lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240125093408.793d8121@kernel.org>
Date: Thu, 25 Jan 2024 09:34:08 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Pablo Neira Ayuso <pablo@...filter.org>
Cc: Willem de Bruijn <willemdebruijn.kernel@...il.com>,
 "netdev@...r.kernel.org" <netdev@...r.kernel.org>, David Ahern
 <dsahern@...nel.org>, coreteam@...filter.org,
 "netdev-driver-reviewers@...r.kernel.org"
 <netdev-driver-reviewers@...r.kernel.org>, Hangbin Liu
 <liuhangbin@...il.com>, netfilter-devel@...r.kernel.org
Subject: Re: [netfilter-core] [ANN] net-next is OPEN

On Thu, 25 Jan 2024 10:29:41 +0100 Pablo Neira Ayuso wrote:
> > NFT_COMPAT fixed a lot! One remaining warning comes from using 
> > -m length. Which NFT config do we need for that one?  
> 
> May I have a look at the logs? How does the error look like?

With the config pointed out by Florian in addition to NFT_COMPAT
all the iptables errors in the logs are gone, without switching
to legacy. Thank you for the help!

Also LMK if you guys want us to try running netfilter tests.
I'm guessing we're unlikely to regress anything in net-next,
and you have running netfilter tests covered - but if it's 
not too hard we can try to hook them up to net-next, too!
(Or you can run them on our branch and report back :))

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