Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH v2 06/14] sysctl: Add size to register_sysctl
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 02/14] sysctl: Use ctl_table_header in list_for_each_table_entry
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 12/14] vrf: Update to register_net_sysctl_sz
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 05/14] sysctl: Add a size arg to __register_sysctl_table
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 11/14] networking: Update to register_net_sysctl_sz
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 03/14] sysctl: Add ctl_table_size to ctl_table_header
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 07/14] sysctl: Add size arg to __register_sysctl_init
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 10/14] netfilter: Update to register_net_sysctl_sz
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 08/14] sysctl: Add size to register_net_sysctl function
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 00/14] sysctl: Add a size argument to register functions in sysctl
- From: Joel Granados <joel.granados@xxxxxxxxx>
[PATCH v2 01/14] sysctl: Prefer ctl_table_header in proc_sysctl
- From: Joel Granados <joel.granados@xxxxxxxxx>
Re: [PATCH v3 net-next] net: flow_dissector: Use 64bits for used_keys
- From: Vladimir Oltean <vladimir.oltean@xxxxxxx>
Re: [PATCH bpf-next v6 0/5] Support defragmenting IPv(4|6) packets in BPF
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH v3 net-next] net: flow_dissector: Use 64bits for used_keys
- From: Ratheesh Kannoth <rkannoth@xxxxxxxxxxx>
nftables: syntax ambiguity with objref map and ct helper objects
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] ct expectation: fix 'list object x' vs. 'list objects in table' confusion
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] rule: allow src/dstnat prios in input and output
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 1/4] *tables-restore: Enforce correct counters syntax if present
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2] py: remove setup.py integration with autotools
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 1/2] update INSTALL file
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2] py: remove setup.py integration with autotools
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
[iptables PATCH 1/4] *tables-restore: Enforce correct counters syntax if present
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/4] ebtables: Improve invalid chain name detection
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/4] *tables: Reject invalid chain names when renaming
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/4] tests: shell: Fix and extend chain rename test
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v2 net-next] dissector: Use 64bits for used_keys
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
Re: [PATCH bpf-next v6 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 0/3] Follow-up on dangling set fix
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 1/2] nft: Special casing for among match in compare_matches()
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH bpf-next v6 1/5] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 net-next] dissector: Use 64bits for used_keys
- From: Martin Habets <habetsm.xilinx@xxxxxxxxx>
Re: [PATCH bpf-next v6 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH net-next 1/5] nf_conntrack: fix -Wunused-const-variable=
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH net-next 1/5] nf_conntrack: fix -Wunused-const-variable=
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net-next 1/5] nf_conntrack: fix -Wunused-const-variable=
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
[PATCH v2 net-next] dissector: Use 64bits for used_keys
- From: Ratheesh Kannoth <rkannoth@xxxxxxxxxxx>
Re: [PATCH bpf-next v6 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [nft v3 PATCH 4/4] py: add Nftables.input_{set,get}_flags() API
- From: Phil Sutter <phil@xxxxxx>
Re: [nft v3 PATCH 3/4] src: add input flag NFT_CTX_INPUT_JSON to enable JSON parsing
- From: Phil Sutter <phil@xxxxxx>
Re: [nvt v3 PATCH 2/4] src: add input flag NFT_CTX_INPUT_NO_DNS to avoid blocking
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH netfilter] netfilter: nfnetlink_log: always add a timestamp
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 5/5] lib/ts_bm: add helper to reduce indentation and improve readability
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 4/5] netfilter: conntrack: validate cta_ip via parsing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 3/5] netfilter: nf_tables: use NLA_POLICY_MASK to test for valid flag options
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 2/5] netlink: allow be16 and be32 types in all uint policy checks
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 1/5] nf_conntrack: fix -Wunused-const-variable=
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 0/5] netfilter updates for net-next
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Netfilter -stable patches for 6.1.y
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[syzbot] [netfilter?] WARNING in __nf_conntrack_confirm
- From: syzbot <syzbot+ff6e85a2812073da0a36@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH net 1/3] netfilter: nft_set_rbtree: fix overlap expiration walk
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: Netfilter -stable patches for 6.1.y
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Netfilter -stable patches for 6.1.y
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 10/14] netfilter: Update to register_net_sysctl_sz
- From: Luis Chamberlain <mcgrof@xxxxxxxxxx>
[PATCH net 3/3] netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 2/3] netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 1/3] netfilter: nft_set_rbtree: fix overlap expiration walk
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 0/3] netfilter fixes for net
- From: Florian Westphal <fw@xxxxxxxxx>
Re: ulogd2 patch ping
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 10/14] netfilter: Update to register_net_sysctl_sz
- From: Joel Granados <j.granados@xxxxxxxxxxx>
Re: Kernel oops with 6.4.4 - flow offloads - NULL pointer deref
- From: Ian Kumlien <ian.kumlien@xxxxxxxxx>
Re: [PATCH -next] nf_conntrack: fix -Wunused-const-variable=
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
Re: Kernel oops with 6.4.4 - flow offloads - NULL pointer deref
- From: Ian Kumlien <ian.kumlien@xxxxxxxxx>
[PATCH -next] nf_conntrack: fix -Wunused-const-variable=
- From: Zhu Wang <wangzhu9@xxxxxxxxxx>
Re: Kernel oops with 6.4.4 - flow offloads - NULL pointer deref
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: ulogd2 patch ping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] netlink: delinearize: copy set keytype if needed
- From: Florian Westphal <fw@xxxxxxxxx>
ulogd2 patch ping
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH 5.4 185/313] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 188/313] netfilter: nf_tables: fix scheduling-while-atomic splat
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 187/313] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 186/313] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 181/313] netfilter: add helper function to set up the nfnetlink header and use it
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 179/313] netfilter: nf_tables: fix nat hook table deletion
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 182/313] netfilter: nf_tables: use net_generic infra for transaction data
