| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Oct 2022 14:18:59 +0200
From: Florian Westphal <fw@...len.de>
To: <netdev@...r.kernel.org>
Cc: Paolo Abeni <pabeni@...hat.com>,
Eric Dumazet <edumazet@...gle.com>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
<netfilter-devel@...r.kernel.org>, Florian Westphal <fw@...len.de>
Subject: [PATCH net 0/3] netfilter fixes for net
Hello,
This series from Phil Sutter for the *net* tree fixes a problem with a change
from the 6.1 development phase: the change to nft_fib should have used
the more recent flowic_l3mdev field. Pointed out by Guillaume Nault.
This also makes the older iptables module follow the same pattern.
Also add selftest case and avoid test failure in nft_fib.sh when the
host environment has set rp_filter=1.
Please consider pulling this from
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git master
----------------------------------------------------------------
The following changes since commit 739cfa34518ef3a6789f5f77239073972a387359:
net/mlx5: Make ASO poll CQ usable in atomic context (2022-10-12 09:16:05 +0100)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git master
for you to fetch changes up to 6a91e7270936c5a504af7e0a197d7021e169d281:
selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1 (2022-10-12 14:08:15 +0200)
----------------------------------------------------------------
Phil Sutter (3):
selftests: netfilter: Test reverse path filtering
netfilter: rpfilter/fib: Populate flowic_l3mdev field
selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1
net/ipv4/netfilter/ipt_rpfilter.c | 2 +-
net/ipv4/netfilter/nft_fib_ipv4.c | 2 +-
net/ipv6/netfilter/ip6t_rpfilter.c | 9 +-
net/ipv6/netfilter/nft_fib_ipv6.c | 5 +-
tools/testing/selftests/netfilter/Makefile | 2 +-
tools/testing/selftests/netfilter/nft_fib.sh | 1 +
tools/testing/selftests/netfilter/rpath.sh | 147 +++++++++++++++++++++++++++
7 files changed, 156 insertions(+), 12 deletions(-)
create mode 100755 tools/testing/selftests/netfilter/rpath.sh
Powered by blists - more mailing lists