Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH net-next 06/10] netfilter: nft_inner: support for inner tunnel header matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 05/10] netfilter: nft_payload: access ipip payload for inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 04/10] netfilter: nft_payload: access GRE payload via inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 03/10] netfilter: nft_objref: make it builtin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 02/10] netfilter: nf_tables: reduce nft_pktinfo by 8 bytes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 01/10] netfilter: nft_payload: move struct nft_payload_set definition where it belongs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 00/10] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: ip_set_hash_netiface
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: [REGRESSION] Unable to NAT own TCP packets from another VRF with tcp_l3mdev_accept = 1 #forregzbot
- From: Thorsten Leemhuis <regressions@xxxxxxxxxxxxx>
[PATCH] ipvs: use explicitly signed chars
- From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
Re: [PATCH] Periodically flow expire from flow offload tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 2/2] netfilter: nf_tables: release flow rule object from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/2] netfilter: nf_tables: netlink notifier might race to release objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Periodically flow expire from flow offload tables
- From: Michael Lilja <michael.lilja@xxxxxxxxx>
Re: [PATCH] Periodically flow expire from flow offload tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Periodically flow expire from flow offload tables
- From: Michael Lilja <michael.lilja@xxxxxxxxx>
Re: [nf-next PATCH 0/2] Support resetting rules' state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: nft_objref: make it builtin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: reduce nft_pktinfo by 8 bytes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Periodically flow expire from flow offload tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v3] src: add support to command "destroy"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH 1/1] libnftnl: Fix res_id byte order
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] 17th Netfilter Workshop in Seville, Spain
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: [xtables-addons PATCH v1] build: support for linux 6.1
- From: Jan Engelhardt <jengelh@xxxxxxx>
ip_set_hash_netiface
- From: "Daniel Xu" <dxu@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: avoid access to free'd chain info in nft_commit_release
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v3] src: add support to command "destroy"
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[xtables-addons PATCH v1] build: support for linux 6.1
- From: John Thomson <git@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
[PATCH nft v2] src: add support to command "destroy"
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH nft] src: add support to command "destroy"
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH] Periodically flow expire from flow offload tables
- From: Michael Lilja <michael.lilja@xxxxxxxxx>
[PATCH RFC xtables-addons] build: support for linux 6.1
- From: John Thomson <git@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
[PATCH v8 12/12] landlock: Document Landlock's network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 11/12] samples/landlock: Add network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 03/12] landlock: Refactor merge/inherit_ruleset functions
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 06/12] landlock: Refactor landlock_add_rule() syscall
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 01/12] landlock: Make ruleset's access masks more generic
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 10/12] selftests/landlock: Add 10 new test suites dedicated to network
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 04/12] landlock: Move unmask_layers() and init_layer_masks()
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 07/12] landlock: Add network rules support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 09/12] selftests/landlock: Share enforce_ruleset()
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 08/12] landlock: Implement TCP network hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 02/12] landlock: Refactor landlock_find_rule/insert_rule
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 05/12] landlock: Refactor unmask_layers() and init_layer_masks()
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v8 00/12] Network support for Landlock
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: nft_objref: make it builtin
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft] nft: disscect basic icmp type/code match
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [RFC PATCH 1/1] libnftnl: Fix res_id byte order
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH 1/1] libnftnl: Fix res_id byte order
- From: Ian Pilcher <arequipeno@xxxxxxxxx>
Re: [PATCH net 1/2] netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces.
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Status of UID GID maching support in INPUT
- From: Vincas Dargis <vindrg@xxxxxxxxx>
Re: netfilter+bpf road ahead
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
[PATCH net 2/2] netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/2] netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH 1/1] libnftnl: Fix res_id byte order
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
netfilter+bpf road ahead
- From: Florian Westphal <fw@xxxxxxxxx>
[RFC PATCH 0/1] libnftnl: Incorrect res_id byte order?
