diff options
author | Jakub Kicinski <kuba@kernel.org> | 2023-05-18 23:05:48 +0200 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2023-05-18 23:05:49 +0200 |
commit | 1ecaf17d097c91a7bd2979c57f7c81c5eeaf526b (patch) | |
tree | 379efe7cfe3b5acbb01658200c423c15aa6d7d3f /drivers/net/ethernet/sun | |
parent | Merge branch 'net-lan966x-add-support-for-pcp-dei-dscp' (diff) | |
parent | netfilter: flowtable: split IPv6 datapath in helper functions (diff) | |
download | linux-1ecaf17d097c91a7bd2979c57f7c81c5eeaf526b.tar.xz linux-1ecaf17d097c91a7bd2979c57f7c81c5eeaf526b.zip |
Merge tag 'nf-next-2023-05-18' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next
Florian Westphal says:
====================
Netfilter updates for net-next
nftables updates:
1. Allow key existence checks with maps.
At the moment the kernel requires userspace to pass a destination
register for the associated value, make this optional so userspace
can query if the key exists, just like with normal sets.
2. nftables maintains a counter per set that holds the number of
elements. This counter gets decremented on element removal,
but its only incremented if the set has a upper maximum value.
Increment unconditionally, this will allow us to update the
maximum value later on.
3. At DCCP option maching, from Jeremy Sowden.
4. use struct_size macro, from Christophe JAILLET.
Conntrack:
5. Squash holes in struct nf_conntrack_expect, also Christophe JAILLET.
6. Allow clash resolution for GRE Protocol to avoid a packet drop,
from Faicker Mo.
Flowtable:
Simplify route logic and split large functions into smaller
chunks, from Pablo Neira Ayuso.
* tag 'nf-next-2023-05-18' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next:
netfilter: flowtable: split IPv6 datapath in helper functions
netfilter: flowtable: split IPv4 datapath in helper functions
netfilter: flowtable: simplify route logic
netfilter: conntrack: allow insertion clash of gre protocol
netfilter: nft_set_pipapo: Use struct_size()
netfilter: Reorder fields in 'struct nf_conntrack_expect'
netfilter: nft_exthdr: add boolean DCCP option matching
netfilter: nf_tables: always increment set element count
netfilter: nf_tables: relax set/map validation checks
====================
Link: https://lore.kernel.org/r/20230518100759.84858-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'drivers/net/ethernet/sun')
0 files changed, 0 insertions, 0 deletions