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 183/313] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 180/313] netfilter: nftables: add helper function to set the base sequence number
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 184/313] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 315/509] netfilter: nf_tables: fix chain binding transaction logic
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 320/509] netfilter: nf_tables: drop map element references from preparation phase
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 312/509] netfilter: nf_tables: use net_generic infra for transaction data
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 321/509] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 317/509] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 322/509] netfilter: nf_tables: fix scheduling-while-atomic splat
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 318/509] netfilter: nf_tables: reject unbound chain set before commit phase
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 319/509] netfilter: nftables: rename set element data activation/deactivation functions
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 316/509] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 313/509] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 314/509] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH netfilter] netfilter: nfnetlink_log: always add a timestamp
- From: "Maciej Żenczykowski" <maze@xxxxxxxxxx>
Re: Kernel oops with 6.4.4 - flow offloads - NULL pointer deref
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH v3 net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Julian Anastasov <ja@xxxxxx>
[PATCH v3 net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Dust Li <dust.li@xxxxxxxxxxxxxxxxx>
Re: [PATCH v2 net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH v2 net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Dust Li <dust.li@xxxxxxxxxxxxxxxxx>
Re: [PATCH v2 net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Julian Anastasov <ja@xxxxxx>
[PATCH v2 net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Dust Li <dust.li@xxxxxxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH ipset] bash-completion: fix syntax error
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH bpf-next v6 4/5] bpf: selftests: Support custom type and proto for client sockets
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v6 0/5] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v6 3/5] bpf: selftests: Support not connecting client socket
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v6 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v6 5/5] bpf: selftests: Add defrag selftests
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v6 1/5] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Daniel Xu <dxu@xxxxxxxxx>
[iptables PATCH 2/2] nft: More verbose extension comparison debugging
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/2] nft: Special casing for among match in compare_matches()
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH bpf-next v5 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [iptables PATCH 1/3] extensions: libebt_among: Fix for false positive match comparison
- From: Phil Sutter <phil@xxxxxx>
Re: [ANNOUNCE] nftables 1.0.8 release
- From: Leah Neukirchen <leah@xxxxxxxx>
Re: [ANNOUNCE] nftables 1.0.8 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 1/3] extensions: libebt_among: Fix for false positive match comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 1/3] extensions: libebt_among: Fix for false positive match comparison
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH bpf-next v5 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR and _COMMIT
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH bpf-next v5 5/5] bpf: selftests: Add defrag selftests
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 4/5] bpf: selftests: Support custom type and proto for client sockets
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 3/5] bpf: selftests: Support not connecting client socket
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 1/5] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 0/5] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH net 1/5] netfilter: nf_tables: fix spurious set element insertion failure
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH nf] netfilter: nft_set_rbtree: fix overlap expiration walk
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 1/5] netfilter: nf_tables: fix spurious set element insertion failure
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 5/5] netfilter: nf_tables: skip bound chain on rule flush
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 4/5] netfilter: nf_tables: skip bound chain in netns release path
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 3/5] netfilter: nft_set_pipapo: fix improper element removal
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 2/5] netfilter: nf_tables: can't schedule in nft_chain_validate
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 1/5] netfilter: nf_tables: fix spurious set element insertion failure
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 0/5] Netfilter fixes for net:
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [ANNOUNCE] nftables 1.0.8 release
- From: Leah Neukirchen <leah@xxxxxxxx>
[nvt v3 PATCH 2/4] src: add input flag NFT_CTX_INPUT_NO_DNS to avoid blocking
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft v3 PATCH 4/4] py: add Nftables.input_{set,get}_flags() API
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft v3 PATCH 3/4] src: add input flag NFT_CTX_INPUT_JSON to enable JSON parsing
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft v3 PATCH 1/4] src: add input flags for nft_ctx
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft v3 PATCH 0/4] add input flags and "no-dns"/"json" flags
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft] tests: shell: auto-run kmemleak if its available
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] tests: monitor: Summarize failures per test case
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] tests: monitor: Summarize failures per test case
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: nft_set_pipapo: fix improper element removal
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [syzbot] [btrfs?] [netfilter?] BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! (2)
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: skip bound chain on rule flush
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR and _COMMIT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [syzbot] [btrfs?] [netfilter?] BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! (2)
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [syzbot] [btrfs?] [netfilter?] BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! (2)
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: fix spurious set element insertion failure
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nft_set_pipapo: fix improper element removal
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: skip bound chain in netns release path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [syzbot] [btrfs?] [netfilter?] BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! (2)
- From: Aleksandr Nogikh <nogikh@xxxxxxxxxx>
Re: [syzbot] [btrfs?] [netfilter?] BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! (2)
