Linux TCP/IP Netfilter Devel

• Thread Index

• Re: [PATCH v3 1/2] Make loop indexes unsigned
  • From: Joao Moreira <joao@xxxxxxxxxxxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft,v3] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/3] netfilter: nf_tables: Deduplicate nft_register_obj audit logs
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 5/5] datatype: use xmalloc() for allocating datatype in datatype_clone()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 1/8] netfilter: nf_tables: Don't allocate nft_rule_dump_ctx
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf PATCH v2 7/8] netfilter: nf_tables: Pass reset bit in nft_set_dump_ctx
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 1/8] netfilter: nf_tables: Don't allocate nft_rule_dump_ctx
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf PATCH 3/3] netfilter: nf_tables: Audit log object reset once per table
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [nf PATCH v2 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 7/8] netfilter: nf_tables: Pass reset bit in nft_set_dump_ctx
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 0/8] Introduce locking for reset requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 3/8] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 2/8] netfilter: nf_tables: Introduce nf_tables_getrule_single()
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 6/8] netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 1/8] netfilter: nf_tables: Don't allocate nft_rule_dump_ctx
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 4/8] netfilter: nf_tables: Introduce struct nft_obj_dump_ctx
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v2 5/8] netfilter: nf_tables: Introduce nf_tables_getobj_single
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH] tests: shell: Fix for failing nft-f/sample-ruleset
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft,v3] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH net-next 4/4] netfilter: nf_tables: Utilize NLA_POLICY_NESTED_ARRAY
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net-next 3/4] netfilter: nf_tables: missing extended netlink error in lookup functions
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net-next 2/4] selftests: netfilter: test nat source port clash resolution interaction with tcp early demux
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net-next 1/4] netfilter: nf_nat: undo erroneous tcp edemux lookup after port clash
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net-next 0/4] netfilter updates for net-next
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf PATCH 2/3] netfilter: nf_tables: Deduplicate nft_register_obj audit logs
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v3 2/2] Make num_actions unsigned
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v3 1/2] Make loop indexes unsigned
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] uapi/netfilter: Change netfilter hook verdict code definition from macro to enum
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH -stable,5.10 0/2] Netfilter stable fixes for 5.10
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• Re: [nf PATCH 2/3] netfilter: nf_tables: Deduplicate nft_register_obj audit logs
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH nft 0/3] tests/shell: minor improvements to "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 0/3] tests/shell: minor improvements to "run-tests.sh"
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libnetfilter_queue v2] doc: make the HTML main page available as `man 7 libnetfilter_queue`
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/5] datatype: make "flags" field of datatype struct simple booleans
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 4/5] datatype: extend set_datatype_alloc() to change size
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/5] datatype: don't clone datatype in set_datatype_alloc() if byteorder already matches
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/5] datatype: don't clone static name/desc strings for datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/5] more various cleanups related to struct datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 5/5] datatype: use xmalloc() for allocating datatype in datatype_clone()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 1/1] include: include <string.h> in <nft.h>
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 1/1] include: include <string.h> in <nft.h>
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [nf PATCH 2/3] netfilter: nf_tables: Deduplicate nft_register_obj audit logs
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 3/3] netlink_linearize: avoid strict-overflow warning in netlink_gen_bitwise()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3] netlink_linearize: avoid strict-overflow warning in netlink_gen_bitwise()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v3 1/2] Make loop indexes unsigned
  • From: joao@xxxxxxxxxxxxxxxxxx
• [PATCH v3 2/2] Make num_actions unsigned
  • From: joao@xxxxxxxxxxxxxxxxxx
• [PATCH v3 0/2] Prevent potential write out of bounds
  • From: joao@xxxxxxxxxxxxxxxxxx
• Re: [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft,v3] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 1/2] netfilter: nf_tables: unregister flowtable hooks on netns exit
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 2/2] netfilter: nf_tables: double hook unregistration in netns path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 0/2] Netfilter stable fixes for 5.10
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft,v2] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft] tests: shell: fix spurious errors in sets/0036add_set_element_expiration_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 1/3] nft: add NFT_ARRAY_SIZE() helper
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 1/3] nft: add NFT_ARRAY_SIZE() helper
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH] netfilter: ipset: add ip_set lock to ip_set_test
  • From: xiaolinkui <xiaolinkui@xxxxxxx>
• Re: [PATCH nft v2 1/1] mergesort: avoid cloning value in expr_msort_cmp()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 2/3] nfnl_osf: rework nf_osf_parse_opt() and avoid "-Wstrict-overflow" warning
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/3] nft: add NFT_ARRAY_SIZE() helper
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/3] Two fixes to avoid "-Wstrict-overflow" warnings
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/3] netlink_linearize: avoid strict-overflow warning in netlink_gen_bitwise()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft v2 1/1] mergesort: avoid cloning value in expr_msort_cmp()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH libnetfilter_queue] Fix typo in examples/nf-queue.c from patch 9a8e4c3
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] mergesort: avoid cloning value in expr_msort_cmp()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft] mergesort: avoid cloning value in expr_msort_cmp()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2 0/2] Prevent potential write out of bounds
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2 0/2] Prevent potential write out of bounds
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] mergesort: avoid cloning value in expr_msort_cmp()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH] netfilter: Clean up errors in nf_conntrack_h323_asn1.h
  • From: chenguohua@xxxxxxx
• [PATCH libnetfilter_queue] Fix typo in examples/nf-queue.c from patch 9a8e4c3
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH v2 2/2] Make num_actions unsigned
  • From: joao@xxxxxxxxxxxxxxxxxx
• [PATCH v2 1/2] Make loop indexes unsigned
  • From: joao@xxxxxxxxxxxxxxxxxx
