| Message ID | 1367067045-960-1-git-send-email-kadlec@blackhole.kfki.hu |
|---|---|
| State | Accepted |
| Headers | show |
Jozsef Kadlecsik wrote: > Hi Pablo, > > Please consider applying the next patches against your nf-next tree. > > The patches introduce the new extensions infrastructure in ipset and > add packet/byte counters as a new extension besides timeouts. The set > match is extended by the functionality to match the counters too. > > Best regards, > Jozsef > Jozsef, are these features already supported in userspace or are you going to release a separate version? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sat, Apr 27, 2013 at 02:50:32PM +0200, Jozsef Kadlecsik wrote: > Hi Pablo, > > Please consider applying the next patches against your nf-next tree. > > The patches introduce the new extensions infrastructure in ipset and > add packet/byte counters as a new extension besides timeouts. The set > match is extended by the functionality to match the counters too. > > Best regards, > Jozsef > > The following changes since commit 37fe0660981d7a1577409226f77554c2c5123e27: > Vlad Yasevich (1): > net: fix address check in rtnl_fdb_del > > are available in the git repository at: > > git://blackhole.kfki.hu/nf-next master Pulled, thanks Jozsef. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sat, 27 Apr 2013, Dash Four wrote: > Jozsef Kadlecsik wrote: > > > Please consider applying the next patches against your nf-next tree. > > > > The patches introduce the new extensions infrastructure in ipset and > > add packet/byte counters as a new extension besides timeouts. The set > > match is extended by the functionality to match the counters too. > > > Jozsef, are these features already supported in userspace or are you going to > release a separate version? It's already supported in userspace in the main branch of the git tree. As the patch for the userspace part of the set match is committed in the iptables git tree, there'll come the new ipset release. Best regards, Jozsef - E-mail : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Jozsef Kadlecsik wrote: >> Jozsef, are these features already supported in userspace or are you going to >> release a separate version? >> > > It's already supported in userspace in the main branch of the git tree. Got it, thanks Jozsef, though I can't see any updates to the ipset branch of the netfilter.org tree (https://git.netfilter.org/ipset) - last update is showing 13 days ago. > As the patch for the userspace part of the set match is committed in the > iptables git tree, there'll come the new ipset release. > OK, good to know. I see that with the new patches you have expanded the ipset data structure, which is also good - I could now fit all of my "custom" changes without resorting to dark-art gimmicks as I did up until now. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sat, 27 Apr 2013, Dash Four wrote: > Jozsef Kadlecsik wrote: > > > Jozsef, are these features already supported in userspace or are you going > > > to > > > release a separate version? > > > > It's already supported in userspace in the main branch of the git tree. > Got it, thanks Jozsef, though I can't see any updates to the ipset branch of > the netfilter.org tree (https://git.netfilter.org/ipset) - last update is > showing 13 days ago. It was committed there at that time - I has been waiting for net/nf-next to open up for new features since then. > > As the patch for the userspace part of the set match is committed in the > > iptables git tree, there'll come the new ipset release. > > > OK, good to know. I see that with the new patches you have expanded the > ipset data structure, which is also good - I could now fit all of my > "custom" changes without resorting to dark-art gimmicks as I did up > until now. Yes, the new structure adds the possibilities for multiple extensions and that's also an important factor. Therefore the patchset is so big, but actually the whole code is smaller than the previous one. Best regards, Jozsef - E-mail : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Hi Pablo, Please consider applying the next patches against your nf-next tree. The patches introduce the new extensions infrastructure in ipset and add packet/byte counters as a new extension besides timeouts. The set match is extended by the functionality to match the counters too. Best regards, Jozsef The following changes since commit 37fe0660981d7a1577409226f77554c2c5123e27: Vlad Yasevich (1): net: fix address check in rtnl_fdb_del are available in the git repository at: git://blackhole.kfki.hu/nf-next master Jozsef Kadlecsik (13): netfilter: ipset: Make possible to test elements marked with nomatch netfilter: ipset: Move often used IPv6 address masking function to header file netfilter: ipset: Introduce extensions to elements in the core netfilter: ipset: Unified bitmap type generation netfilter: ipset: Bitmap types using the unified code base netfilter: ipset: Unified hash type generation netfilter: ipset: Hash types using the unified code base netfilter: ipset: list:set type using the extension interface netfilter: ipset: Introduce the counter extension in the core netfilter: ipset: The bitmap types with counter support netfilter: ipset: The hash types with counter support netfilter: ipset: The list:set type with counter support netfilter: ipset: set match: add support to match the counters include/linux/netfilter/ipset/ip_set.h | 126 +++- include/linux/netfilter/ipset/ip_set_ahash.h | 1241 ------------------------ include/linux/netfilter/ipset/ip_set_bitmap.h | 6 + include/linux/netfilter/ipset/ip_set_timeout.h | 102 +-- include/linux/netfilter/ipset/pfxlen.h | 9 + include/uapi/linux/netfilter/ipset/ip_set.h | 36 +- include/uapi/linux/netfilter/xt_set.h | 9 + net/netfilter/ipset/ip_set_bitmap_gen.h | 277 ++++++ net/netfilter/ipset/ip_set_bitmap_ip.c | 411 +++------ net/netfilter/ipset/ip_set_bitmap_ipmac.c | 624 +++++-------- net/netfilter/ipset/ip_set_bitmap_port.c | 414 +++------ net/netfilter/ipset/ip_set_core.c | 36 +- net/netfilter/ipset/ip_set_hash_gen.h | 1100 +++++++++++++++++++++ net/netfilter/ipset/ip_set_hash_ip.c | 344 ++----- net/netfilter/ipset/ip_set_hash_ipport.c | 362 +++----- net/netfilter/ipset/ip_set_hash_ipportip.c | 368 +++----- net/netfilter/ipset/ip_set_hash_ipportnet.c | 469 +++------ net/netfilter/ipset/ip_set_hash_net.c | 402 +++------ net/netfilter/ipset/ip_set_hash_netiface.c | 478 ++++------ net/netfilter/ipset/ip_set_hash_netport.c | 456 +++------ net/netfilter/ipset/ip_set_list_set.c | 622 +++++++----- net/netfilter/xt_set.c | 94 ++- 22 files changed, 3478 insertions(+), 4508 deletions(-) delete mode 100644 include/linux/netfilter/ipset/ip_set_ahash.h create mode 100644 net/netfilter/ipset/ip_set_bitmap_gen.h create mode 100644 net/netfilter/ipset/ip_set_hash_gen.h -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html