- From: Ian Pilcher <arequipeno@xxxxxxxxx>
[RFC PATCH 1/1] libnftnl: Fix res_id byte order
- From: Ian Pilcher <arequipeno@xxxxxxxxx>
[PATCH nf,v3] netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] tests: shell: deletion from interval concatenation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 11/16] src: add geneve matching support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 16/16] doc: add gretap matching expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 03/16] src: add vxlan matching support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 15/16] tests: py: add gretap tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 10/16] doc: add gre matching expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 12/16] tests: py: add geneve tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 06/16] doc: add vxlan matching expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 14/16] src: add gretap support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 13/16] doc: add geneve matching expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 09/16] tests: py: add gre tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 07/16] src: display (inner) tag in --debug=proto-ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 08/16] src: add gre support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 04/16] tests: py: add vxlan tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 05/16] tests: shell: add vxlan set tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 01/16] src: add eval_proto_ctx()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 02/16] src: add dl_proto_ctx()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 4/7] netfilter: nft_inner: add percpu inner context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 1/7] netfilter: nft_payload: access GRE payload via inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 7/7] netfilter: nft_inner: set tunnel offset to GRE header offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 0/7] nf_tables inner tunnel header match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 6/7] netfilter: nft_inner: add geneve support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 3/7] netfilter: nft_inner: support for inner tunnel header matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 00/16] vxlan, geneve, gre, gretap matching support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 2/7] netfilter: nft_payload: access ipip payload for inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5 5/7] netfilter: nft_meta: add inner match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH 1/2] tests: Adjust testsuite return codes to automake guidelines
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] Makefile.am: Integrate testsuites
- From: Phil Sutter <phil@xxxxxx>
Re: bridge:fragmented packets dropped by bridge
- From: Vadim Fedorenko <vfedorenko@xxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: reduce nft_pktinfo by 8 bytes
- From: Florian Westphal <fw@xxxxxxxxx>
[nft PATCH] Implement 'reset rule' and 'reset rules' commands
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH 0/2] Support resetting rules' state
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH 1/2] netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH 2/2] netfilter: nf_tables: Introduce NFT_MSG_GETRULE_RESET
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: conntrack: use siphash_4u64
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next v4 2/3] selftests/bpf: Add connmark read test
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH nf] netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces.
- From: Guillaume Nault <gnault@xxxxxxxxxx>
Re: [PATCH v1 3/5] treewide: use get_random_u32() when possible
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: bridge:fragmented packets dropped by bridge
- From: Vadim Fedorenko <vfedorenko@xxxxxxxx>
Re: [PATCH bpf-next v4 2/3] selftests/bpf: Add connmark read test
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
Re: [PATCH bpf-next v4 2/3] selftests/bpf: Add connmark read test
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next v4 2/3] selftests/bpf: Add connmark read test
- From: Daniel Xu <dxu@xxxxxxxxx>
RE: [PATCH v1 3/5] treewide: use get_random_u32() when possible
- From: David Laight <David.Laight@xxxxxxxxxx>
Re: [PATCH v1 3/5] treewide: use get_random_u32() when possible
- From: Joe Perches <joe@xxxxxxxxxxx>
[nft PATCH] Warn for tables with compat expressions in rules
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 11/12] tests: libxt_connlimit.t: Add missing default values
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 06/12] tests: libebt_redirect.t: Plain redirect prints with trailing whitespace
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 07/12] tests: libxt_length.t: Fix odd use-case output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 08/12] tests: libxt_recent.t: Add missing default values
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 00/12] Speed up iptables-test.py
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 03/12] tests: iptables-test: Cover for obligatory -j CONTINUE in ebtables
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 04/12] tests: *.t: Fix expected output for simple calls
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 10/12] tests: libebt_vlan.t: Drop trailing whitespace from rules
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 01/12] extensions: NFQUEUE: Document queue-balance limitation
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 12/12] tests: *.t: Add missing all-one's netmasks to expected output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 02/12] tests: iptables-test: Implement fast test mode
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 09/12] tests: libxt_tos.t, libxt_TOS.t: Add missing masks in output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 05/12] tests: *.t: Fix for hexadecimal output
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH net 1/3] selftests: netfilter: Test reverse path filtering
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [REGRESSION] Unable to NAT own TCP packets from another VRF with tcp_l3mdev_accept = 1
- From: Maximilien Cuony <maximilien.cuony@xxxxxxxxxxx>
[PATCH net 3/3] selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 2/3] netfilter: rpfilter/fib: Populate flowic_l3mdev field
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 0/3] netfilter fixes for net
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 1/3] selftests: netfilter: Test reverse path filtering
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v7 02/18] landlock: refactor landlock_find_rule/insert_rule
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
