Hi Greg, Sasha,
This batch contains a backport fix for 6.6-stable.
The following list shows the backported patches, I am using original commit
IDs for reference:
1) 82cfd785c7b3 ("netfilter: nf_tables: bail out if stateful expression provides no .clone")
This is a stable dependency for the next patch.
2) 56fac3c36c8f ("netfilter: nf_tables: allow clone callbacks to sleep")
Please, apply,
Thanks
without this fix, the default set expression is silently ignored when
used from dynamic sets.
Florian Westphal (1):
netfilter: nf_tables: allow clone callbacks to sleep
Pablo Neira Ayuso (1):
netfilter: nf_tables: use timestamp to check for set element timeout
include/net/netfilter/nf_tables.h | 20 ++++++++++++++++----
net/netfilter/nf_tables_api.c | 12 +++++++-----
net/netfilter/nft_connlimit.c | 4 ++--
net/netfilter/nft_counter.c | 4 ++--
net/netfilter/nft_dynset.c | 2 +-
net/netfilter/nft_last.c | 4 ++--
net/netfilter/nft_limit.c | 14 ++++++++------
net/netfilter/nft_quota.c | 4 ++--
net/netfilter/nft_set_hash.c | 8 +++++++-
net/netfilter/nft_set_pipapo.c | 18 +++++++++++-------
net/netfilter/nft_set_rbtree.c | 11 +++++++----
11 files changed, 65 insertions(+), 36 deletions(-)
--
2.30.2
