Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

subcommand consolidation and -C option
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH] iptables: add -C to check for existing rules
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH] iptables: add -C to check for existing rules
- From: Stefan Tomanek <stefan.tomanek@xxxxxxxxxxxxx>
[PATCH v2 2/2] netfilter: xt_addrtype: ipv6 support.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 1/2] netfilter: ipt_addrtype: rename to xt_addrtype
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] iptables: add -C to check for existing rules
- From: Stefan Tomanek <stefan.tomanek@xxxxxxxxxxxxx>
Re: [PATCH] iptables: add -C to check for existing rules
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] iptables: add -C to check for existing rules
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter:ipset: fix the compile warning in ip_set_create
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: XT_CONTINUE/EBT_CONTINUE for universal modules
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
XT_CONTINUE/EBT_CONTINUE for universal modules
- From: Thomas Graf <tgraf@xxxxxxxxxxxxx>
[PATCH] iptables: add -C to check for existing rules
- From: Stefan Tomanek <stefan.tomanek@xxxxxxxxxxxxx>
Re: recommendations on implementing a custom Netfilter hook to QUEUE packets before their SEQ/ACK and size before fragmentation are known?
- From: Igor 'Lo' (И.L.) <bombsiteunrested@xxxxxxxxx>
Re: recommendations on implementing a custom Netfilter hook to QUEUE packets before their SEQ/ACK and size before fragmentation are known?
- From: fche@xxxxxxxxxx (Frank Ch. Eigler)
[PATCH 2/2] libxt_addrtype: ipv6 support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 1/2] libipt_addrtype: rename to libxt_addrtype
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] ip(6)tables-multi: unify subcommand handling
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH] ip(6)tables-multi: unify subcommand handling
- From: Stefan Tomanek <stefan.tomanek@xxxxxxxxxxxxx>
[PATCH] xtables-addon: Remove recursive function calls
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [PATCH net-next] netfilter:ipvs: use kmemdup
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH net-next] netfilter:ipvs: use kmemdup
- From: Shan Wei <shanwei@xxxxxxxxxxxxxx>
Re: [PATCH 03/18] ipvs: zero percpu stats
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH 03/18] ipvs: zero percpu stats
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH 01/18] ipvs: move struct netns_ipvs
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 09/18] IPVS: Add sysctl_sync_ver()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 06/18] IPVS: Add sysctl_snat_reroute()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 03/18] ipvs: zero percpu stats
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 11/18] IPVS: Add expire_quiescent_template()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 10/18] IPVS: Add sysctl_expire_nodest_conn()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 12/18] IPVS: Conditinally use sysctl_lblc{r}_expiration
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 13/18] IPVS: ip_vs_todrop() becomes a noop when CONFIG_SYSCTL is undefined
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 07/18] IPVS: Add sysctl_nat_icmp_send()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 05/18] IPVS: Add ip_vs_route_me_harder()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 08/18] IPVS: Add {sysctl_sync_threshold,period}()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 14/18] IPVS: Conditional ip_vs_conntrack_enabled()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 15/18] IPVS: Minimise ip_vs_leave when CONFIG_SYSCTL is undefined
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 16/18] IPVS: Conditionally define and use ip_vs_lblc{r}_table
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 18/18] IPVS: Conditionally include sysctl members of struct netns_ipvs
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 17/18] IPVS: Add __ip_vs_control_{init,cleanup}_sysctl()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 02/18] ipvs: reorganize tot_stats
- From: Simon Horman <horms@xxxxxxxxxxxx>
[patch v2 ] IPVS: Conditionally include sysctl code
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 04/18] ipvs: remove unused seqcount stats
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 2/2] netfilter: xt_addrtype: ipv6 support.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 3/3] build: support compilation on non-Linuxes
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 2/3] include: use sanitized header from headers_install
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/3] src: use limits.h header
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
libmnl: other OS support
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
libnetfilter_queue: Some accepted packets get lost
- From: "Fabien C." <7o5fzvj4duxjxzp@xxxxxxxxxxx>
Re: [PATCH] netfilter:ipset: fix the compile warning in ip_set_create
- From: Shan Wei <shanwei@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter:ipset: fix the compile warning in ip_set_create
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH] netfilter:ipset: fix the compile warning in ip_set_create
- From: Shan Wei <shanwei@xxxxxxxxxxxxxx>
Re: linux-next: Tree for February 10 (netfilter)
- From: Randy Dunlap <randy.dunlap@xxxxxxxxxx>
Re: [GIT PULL nf-2.6] IPVS
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [GIT PULL nf-2.6] IPVS
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [GIT PULL nf-2.6] IPVS
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [GIT PULL nf-2.6] IPVS
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0
- From: "\"Oleg A. Arkhangelsky\"" <sysoleg@xxxxxxxxx>
Re: [PATCH 00/13] netfilter: netfilter update
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 0/2] netfilter: netfilter fixes for 2.6.38
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0
- From: Changli Gao <xiaosuo@xxxxxxxxx>
[PATCH 06/13] netfilter: nfnetlink_log: remove unused parameter
- From: kaber@xxxxxxxxx
[PATCH 05/13] netfilter: xt_conntrack: warn about use in raw table