[PATCH nft] netlink_delinearize: do not transfer binary operation to non-anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v7 02/18] landlock: refactor landlock_find_rule/insert_rule
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 02/18] landlock: refactor landlock_find_rule/insert_rule
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH bpf-next v4 2/3] selftests/bpf: Add connmark read test
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
Re: [PATCH v7 16/18] seltests/landlock: add invalid input data test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 16/18] seltests/landlock: add invalid input data test
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
[syzbot] KASAN: use-after-free Read in nf_tables_trans_destroy_work
- From: syzbot <syzbot+8f747f62763bc6c32916@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v7 16/18] seltests/landlock: add invalid input data test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH nf-next,v4 1/6] netfilter: nft_payload: access GRE payload via inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH AUTOSEL 5.19 29/73] netlink: Bounds-check struct nlmsgerr creation
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 6.0 32/77] netlink: Bounds-check struct nlmsgerr creation
- From: Sasha Levin <sashal@xxxxxxxxxx>
[iptables PATCH] nft: Fix compile with -DDEBUG
- From: Phil Sutter <phil@xxxxxx>
Re: [REGRESSION] Unable to NAT own TCP packets from another VRF with tcp_l3mdev_accept = 1
- From: Mike Manning <mvrmanning@xxxxxxxxx>
[iptables PATCH] libiptc: Fix for segfault when renaming a chain
- From: Phil Sutter <phil@xxxxxx>
Re: [REGRESSION] Unable to NAT own TCP packets from another VRF with tcp_l3mdev_accept = 1
- From: David Ahern <dsahern@xxxxxxxxxx>
Re: bridge:fragmented packets dropped by bridge
- From: Slade Watkins <srw@xxxxxxxxxxxxxxxx>
bridge:fragmented packets dropped by bridge
- From: Vyacheslav Salnikov <snordicstr16@xxxxxxxxx>
[PATCH nf-next,v3 6/6] netfilter: nft_inner: add geneve support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 5/6] netfilter: nft_meta: add inner match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 3/6] netfilter: nft_inner: support for inner tunnel header matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 4/6] netfilter: nft_inner: add percpu inner context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 2/6] netfilter: nft_payload: access ipip payload for inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 1/6] netfilter: nft_payload: access GRE payload via inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 0/6] nf_tables inner tunnel header match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] rule: do not display handle for implicit chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] parser_bison: display too many levels of nesting error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 11/12] extensions: Do not print all-one's netmasks
- From: Jan Engelhardt <jengelh@xxxxxxx>
[ANNOUNCE] conntrack-tools 1.4.7 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
[PATCH conntrack-tools] build: conntrack-tools requires libnetfilter_conntrack >= 1.0.9
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v1 3/5] treewide: use get_random_u32() when possible
- From: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>
Re: [PATCH v1 3/5] treewide: use get_random_u32() when possible
- From: Jason Gunthorpe <jgg@xxxxxxxx>
Re: [f2fs-dev] [PATCH v1 3/5] treewide: use get_random_u32() when possible
- From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [f2fs-dev] [PATCH v1 3/5] treewide: use get_random_u32() when possible
- From: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: [iptables PATCH 11/12] extensions: Do not print all-one's netmasks
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 01/12] tests: iptables-test: Implement fast test mode
- From: Phil Sutter <phil@xxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH 1/2] selftests: netfilter: Test reverse path filtering
- From: Guillaume Nault <gnault@xxxxxxxxxx>
Re: [nf-next PATCH 2/2] netfilter: rpfilter/fib: Populate flowic_l3mdev field
- From: Guillaume Nault <gnault@xxxxxxxxxx>
Re: [iptables PATCH 11/12] extensions: Do not print all-one's netmasks
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [iptables PATCH 01/12] tests: iptables-test: Implement fast test mode
- From: Jan Engelhardt <jengelh@xxxxxxx>
[iptables PATCH 09/12] tests: libebt_vlan.t: Drop trailing whitespace from rules
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 06/12] tests: libxt_length.t: Fix odd use-case output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 10/12] tests: libxt_connlimit.t: Add missing --connlimit-saddr
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 08/12] tests: libxt_tos.t, libxt_TOS.t: Add missing masks in output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 03/12] tests: *.t: Fix expected output for simple calls
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 00/12] Speed up iptables-tests.py
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 12/12] extensions: NFQUEUE: Do not print default queue number 0
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 07/12] tests: libxt_recent.t: Add missing default values
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 05/12] tests: libebt_redirect.t: Plain redirect prints with trailing whitespace
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 01/12] tests: iptables-test: Implement fast test mode
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 04/12] tests: *.t: Fix for hexadecimal output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 11/12] extensions: Do not print all-one's netmasks
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 02/12] tests: iptables-test: Cover for obligatory -j CONTINUE in ebtables
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] tests: shell: Fix expected ebtables log target output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/2] tests: shell: Fix expected output for ip6tables dst match
- From: Phil Sutter <phil@xxxxxx>
Re: Kernel 6.0.0 bug pptp not work
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Kernel 6.0.0 bug pptp not work
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: [PATCH nft 2/2] src: add ipip support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] src: add ipip support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] src: add gre support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/2] gre and ipip tunnel support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] tests: libebt_stp.t: Drop duplicate whitespace
