[conntrack-tools] delay the closure of the dump descriptor to fix assertion with cache_wt

Pablo Neira netfilter-cvslog-bounces at lists.netfilter.org
Mon Jun 2 17:32:56 CEST 2008 

Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=conntrack-tools.git;a=commit;h=88ec0bca76a82468c9c4c330b533d476e5a7c7d0

        at  88ec0bca76a82468c9c4c330b533d476e5a7c7d0 (tag)
   tagging  2a838790b8a545e95841cb216a7623b3d9560bce (commit)
  replaces  svn_t_conntrack-tools-0.9.6
 tagged by  Pablo Neira Ayuso
        on  Sat May 31 17:37:36 2008 +0200

- Log -----------------------------------------------------------------
conntrack-tools 0.9.7 release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQBIQXDKQYf4ZS0Jh+YRArJQAJ4mLG/t5Sm4SXQmXqR+jWnmaR7LEwCcDlKs
QCuxwk6mJnfiMKMZMdKodeM=
=ozKD
-----END PGP SIGNATURE-----

/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo at netfilter.org (21):
      remove .svn from doc/ in tarballs (reported by Gilad Benjamini)
      Pablo Neira Ayuso <pablo at netfilter.org>:
      Krzysztof Oledzki <ole at ans.pl>:
      add missing libct_proto_icmpv6.c
      fix minor compilation issue in amd64 with gcc4.3 (reported by Daniel Schepler
      fix compilation in ARM (reported by Thiemo Seufer via Max Kellermann)
      fix asymmetric path support (still some open concerns)
      improve netlink overrun handling
      update manpages with the new URL
      o simplify parameter-handling code
      This is a major improvement of the conntrack command line tool:
      add initial automated qa testing for the conntrack cli
      check for pkg-config before anything (fix bogus missing libraries failure)
      relax parameter checking for UDP and TCP
      fix conntrack -U -p tcp [...]
      o fix NAT filtering via --src-nat and --dst-nat (reported by K.Oledzki)
      minor update of the manpages
      add more verbose error notification when the injection of a conntrack fails
      rework of the FT-FW approach
      Fix reorder possible reordering of destroy messages under message omission. This patch introduces the TimeoutDestroy clause to determine how long a conntrack remains in the internal cache once it has been destroy from the kernel table.
      minor fix of the manpage (Max Wilhelm)

Pablo Neira Ayuso (16):
      - remove (misleading) counters and use information from the statistics mode
      improve network message sanity checkings
      add Mcast[Snd|Rcv]SocketBuffer clauses to tune multicast socket buffers
      Updates (-U) show the effect of the operation in the conntrack entry
      check for missing IPv6 address before hashing
      only allow the use of --secmark for listing (filtering)
      add flex version warning (better with >= 2.5.33)
      add eventfd emulation to communicate receiver -> sender
      add best effort replication protocol (aka NOTRACK)
      rework the HELLO logic inside FT-FW
      fix leak in cache_destroy(): release objects before destroying the cache
      remove secmark support for conntrackd
      fix make distcheck
      define SO_[RCV|SND]BUFFORCE if not set
      increase deletion stats when the timer is scheduled in cache_del_timeout()
      delay the closure of the dump descriptor to fix assertion with cache_wt

-----------------------------------------------------------------------

More information about the netfilter-cvslog mailing list