• [PATCH v2 0/2] Prevent potential write out of bounds
  • From: joao@xxxxxxxxxxxxxxxxxx
• Re: [nf PATCH 0/3] Review nf_tables audit logging
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH net v6 3/3] net: prevent address rewrite in kernel_bind()
  • From: Jordan Rife <jrife@xxxxxxxxxx>
• [PATCH net v6 2/3] net: prevent rewrite of msg_name and msg_namelen in sock_sendmsg()
  • From: Jordan Rife <jrife@xxxxxxxxxx>
• [PATCH net v6 0/3] Insulate Kernel Space From SOCK_ADDR Hooks
  • From: Jordan Rife <jrife@xxxxxxxxxx>
• [PATCH net v6 1/3] net: replace calls to sock->ops->connect() with kernel_connect()
  • From: Jordan Rife <jrife@xxxxxxxxxx>
• Re: [nft PATCH] tests: shell: features: Fix table owner flag check
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH] tests: shell: features: Fix table owner flag check
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 3/3,v2] netlink_linearize: skip set element expression in map statement key
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3] netlink_linearize: skip set element expression in map statement key
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3] netlink_linearize: skip set element expression in map statement key
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 2/3] json: expose dynamic flag
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 3/3] netlink_linearize: skip set element expression in map statement key
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 1/3] tests: py: add map support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 2/3] json: expose dynamic flag
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH conntrack-tools] conntrackd: consolidate check for maximum number of channels
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 5/5] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [syzbot] [netfilter?] INFO: rcu detected stall in gc_worker (3)
  • From: syzbot <syzbot+eec403943a2a2455adaa@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH -stable,6.5 0/5] Netfilter stable fixes for 6.5
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• Re: [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Florian Westphal <fw@xxxxxxxxx>
• [nf PATCH 3/3] netfilter: nf_tables: Audit log object reset once per table
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 0/3] Review nf_tables audit logging
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 1/3] selftests: netfilter: Extend nft_audit.sh
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 2/3] netfilter: nf_tables: Deduplicate nft_register_obj audit logs
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 2/5] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 0/5] Introduce locking for reset requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 1/5] netfilter: nf_tables: Don't allocate nft_rule_dump_ctx
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 4/5] netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 5/5] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 3/5] netfilter: nf_tables: Introduce struct nft_obj_dump_ctx
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH -stable,5.10 13/17] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 16/17] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 17/17] netfilter: nf_tables: fix memleak when more than 255 elements expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 15/17] netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 14/17] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 12/17] netfilter: nf_tables: defer gc run if previous batch is still pending
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 00/17] Netfilter stable fixes for 5.10
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 07/17] netfilter: nf_tables: don't fail inserts if duplicate has expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 08/17] netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 04/17] netfilter: nf_tables: adapt set backend to use GC transaction API
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 06/17] netfilter: nf_tables: remove busy mark and gc batch API
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 05/17] netfilter: nft_set_hash: mark set element as dead when deleting from packet path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 09/17] netfilter: nf_tables: GC transaction race with netns dismantle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 10/17] netfilter: nf_tables: GC transaction race with abort path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 11/17] netfilter: nf_tables: use correct lock to protect gc_list
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 01/17] netfilter: nf_tables: integrate pipapo into commit protocol
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 02/17] netfilter: nf_tables: don't skip expired elements during walk
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.10 03/17] netfilter: nf_tables: GC transaction API to avoid race with control plane
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 17/17] netfilter: nf_tables: fix memleak when more than 255 elements expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 05/17] netfilter: nf_tables: remove busy mark and gc batch API
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 08/17] netfilter: nf_tables: GC transaction race with netns dismantle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 14/17] netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 00/17] Netfilter stable fixes for 5.15
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 10/17] netfilter: nf_tables: use correct lock to protect gc_list
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 02/17] netfilter: nf_tables: GC transaction API to avoid race with control plane
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 07/17] netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 16/17] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 04/17] netfilter: nft_set_hash: mark set element as dead when deleting from packet path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 01/17] netfilter: nf_tables: don't skip expired elements during walk
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 13/17] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 06/17] netfilter: nf_tables: don't fail inserts if duplicate has expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 11/17] netfilter: nf_tables: defer gc run if previous batch is still pending
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 15/17] netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 09/17] netfilter: nf_tables: GC transaction race with abort path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 12/17] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,5.15 03/17] netfilter: nf_tables: adapt set backend to use GC transaction API
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 09/17] netfilter: nf_tables: GC transaction race with abort path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 17/17] netfilter: nf_tables: fix memleak when more than 255 elements expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 10/17] netfilter: nf_tables: use correct lock to protect gc_list
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 15/17] netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 16/17] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 11/17] netfilter: nf_tables: defer gc run if previous batch is still pending
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 12/17] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 13/17] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 08/17] netfilter: nf_tables: GC transaction race with netns dismantle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 14/17] netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 07/17] netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 06/17] netfilter: nf_tables: don't fail inserts if duplicate has expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 05/17] netfilter: nf_tables: remove busy mark and gc batch API
