• David S. Miller's avatar
    Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nftables · 9aa28f2b
    David S. Miller authored
    Pablo Neira Ayuso says: <pablo@netfilter.org>
    
    ====================
    nftables updates for net-next
    
    The following patchset contains nftables updates for your net-next tree,
    they are:
    
    * Add set operation to the meta expression by means of the select_ops()
      infrastructure, this allows us to set the packet mark among other things.
      From Arturo Borrero Gonzalez.
    
    * Fix wrong format in sscanf in nf_tables_set_alloc_name(), from Daniel
      Borkmann.
    
    * Add new queue expression to nf_tables. These comes with two previous patches
      to prepare this new feature, one to add mask in nf_tables_core to
      evaluate the queue verdict appropriately and another to refactor common
      code with xt_NFQUEUE, from Eric Leblond.
    
    * Do not hide nftables from Kconfig if nfnetlink is not enabled, also from
      Eric Leblond.
    
    * Add the reject expression to nf_tables, this adds the missing TCP RST
      support. It comes with an initial patch to refactor common code with
      xt_NFQUEUE, again from Eric Leblond.
    
    * Remove an unused variable assignment in nf_tables_dump_set(), from Michal
      Nazarewicz.
    
    * Remove the nft_meta_target code, now that Arturo added the set operation
      to the meta expression, from me.
    
    * Add help information for nf_tables to Kconfig, also from me.
    
    * Allow to dump all sets by specifying NFPROTO_UNSPEC, similar feature is
      available to other nf_tables objects, requested by Arturo, from me.
    
    * Expose the table usage counter, so we can know how many chains are using
      this table without dumping the list of chains, from Tomasz Bursztyka.
    ====================
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    9aa28f2b
Kconfig 45.7 KB