- From: kaber@xxxxxxxxx
[PATCH 00/13] netfilter: netfilter update
- From: kaber@xxxxxxxxx
[PATCH 03/13] bridge: netfilter: fix information leak
- From: kaber@xxxxxxxxx
[PATCH 07/13] ipvs: fix timer in get_curr_sync_buff
- From: kaber@xxxxxxxxx
[PATCH 04/13] Revert "netfilter: xt_connlimit: connlimit-above early loop termination"
- From: kaber@xxxxxxxxx
[PATCH 10/13] ipvs: use hlist instead of list
- From: kaber@xxxxxxxxx
[PATCH 09/13] ipvs: make "no destination available" message more informative
- From: kaber@xxxxxxxxx
[PATCH 08/13] ipvs: remove extra lookups for ICMP packets
- From: kaber@xxxxxxxxx
[PATCH 12/13] ipvs: unify the formula to estimate the overhead of processing connections
- From: kaber@xxxxxxxxx
[PATCH 13/13] netfilter: nf_ct_tcp: fix out of sync scenario while in SYN_RECV
- From: kaber@xxxxxxxxx
[PATCH 11/13] ipvs: use enum to instead of magic numbers
- From: kaber@xxxxxxxxx
[PATCH 02/13] netfilter: xt_connlimit: connlimit-above early loop termination
- From: kaber@xxxxxxxxx
[PATCH 01/13] netfilter: ipset: add dependency on CONFIG_NETFILTER_NETLINK
- From: kaber@xxxxxxxxx
[PATCH 1/2] ipvs: fix dst_lock locking on dest update
- From: kaber@xxxxxxxxx
[PATCH 2/2] netfilter: nf_log: avoid oops in (un)bind with invalid nfproto values
- From: kaber@xxxxxxxxx
[PATCH 0/2] netfilter: netfilter fixes for 2.6.38
- From: kaber@xxxxxxxxx
Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0
- From: Patrick McHardy <kaber@xxxxxxxxx>
ulogd2 - INSERT_OR_REPLACE_CT for MySQL
- From: SPONEM Benoît <b.sponem@xxxxxxxxxxx>
Re: [patch] nf_log: avoid oops in (un)bind with invalid nfproto values
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [GIT PULL nf-2.6] IPVS
- From: Patrick McHardy <kaber@xxxxxxxxx>
recommendations on implementing a custom Netfilter hook to QUEUE packets before their SEQ/ACK and size before fragmentation are known?
- From: Igor 'Lo' (И.L.) <bombsiteunrested@xxxxxxxxx>
nfqueue: nfq_set_verdict(...., len), where len > MTU?
- From: Igor 'Lo' (И.L.) <bombsiteunrested@xxxxxxxxx>
[PATCH] ipvs: fix dst_lock locking on dest update
- From: Simon Horman <horms@xxxxxxxxxxxx>
[GIT PULL nf-2.6] IPVS
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: iptables: option parsing inversion fix
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 2/2] doc: add VERSION section to manpages
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/2] iptables: fix an inversion
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: option parsing inversion fix
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [stable] [patch] fix nla_policy_len to actually _iterate_ over the policy
- From: Greg KH <greg@xxxxxxxxx>
[patch] fix nla_policy_len to actually _iterate_ over the policy
- From: Lars Ellenberg <lars.ellenberg@xxxxxxxxxx>
Re: [patch] fix nla_policy_len to actually _iterate_ over the policy
- From: David Miller <davem@xxxxxxxxxxxxx>
[patch] nf_log: avoid oops in (un)bind with invalid nfproto values
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re:[ANNOUNCE] conntrack-tools 0.9.15 released
- From: xuhainanjing <xuhainanjing@xxxxxxx>
Re:[ANNOUNCE]: Release of iptables-1.4.9.1
- From: xuhainanjing <xuhainanjing@xxxxxxx>
Re:[ANNOUNCE] conntrack-tools 1.0.0 released
- From: xuhainanjing <xuhainanjing@xxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [GIT PULL nf-next-2.6] IPVS
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: iptables: docs & address parsing
- From: Patrick McHardy <kaber@xxxxxxxxx>
[ANNOUNCE] conntrack-tools 1.0.0 released
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Igor 'Lo' (И.L.) <bombsiteunrested@xxxxxxxxx>
[PATCH 9/9] xtables: use all IPv6 addresses resolved from a hostname
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 5/9] libxtables: fix memory scribble beyond end of array
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 8/9] xtables: fix the broken detection/removal of redundant addresses
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 7/9] xtables: fix excessive memory allocation in host_to_ipaddr
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 6/9] libxtables: avoid confusing use of ai_protocol=IPPROTO_IPV6
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 3/9] libxt_quota: require --quota to be specified
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 4/9] doc: rateest options can be optional
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 2/9] doc: fix odd partial sentence in libipt_TTL
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/9] doc: mention other possible nf_loggers for TRACE
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: docs & address parsing
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Changli Gao <xiaosuo@xxxxxxxxx>
[PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] improvement for TCP connection tracking
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[GIT PULL nf-next-2.6] IPVS
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 2/3] ipvs: use enum to instead of magic numbers
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 1/3] ipvs: use hlist instead of list
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 3/3] ipvs: unify the formula to estimate the overhead of processing connections
- From: Simon Horman <horms@xxxxxxxxxxxx>
NFQUEUE: best way to deal with changed SEQ/ACK in a stream?
- From: Igor 'Lo' (И.L.) <bombsiteunrested@xxxxxxxxx>
[ANNOUNCE] libnetfilter_conntrack 0.9.1 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] ipvs: use enum to instead of magic numbers
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH] ipvs: use enum to instead of magic numbers
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [PATCH v2] ipvs: unify the formula to estimate the overhead of processing connections
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH v2] ipvs: unify the formula to estimate the overhead of processing connections
- From: Simon Horman <horms@xxxxxxxxxxxx>
Kernel panic nf_nat_setup_info+0x5b3/0x6e0
- From: "\"Oleg A. Arkhangelsky\"" <sysoleg@xxxxxxxxx>
Re: iptables: misc option edits
- From: Patrick McHardy <kaber@xxxxxxxxx>
tproxy + bridge - possible redundant skb_orphan call ?