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 03/17] netfilter: nf_tables: adapt set backend to use GC transaction API
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 04/17] netfilter: nft_set_hash: mark set element as dead when deleting from packet path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 02/17] netfilter: nf_tables: GC transaction API to avoid race with control plane
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [-stable,6.1 01/17] netfilter: nf_tables: don't skip expired elements during walk
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,6.1 00/17] Netfilter stable fixes for 6.1
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,6.5 5/5] netfilter: nf_tables: fix memleak when more than 255 elements expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,6.5 3/5] netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,6.5 4/5] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,6.5 2/5] netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,6.5 1/5] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,6.5 0/5] Netfilter stable fixes for 6.5
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/9] datatype: drop flags field from datatype
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [RFC nf] netfilter: nf_tables: nft_set_rbtree: invalidate greater range element on removal
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [RFC nf] netfilter: nf_tables: nft_set_rbtree: invalidate greater range element on removal
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [RFC nf] netfilter: nf_tables: nft_set_rbtree: invalidate greater range element on removal
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] tests: shell: skip flowtable-uaf if we lack table owner support
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nft PATCH 0/9] Misc JSON parser fixes
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 3/9] datatype: drop flags field from datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• LPC 2023 Networking and BPF Track CFP (Final Reminder)
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH net 1/3] netfilter: nf_tables: disable toggling dormant table state more than once
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [ANNOUNCE] ipset 7.18 released
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/9] datatype: drop flags field from datatype
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [ANNOUNCE] ipset 7.19 released
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 0/3] nftables: add feature probes for sctp and multistmt set support
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH 1/3] tests: shell: skip adding catchall elements if unuspported
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH 3/3] tests: shell: add feature probe for sctp chunk matching
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH 2/3] tests: shell: add feature probe for sets with more than one element
  • From: Florian Westphal <fw@xxxxxxxxx>
• [RFC nf] netfilter: nf_tables: nft_set_rbtree: invalidate greater range element on removal
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH libnetfilter_queue v2] doc: make the HTML main page available as `man 7 libnetfilter_queue`
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft] datatype: return const pointer from datatype_get()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nft PATCH 2/9] parser_json: Fix typo in json_parse_cmd_add_object()
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 3/9] parser_json: Proper ct expectation attribute parsing
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 9/9] parser_json: Default meter size to zero
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 4/9] parser_json: Fix flowtable prio value parsing
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 0/9] Misc JSON parser fixes
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 8/9] parser_json: Catch nonsense ops in match statement
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 5/9] parser_json: Fix limit object burst value parsing
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 6/9] parser_json: Fix synproxy object mss/wscale parsing
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 1/9] parser_json: Catch wrong "reset" payload
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 7/9] parser_json: Wrong check in json_parse_ct_timeout_policy()
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft] datatype: return const pointer from datatype_get()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 3/9] datatype: drop flags field from datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/9] datatype: drop flags field from datatype
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 8/9] datatype: use __attribute__((packed)) instead of enum bitfields
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 8/9] datatype: use __attribute__((packed)) instead of enum bitfields
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 8/9] datatype: use __attribute__((packed)) instead of enum bitfields
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 5/9] payload: use enum icmp_hdr_field_type in payload_may_dependency_kill_icmp()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 4/9] datatype: use "enum byteorder" instead of int in set_datatype_alloc()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 6/9] netlink: handle invalid etype in set_make_key()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 6/9] netlink: handle invalid etype in set_make_key()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 9/9] proto: add missing proto_definitions for PROTO_DESC_GENEVE
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/4] gmputil: add nft_gmp_free() to free strings from mpz_get_str()
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 1/9] src: fix indentation/whitespace
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 8/9] datatype: use __attribute__((packed)) instead of enum bitfields
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 3/3] tests/shell: run `nft --check` on persisted dump files
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft v2] icmpv6: Allow matching target address in NS/NA, redirect and MLD
  • From: Nicolas Cavallari <nicolas.cavallari@xxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH nft 2/4] gmputil: add nft_gmp_free() to free strings from mpz_get_str()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 8/9] datatype: use __attribute__((packed)) instead of enum bitfields
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/9] datatype: drop flags field from datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 6/9] netlink: handle invalid etype in set_make_key()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 9/9] proto: add missing proto_definitions for PROTO_DESC_GENEVE
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/9] include: fix missing definitions in <cache.h>/<headers.h>
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/9] src: fix indentation/whitespace
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/9] various cleanups related to enums and struct datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 4/9] datatype: use "enum byteorder" instead of int in set_datatype_alloc()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 5/9] payload: use enum icmp_hdr_field_type in payload_may_dependency_kill_icmp()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH] build: Fix double-prefix w/ pkgconfig
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 2/4] gmputil: add nft_gmp_free() to free strings from mpz_get_str()