- From: syzbot <syzbot+9bbbacfbf1e04d5221f7@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [syzbot] [btrfs?] [netfilter?] BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! (2)
- From: David Sterba <dsterba@xxxxxxx>
Re: [iptables PATCH] tests: shell: Sanitize nft-only/0009-needless-bitwise_0
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] tests: shell: Sanitize nft-only/0009-needless-bitwise_0
- From: Phil Sutter <phil@xxxxxx>
Re: libnftnl adding element to a set of type ipv4_addr or ipv6_addr
- From: Easynet <devel@xxxxxxxxxxx>
Re: libnftnl adding element to a set of type ipv4_addr or ipv6_addr
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] py: return boolean value from Nftables.__[gs]et_output_flag()
- From: Phil Sutter <phil@xxxxxx>
Re: [syzbot] [btrfs?] [netfilter?] BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! (2)
- From: syzbot <syzbot+9bbbacfbf1e04d5221f7@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH nf-next 1/2] netlink: allow be16 and be32 types in all uint policy checks
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: [PATCH nf-next 1/2] netlink: allow be16 and be32 types in all uint policy checks
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH nf-next 1/2] netlink: allow be16 and be32 types in all uint policy checks
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] meta: stash context statement length when generating payload/meta dependency
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
libnftnl adding element to a set of type ipv4_addr or ipv6_addr
- From: Easynet <devel@xxxxxxxxxxx>
Re: [PATCH nf-next 1/2] netlink: allow be16 and be32 types in all uint policy checks
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
[PATCH nft 2/2] py: remove setup.py integration with autotools
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] update INSTALL file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] py: return boolean value from Nftables.__[gs]et_output_flag()
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [nft v2 PATCH 1/3] nftables: add input flags for nft_ctx
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [nft v2 PATCH 3/3] py: add input_{set,get}_flags() API to helpers
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [nft v2 PATCH 1/3] nftables: add input flags for nft_ctx
- From: Phil Sutter <phil@xxxxxx>
Re: [nft v2 PATCH 2/3] nftables: add input flag NFT_CTX_INPUT_NO_DNS to avoid blocking getaddrinfo()
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [nft v2 PATCH 1/3] nftables: add input flags for nft_ctx
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nf-next 1/2] netlink: allow be16 and be32 types in all uint policy checks
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/2] netfilter: nf_tables: use NLA_POLICY_MASK to test for valid flag options
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/2] netfilter: nf_tables: use NLA_POLICY_MASK instead of manual checks
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: can't schedule in nft_chain_validate
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 1/3] extensions: libebt_among: Fix for false positive match comparison
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] tests/build/run-tests.sh: fix issues reported by shellcheck
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 1/3] extensions: libebt_among: Fix for false positive match comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] nftables 1.0.8 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] nftables 1.0.8 release
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] libnftnl 1.2.6 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
[nft PATCH] tests/build/run-tests.sh: fix issues reported by shellcheck
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] libnftnl 1.2.6 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] libnftnl 1.2.6 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH -stable,4.14 0/3] stable fixes for 4.14
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH -stable,4.19 00/10] stable fixes for 4.19
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH -stable,5.4 00/10] stable fixes for 5.4
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH -stable,5.10 v3 01/11] netfilter: nf_tables: use net_generic infra for transaction data
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH -stable,5.10 v3 01/11] netfilter: nf_tables: use net_generic infra for transaction data
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH -stable,5.15 2/2] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
[iptables PATCH 3/3] nft: Include sets in debug output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/3] Follow-up on dangling set fix
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/3] nft: Do not pass nft_rule_ctx to add_nft_among()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/3] extensions: libebt_among: Fix for false positive match comparison
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] exthdr: prefer raw_type instead of desc->type
- From: Florian Westphal <fw@xxxxxxxxx>
[ANNOUNCE] nftables 1.0.8 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft v2 PATCH 1/3] nftables: add input flags for nft_ctx
- From: Phil Sutter <phil@xxxxxx>
Re: [nft v2 PATCH 2/3] nftables: add input flag NFT_CTX_INPUT_NO_DNS to avoid blocking getaddrinfo()
- From: Phil Sutter <phil@xxxxxx>
Re: [nft v2 PATCH 3/3] py: add input_{set,get}_flags() API to helpers
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Florian Westphal <fw@xxxxxxxxx>
[nft v2 PATCH 2/3] nftables: add input flag NFT_CTX_INPUT_NO_DNS to avoid blocking getaddrinfo()
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft v2 PATCH 3/3] py: add input_{set,get}_flags() API to helpers
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft v2 PATCH 1/3] nftables: add input flags for nft_ctx
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [nft PATCH 0/3] Implement 'reset {set,map,element}' commands
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v2] netfilter: conntrack: validate cta_ip via parsing
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH iptables] nft-bridge: pass context structure to ops->add() to improve anonymous set support
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH iptables] nft-bridge: pass context structure to ops->add() to improve anonymous set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] nft-bridge: pass context structure to ops->add() to improve anonymous set support
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v1] netfilter: conntrack: validate cta_ip via parsing
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
[PATCH -stable,5.10 v3 10/11] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 11/11] netfilter: nf_tables: fix scheduling-while-atomic splat
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 09/11] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 08/11] netfilter: nftables: rename set element data activation/deactivation functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 06/11] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 05/11] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 07/11] netfilter: nf_tables: reject unbound chain set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 03/11] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 00/11] Netfilter stable fixes for 5.10
