diff --git a/0001-e1000e-Fix-tight-loop-implementation-of-systime-read.patch b/0001-e1000e-Fix-tight-loop-implementation-of-systime-read.patch
new file mode 100644
index 0000000..0bea7fe
--- /dev/null
+++ b/0001-e1000e-Fix-tight-loop-implementation-of-systime-read.patch
@@ -0,0 +1,65 @@
+From 37b12910dd11d9ab969f2c310dc9160b7f3e3405 Mon Sep 17 00:00:00 2001
+From: Raanan Avargil <raanan.avargil@intel.com>
+Date: Sun, 19 Jul 2015 16:33:20 +0300
+Subject: [PATCH] e1000e: Fix tight loop implementation of systime read
+ algorithm
+
+Change the algorithm. Read systimel twice and check for overflow.
+If there was no overflow, use the first value.
+If there was an overflow, read systimeh again and use the second
+systimel value.
+
+Signed-off-by: Raanan Avargil <raanan.avargil@intel.com>
+Tested-by: Aaron Brown <aaron.f.brown@intel.com>
+Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
+---
+ drivers/net/ethernet/intel/e1000e/netdev.c | 31 ++++++++++++++++++++----------
+ 1 file changed, 21 insertions(+), 10 deletions(-)
+
+diff --git a/drivers/net/ethernet/intel/e1000e/netdev.c b/drivers/net/ethernet/intel/e1000e/netdev.c
+index 24b7269..96a8166 100644
+--- a/drivers/net/ethernet/intel/e1000e/netdev.c
++++ b/drivers/net/ethernet/intel/e1000e/netdev.c
+@@ -4280,18 +4280,29 @@ static cycle_t e1000e_cyclecounter_read(const struct cyclecounter *cc)
+ 	struct e1000_adapter *adapter = container_of(cc, struct e1000_adapter,
+ 						     cc);
+ 	struct e1000_hw *hw = &adapter->hw;
++	u32 systimel_1, systimel_2, systimeh;
+ 	cycle_t systim, systim_next;
+-	/* SYSTIMH latching upon SYSTIML read does not work well. To fix that
+-	 * we don't want to allow overflow of SYSTIML and a change to SYSTIMH
+-	 * to occur between reads, so if we read a vale close to overflow, we
+-	 * wait for overflow to occur and read both registers when its safe.
++	/* SYSTIMH latching upon SYSTIML read does not work well.
++	 * This means that if SYSTIML overflows after we read it but before
++	 * we read SYSTIMH, the value of SYSTIMH has been incremented and we
++	 * will experience a huge non linear increment in the systime value
++	 * to fix that we test for overflow and if true, we re-read systime.
+ 	 */
+-	u32 systim_overflow_latch_fix = 0x3FFFFFFF;
+-
+-	do {
+-		systim = (cycle_t)er32(SYSTIML);
+-	} while (systim > systim_overflow_latch_fix);
+-	systim |= (cycle_t)er32(SYSTIMH) << 32;
++	systimel_1 = er32(SYSTIML);
++	systimeh = er32(SYSTIMH);
++	systimel_2 = er32(SYSTIML);
++	/* Check for overflow. If there was no overflow, use the values */
++	if (systimel_1 < systimel_2) {
++		systim = (cycle_t)systimel_1;
++		systim |= (cycle_t)systimeh << 32;
++	} else {
++		/* There was an overflow, read again SYSTIMH, and use
++		 * systimel_2
++		 */
++		systimeh = er32(SYSTIMH);
++		systim = (cycle_t)systimel_2;
++		systim |= (cycle_t)systimeh << 32;
++	}
+ 
+ 	if ((hw->mac.type == e1000_82574) || (hw->mac.type == e1000_82583)) {
+ 		u64 incvalue, time_delta, rem, temp;
+-- 
+2.5.1
+
diff --git a/0001-netfilter-conntrack-use-nf_ct_tmpl_free-in-CT-synpro.patch b/0001-netfilter-conntrack-use-nf_ct_tmpl_free-in-CT-synpro.patch
new file mode 100644
index 0000000..0918357
--- /dev/null
+++ b/0001-netfilter-conntrack-use-nf_ct_tmpl_free-in-CT-synpro.patch
@@ -0,0 +1,103 @@
+From 9cf94eab8b309e8bcc78b41dd1561c75b537dd0b Mon Sep 17 00:00:00 2001
+From: Daniel Borkmann <daniel@iogearbox.net>
+Date: Mon, 31 Aug 2015 19:11:02 +0200
+Subject: [PATCH] netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy
+ error paths
+
+Commit 0838aa7fcfcd ("netfilter: fix netns dependencies with conntrack
+templates") migrated templates to the new allocator api, but forgot to
+update error paths for them in CT and synproxy to use nf_ct_tmpl_free()
+instead of nf_conntrack_free().