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH] build: Fix double-prefix w/ pkgconfig
  • From: Sam James <sam@xxxxxxxxxx>
• [PATCH nft 4/4] all: remove xfree() and use plain free()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/4] datatype: don't return a const string from cgroupv2_get_path()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/4] gmputil: add nft_gmp_free() to free strings from mpz_get_str()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/4] remove xfree() and add free_const()+nft_gmp_free()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/4] all: add free_const() and use it instead of xfree()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [ANNOUNCE] ipset 7.18 released
  • From: Sam James <sam@xxxxxxxxxx>
• Re: [ANNOUNCE] ipset 7.18 released
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH 4.19 046/273] netfilter: nft_flow_offload: fix underflow in flowtable reference counter
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH 4.19 047/273] netfilter: nf_tables: missing NFT_TRANS_PREPARE_ERROR in flowtable deactivatation
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [ANNOUNCE] ipset 7.18 released
  • From: Jan Engelhardt <jengelh@xxxxxxx>
• Re: [ANNOUNCE] ipset 7.18 released
  • From: Jan Engelhardt <jengelh@xxxxxxx>
• Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
  • From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 03/12] landlock: Refactor landlock_find_rule/insert_rule
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 11/12] samples/landlock: Add network demo
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 09/12] selftests/landlock: Share enforce_ruleset()
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 02/12] landlock: Allow filesystem layout changes for domains without such rule type
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 01/12] landlock: Make ruleset's access masks more generic
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 08/12] landlock: Add network rules and TCP hooks support
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 07/12] landlock: Refactor landlock_add_rule() syscall
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 12/12] landlock: Document Landlock's network support
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 10/12] selftests/landlock: Add 7 new test variants dedicated to network
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 00/12] Network support for Landlock
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 06/12] landlock: Refactor layer helpers
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 04/12] landlock: Refactor merge/inherit_ruleset functions
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH v12 05/12] landlock: Move and rename layer helpers
  • From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH net 1/3] netfilter: nf_tables: disable toggling dormant table state more than once
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 0/3] netfilter updates for net
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 2/3] netfilter: nf_tables: fix memleak when more than 255 elements expired
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 3/3] netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH 0/1] ipset patch for nf tree
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [ANNOUNCE] ipset 7.18 released
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• [PATCH 1/1] netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• [PATCH 0/1] ipset patch for nf tree
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• Re: [PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] datatype: initialize TYPE_CT_EVENTBIT slot in datatype array
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] datatype: initialize TYPE_CT_LABEL slot in datatype array
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft,v2] limit: display default burst when listing ruleset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: fix memory leak when more than 255 elements expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: fix memory leak when more than 255 elements expired
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: fix memory leak when more than 255 elements expired
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft] limit: display default burst when listing ruleset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/2] libnftables: move init-once guard inside xt_init()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 1/2] libnftables: drop gmp_init() and mp_set_memory_functions()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 1/1] netlink: fix leaking typeof_expr_data/typeof_expr_key in netlink_delinearize_set()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: fix memory leak when more than 255 elements expired
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 2/2] libnftables: move init-once guard inside xt_init()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/2] libnftables: drop gmp_init() and mp_set_memory_functions()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH libnetfilter_queue] doc: generate libnetfilter_queue.7 man page from HTML mainpage
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH nft,v2] evaluate: update mark datatype compatibility check from maps
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 1/1] tests/shell: honor NFT_TEST_FAIL_ON_SKIP variable to fail on any skipped tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/3] tests/shell: run `nft --check` on persisted dump files
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/3] tests/shell: simplify collecting error result in "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/3] tests/shell: fix preserving ruleset diff after test
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/3] tests/shell: colorize NFT_TEST_HAS_SOCKET_LIMITS
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/3] tests/shell: set C locale in "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/3] tests/shell: minor improvements to "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/3] tests/shell: don't show the exit status for failed tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft] evaluate: update mark datatype compatibility check from maps
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] evaluate: update mark datatype compatibility check from maps
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH -stable,4.19 0/2] netfilter stable fixes for 4.19
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH -stable,4.19 0/2] netfilter stable fixes for 4.19
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,4.19 1/2] netfilter: nft_flow_offload: fix underflow in flowtable reference counter
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH -stable,4.19 2/2] netfilter: nf_tables: missing NFT_TRANS_PREPARE_ERROR in flowtable deactivatation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft,v2] evaluate: expand sets and maps before evaluation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 01/14] tests/shell: add and use chain binding feature probe
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 13/14] tests/shell: implement NFT_TEST_HAVE_json feature detection as script
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 12/14] tests/shell: skip reset tests if kernel lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 05/14] tests/shell: skip bitshift tests if kernel lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 14/14] tests/shell: check diff in "maps/typeof_maps_0" and "sets/typeof_sets_0" test