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 02/11] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 01/11] netfilter: nf_tables: use net_generic infra for transaction data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 v3 04/11] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.15 v2 2/2] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.15 v2 0/2] netfilter stable fixes for 5.15
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.15 v2 1/2] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
[PATCH bpf-next v4 6/6] bpf: selftests: Add defrag selftests
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v4 5/6] bpf: selftests: Support custom type and proto for client sockets
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v4 4/6] bpf: selftests: Support not connecting client socket
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v4 3/6] netfilter: bpf: Prevent defrag module unload while link active
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v4 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v4 1/6] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v4 0/6] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH iptables] nft-bridge: pass context structure to ops->add() to improve anonymous set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] nft-bridge: pass context structure to ops->add() to improve anonymous set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v2] netfilter: conntrack: validate cta_ip via parsing
- From: Lin Ma <linma@xxxxxxxxxx>
Re: [PATCH v1] netfilter: conntrack: validate cta_ip via parsing
- From: "Lin Ma" <linma@xxxxxxxxxx>
Re: [PATCH v1] netfilter: conntrack: validate cta_ip via parsing
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH iptables] nft-bridge: pass context structure to ops->add() to improve anonymous set support
- From: Igor Raits <igor@xxxxxxxxxxxx>
[PATCH iptables] nft-bridge: pass context structure to ops->add() to improve anonymous set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH -stable,5.10,v2 01/11] netfilter: nf_tables: use net_generic infra for transaction data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH -stable,5.10,v2 01/11] netfilter: nf_tables: use net_generic infra for transaction data
- From: Salvatore Bonaccorso <carnil@xxxxxxxxxx>
[PATCH 1/1] xt_asn: add matching dump [query] utility
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
[ANNOUNCE] libnftnl 1.2.6 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] xt_asn: support quiet mode
- From: Philip Prindeville <philipp@xxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 1/1] xt_asn: support quiet mode
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH v1] netfilter: conntrack: validate cta_ip via parsing
- From: Lin Ma <linma@xxxxxxxxxx>
Re: [PATCH bpf-next v3 6/6] bpf: selftests: Add defrag selftests
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: linux-next: branches to be removed
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: linux-next: branches to be removed
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Florian Westphal <fw@xxxxxxxxx>
Re: ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Igor Raits <igor@xxxxxxxxxxxx>
Re: ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] nftables: add flag for nft context to avoid blocking getaddrinfo()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: linux-next: branches to be removed
- From: Vineet Gupta <vgupta@xxxxxxxxxx>
[nft PATCH] nftables: add flag for nft context to avoid blocking getaddrinfo()
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Julian Anastasov <ja@xxxxxx>
Re: [nft PATCH 0/4] libnftables: minor cleanups initalizing nf_sock instance of nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Dust Li <dust.li@xxxxxxxxxxxxxxxxx>
Re: linux-next: branches to be removed
- From: Gabriel Krisman Bertazi <krisman@xxxxxxx>
Re: ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Igor Raits <igor@xxxxxxxxxxxx>
Re: ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v11 03/12] landlock: Refactor landlock_find_rule/insert_rule
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Florian Westphal <fw@xxxxxxxxx>
Re: linux-next: branches to be removed
- From: Miguel Ojeda <miguel.ojeda.sandonis@xxxxxxxxx>
Re: linux-next: branches to be removed
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
ebtables-nft can't delete complex rules by specifying complete rule with kernel 6.3+
- From: Igor Raits <igor@xxxxxxxxxxxx>
Re: linux-next: branches to be removed
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: linux-next: branches to be removed
- From: Miguel Ojeda <miguel.ojeda.sandonis@xxxxxxxxx>
[nft PATCH 3/4] libnftables: inline creation of nf_sock in nft_ctx_new()
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft PATCH 0/4] libnftables: minor cleanups initalizing nf_sock instance of nft_ctx
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft PATCH 4/4] libnftables: drop check for nf_sock in nft_ctx_free()
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft PATCH 2/4] libnftables: drop unused argument nf_sock from nft_netlink()
- From: Thomas Haller <thaller@xxxxxxxxxx>
[nft PATCH 1/4] libnftables: always initialize netlink socket in nft_ctx_new()
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: linux-next: branches to be removed
- From: Florian Westphal <fw@xxxxxxxxx>
linux-next: branches to be removed
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
[PATCH 1/1] xt_asn: fix download script
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
[PATCH 1/1] xt_asn: support quiet mode
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Julian Anastasov <ja@xxxxxx>
[PATCH nft] evaluate: place byteorder conversion before rshift
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH bpf-next v3 3/6] netfilter: bpf: Prevent defrag module unload while link active
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next v3 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next v3 1/6] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH bpf-next v3 6/6] bpf: selftests: Add defrag selftests
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 5/6] bpf: selftests: Support custom type and proto for client sockets
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 4/6] bpf: selftests: Support not connecting client socket
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 3/6] netfilter: bpf: Prevent defrag module unload while link active
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 1/6] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 0/6] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next v2 3/6] netfilter: bpf: Prevent defrag module unload while link active
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Dust Li <dust.li@xxxxxxxxxxxxxxxxx>
Re: [PATCH bpf-next v2 6/6] bpf: selftests: Add defrag selftests
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
[PATCH bpf-next v2 2/6] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 6/6] bpf: selftests: Add defrag selftests
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 5/6] bpf: selftests: Support custom type and proto for client sockets
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 4/6] bpf: selftests: Support not connecting client socket
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 3/6] netfilter: bpf: Prevent defrag module unload while link active
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 1/6] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 0/6] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Steven Rostedt <rostedt@xxxxxxxxxxx>
Re: [PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH nft] netlink_linearize: use div_round_up in byteorder length