- From: Haim Daniel <Haim.Daniel@xxxxxxxxxx>
Re: [PATCH v2] ipvs: unify the formula to estimate the overhead of processing connections
- From: Wensong Zhang <wensong@xxxxxxxxxxxx>
Re: [PATCH v2] ipvs: unify the formula to estimate the overhead of processing connections
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] ipvs: use hlist instead of list
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: xtables: various fixes for handling multiple src/dst addresses
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 4/4] xtables: use the correct loop count when applying masks to addresses
- From: Wes Campaigne <westacular@xxxxxxxxx>
[PATCH 3/4] xtables: fix the broken detection/removal of redundant addresses
- From: Wes Campaigne <westacular@xxxxxxxxx>
[PATCH 2/4] xtables: fix excessive memory allocation in host_to_ipaddr
- From: Wes Campaigne <westacular@xxxxxxxxx>
[PATCH 1/4] xtables: use *all* IPv6 addresses resolved from a hostname
- From: Wes Campaigne <westacular@xxxxxxxxx>
xtables: various fixes for handling multiple src/dst addresses
- From: Wes Campaigne <westacular@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Stephen Hemminger <shemminger@xxxxxxxxxx>
[PATCH 2/2] netfilter: ctnetlink: fix missing refcount increment during dumps
- From: Stephen Hemminger <shemminger@xxxxxxxxxx>
[PATCH 1/2] netfilter: fix race in conntrack between dump_table and destroy
- From: Stephen Hemminger <shemminger@xxxxxxxxxx>
Re: [PATCH 0/2] netfilter: netfilter fixes for 2.6.38
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [conntrack_ftp] ftp _server_ behind dnat
- From: Klaus Ethgen <Klaus+lkml@xxxxxxxxx>
Re: [conntrack_ftp] ftp _server_ behind dnat
- From: Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx>
Re: [conntrack_ftp] ftp _server_ behind dnat
- From: Klaus Ethgen <Klaus+lkml@xxxxxxxxx>
[PATCH 8/8] libipt_ECN: set proper option flags
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 6/8] libip6t_hbh: remove unimplemented --hbh-not-strict
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 7/8] extensions: add missing checks for specific flags
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 5/8] libip6t_dst: remove unimplemented --dst-not-strict
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 3/8] extensions: remove redundant init functions
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 4/8] Remove unused CVS expanded keywords
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 2/8] doc: fix misspelling of "field"
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/8] doc: fix wrong sentence about negation in xt_limit
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: misc option edits
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/2] netfilter: tproxy: do not assign timewait sockets to skb->sk
- From: kaber@xxxxxxxxx
[PATCH 0/2] netfilter: netfilter fixes for 2.6.38
- From: kaber@xxxxxxxxx
[PATCH 2/2] netfilter: ip6t_LOG: fix a flaw in printing the MAC
- From: kaber@xxxxxxxxx
[PATCH] ipvs: use hlist instead of list
- From: Changli Gao <xiaosuo@xxxxxxxxx>
[PATCH v2] ipvs: unify the formula to estimate the overhead of processing connections
- From: Changli Gao <xiaosuo@xxxxxxxxx>
[PATCH] ipvs: unify the formula to estimate the overhead of processing connections
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: Patrick McHardy <kaber@xxxxxxxxx>
[Fwd: [Bug 29332] xt_recent handles "! --update" wrong]
- From: Valentijn Sessink <valentijn@xxxxxxxxxx>
Re: [RFH] bridge: add new target NFQUEUE for ebtables
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: Florian Westphal <fw@xxxxxxxxx>
Re: any way to reset all marked connections when using CONNMARK?
- From: Chris Friesen <chris.friesen@xxxxxxxxxxx>
Re: [PATCH] Fix a flaw in printing the MAC
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH] Fix a flaw in printing the MAC
- From: Joerg Marx <joerg.marx@xxxxxxxxxxx>
Re: [RFH] bridge: add new target NFQUEUE for ebtables
- From: Pierre Chifflier <chifflier@xxxxxxxxxxx>
Re: [PATCH] xtables: use strspn() to check if string needs to be quoted
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [RFH] bridge: add new target NFQUEUE for ebtables
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: can libnetfilter_conntrack be used to write a userspace connection tracker?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: can libnetfilter_conntrack be used to write a userspace connection tracker?
- From: Sam Roberts <vieuxtech@xxxxxxxxx>
Re: [RFH] bridge: add new target NFQUEUE for ebtables
- From: Pierre Chifflier <chifflier@xxxxxxxxxxx>
Re: iptables: spaces, spaces.
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: can libnetfilter_conntrack be used to write a userspace connection tracker?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [GIT PULL nf-next-2.6] IPVS
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: KOVACS Krisztian <hidden@xxxxxxxxxx>
[GIT PULL nf-next-2.6] IPVS
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 2/3] ipvs: remove extra lookups for ICMP packets
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 3/3] ipvs: make "no destination available" message more informative
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 1/3] ipvs: fix timer in get_curr_sync_buff
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 3/3] extensions: fix indent of vtable
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: spaces, spaces.
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 2/3] libxt_devgroup: option whitespace update following v1.4.10-49-g7386635
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/3] ip6tables: spacing fixes for -o argument
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: can libnetfilter_conntrack be used to write a userspace connection tracker?
- From: Sam Roberts <vieuxtech@xxxxxxxxx>
kernel bug while trying to create expectations in user-space
- From: Sam Roberts <vieuxtech@xxxxxxxxx>
Re: any way to reset all marked connections when using CONNMARK?
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: any way to reset all marked connections when using CONNMARK?