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 10/14] tests/shell: skip test cases involving osf match if kernel lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 11/14] tests/shell: skip test cases if ct expectation and/or timeout lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 08/14] tests/shell: skip destroy tests if kernel lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 09/14] tests/shell: skip catchall tests if kernel lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 03/14] tests/shell: skip map query if kernel lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 06/14] tests/shell: skip some tests if kernel lacks netdev egress support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 04/14] tests/shell: skip inner matching tests if unsupported
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 02/14] tests/shell: skip netdev_chain_0 if kernel requires netdev device
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 00/14] tests/shell: fix tests to skip on lacking feature support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 07/14] tests/shell: skip inet ingress tests if kernel lacks support
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 2/3] tests/shell: skip "sets/reset_command_0" on unsupported reset command
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: Issue with counter and interval map
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] evaluate: expand sets and maps before evaluation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] evaluate: fix memleak in prefix evaluation with wildcard interface name
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: "Timo Sigurdsson" <public_timo.s@xxxxxxxxxxxxxx>
• Re: Issue with counter and interval map
  • From: Jann Haber <jannh@xxxxxxxxxx>
• [PATCH nft 1/3] tests/shell: cleanup creating dummy interfaces in tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/3] tests/shell: skip "sets/reset_command_0" on unsupported reset command
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/3] tests/shell: suggest 4Mb /proc/sys/net/core/{wmem_max,rmem_max} for rootless
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/3] shell/tests: cleanups and skip tests on Fedora 38
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/2] tests/shell: add feature probing via "features/*.nft" files
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/2] tests/shell: colorize NFT_TEST_SKIP_/NFT_TEST_HAVE_ in test output
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/2] tests/shell: add feature probing via "features/*.nft" files
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft] tests: add test for dormant on/off/on bug
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: disable toggling dormant table state more than once
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
  • From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
• [PATCH nft 1/1] netlink: fix leaking typeof_expr_data/typeof_expr_key in netlink_delinearize_set()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/1] tests/shell: honor CLICOLOR_FORCE to force coloring in run-tests.sh
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/1] tests/build: capture more output from "tests/build/run-tests.sh" script
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [RFC nft] icmpv6: Allow matching target address in NS/NA, redirect and MLD
  • From: Nicolas Cavallari <nicolas.cavallari@xxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH v2 libnetfilter_conntrack 2/2] utils: add NFCT_FILTER_DUMP_TUPLE example
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 libnetfilter_conntrack 1/2] Adding NFCT_FILTER_DUMP_TUPLE in filter_dump_attr, using kernel CTA_FILTER API
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [iptables PATCH] include: linux: Update kernel.h
  • From: Phil Sutter <phil@xxxxxx>
• Re: [iptables PATCH] nft: Fix for useless meta expressions in rule
  • From: Phil Sutter <phil@xxxxxx>
• Re: [iptables PATCH] tests: shell: Fix for ineffective 0007-mid-restore-flush_0
  • From: Phil Sutter <phil@xxxxxx>
• Re: [iptables PATCH] extensions: Fix checking of conntrack --ctproto 0
  • From: Phil Sutter <phil@xxxxxx>
• Re: [iptables PATCH] Revert --compat option related commits
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 2/2] scanner: restrict include directive to regular files
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 1/2] libnftables: refuse to open onput files other than named pipes or regular files
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• [iptables PATCH] tests: shell: Fix for ineffective 0007-mid-restore-flush_0
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH] extensions: Fix checking of conntrack --ctproto 0
  • From: Phil Sutter <phil@xxxxxx>
• Re: Issue with counter and interval map
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 9/9] selftests: netfilter: Test nf_tables audit logging
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 8/9] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 7/9] netfilter: conntrack: fix extension size table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 6/9] netfilter: nf_tables: disallow element removal on anonymous sets
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 4/9] netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 2/9] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 3/9] netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 5/9] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 1/9] netfilter: nf_tables: disallow rule removal from chain binding
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 0/9] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v3 1/2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf PATCH v3 0/2] nf_tables: follow-up on audit fix, add selftest
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: conntrack: fix extension size table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v3 1/2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Florian Westphal <fw@xxxxxxxxx>
• Issue with counter and interval map
  • From: Jann Haber <jannh@xxxxxxxxxx>
• [PATCH nft 1/2] tests/shell: exit 77 from "run-tests.sh" if all tests were skipped
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/2] tests/shell: accept $NFT_TEST_TMPDIR_TAG for the result directory
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 4/6] tests/shell: special handle base path starting with "./"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 6/6] tools: add "tools/check-tree.sh" script to check consistency of nft dumps
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/6] tests/shell: remove spurious .nft dump files
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 3/6] tests/shell: add missing nft/nodump files for tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/6] tests/shell: drop unstable dump for "transactions/0051map_0" test
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/6] adjust nft dump files and add check-tree script
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 5/6] tests/shell: in find_tests() use C locale for sorting tests names
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [ANNOUNCE] nftlb 1.0.9 release
  • From: Laura García Liébana <nevola@xxxxxxxxx>
• [nf PATCH v3 2/2] selftests: netfilter: Test nf_tables audit logging
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v3 1/2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH v3 0/2] nf_tables: follow-up on audit fix, add selftest
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 3/3] tests/shell: add option to shuffle execution order of tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/3] tests/shell: export NFT_TEST_RANDOM_SEED variable for tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/3] tests/shell: add "random-source.sh" helper for random-source for sort/shuf
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 0/3] add NFT_TEST_RANDOM_SEED and shuffle tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/2] tests/shell: ensure vgdb-pipe files are deleted from "nft-valgrind-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/2] tests/shell: kill running child processes when aborting "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [nf-next RFC 2/2] selftests: netfilter: Test nf_tables audit logging