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] netlink_linearize: use div_round_up in byteorder length
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v11.1] selftests/landlock: Add 11 new test suites dedicated to network
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 03/12] landlock: Refactor landlock_find_rule/insert_rule
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH net 1/6] netfilter: nf_tables: report use refcount overflow
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH net 1/6] netfilter: nf_tables: report use refcount overflow
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
[PATCH net 6/6] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 5/6] netfilter: nf_tables: do not ignore genmask when looking up chain by id
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 4/6] netfilter: conntrack: don't fold port numbers into addresses before hashing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/6] netfilter: nf_tables: report use refcount overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 3/6] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/6] netfilter: conntrack: gre: don't set assured flag for clash entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.15 2/2] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.15 2/2] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH -stable,5.15 2/2] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>
[PATCH -stable,4.14 2/3] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.14 3/3] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.14 1/3] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.14 0/3] stable fixes for 4.14
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 09/10] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 05/10] netfilter: nf_tables: use net_generic infra for transaction data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 10/10] netfilter: nf_tables: fix scheduling-while-atomic splat
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 08/10] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 07/10] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 06/10] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 04/10] netfilter: add helper function to set up the nfnetlink header and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 03/10] netfilter: nftables: add helper function to set the base sequence number
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 02/10] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 01/10] netfilter: nf_tables: fix nat hook table deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,4.19 00/10] stable fixes for 4.19
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 07/10] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 10/10] netfilter: nf_tables: fix scheduling-while-atomic splat
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 08/10] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 09/10] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 06/10] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 04/10] netfilter: nf_tables: use net_generic infra for transaction data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 05/10] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 03/10] netfilter: add helper function to set up the nfnetlink header and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 00/10] stable fixes for 5.4
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 01/10] netfilter: nf_tables: fix nat hook table deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 02/10] netfilter: nftables: add helper function to set the base sequence number
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.10,v2 00/11] stable fixes for 5.10
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 11/11] netfilter: nf_tables: fix scheduling-while-atomic splat
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 09/11] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 10/11] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 08/11] netfilter: nftables: rename set element data activation/deactivation functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 07/11] netfilter: nf_tables: reject unbound chain set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 05/11] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 06/11] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 02/11] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 00/11] stable fixes for 5.10
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 01/11] netfilter: nf_tables: use net_generic infra for transaction data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10,v2 04/11] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Jeff Xu <jeffxu@xxxxxxxxxx>
[PATCH -stable,5.10,v2 03/11] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.10 02/10] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.10 02/10] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH -stable,5.10 10/10] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 09/10] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 08/10] netfilter: nftables: rename set element data activation/deactivation functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 06/10] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 07/10] netfilter: nf_tables: reject unbound chain set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 05/10] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 01/10] netfilter: nf_tables: use net_generic infra for transaction data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 02/10] netfilter: nf_tables: add rescheduling points during loop detection walks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 04/10] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 03/10] netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 00/10] stable fixes for 5.10
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.15 2/2] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.15 1/2] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.15 0/2] stable fixes for 5.15
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: gre: don't set assured flag for clash entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: do not ignore genmask when looking up chain by id
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- From: Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>
[PATCH] netfilter: nf_tables: do not ignore genmask when looking up chain by id
- From: Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>
Re: [PATCH v11 04/12] landlock: Refactor merge/inherit_ruleset functions
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 04/12] landlock: Refactor merge/inherit_ruleset functions
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: report use refcount overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [nft PATCH 0/4] cli: Make valgrind (kind of) happy
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] netfilter: conntrack: don't fold port numbers into addresses before hashing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] tests: shell: refcount memleak in map rhs with timeouts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] expression: define .clone for catchall set element
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 12/12] landlock: Document Landlock's network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH nf v2] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf v2] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florent Revest <revest@xxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florent Revest <revest@xxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: report use refcount overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