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next,v2 2/6] netfilter: nft_payload: access ipip payload for inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 6/6] netfilter: nft_inner: add geneve support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 4/6] netfilter: nft_inner: add percpu inner context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 1/6] netfilter: nft_payload: access GRE payload via inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 5/6] netfilter: nft_meta: add inner match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 3/6] netfilter: nft_inner: support for inner tunnel header matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 0/6] nf_tables inner tunnel header match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH 2/2] netfilter: rpfilter/fib: Populate flowic_l3mdev field
- From: David Ahern <dsahern@xxxxxxxxxx>
[iptables PATCH] extensions: libebt_log: Avoid empty log-prefix in output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] tests: IDLETIMER.t: Fix syntax, support for restore input
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH 2/2] netfilter: rpfilter/fib: Populate flowic_l3mdev field
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH 1/2] selftests: netfilter: Test reverse path filtering
- From: Phil Sutter <phil@xxxxxx>
[nf PATCH] selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft 2/2] evaluate: datatype memleak after binop transfer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] evaluate: bogus datatype assertion in binary operation evaluation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
netdev conf 0x16 schedule posted
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [PATCH v2 bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[iptables PATCH 2/3] extensions: libip6t_dst: Fix output for empty options
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/3] extensions: libebt_stp: Eliminate duplicate space in output
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/3] extensions: TCPOPTSTRIP: Do not print empty options
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] extensions: among: Fix for use with ebtables-restore
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/2] extensions: among: Remove pointless fall through
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/4] tests: iptables-test: Test both variants by default
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/4] tests: iptables-test: Test both variants by default
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/4] tests: iptables-test: Pass netns to execute_cmd()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/4] tests: iptables-test: Simplify '-N' option a bit
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/4] tests: iptables-test: Simplify execute_cmd() calling
- From: Phil Sutter <phil@xxxxxx>
Re: [REGRESSION] Unable to NAT own TCP packets from another VRF with tcp_l3mdev_accept = 1
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Guillaume Nault <gnault@xxxxxxxxxx>
Re: [PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Guillaume Nault <gnault@xxxxxxxxxx>
Re: [nft PATCH] monitor: Sanitize startup race condition
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] monitor: Sanitize startup race condition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 0/3] vlan followup fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 6/6] src: display (inner) tag in --debug=proto-ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/6] src: add eval_proto_ctx()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/6] src: add vxlan matching support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 5/6] tests: shell: add vxlan set tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/6] src: add dl_proto_ctx()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/6] tests: py: add vxlan tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/6,v2] support for vxlan matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: John Fastabend <john.fastabend@xxxxxxxxx>
Re: [PATCH v2 bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
[PATCH v2 bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
Re: [PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: David Ahern <dsahern@xxxxxxxxxx>
Re: [PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Guillaume Nault <gnault@xxxxxxxxxx>
[PATCH nft 3/3] tests: py: add vlan test case for ip/inet family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/3] doc: mention vlan matching in ip/ip6/inet families
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/3] evaluate: add ethernet header size offset for implicit vlan dependency
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 0/3] vlan followup fixes
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Yauheni Kaliuta <ykaliuta@xxxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Yauheni Kaliuta <ykaliuta@xxxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Yauheni Kaliuta <ykaliuta@xxxxxxxxxx>
[nft PATCH] monitor: Sanitize startup race condition
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft 3/4] src: add vxlan matching support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/4] src: display (inner) tag in --debug=proto-ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/4] src: add eval_proto_ctx()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/4] src: add dl_proto_ctx()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] expr: add inner support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/2] netfilter: nft_meta: add inner match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/2] netfilter: nft_inner: support for inner tunnel header matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 0/2] nf_tables inner tunnel header match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/2] netfilter: nft_payload: access GRE payload via inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/2] netfilter: nft_payload: access ipip payload for inner offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nft_payload: move struct nft_payload_set definition where it belongs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] nft: Fix meta statement parsing
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] nft: Fix meta statement parsing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 3/6] netfilter: ipset: Add bitmask support to hash:ipport
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2 5/6] netfilter: ipset: Update the man page to include netmask/bitmask options
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2 2/6] netfilter: ipset: Add bitmask support to hash:ip
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2 1/6] netfilter: ipset: Add support for new bitmask parameter
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2 0/6] Add support for new bitmask parameter (userspace)
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2] netfilter: ipset: regression in ip_set_hash_ip.c