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: Salvatore Bonaccorso <carnil@xxxxxxxxxx>
• LPC 2023 Networking and BPF Track CFP (Reminder)
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: "Timo Sigurdsson" <public_timo.s@xxxxxxxxxxxxxx>
• [iproute2] xfrm: add udp standalone encapsulation mode
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: "Timo Sigurdsson" <public_timo.s@xxxxxxxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf] netfilter: conntrack: fix extension size table
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: "Linux regression tracking (Thorsten Leemhuis)" <regressions@xxxxxxxxxxxxx>
• [PATCH nft v2] datatype: fix leak and cleanup reference counting for struct datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [nft PATCH] datatype: fix leak and cleanup reference counting for struct datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH RFC libnetfilter_queue] doc: Get rid of DEPRECATED tag (Work In Progress)
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: Race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  • From: Kyle Zeng <zengyhkyle@xxxxxxxxx>
• Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: "Timo Sigurdsson" <public_timo.s@xxxxxxxxxxxxxx>
• Re: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] nlmsg, attr: fix false positives when validating buffer sizes
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH] datatype: fix leak and cleanup reference counting for struct datatype
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 1/2] parser_bison: include <nft.h> for base C environment to "parser_bison.y"
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 2/2] include: include <stdlib.h> in <nft.h>
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] nlmsg, attr: fix false positives when validating buffer sizes
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nft PATCH] datatype: fix leak and cleanup reference counting for struct datatype
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH libmnl] nlmsg, attr: fix false positives when validating buffer sizes
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
  • From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
• Re: [PATCH AUTOSEL 4.14 6/8] netfilter: ebtables: fix fortify warnings in size_entry_mwt()
  • From: Pavel Machek <pavel@xxxxxxx>
• Re: [PATCH libmnl] nlmsg, attr: fix false positives when validating buffer sizes
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• Re: [PATCH RFC libnetfilter_queue] doc: Get rid of DEPRECATED tag (Work In Progress)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH RFC libnetfilter_queue] doc: Get rid of DEPRECATED tag (Work In Progress)
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libmnl] nlmsg, attr: fix false positives when validating buffer sizes
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: disallow element removal on anonymous sets
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH AUTOSEL 5.10 11/14] netfilter: ebtables: fix fortify warnings in size_entry_mwt()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.4 30/41] netfilter: ebtables: fix fortify warnings in size_entry_mwt()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 5.15 12/15] netfilter: ebtables: fix fortify warnings in size_entry_mwt()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 4.14 6/8] netfilter: ebtables: fix fortify warnings in size_entry_mwt()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.1 20/26] netfilter: ebtables: fix fortify warnings in size_entry_mwt()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.5 33/45] netfilter: ebtables: fix fortify warnings in size_entry_mwt()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH nft 1/1] datatype: rename "dtype_clone()" to datatype_clone()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/2] include: include <stdlib.h> in <nft.h>
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/2] parser_bison: include <nft.h> for base C environment to "parser_bison.y"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/1] cache: avoid accessing uninitialized varible in implicit_chain_cache()
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [nf-next RFC 2/2] selftests: netfilter: Test nf_tables audit logging
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 0/2] tests/shell: add mechanism for skipping (for no JSON and slow)
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/2] tests/shell: skip tests if nft does not support JSON mode
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/2] tests/shell: add "--quick" option to skip slow tests (via NFT_TEST_SKIP_slow=y)
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [nf PATCH v2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf-next RFC 2/2] selftests: netfilter: Test nf_tables audit logging
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH v2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 1/1] tests/shell: set valgrind's "--vgdb-prefix=" to orignal TMPDIR
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/1] tests/shell: print number of completed tests to show progress
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 2/4] tests/shell: generate and add ".nft" dump files for existing tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 1/4] tests/shell: honor .nodump file for tests without nft dumps
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 4/4] tests/shell: add ".nft" dump files for tests without dumps/ directory
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 3/4] tests/shell: add missing ".nodump" file for tests without dumps
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 0/4] tests/shell: add missing .nft and .nodump files
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [nf PATCH v2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft 5/6] build: drop recursive make for "examples/Makefile.am"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 5/6] build: drop recursive make for "examples/Makefile.am"
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 2/2] tests/shell: add missing ".nodump" file for tests without dumps
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 2/2] tests/shell: add missing ".nodump" file for tests without dumps
  • From: Florian Westphal <fw@xxxxxxxxx>
• [nf PATCH v2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf PATCH 1/2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH nf 4/4] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 3/4] netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 2/4] netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 1/4] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf,v2] netfilter: nf_tables: disallow rule removal from chain binding
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nf-next RFC 2/2] selftests: netfilter: Test nf_tables audit logging
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 1/2] netfilter: nf_tables: Fix entries val in rule reset audit log
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH 0/2] nf_tables: follow-up on audit fix, propose kselftest
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft 10/11] tests/shell: record wall time of test run in result data
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 08/11] tests/shell: print "kernel is tainted" separate from test result
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 11/11] tests/shell: set NFT_TEST_JOBS based on $(nproc)
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 09/11] tests/shell: no longer enable verbose output when selecting a test