- From: Chris Friesen <chris.friesen@xxxxxxxxxxx>
Re: [PATCH 1/1] netfilter: nfnetlink_log: remove unused parameter
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 1/1] netfilter: nfnetlink_log: remove unused parameter
- From: Florian Westphal <fw@xxxxxxxxx>
Re: H.225.0 "Connect" packet dropped (fwd)
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 00/01] netfilter: netfilter fixes
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 00/01] netfilter: netfilter fixes
- From: kaber@xxxxxxxxx
[PATCH 01/01] netfilter: nf_iterate: fix incorrect RCU usage
- From: kaber@xxxxxxxxx
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] [connlimit] Revert 44bd4de9
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] [connlimit] Revert 44bd4de9
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH] bridge: netfilter: fix information leak
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] [connlimit] Revert 44bd4de9
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH] [connlimit] Revert 44bd4de9
- From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
Re: H.225.0 "Connect" packet dropped (fwd)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: Possible netfilter-related memory corruption in 2.6.37
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Possible netfilter-related memory corruption in 2.6.37
- From: Avi Kivity <avi@xxxxxxxxxx>
[PATCH 1/1] tproxy: do not assign timewait sockets to skb->sk
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] bridge: netfilter: fix information leak
- From: Vasiliy Kulikov <segoon@xxxxxxxxxxxx>
Re: linux-next: Tree for February 10 (netfilter)
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH] xtables: use strspn() to check if string needs to be quoted
- From: Max Kellermann <max@xxxxxxxxxxx>
Re: [PATCH] [connlimit] connlimit-above early loop termination
- From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
Re: any way to reset all marked connections when using CONNMARK?
- From: Andrew Beverley <andy@xxxxxxxxxxx>
Re: any way to reset all marked connections when using CONNMARK?
- From: Steven Kath <steven.kath@xxxxxxxxxx>
any way to reset all marked connections when using CONNMARK?
- From: Chris Friesen <chris.friesen@xxxxxxxxxxx>
Re: [PATCH] [connlimit] connlimit-above early loop termination
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: iptables: option fix
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH] [connlimit] connlimit-above early loop termination
- From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH] iptables: fix segfault target option parsing
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: option fix
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxxx>
Re: GRO/GSO hiding PMTU?
- From: David Miller <davem@xxxxxxxxxxxxx>
GRO/GSO hiding PMTU?
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: linux-next: Tree for February 10 (netfilter)
- From: Randy Dunlap <randy.dunlap@xxxxxxxxxx>
Re: Kernel crash with repeated NF invocation
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH 0/1] netfilter: netfilter fixes
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 0/2] netfilter: netfilter update
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: linux-next: Tree for February 3 (netfilter)
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: linux-next: Tree for February 3 (netfilter)
- From: Randy Dunlap <randy.dunlap@xxxxxxxxxx>
[PATCH 1/1] netfilter: nf_conntrack: set conntrack templates again if we return NF_REPEAT
- From: kaber@xxxxxxxxx
[PATCH 0/1] netfilter: netfilter fixes
- From: kaber@xxxxxxxxx
[PATCH 0/2] netfilter: netfilter update
- From: kaber@xxxxxxxxx
[PATCH 2/2] IPVS: precedence bug in ip_vs_sync_switch_mode()
- From: kaber@xxxxxxxxx
[PATCH 1/2] IPVS: Use correct lock in SCTP module
- From: kaber@xxxxxxxxx
Re: linux-next: Tree for February 3 (netfilter)
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: iptables: clean up main command loop
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack: set conntrack templates again if we return NF_REPEAT
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [GIT PULL nf-next-2.6] IPVS
- From: Patrick McHardy <kaber@xxxxxxxxx>
Using iptables CONNMARK target and match in filter table
- From: Ratnaraj Mirgal <ratnaraj20@xxxxxxxxx>
[PATCH 11/11] iptables: fix error message for unknown options
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 09/11] src: move jump option handling from do_command6 into its own function
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 10/11] src: move match option handling from do_command6 into its own functions
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 08/11] src: unclutter command_default function
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 07/11] src: deduplicate and simplify implicit protocol extension loading
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 06/11] src: put shared option flags into xshared
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 05/11] src: move OPT_FRAGMENT to the end so the list can be shared
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 04/11] src: deduplicate find_proto function
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 03/11] src: share iptables_command_state across the two programs
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 02/11] src: move large default: block from do_command6 into its own function
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 01/11] src: collect do_command variables in a struct
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: clean up main command loop
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: Xtables2 A7 spec draft
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: Xtables2 A7 spec draft
- From: James Nurmi <jdnurmi@xxxxxx>
[PATCH] netfilter: nf_conntrack: set conntrack templates again if we return NF_REPEAT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] One fix for iptables' CT event filtering
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [patch] IPVS: precedence bug in ip_vs_sync_switch_mode()
- From: "Hans Schillstrom" <hans@xxxxxxxxxxxxxxx>
[PATCH] IPVS: precedence bug in ip_vs_sync_switch_mode()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[GIT PULL nf-next-2.6] IPVS
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [patch] IPVS: precedence bug in ip_vs_sync_switch_mode()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[patch] IPVS: precedence bug in ip_vs_sync_switch_mode()
- From: Dan Carpenter <error27@xxxxxxxxx>
[PATCH] libxt_cluster: fix inversion in the cluster match
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Xtables2 A7 spec draft
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: Xtables2 A7 spec draft
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: Xtables2 A7 spec draft
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: linux-next: Tree for February 3 (netfilter)
- From: Randy Dunlap <randy.dunlap@xxxxxxxxxx>
Re: linux-next: Tree for February 3 (netfilter)
- From: Randy Dunlap <randy.dunlap@xxxxxxxxxx>
Re: [PATCH 1/3] Make the afinfo structure optional in nf_queue and nf_reinject
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
Re: [PATCH 3/3] bridge: add new target NFQUEUE for ebtables
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 3/3] bridge: add new target NFQUEUE for ebtables
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
Re: [PATCH 7/8] libxtables: symbol visibility
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/3] Make the afinfo structure optional in nf_queue and nf_reinject
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 3/3] bridge: add new target NFQUEUE for ebtables
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 7/8] libxtables: symbol visibility