[PATCH nf] netfilter: conntrack: gre: don't set assured flag for clash entries
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 12/12] landlock: Document Landlock's network support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 10/12] selftests/landlock: Add 11 new test suites dedicated to network
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
Re: [PATCH v11 12/12] landlock: Document Landlock's network support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 10/12] selftests/landlock: Add 11 new test suites dedicated to network
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 10/12] selftests/landlock: Add 11 new test suites dedicated to network
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 10/12] selftests/landlock: Add 11 new test suites dedicated to network
- From: Günther Noack <gnoack3000@xxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 04/12] landlock: Refactor merge/inherit_ruleset functions
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 03/12] landlock: Refactor landlock_find_rule/insert_rule
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 03/12] landlock: Refactor landlock_find_rule/insert_rule
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH nft] expression: define .clone for catchall set element
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
[PATCH AUTOSEL 6.1 10/12] netfilter: nf_tables: disallow timeout for anonymous sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 5.15 4/5] netfilter: nf_tables: disallow timeout for anonymous sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 6.3 13/17] netfilter: nf_tables: disallow timeout for anonymous sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 6.3 14/17] netfilter: nf_tables: drop module reference after updating chain
- From: Sasha Levin <sashal@xxxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: Fwd: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v3] ipvs: increase ip_vs_conn_tab_bits range for 64BIT
- From: Simon Horman <horms@xxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: Günther Noack <gnoack3000@xxxxxxxxx>
Re: [nft PATCH] tests: py: Document JSON mode in README
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[nft PATCH] tests: py: Document JSON mode in README
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next 4/7] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next 4/7] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next 3/7] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net 1/6] lib/ts_bm: reset initial match offset for every block of text
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Fwd: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Re: Fwd: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Bagas Sanjaya <bagasdotme@xxxxxxxxx>
Re: Fwd: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
[PATCH net 5/6] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 6/6] netfilter: nf_tables: fix underflow in chain reference counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 4/6] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/6] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 3/6] linux/netfilter.h: fix kernel-doc warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/6] lib/ts_bm: reset initial match offset for every block of text
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Fwd: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Bagas Sanjaya <bagasdotme@xxxxxxxxx>
Re: [PATCH bpf-next 1/7] tools: libbpf: add netfilter link attach helper
- From: Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx>
[PATCH bpf-next 7/7] bpf: selftests: Add defrag selftests
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next 6/7] bpf: selftests: Support custom type and proto for client sockets
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next 4/7] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next 5/7] bpf: selftests: Support not connecting client socket
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next 3/7] netfilter: defrag: Add glue hooks for enabling/disabling defrag
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next 2/7] selftests/bpf: Add bpf_program__attach_netfilter helper test
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next 1/7] tools: libbpf: add netfilter link attach helper
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next 0/7] Support defragmenting IPv(4|6) packets in BPF
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH net-next 1/8] ipvs: increase ip_vs_conn_tab_bits range for 64BIT
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH v11 12/12] landlock: Document Landlock's network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 03/12] landlock: Refactor landlock_find_rule/insert_rule
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 08/12] landlock: Add network rules and TCP hooks support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 04/12] landlock: Refactor merge/inherit_ruleset functions
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 03/12] landlock: Refactor landlock_find_rule/insert_rule
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v9 00/12] Network support for Landlock - allowed list of protocols
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH -stable,5.10 0/3] stable fixes for 5.10
- From: Greg KH <greg@xxxxxxxxx>
Re: [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] linux/netfilter.h: fix kernel-doc warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] lib/ts_bm: reset initial match offset for every block of text
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 3/3] netfilter: nf_tables: hold mutex on netns pre_exit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 2/3] netfilter: nf_tables: validate registers coming from userspace.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 0/3] stable fixes for 5.10
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.10 1/3] netfilter: nftables: statify nft_parse_register()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 8/8] netfilter: nf_tables: limit allowed range via nla_policy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 1/8] ipvs: increase ip_vs_conn_tab_bits range for 64BIT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 3/8] netfilter: nft_payload: rebuild vlan header when needed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 6/8] netfilter: snat: evict closing tcp entries on reply tuple collision
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 7/8] netfilter: nf_tables: Introduce NFT_MSG_GETSETELEM_RESET
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 5/8] netfilter: nf_tables: permit update of set size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 0/8] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 4/8] netfilter: ipset: remove rcu_read_lock_bh pair from ip_set_test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 2/8] ipvs: dynamically limit the connection hash table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Kernel oops with netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Matthias Maier <tamiko@xxxxxxxx>
Re: Kernel oops with netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/2] netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 2/2] netfilter: nf_tables: fix underflow in chain reference counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Linux netfilter / iptables : How to enable iptables TRACE chain handling with nf_log_syslog on RHEL8+?