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 05/11] tests/shell: print the NFT setting with the VALGRIND=y wrapper
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 07/11] tests/shell: redirect output of test script to file too
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 06/11] tests/shell: don't redirect error/warning messages to stderr
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 02/11] tests/shell: cleanup print_test_result() and show TAINTED error code
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 03/11] tests/shell: colorize terminal output with test result
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 04/11] tests/shell: fix handling failures with VALGRIND=y
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 01/11] tests/shell: cleanup result handling in "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 00/11] tests/shell: colorize output, fix VALGRIND mode
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft] tests/shell: return 77/skip for tests that fail to create dummy device
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 2/2] tests/shell: add missing ".nodump" file for tests without dumps
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft 1/2] tests/shell: honor .nodump file for tests without nft dumps
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH net 6/6] netfilter: nf_tables: Unbreak audit log reset
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH] uapi/netfilter: Change netfilter hook verdict code definition from macro to enum
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft v5 00/19] tests/shell: allow running tests as non-root
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net 1/6] netfilter: nftables: exthdr: fix 4-byte stack OOB write
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• [PATCH nf] netfilter: nf_tables: disallow rule removal from chain binding
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [syzbot] [arm?] [netfilter?] KASAN: slab-out-of-bounds Read in do_csum
  • From: Will Deacon <will@xxxxxxxxxx>
• Re: [syzbot] [arm?] [netfilter?] KASAN: slab-out-of-bounds Read in do_csum
  • From: Robin Murphy <robin.murphy@xxxxxxx>
• Re: [PATCH] uapi/netfilter: Change netfilter hook verdict code definition from macro to enum
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net 6/6] netfilter: nf_tables: Unbreak audit log reset
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: skip deactivation of deleted rules in bound chain
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net 6/6] netfilter: nf_tables: Unbreak audit log reset
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH] include: linux: Update kernel.h
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH] nft: Fix for useless meta expressions in rule
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH net 6/6] netfilter: nf_tables: Unbreak audit log reset
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 5/6] netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 4/6] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 3/6] netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 2/6] netfilter: nfnetlink_osf: avoid OOB read
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 1/6] netfilter: nftables: exthdr: fix 4-byte stack OOB write
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 0/6] netfilter updates for net
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft 4/5] tests: shell: add and use feature probe for map query like a set
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 1/5] tests: add feature probing
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 2/5] tests: shell: let netdev_chain_0 test indicate SKIP if kernel requires netdev device
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [GIT PULL] sysctl changes for v6.6-rc1
  • From: Joel Granados <j.granados@xxxxxxxxxxx>
• [PATCH nft v5 18/19] tests/shell: fix "0003includepath_0" for different TMPDIR
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 15/19] tests/shell: bind mount private /var/run/netns in test container
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 19/19] tests/shell: set TMPDIR for tests in "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 14/19] tests/shell: support running tests in parallel
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 12/19] tests/shell: move taint check to "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 17/19] tests/shell: record the test duration (wall time) in the result data
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 16/19] tests/shell: skip test in rootless that hit socket buffer size limit
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 13/19] tests/shell: move valgrind wrapper script to separate script
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 06/19] tests/shell: print test configuration
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 08/19] tests/shell: interpret an exit code of 77 from scripts as "skipped"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 11/19] tests/shell: rework printing of test results
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 10/19] tests/shell: move the dump diff handling inside "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 05/19] tests/shell: normalize boolean configuration in environment variables
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 07/19] tests/shell: run each test in separate namespace and allow rootless
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 09/19] tests/shell: support --keep-logs option (NFT_TEST_KEEP_LOGS=y) to preserve test output
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 03/19] tests/shell: check test names before start and support directories
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 04/19] tests/shell: export NFT_TEST_BASEDIR and NFT_TEST_TMPDIR for tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 02/19] tests/shell: rework finding tests and add "--list-tests" option
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 00/19] tests/shell: allow running tests as non-root
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v5 01/19] tests/shell: rework command line parsing in "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [GIT PULL] sysctl changes for v6.6-rc1
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC] tests: add feature probing
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH RFC] tests: add feature probing
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC] tests: add feature probing
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: Unbreak audit log reset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC] tests: add feature probing
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 1/5] tests: add feature probing
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATH nf v3] netfilter/osf: avoid OOB read
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] uapi/netfilter: Change netfilter hook verdict code definition from macro to enum
  • From: "David Wang" <00107082@xxxxxxx>
• Re: [PATCH nft 1/5] tests: add feature probing
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft] evaluate: fix get element for concatenated set
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] uapi/netfilter: Change netfilter hook verdict code definition from macro to enum
  • From: Daniel Xu <dxu@xxxxxxxxx>
• [PATCH nft v4 07/17] tests/shell: run each test in separate namespace and allow rootless
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 02/17] tests/shell: rework finding tests and add "--list-tests" option
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft v3 00/11] tests/shell: allow running tests as
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 14/17] tests/shell: bind mount private /var/run/netns in test container