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: WIP/RFC: add new module ebt_NFQUEUE for ebtables
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: WIP/RFC: add new module ebt_NFQUEUE for ebtables
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 7/8] libxtables: symbol visibility
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 8/8] libxtables: symbol versioning
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 7/8] libxtables: symbol visibility
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 5/8] iptables: fix error message for unknown options
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 6/8] build: directly use config.h in internal.h
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 4/8] iptables: reduce indentation of parse loop (3/3)
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 3/8] iptables: use variable as shortcut in parse loop
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 2/8] iptables: reduce indentation of parse loop (2/3)
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/8] iptables: reduce indentation of parse loop (1/3)
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: mainloop cleanup, symbol vis+versioning
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: WIP/RFC: add new module ebt_NFQUEUE for ebtables
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: WIP/RFC: add new module ebt_NFQUEUE for ebtables
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
[PATCH 04/14] IPVS: Add {sysctl_sync_threshold,period}()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 08/14] IPVS: Conditinally use sysctl_lblc{r}_expiration
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 06/14] IPVS: Add sysctl_expire_nodest_conn()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 05/14] IPVS: Add sysctl_sync_ver()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 11/14] IPVS: Minimise ip_vs_leave when CONFIG_SYSCTL is undefined
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 14/14] IPVS: Conditionally include sysctl members of struct netns_ipvs
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 10/14] IPVS: Conditional ip_vs_conntrack_enabled()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 13/14] IPVS: Add __ip_vs_control_{init,cleanup}_sysctl()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 12/14] IPVS: Conditionally define and use ip_vs_lblc{r}_table
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 01/14] IPVS: Add ip_vs_route_me_harder()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[rfc] IPVS: Remove conditionally include sysctl code
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 09/14] IPVS: ip_vs_todrop() becomes a noop when CONFIG_SYSCTL is undefined
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 07/14] IPVS: Add expire_quiescent_template()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 03/14] IPVS: Add sysctl_nat_icmp_send()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 02/14] IPVS: Add sysctl_snat_reroute()
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: Kernel crash with repeated NF invocation
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: WIP/RFC: add new module ebt_NFQUEUE for ebtables
- From: Bart De Schuymer <bdschuym@xxxxxxxxxx>
MASQUERADE selects wrong source IP for overlapping networks
- From: "Mario 'BitKoenig' Holbe" <Mario.Holbe@xxxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Hans Schillstrom <hans@xxxxxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Hans Schillstrom <hans@xxxxxxxxxxxxxxx>
Re: ulogd2: build fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Kernel crash with repeated NF invocation
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
WIP/RFC: add new module ebt_NFQUEUE for ebtables
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
[PATCH 2/3] bridge: add support for the EBT_QUEUE target
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
[PATCH 3/3] bridge: add new target NFQUEUE for ebtables
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
[PATCH 1/3] Make the afinfo structure optional in nf_queue and nf_reinject
- From: Pierre Chifflier <chifflier@xxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Hans Schillstrom <hans.schillstrom@xxxxxxxxxxxx>
Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/2] NETFILTER new target module, HMARK
- From: Hans Schillstrom <hans.schillstrom@xxxxxxxxxxxx>
[PATCH] NETFILTER module xt_hmark new target for HASH MARK
- From: Hans Schillstrom <hans.schillstrom@xxxxxxxxxxxx>
[PATCH] NETFILTER userspace part for target HMARK
- From: Hans Schillstrom <hans.schillstrom@xxxxxxxxxxxx>
[ANNOUNCE] ipset-6.0 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 0/4] netfilter: netfilter fixes
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 4/4] netfilter: ecache: always set events bits, filter them later
- From: kaber@xxxxxxxxx
[PATCH 2/4] netfilter: xt_iprange: Incorrect xt_iprange boundary check for IPv6
- From: kaber@xxxxxxxxx
[PATCH 1/4] netfilter: ctnetlink: fix missing refcount increment during dumps
- From: kaber@xxxxxxxxx
[PATCH 0/4] netfilter: netfilter fixes
- From: kaber@xxxxxxxxx
[PATCH 3/4] netfilter: arpt_mangle: fix return values of checkentry
- From: kaber@xxxxxxxxx
Re: [PATCH 00/26] netfilter: netfilter update
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 04/26] netfilter: ipset: bitmap:ip,mac type support
- From: kaber@xxxxxxxxx
[PATCH 05/26] netfilter: ipset; bitmap:port set type support
- From: kaber@xxxxxxxxx
[PATCH 08/26] netfilter: ipset: hash:ip,port,ip set type support
- From: kaber@xxxxxxxxx
[PATCH 06/26] netfilter: ipset: hash:ip set type support
- From: kaber@xxxxxxxxx
[PATCH 02/26] netfilter: ipset: IP set core support
- From: kaber@xxxxxxxxx
[PATCH 07/26] netfilter: ipset: hash:ip,port set type support
- From: kaber@xxxxxxxxx
[PATCH 10/26] netfilter: ipset: hash:net set type support
- From: kaber@xxxxxxxxx
[PATCH 11/26] netfilter: ipset: hash:net,port set type support
- From: kaber@xxxxxxxxx
[PATCH 09/26] netfilter: ipset: hash:ip,port,net set type support
- From: kaber@xxxxxxxxx
[PATCH 12/26] netfilter: ipset: list:set set type support
- From: kaber@xxxxxxxxx
[PATCH 03/26] netfilter: ipset: bitmap:ip set type support
- From: kaber@xxxxxxxxx
[PATCH 13/26] netfilter: xtables: "set" match and "SET" target support
- From: kaber@xxxxxxxxx
[PATCH 17/26] IPVS: use z modifier for sizeof() argument
- From: kaber@xxxxxxxxx
[PATCH 18/26] IPVS: remove duplicate initialisation or rs_table
- From: kaber@xxxxxxxxx
[PATCH 16/26] netfilter: ctnetlink: fix ctnetlink_parse_tuple() warning
- From: kaber@xxxxxxxxx
[PATCH 19/26] IPVS: Remove unused variables
- From: kaber@xxxxxxxxx
[PATCH 15/26] netfilter: ipset: remove unnecessary includes
- From: kaber@xxxxxxxxx
[PATCH 21/26] IPVS: Remove ip_vs_sync_cleanup from section __exit
- From: kaber@xxxxxxxxx
[PATCH 22/26] netfilter: ipset: install ipset related header files
- From: kaber@xxxxxxxxx
[PATCH 20/26] IPVS: Allow compilation with CONFIG_SYSCTL disabled
- From: kaber@xxxxxxxxx
[PATCH 24/26] netfilter: ipset: fix linking with CONFIG_IPV6=n
- From: kaber@xxxxxxxxx
[PATCH 23/26] netfilter: ipset: add missing break statemtns in ip_set_get_ip_port()
- From: kaber@xxxxxxxxx
[PATCH 14/26] netfilter: ipset: use nla_parse_nested()
- From: kaber@xxxxxxxxx
[PATCH 25/26] netfilter: ipset: send error message manually
- From: kaber@xxxxxxxxx
[PATCH 26/26] netfilter: xtables: add device group match
- From: kaber@xxxxxxxxx
[PATCH 00/26] netfilter: netfilter update
- From: kaber@xxxxxxxxx
[PATCH 01/26] netfilter: NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros
- From: kaber@xxxxxxxxx
Re: ebtables_nfqueue: missing structure afinfo
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Xtables2 A7 spec draft
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 2/3] build: use appropriate location for program modules