- From: Florian Westphal <fw@xxxxxxxxx>
RE: Linux netfilter / iptables : How to enable iptables TRACE chain handling with nf_log_syslog on RHEL8+?
- From: "Jason Vas Dias" <jason.vas.dias@xxxxxx>
Re: Linux netfilter / iptables : How to enable iptables TRACE chain handling with nf_log_syslog on RHEL8+?
- From: Florian Westphal <fw@xxxxxxxxx>
Linux netfilter / iptables : How to enable iptables TRACE chain handling with nf_log_syslog on RHEL8+?
- From: "Jason Vas Dias" <jason.vas.dias@xxxxxx>
Re: [ulogd2 PATCH] Makefile: Create LZMA-compressed dist-files
- From: Phil Sutter <phil@xxxxxx>
Re: ipset hash:net:port:net
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: [iptables PATCH 3/4] Add --compat option to *tables-nft and *-nft-restore commands
- From: Phil Sutter <phil@xxxxxx>
[ulogd2 PATCH] Makefile: Create LZMA-compressed dist-files
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v11 12/12] landlock: Document Landlock's network support
- From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
Re: [PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Joel Granados <j.granados@xxxxxxxxxxx>
Re: [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
- From: Gavrilov Ilia <Ilia.Gavrilov@xxxxxxxxxxx>
Re: [PATCH net-next] linux/netfilter.h: fix kernel-doc warnings
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
[PATCH net-next] linux/netfilter.h: fix kernel-doc warnings
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
Re: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Steven Rostedt <rostedt@xxxxxxxxxxx>
Fwd: High cpu usage caused by kernel process when upgraded to linux 5.19.17 or later
- From: Bagas Sanjaya <bagasdotme@xxxxxxxxx>
Re: [PATCH v11 12/12] landlock: Document Landlock's network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[nft PATCH 4/4] tests: shell: Introduce valgrind mode
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/4] cli: Make valgrind (kind of) happy
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/4] main: Make 'buf' variable branch-local
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/4] main: Call nft_ctx_free() before exiting
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 3/4] cli: Make cli_init() return to caller
- From: Phil Sutter <phil@xxxxxx>
ipset hash:net:port:net
- From: Марк Коренберг <socketpair@xxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net 01/14] ipvs: align inner_mac_header for encapsulation
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
- From: Gavrilov Ilia <Ilia.Gavrilov@xxxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH nf v2] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: limit allowed range via nla_policy
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florian Westphal <fw@xxxxxxxxx>
Re: vs conntrack changes TCP ports mid-stream
- From: Julian Anastasov <ja@xxxxxx>
vs conntrack changes TCP ports mid-stream
- From: Sven Bartscher <sven.bartscher@xxxxxxxxxxxxxxxxxxxx>
[PATCH nf v2] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
[PATCH nf] netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] cli: Make valgrind happy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: avoid IPPROTO_MAX for array definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florent Revest <revest@xxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florent Revest <revest@xxxxxxxxxxxx>
Re: [nft PATCH] cli: Make valgrind happy
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Joel Granados <j.granados@xxxxxxxxxxx>
Re: [iptables PATCH] iptables: Fix handling of non-existent chains
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] iptables: Fix setting of ipv6 counters
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Joel Granados <j.granados@xxxxxxxxxxx>
Re: [PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Joel Granados <j.granados@xxxxxxxxxxx>
Re: [PATCH nft] src: avoid IPPROTO_MAX for array definitions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 09/11] sysctl: Remove the end element in sysctl table arrays
- From: Jani Nikula <jani.nikula@xxxxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Re: [lvc-project] [PATCH] netfilter: ebtables: remove unnecessary NULL check
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [lvc-project] [PATCH] netfilter: ebtables: remove unnecessary NULL check
- From: "Igor A. Artemiev" <Igor.A.Artemiev@xxxxxxx>
Re: [PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Florent Revest <revest@xxxxxxxxxxxx>
[PATCH net 13/14] netfilter: nfnetlink_osf: fix module autoload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 04/14] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 12/14] netfilter: nf_tables: drop module reference after updating chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 07/14] netfilter: nf_tables: disallow element updates of bound anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net,v3 00/14] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 14/14] netfilter: nf_tables: Fix for deleting base chains with payload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 09/14] netfilter: nf_tables: reject unbound chain set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 10/14] netfilter: nf_tables: disallow updates of anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 08/14] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 06/14] netfilter: nf_tables: fix underflow in object reference counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 02/14] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 05/14] netfilter: nft_set_pipapo: .walk does not deal with generations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 11/14] netfilter: nf_tables: disallow timeout for anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 01/14] ipvs: align inner_mac_header for encapsulation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 03/14] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/11] sysctl: Remove the end element in sysctl table arrays
- From: Joel Granados <j.granados@xxxxxxxxxxx>
Re: [PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
[PATCH 06/11] sysctl: Add size to register_net_sysctl function
- From: Joel Granados <j.granados@xxxxxxxxxxx>
Re: [PATCH] netfilter: Don't parse CTCP message if shorter than minimum length
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: Don't parse CTCP message if shorter than minimum length
- From: Sohom <sohomdatta1@xxxxxxxxx>
[PATCH nf,v3 01/14] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: avoid IPPROTO_MAX for array definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipset: Replace strlcpy with strscpy
- From: Kees Cook <keescook@xxxxxxxxxxxx>
