| Message ID | 20190729193354.26559-1-kadlec@blackhole.kfki.hu |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
On Mon, Jul 29, 2019 at 09:33:51PM +0200, Jozsef Kadlecsik wrote: > Hi Pablo, > > Please consider to apply the next patches to the nf tree: > > - When the support of destination MAC addresses for hash:mac sets was > introduced, it was forgotten to add the same functionality to hash:ip,mac > types of sets. The patch from Stefano Brivio adds the missing part. > - When the support of destination MAC addresses for hash:mac sets was > introduced, a copy&paste error was made in the code of the hash:ip,mac > and bitmap:ip,mac types: the MAC address in these set types is in > the second position and not in the first one. Stefano Brivio's patch > fixes the issue. > - There was still a not properly handled concurrency handling issue > between renaming and listing sets at the same time, reported by > Shijie Luo. Pulled, thanks Jozsef.
Hi Pablo, Please consider to apply the next patches to the nf tree: - When the support of destination MAC addresses for hash:mac sets was introduced, it was forgotten to add the same functionality to hash:ip,mac types of sets. The patch from Stefano Brivio adds the missing part. - When the support of destination MAC addresses for hash:mac sets was introduced, a copy&paste error was made in the code of the hash:ip,mac and bitmap:ip,mac types: the MAC address in these set types is in the second position and not in the first one. Stefano Brivio's patch fixes the issue. - There was still a not properly handled concurrency handling issue between renaming and listing sets at the same time, reported by Shijie Luo. Best regards, Jozsef The following changes since commit 91826ba13855f73e252fef68369b3b0e1ed25253: netfilter: add include guard to xt_connlabel.h (2019-07-29 15:13:41 +0200) are available in the Git repository at: git://blackhole.kfki.hu/nf 6c1f7e2c1b96ab9b for you to fetch changes up to 6c1f7e2c1b96ab9b09ac97c4df2bd9dc327206f6: netfilter: ipset: Fix rename concurrency with listing (2019-07-29 21:18:07 +0200) ---------------------------------------------------------------- Jozsef Kadlecsik (1): netfilter: ipset: Fix rename concurrency with listing Stefano Brivio (2): netfilter: ipset: Actually allow destination MAC address for hash:ip,mac sets too netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets net/netfilter/ipset/ip_set_bitmap_ipmac.c | 2 +- net/netfilter/ipset/ip_set_core.c | 2 +- net/netfilter/ipset/ip_set_hash_ipmac.c | 6 +----- 3 files changed, 3 insertions(+), 7 deletions(-)