+
+Due to that, memory is being freed into the wrong kmemcache, but also
+we drop the per net reference count of ct objects causing an imbalance.
+
+In Brad's case, this leads to a wrap-around of net->ct.count and thus
+lets __nf_conntrack_alloc() refuse to create a new ct object:
+
+  [   10.340913] xt_addrtype: ipv6 does not support BROADCAST matching
+  [   10.810168] nf_conntrack: table full, dropping packet
+  [   11.917416] r8169 0000:07:00.0 eth0: link up
+  [   11.917438] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
+  [   12.815902] nf_conntrack: table full, dropping packet
+  [   15.688561] nf_conntrack: table full, dropping packet
+  [   15.689365] nf_conntrack: table full, dropping packet
+  [   15.690169] nf_conntrack: table full, dropping packet
+  [   15.690967] nf_conntrack: table full, dropping packet
+  [...]
+
+With slab debugging, it also reports the wrong kmemcache (kmalloc-512 vs.
+nf_conntrack_ffffffff81ce75c0) and reports poison overwrites, etc. Thus,
+to fix the problem, export and use nf_ct_tmpl_free() instead.
+
+Fixes: 0838aa7fcfcd ("netfilter: fix netns dependencies with conntrack templates")
+Reported-by: Brad Jackson <bjackson0971@gmail.com>
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+ include/net/netfilter/nf_conntrack.h | 1 +
+ net/netfilter/nf_conntrack_core.c    | 3 ++-
+ net/netfilter/nf_synproxy_core.c     | 2 +-
+ net/netfilter/xt_CT.c                | 2 +-
+ 4 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
+index 37cd391..4023c4c 100644
+--- a/include/net/netfilter/nf_conntrack.h
++++ b/include/net/netfilter/nf_conntrack.h
+@@ -292,6 +292,7 @@ extern unsigned int nf_conntrack_hash_rnd;
+ void init_nf_conntrack_hash_rnd(void);
+ 
+ struct nf_conn *nf_ct_tmpl_alloc(struct net *net, u16 zone, gfp_t flags);
++void nf_ct_tmpl_free(struct nf_conn *tmpl);
+ 
+ #define NF_CT_STAT_INC(net, count)	  __this_cpu_inc((net)->ct.stat->count)
+ #define NF_CT_STAT_INC_ATOMIC(net, count) this_cpu_inc((net)->ct.stat->count)
+diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
+index 3c20d02..0625a42 100644
+--- a/net/netfilter/nf_conntrack_core.c
++++ b/net/netfilter/nf_conntrack_core.c
+@@ -320,12 +320,13 @@ out_free:
+ }
+ EXPORT_SYMBOL_GPL(nf_ct_tmpl_alloc);
+ 
+-static void nf_ct_tmpl_free(struct nf_conn *tmpl)
++void nf_ct_tmpl_free(struct nf_conn *tmpl)
+ {
+ 	nf_ct_ext_destroy(tmpl);
+ 	nf_ct_ext_free(tmpl);
+ 	kfree(tmpl);
+ }
++EXPORT_SYMBOL_GPL(nf_ct_tmpl_free);
+ 
+ static void
+ destroy_conntrack(struct nf_conntrack *nfct)
+diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c
+index d7f1685..d6ee8f8 100644
+--- a/net/netfilter/nf_synproxy_core.c
++++ b/net/netfilter/nf_synproxy_core.c
+@@ -378,7 +378,7 @@ static int __net_init synproxy_net_init(struct net *net)
+ err3:
+ 	free_percpu(snet->stats);
+ err2:
+-	nf_conntrack_free(ct);
++	nf_ct_tmpl_free(ct);
+ err1:
+ 	return err;
+ }
+diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c
+index 43ddeee..f3377ce 100644
+--- a/net/netfilter/xt_CT.c
++++ b/net/netfilter/xt_CT.c
+@@ -233,7 +233,7 @@ out:
+ 	return 0;
+ 
+ err3:
+-	nf_conntrack_free(ct);
++	nf_ct_tmpl_free(ct);
+ err2:
+ 	nf_ct_l3proto_module_put(par->family);
+ err1:
+-- 
+2.5.1
+
diff --git a/PKGBUILD b/PKGBUILD
index e45711c..8296d49 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -5,7 +5,7 @@ pkgbase=linux               # Build stock -ARCH kernel
 #pkgbase=linux-custom       # Build kernel with a different name
 _srcname=linux-4.2
 pkgver=4.2
-pkgrel=2
+pkgrel=3
 arch=('i686' 'x86_64')
 url="http://www.kernel.org/"
 license=('GPL2')
@@ -20,14 +20,18 @@ source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz"
         # standard config files for mkinitcpio ramdisk
         'linux.preset'
         'change-default-console-loglevel.patch'
-        '0001-make_flush_workqueue_non_gpl.patch')
+        '0001-make_flush_workqueue_non_gpl.patch'
+        '0001-e1000e-Fix-tight-loop-implementation-of-systime-read.patch'
+        '0001-netfilter-conntrack-use-nf_ct_tmpl_free-in-CT-synpro.patch')
 sha256sums=('cf20e044f17588d2a42c8f2a450b0fd84dfdbd579b489d93e9ab7d0e8b45dbeb'
             'SKIP'
             'e6f6f804f98ad321ce3e4395924993b51decb89699fde369391ccbb4bae928b2'
             'a071aaa327d2b3577fa4709b47ed5fe81c7914d168607f3db905fdbf226247e7'
             'f0d90e756f14533ee67afda280500511a62465b4f76adcc5effa95a40045179c'
             '1256b241cd477b265a3c2d64bdc19ffe3c9bbcee82ea3994c590c2c76e767d99'
-            '4e776734e2c2185910a6fbb6f333d967b04f4a72b3196310af286c6a779bd97d')
+            '4e776734e2c2185910a6fbb6f333d967b04f4a72b3196310af286c6a779bd97d'
+            '0b1e41ba59ae45f5929963aa22fdc53bc8ffb4534e976cec046269d1a462197b'
+            '6ed9e31ae5614c289c4884620e45698e764c03670ebc45bab9319d741238cbd3')
 validpgpkeys=(
               'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
               '647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
@@ -48,6 +52,15 @@ prepare() {
   # already applied to 4.3 series
   patch -p1 -i "${srcdir}/0001-make_flush_workqueue_non_gpl.patch"
 
+  # fix hard lockup in e1000e_cyclecounter_read() after 4 hours of uptime
+  # https://lkml.org/lkml/2015/8/18/292
+  patch -p1 -i "${srcdir}/0001-e1000e-Fix-tight-loop-implementation-of-systime-read.patch"
+
+  # add not-yet-mainlined patch to fix network unavailability when iptables
+  # rules are applied during startup - happened with Shorewall; journal had
+  # many instances of this error: nf_conntrack: table full, dropping packet
+  patch -p1 -i "${srcdir}/0001-netfilter-conntrack-use-nf_ct_tmpl_free-in-CT-synpro.patch"
+
   # set DEFAULT_CONSOLE_LOGLEVEL to 4 (same value as the 'quiet' kernel param)
   # remove this when a Kconfig knob is made available by upstream
   # (relevant patch sent upstream: https://lkml.org/lkml/2011/7/26/227)