basic_main.c | 2 +- net/netfilter/core.c | 22 ---- net/netfilter/ipvs/ip_vs_app.c | 4 +- net/netfilter/ipvs/ip_vs_core.c | 72 ++++++++++++- net/netfilter/ipvs/ip_vs_ctl.c | 83 +++++++++++++-- net/netfilter/ipvs/ip_vs_ftp.c | 4 +- net/netfilter/ipvs/ip_vs_proto_sctp.c | 4 +- net/netfilter/ipvs/ip_vs_proto_tcp.c | 4 +- net/netfilter/ipvs/ip_vs_proto_udp.c | 4 +- net/netfilter/ipvs/ip_vs_xmit.c | 155 ++++++++++++++++++++++++---- net/netfilter/nf_conntrack_proto_sctp.c | 2 +- net/netfilter/nf_conntrack_seqadj.c | 4 +- net/netfilter/nf_flow_table_core.c | 1 - net/netfilter/nf_nat_helper.c | 4 +- net/netfilter/nf_nat_proto.c | 24 ++--- net/netfilter/nf_nat_sip.c | 2 +- net/netfilter/nf_synproxy_core.c | 2 +- net/netfilter/nf_tables_api.c | 26 ++--- net/netfilter/nfnetlink_queue.c | 2 +- net/netfilter/nft_exthdr.c | 3 +- net/netfilter/nft_payload.c | 6 +- net/netfilter/xt_DSCP.c | 8 +- net/netfilter/xt_HL.c | 4 +- net/netfilter/xt_TCPMSS.c | 2 +- net/netfilter/xt_TCPOPTSTRIP.c | 28 +++-- net/netfilter/xt_owner.c | 23 ++++- 37 files changed, 389 insertions(+), 149 deletions(-)