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 3/3] build: use compile/link information from pkgconfig
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/3] build: avoid use of LIBS variable
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
ulogd2: build fixes
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: netfilter: ipset: add missing break statemtns in ip_set_get_ip_port()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: ebtables_nfqueue: missing structure afinfo
- From: Pierre Chifflier <chifflier@xxxxxxxxxxx>
Re: [PATCH 0/2] netfilter updates for nf_ct_tcp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/2] netfilter: nf_ct_tcp: disable pick by default for first ACK packet seen
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/2] netfilter updates for nf_ct_tcp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: netfilter: ipset: fix linking with CONFIG_IPV6=n
- From: Patrick McHardy <kaber@xxxxxxxxx>
netfilter: ipset: add missing break statemtns in ip_set_get_ip_port()
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH]: netfilter: ipset: use nla_parse_nested()
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
struct ipt_entry how to
- From: Volkan YAZICI <volkan.yazici@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH]: netfilter: ipset: use nla_parse_nested()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [patch 3/6] ipset: pass ipset_arg argument pointer
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: How does iptables classify change skb priority
- From: Bhanu CV <vbhanu.mailinglists@xxxxxxxxx>
[PATCH] netfilter: ipset: install ipset related header files
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 00/13] ipset kernel patches v3
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH] netfilter: ctnetlink: fix ctnetlink_parse_tuple() warning
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: How does iptables classify change skb priority
- From: Patrick McHardy <kaber@xxxxxxxxx>
How does iptables classify change skb priority
- From: Bhanu CV <vbhanu.mailinglists@xxxxxxxxx>
[PATCH] netfilter: ipset: remove unnecessary includes
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH]: netfilter: ipset: use nla_parse_nested()
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] CT: add "none" as parameter for --ctevents
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 2/2] netfilter: ecache: always set events bits, filter them later
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/2] netfilter: arpt_mangle: fix return values of checkentry
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 13/13] "set" match and "SET" target support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 12/13] list:set set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 11/13] hash:net,port set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 10/13] hash:net set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 09/13] hash:ip,port,net set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 08/13] hash:ip,port,ip set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 07/13] hash:ip,port set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 06/13] hash:ip set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 05/13] bitmap:port set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 04/13] bitmap:ip,mac type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 03/13] bitmap:ip set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 01/13] NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 00/13] ipset kernel patches v3
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 0/2] bugfixes for nf-next-2.6 (2.6.38-rc)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/2] bugfixes for nf-next-2.6 (2.6.38-rc)
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 2/2] netfilter: ecache: always set events bits, filter them later
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/2] netfilter: arpt_mangle: fix return values of checkentry
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/2] bugfixes for nf-next-2.6 (2.6.38-rc)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: JeHo Park <linuxpark@xxxxxxxxx>
Re: [PATCH] CT: add "none" as parameter for --ctevents
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/13] hash:net,port set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 10/13] hash:net set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 09/13] hash:ip,port,net set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 13/13] "set" match and "SET" target support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 07/13] hash:ip,port set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 08/13] hash:ip,port,ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 06/13] hash:ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 12/13] list:set set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 01/13] NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 04/13] bitmap:ip,mac type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 03/13] bitmap:ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 05/13] bitmap:port set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 00/13] ipset kernel patches v3
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH] CT: add "none" as parameter for --ctevents
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/7] netfilter: netfilter update for -next
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 3/7] IPVS netns BUG, register sysctl for root ns
- From: kaber@xxxxxxxxx
[PATCH 2/7] IPVS: Change sock_create_kernel() to __sock_create()
- From: kaber@xxxxxxxxx
[PATCH 4/7] netfilter: ipvs: fix compiler warnings
- From: kaber@xxxxxxxxx
[PATCH 5/7] netfilter: xt_connlimit: pick right dstaddr in NAT scenario
- From: kaber@xxxxxxxxx
[PATCH 6/7] netfilter: xt_iprange: typo in IPv4 match debug print code
- From: kaber@xxxxxxxxx
[PATCH 1/7] netfilter: ipvs: fix compiler warnings
- From: kaber@xxxxxxxxx
[PATCH 0/7] netfilter: netfilter update for -next
- From: kaber@xxxxxxxxx
[PATCH 7/7] netfilter: xt_iprange: add IPv6 match debug print code
- From: kaber@xxxxxxxxx
extensions: add devgroup match extension
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 1/1] netfilter: add devgroup match
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: iptables: misc fixes
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: JeHo Park <linuxpark@xxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx>
Re: netfilter - u32 module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
ipt_NETFLOW and xtables-addons
- From: Srinivasa T N <seenutn@xxxxxxxxxxxxxxxxxx>
netfilter - u32 module
- From: "Sridhar Kumar" <sridhar@xxxxxxxxxxxxxxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: JeHo Park <linuxpark@xxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: JeHo Park <linuxpark@xxxxxxxxx>
[PATCH 8/8] iptables: do not print trailing whitespaces
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 7/7] iptables: remove more redundant casts
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 6/7] iptables: remove bogus address-of
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 5/7] iptables: warn when parameter limit is exceeded
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 4/7] xtables: set custom opts to NULL on free
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 3/7] libxt_u32: enclose argument in quotes
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 2/7] iptables: improve error reporting with extension loading troubles
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH 1/7] libxt_quota: clarifications on matching
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
iptables: misc fixes
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [HELP] why the string match does not work in nat tables?