[PATCH nft] src: avoid IPPROTO_MAX for array definitions
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2] lib/ts_bm: add helper to reduce indentation and improve readability
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [PATCH nf-next] lib/ts_bm: add helper to reduce indentation and improve readability
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH nf-next] lib/ts_bm: add helper to reduce indentation and improve readability
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [PATCH net 00/14,v2] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [lvc-project] [PATCH] netfilter: ebtables: remove unnecessary NULL check
- From: Florian Westphal <fw@xxxxxxxxx>
[lvc-project] [PATCH] netfilter: ebtables: remove unnecessary NULL check
- From: Igor Artemiev <Igor.A.Artemiev@xxxxxxx>
Re: [nft PATCH] cli: Make valgrind happy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 4/6] parser: reject zero-length interface names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf PATCH] netfilter: nf_tables: Fix for deleting base chains with payload
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] cli: Make valgrind happy
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] json: add inner payload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
CFS for Netdev 0x17 open!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [PATCH nf-next] lib/ts_bm: add helper to reduce indentation and improve readability
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [PATCH nf-next] lib/ts_bm: add helper to reduce indentation and improve readability
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH nft] src: add json support for last statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 14/14] netfilter: nf_tables: Fix for deleting base chains with payload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 11/14] netfilter: nf_tables: disallow timeout for anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 08/14] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 13/14] netfilter: nfnetlink_osf: fix module autoload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 12/14] netfilter: nf_tables: drop module reference after updating chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 10/14] netfilter: nf_tables: disallow updates of anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 07/14] netfilter: nf_tables: disallow element updates of bound anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 09/14] netfilter: nf_tables: reject unbound chain set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 04/14] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 02/14] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 05/14] netfilter: nft_set_pipapo: .walk does not deal with generations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 01/14] ipvs: align inner_mac_header for encapsulation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 06/14] netfilter: nf_tables: fix underflow in object reference counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 03/14] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 00/14,v2] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] cache: include set elements in "nft set list"
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net 02/14] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 6/6] ct timeout: fix 'list object x' vs. 'list objects in table' confusion
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 5/6] parser: reject zero-length interface names in flowtables
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 4/6] parser: reject zero-length interface names
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 3/6] parser: don't assert on scope underflows
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/6] evaluate: do not abort when prefix map has non-map element
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/6] json: dccp: remove erroneous const qualifier
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 0/6] Misc parser fixes
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net 08/14] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
Re: [PATCH net 02/14] netfilter: nf_tables: fix chain binding transaction logic
- From: Simon Horman <simon.horman@xxxxxxxxxxxx>
[PATCH nf-next] lib/ts_bm: add helper to reduce indentation and improve readability
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH nf v2] lib/ts_bm: reset initial match offset for every block of text
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [PATCH v11 00/12] Network support for Landlock
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH net 13/14] netfilter: nfnetlink_osf: fix module autoload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 14/14] netfilter: nf_tables: Fix for deleting base chains with payload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 11/14] netfilter: nf_tables: disallow timeout for anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 12/14] netfilter: nf_tables: drop module reference after updating chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 10/14] netfilter: nf_tables: disallow updates of anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 08/14] netfilter: nf_tables: reject unbound anonymous set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 09/14] netfilter: nf_tables: reject unbound chain set before commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 06/14] netfilter: nf_tables: fix underflow in object reference counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 07/14] netfilter: nf_tables: disallow element updates of bound anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 05/14] netfilter: nft_set_pipapo: .walk does not deal with generations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 04/14] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 03/14] netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 02/14] netfilter: nf_tables: fix chain binding transaction logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 01/14] ipvs: align inner_mac_header for encapsulation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 00/14] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v11 00/12] Network support for Landlock
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 12/12] landlock: Document Landlock's network support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v11 11/12] samples/landlock: Add network demo
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH nf] lib/ts_bm: reset initial match offset for every block of text
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]