linux/include/net/netns
David S. Miller e86e180b82 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next
Pablo Neira Ayuso says:

====================
Netfilter/IPVS updates for net-next

The following patchset contains Netfilter/IPVS updates for net-next,
most relevantly they are:

* cleanup to remove double semicolon from stephen hemminger.

* calm down sparse warning in xt_ipcomp, from Fan Du.

* nf_ct_labels support for nf_tables, from Florian Westphal.

* new macros to simplify rcu dereferences in the scope of nfnetlink
  and nf_tables, from Patrick McHardy.

* Accept queue and drop (including reason for drop) to verdict
  parsing in nf_tables, also from Patrick.

* Remove unused random seed initialization in nfnetlink_log, from
  Florian Westphal.

* Allow to attach user-specific information to nf_tables rules, useful
  to attach user comments to rule, from me.

* Return errors in ipset according to the manpage documentation, from
  Jozsef Kadlecsik.

* Fix coccinelle warnings related to incorrect bool type usage for ipset,
  from Fengguang Wu.

* Add hash:ip,mark set type to ipset, from Vytas Dauksa.

* Fix message for each spotted by ipset for each netns that is created,
  from Ilia Mirkin.

* Add forceadd option to ipset, which evicts a random entry from the set
  if it becomes full, from Josh Hunt.

* Minor IPVS cleanups and fixes from Andi Kleen and Tingwei Liu.

* Improve conntrack scalability by removing a central spinlock, original
  work from Eric Dumazet. Jesper Dangaard Brouer took them over to address
  remaining issues. Several patches to prepare this change come in first
  place.

* Rework nft_hash to resolve bugs (leaking chain, missing rcu synchronization
  on element removal, etc. from Patrick McHardy.

* Restore context in the rule deletion path, as we now release rule objects
  synchronously, from Patrick McHardy. This gets back event notification for
  anonymous sets.

* Fix NAT family validation in nft_nat, also from Patrick.

* Improve scalability of xt_connlimit by using an array of spinlocks and
  by introducing a rb-tree of hashtables for faster lookup of accounted
  objects per network. This patch was preceded by several patches and
  refactorizations to accomodate this change including the use of kmem_cache,
  from Florian Westphal.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2014-03-17 15:06:24 -04:00
..
conntrack.h netfilter: conntrack: remove central spinlock nf_conntrack_lock 2014-03-07 11:41:13 +01:00
core.h
dccp.h
generic.h BUG: headers with BUG/BUG_ON etc. need linux/bug.h 2012-03-04 17:54:34 -05:00
hash.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
ieee802154_6lowpan.h 6lowpan: handling 6lowpan fragmentation via inet_frag api 2014-02-28 17:05:22 -05:00
ipv4.h ipv4: introduce ip_dst_mtu_maybe_forward and protect forwarding path against pmtu spoofing 2014-01-13 11:22:54 -08:00
ipv6.h ipv6: add flowlabel_consistency sysctl 2014-01-19 17:12:31 -08:00
mib.h
netfilter.h netfilter: nf_log: prepare net namespace support for loggers 2013-04-05 20:12:54 +02:00
nftables.h netfilter: nf_tables: add "inet" table for IPv4/IPv6 2014-01-07 23:57:25 +01:00
packet.h packet: fix broken build. 2012-08-23 09:29:45 -07:00
sctp.h Revert "net: sctp: convert sctp_checksum_disable module param into sctp sysctl" 2013-08-09 13:09:41 -07:00
unix.h
x_tables.h netfilter: {ipt,ebt}_ULOG: rise warning on deprecation 2013-05-23 14:23:16 +02:00
xfrm.h flowcache: restore a single flow_cache kmem_cache 2014-03-10 21:45:11 -04:00