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 12/17] tests/shell: move taint check to "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 15/17] tests/shell: skip test in rootless that hit socket buffer size limit
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 06/17] tests/shell: print test configuration
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 04/17] tests/shell: export NFT_TEST_BASEDIR and NFT_TEST_TMPDIR for tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 11/17] tests/shell: rework printing of test results
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft] evaluate: fix get element for concatenated set
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft 1/5] tests: add feature probing
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft 2/5] tests: shell: let netdev_chain_0 test indicate SKIP if kernel requires netdev device
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft v3 00/11] tests/shell: allow running tests as
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft v4 00/17] tests/shell: allow running tests as
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 10/17] tests/shell: move the dump diff handling inside "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 03/17] tests/shell: check test names before start and support directories
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 13/17] tests/shell: support running tests in parallel
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 08/17] tests/shell: interpret an exit code of 77 from scripts as "skipped"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [syzbot] [arm?] [netfilter?] KASAN: slab-out-of-bounds Read in do_csum
  • From: Will Deacon <will@xxxxxxxxxx>
• [PATCH nft v4 16/17] tests/shell: record the test duration for investigation
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 05/17] tests/shell: normalize boolean configuration in environment variables
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [syzbot] [arm?] [netfilter?] KASAN: slab-out-of-bounds Read in do_csum
  • From: Robin Murphy <robin.murphy@xxxxxxx>
• Re: [PATCH nft v3 00/11] tests/shell: allow running tests as
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft 1/5] tests: add feature probing
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft v4 01/17] tests/shell: rework command line parsing in "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v4 09/17] tests/shell: support --keep-logs option (NFT_TEST_KEEP_LOGS=y) to preserve test output
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft 1/5] tests: add feature probing
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft] tests: shell: 0043concatenated_ranges_0: re-enable all tests
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft 1/5] tests: add feature probing
  • From: Phil Sutter <phil@xxxxxx>
• Re: Race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
• [PATCH nft v4 17/17] tests/shell: set TMPDIR for tests in "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  • From: Kyle Zeng <zengyhkyle@xxxxxxxxx>
• [PATCH nft v3 11/11] tests/shell: support running tests in parallel
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 05/11] tests/shell: run each test in separate namespace and allow rootless
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 10/11] tests/shell: move taint check to "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 07/11] tests/shell: support --keep-logs option (NFT_TEST_KEEP_LOGS=y) to preserve test output
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 08/11] tests/shell: move the dump diff handling inside "test-wrapper.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 09/11] tests/shell: rework printing of test results
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 06/11] tests/shell: interpret an exit code of 77 from scripts as "skipped"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 03/11] tests/shell: check test names before start and support directories
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 02/11] tests/shell: rework finding tests and add "--list-tests" option
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 01/11] tests/shell: rework command line parsing in "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 04/11] tests/shell: export NFT_TEST_BASEDIR and NFT_TEST_TMPDIR for tests
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v3 00/11] tests/shell: allow running tests as
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH] uapi/netfilter: Change netfilter hook verdict code definition from macro to enum
  • From: David Wang <00107082@xxxxxxx>
• Re: [PATCH libnetfilter_log] libipulog: remove debugging printfs
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 5/5] tests: shell skip inner matching tests if unsupported
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 4/5] tests: shell: add and use feature probe for map query like a set
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 3/5] tests: shell: typeof_integer/raw: prefer @nh for payload matching
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 2/5] tests: shell: let netdev_chain_0 test indicate SKIP if kernel requires netdev device
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 1/5] tests: add feature probing
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 0/5] tests: shell: add and use feature probing
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH RFC] tests: add feature probing
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft v2 3/3] tests/shell: run each test in separate namespace and allow rootless
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libnetfilter_log] libipulog: remove debugging printfs
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• [PATCH libnetfilter_conntrack 2/2] conntrack: fix BPF for filtering IPv6 addresses
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• [PATCH libnetfilter_conntrack 1/2] Ignore `configure~`
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• Re: [PATCH nft v2 0/3] tests/shell: allow running tests as non-root
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft] doc: describe behaviour of {ip,ip6} length
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft,v2] evaluate: revisit anonymous set with single element optimization
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: ensure audit reset access to table under rcu read side lock
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] evaluate: revisit anonymous set with single element optimization
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC] tests: add feature probing
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 0/3] tests/shell: allow running tests as non-root
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 3/3] tests/shell: run each test in separate namespace and allow rootless
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 2/3] tests/shell: rework finding tests and add "--list-tests" option
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATCH nft v2 1/3] tests/shell: rework command line parsing in "run-tests.sh"
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• Re: [PATCH nft] tests/shell: allow running tests as non-root users
  • From: Thomas Haller <thaller@xxxxxxxxxx>
• [PATH nf v3] netfilter/osf: avoid OOB read
  • From: Wander Lairson Costa <wander@xxxxxxxxxx>
• Re: [RFC] netfilter: nf_tables: ignore -EOPNOTSUPP on flowtable device offload setup
  • From: Felix Fietkau <nbd@xxxxxxxx>
• Re: [RFC] netfilter: nf_tables: ignore -EOPNOTSUPP on flowtable device offload setup
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nf-next PATCH] netfilter: nf_tables: Utilize NLA_POLICY_NESTED_ARRAY
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH] netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH RFC] tests: add feature probing
  • From: Florian Westphal <fw@xxxxxxxxx>