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[HELP] why the string match does not work in nat tables?
- From: JeHo Park <linuxpark@xxxxxxxxx>
how to use sk_run_filter() in the kernel?
- From: Roc Bai <buroc83@xxxxxxxxx>
xtables-addons: pknock extension crashes the kernel
- From: jp@xxxxxxxxx
Re: [PATCH 1/1] Add IPv6 match debug print code
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 1/1] Add IPv6 match debug print code
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Re: [patch 3/6] ipset: pass ipset_arg argument pointer
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: CONNMARK: support save the mark of the master connection
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [PATCH 2/2] Add IPv6 match debug print code
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 1/2] Typo in IPv4 match debug print code
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: CONNMARK: support save the mark of the master connection
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH] netfilter: CONNMARK: support save the mark of the master connection
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [PATCH 03/13] bitmap:ip set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 03/13] bitmap:ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [patch 6/6] ipset: fix spelling error
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [patch 6/6] ipset: fix spelling error
- From: Ferenc Wagner <wferi@xxxxxxx>
[PATCH 1/2] Typo in IPv4 match debug print code
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
[PATCH 2/2] Add IPv6 match debug print code
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Re: netfilter: xt_connlimit: pick right dstaddr in NAT scenario
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [GIT PULL nf-next-2.6] IPVS changes for 2.6.38-rc3
- From: Patrick McHardy <kaber@xxxxxxxxx>
netfilter: xt_connlimit: pick right dstaddr in NAT scenario
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: Filter input traffic by uid
- From: Glauco Junquera <glaucoaok@xxxxxxxxx>
tips for a starter
- From: Adarsh Joshi <eadarshjoshi@xxxxxxxxx>
Re: [GIT PULL nf-next-2.6] IPVS changes for 2.6.38-rc3
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH 00/13] ipset kernel patches v2
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 13/13] "set" match and "SET" target support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 03/13] bitmap:ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Julian Anastasov <ja@xxxxxx>
Re: [patch 6/6] ipset: fix spelling error
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [patch 3/6] ipset: pass ipset_arg argument pointer
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [patch 2/6] ipset: fix the Netlink sequence number
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [patch 1/6] ipset: turn Set name[] into a const pointer
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: iptables MARK + ip rule fwmark NOT working with load balance
- From: Davi Baldin Tavares <davi@xxxxxxxxxxxxxxxx>
Re: iptables MARK + ip rule fwmark NOT working with load balance
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
iptables MARK + ip rule fwmark NOT working with load balance
- From: Davi Baldin Tavares <davi@xxxxxxxxxxxxxxxx>
Re: [PATCH 00/13] ipset kernel patches v2
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 13/13] "set" match and "SET" target support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 03/13] bitmap:ip set type support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: Filter input traffic by uid
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [GIT PULL nf-next-2.6] IPVS changes for 2.6.38-rc3
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH 1/2] IPVS netns BUG, register sysctl for root ns
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 2/2] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
[GIT PULL nf-next-2.6] IPVS changes for 2.6.38-rc3
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: Module/Extension Tutorial
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Filter input traffic by uid
- From: Glauco Junquera <glaucoaok@xxxxxxxxx>
Module/Extension Tutorial
- From: Srinivasa T N <seenutn@xxxxxxxxxxxxxxxxxx>
Re: ebtables_nfqueue: missing structure afinfo
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Hans Schillstrom <hans@xxxxxxxxxxxxxxx>
Re: [PATCH] IPVS: Remove unused pr_fmt #define
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH] [patch v2] IPVS: Remove unused pr_fmt #define
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] IPVS: Remove unused pr_fmt #define
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 18/79] IPVS: Remove useless { } block from ip_vs_process_message()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH] IPVS: Remove unused pr_fmt #define
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH] netfilter: ipvs: fix compiler warnings
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [PATCH 1/1] IPVS netns BUG, register sysctl for root ns
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH 18/79] IPVS: Remove useless { } block from ip_vs_process_message()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[patch 6/6] ipset: fix spelling error
- From: "Holger Eitzenberger" <holger@xxxxxxxxxxxxxxxx>
[patch 5/6] ipset: improve command argument parsing
- From: "Holger Eitzenberger" <holger@xxxxxxxxxxxxxxxx>
[patch 3/6] ipset: pass ipset_arg argument pointer
- From: "Holger Eitzenberger" <holger@xxxxxxxxxxxxxxxx>
[patch 4/6] ipset: avoid the unnecessary argv[] loop
- From: "Holger Eitzenberger" <holger@xxxxxxxxxxxxxxxx>
[patch 2/6] ipset: fix the Netlink sequence number
- From: "Holger Eitzenberger" <holger@xxxxxxxxxxxxxxxx>
[patch 1/6] ipset: turn Set name[] into a const pointer
- From: "Holger Eitzenberger" <holger@xxxxxxxxxxxxxxxx>
[patch 0/6] Ipset patches
- From: "Holger Eitzenberger" <holger@xxxxxxxxxxxxxxxx>
ebtables_nfqueue: missing structure afinfo
- From: Pierre Chifflier <chifflier@xxxxxxxxxxx>
Re: [PATCH] Incorrect xt_iprange boundary check for IPv6
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: netfilter: marking IPv6 packets sends them to the wrong interface
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: netfilter: marking IPv6 packets sends them to the wrong interface
- From: "Mario 'BitKoenig' Holbe" <Mario.Holbe@xxxxxxxxxxxxx>
Re: netfilter: marking IPv6 packets sends them to the wrong interface
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: netfilter: marking IPv6 packets sends them to the wrong interface
- From: "Mario 'BitKoenig' Holbe" <Mario.Holbe@xxxxxxxxxxxxx>
[PATCH 1/1] IPVS netns BUG, register sysctl for root ns
- From: Hans Schillstrom <hans.schillstrom@xxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH] Incorrect xt_iprange boundary check for IPv6 (V3)
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Incorrect xt_iprange boundary check for IPv6 (Variant 3)
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Re: netfilter: marking IPv6 packets sends them to the wrong interface
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] Incorrect xt_iprange boundary check for IPv6
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH] Incorrect xt_iprange boundary check for IPv6
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Incorrect xt_iprange boundary check for IPv6 (Variant 2)
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Incorrect xt_iprange boundary check for IPv6
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH] netfilter: ctnetlink: fix (really) race condition between dump_table and destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Incorrect xt_iprange boundary check for IPv6
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
netfilter: marking IPv6 packets sends them to the wrong interface
- From: "Mario 'BitKoenig' Holbe" <Mario.Holbe@xxxxxxxxxxxxx>
Re: [GIT PULL nf-next-2.6] IPVS updates for v2.6.38-rc1
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] Incorrect xt_iprange boundary check for IPv6
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH] Incorrect xt_iprange boundary check for IPv6
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Incorrect xt_iprange boundary check for IPv6
- From: Thomas Jacob <jacob@xxxxxxxxxxxxx>
Re: [ANNOUNCE] ipset 5.4 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 2/2] IPVS: Change sock_create_kernel() to __sock_create()
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 1/2] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
[GIT PULL nf-next-2.6] IPVS updates for v2.6.38-rc1
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Simon Horman <horms@xxxxxxxxxxxx>
[ANNOUNCE] ipset 5.4 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipvs: fix compiler warnings
- From: Patrick McHardy <kaber@xxxxxxxxx>
ipt_ACCOUNT 1.16 released
- From: Thomas Jarosch <thomas.jarosch@xxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Mr Dash Four <mr.dash.four@xxxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
[PATCH 06/13] hash:ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 09/13] hash:ip,port,net set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 02/13] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 10/13] hash:net set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 07/13] hash:ip,port set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 12/13] list:set set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 11/13] hash:net,port set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 13/13] "set" match and "SET" target support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 05/13] bitmap:port set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 03/13] bitmap:ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 04/13] bitmap:ip,mac type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 08/13] hash:ip,port,ip set type support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 00/13] ipset kernel patches v2
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 01/13] NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
[PATCH] netfilter: ipvs: fix compiler warnings
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
secctx support for conntrack-tools [was Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/7] netfilter: netfilter fixes for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Mr Dash Four <mr.dash.four@xxxxxxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Mr Dash Four <mr.dash.four@xxxxxxxxxxxxxx>
Re: [PATCH 2/3] netfilter: add APPROVE target
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 2/3] netfilter: add APPROVE target
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH 2/3] netfilter: add APPROVE target
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 2/3] netfilter: add APPROVE target
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Jan Engelhardt <jengelh@xxxxxxxxxx>
[PATCH] iptables: Add APPROVE target
- From: Richard Weinberger <richard@xxxxxx>
[PATCH] conntrack: Implement ruleid support
- From: Richard Weinberger <richard@xxxxxx>
[PATCH 3/3] netfilter: implement ctnetlink_dump_ruleid()
- From: Richard Weinberger <richard@xxxxxx>
[PATCH 1/3] netfilter: add ruleid extension
- From: Richard Weinberger <richard@xxxxxx>
[PATCH 2/3] netfilter: add APPROVE target
- From: Richard Weinberger <richard@xxxxxx>
[PATCH 0/3][RFC] Relationship between conntrack and firewall rules
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH 01/12] IP set core support
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 7/7] netfilter: add a missing include in nf_conntrack_reasm.c
- From: kaber@xxxxxxxxx
[PATCH 6/7] netfilter: nf_conntrack: fix linker error with NF_CONNTRACK_TIMESTAMP=n
- From: kaber@xxxxxxxxx
[PATCH 5/7] netfilter: xtables: add missing header inclusions for headers_check
- From: kaber@xxxxxxxxx
[PATCH 4/7] netfilter: nf_nat: place conntrack in source hash after SNAT is done
- From: kaber@xxxxxxxxx
[PATCH 3/7] netfilter: xtables: remove duplicate member
- From: kaber@xxxxxxxxx
[PATCH 2/7] netfilter: do not omit re-route check on NF_QUEUE verdict
- From: kaber@xxxxxxxxx
[PATCH 1/7] netfilter: xtables: connlimit revision 1
- From: kaber@xxxxxxxxx
[PATCH 0/7] netfilter: netfilter fixes for net-next
- From: kaber@xxxxxxxxx
Re: [PATCH] netfilter: undefined reference to 'nf_conntrack_tstamp_*'
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: undefined reference to 'nf_conntrack_tstamp_*'
- From: John Fastabend <john.r.fastabend@xxxxxxxxx>
Re: [PATCH] netfilter: add a missing include in nf_conntrack_reasm.c
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH] netfilter: add a missing include in nf_conntrack_reasm.c
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]