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2 6/6] netfilter: ipset: add tests for the new bitmask feature
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2 4/6] netfilter: ipset: Add bitmask support to hash:netnet
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
[PATCH v2] netfilter: ipset: Add support for new bitmask parameter (kernel)
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
Re: [iptables PATCH] nft: Fix meta statement parsing
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] nft: Fix meta statement parsing
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH] nft-bridge: Drop 'sreg_count' variable
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [iptables PATCH 5/5] ebtables: Support '-p Length'
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] nft-bridge: Drop 'sreg_count' variable
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] nft: Fix meta statement parsing
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] ebtables: Fix among match
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH] ebtables: Fix among match
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 0/5] Fixes around ebtables' --proto match
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 0/1] netfilter fix for net-next
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 1/1] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH 0/5] Fixes around ebtables' --proto match
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/5] nft-shared: Introduce __get_cmp_data()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/5] ebtables: Merge OPT_* flags with xshared ones
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 5/5] ebtables: Support '-p Length'
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/5] ebtables: Drop unused OPT_* defines
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/5] ebtables: Eliminate OPT_TABLE
- From: Phil Sutter <phil@xxxxxx>
[PATCH v38 25/39] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v38 22/39] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v38 21/39] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v38 15/39] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v38 14/39] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Vlastimil Babka <vbabka@xxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Michal Hocko <mhocko@xxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Michal Hocko <mhocko@xxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Michal Hocko <mhocko@xxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Michal Hocko <mhocko@xxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Michal Hocko <mhocko@xxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Michal Hocko <mhocko@xxxxxxxx>
[PATCH bpf-next] net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 2/3] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Nathan Chancellor <nathan@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 2/3] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 2/3] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 2/3] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Nathan Chancellor <nathan@xxxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
Re: [PATCH iptables-nft] tests: extend native delinearize script
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables-nft] nft: track each register individually
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Michal Hocko <mhocko@xxxxxxxx>
[PATCH iptables-nft] nft: track each register individually
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft] tests: extend native delinearize script
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Bug Report Flowtable NFT with kernel 5.19.9
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: [iptables PATCH] tests: shell: Test delinearization of native nftables expressions
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH] tests: shell: Test delinearization of native nftables expressions
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables-nft] iptables-nft: must withdraw PAYLOAD flag after parsing
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Bug Report Flowtable NFT with kernel 5.19.9
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft] nft: un-break among match with concatenation
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v3 bpf-next 1/3] bpf: Tweak definition of KF_TRUSTED_ARGS
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
[PATCH] doc, src: make some spelling and grammatical improvements
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Bug Report Flowtable NFT with kernel 5.19.9
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: [PATCH v3 bpf-next 0/3] Introduce bpf_ct_set_nat_info kfunc helper
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH v3 bpf-next 1/3] bpf: Tweak definition of KF_TRUSTED_ARGS
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH net-next 1/4] netfilter: conntrack: fix the gc rescheduling delay
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH nft 2/2] segtree: fix decomposition of unclosed intervals containing address prefixes
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 2/2] segtree: fix decomposition of unclosed intervals containing address prefixes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH v3 bpf-next 0/3] Introduce bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 3/3] selftests/bpf: add tests for bpf_ct_set_nat_info kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 1/3] bpf: Tweak definition of KF_TRUSTED_ARGS
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 2/3] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH iptables-nft] iptables-nft: must withdraw PAYLOAD flag after parsing
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2] segtree: fix decomposition of unclosed intervals containing address prefixes
- From: Florian Westphal <fw@xxxxxxxxx>
[nf PATCH v2] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Phil Sutter <phil@xxxxxx>
[PATCH net-next 3/4] headers: Remove some left-over license text in include/uapi/linux/netfilter/
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 4/4] netfilter: rpfilter: Remove unused variable 'ret'.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 0/4] netfilter patches for net-next
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 1/4] netfilter: conntrack: fix the gc rescheduling delay
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 2/4] netfilter: conntrack: revisit the gc initial rescheduling bias
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net 1/5] netfilter: conntrack: remove nf_conntrack_helper documentation
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH net 4/5] netfilter: ebtables: fix memory leak when blob is malformed
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 5/5] netfilter: nf_ct_ftp: fix deadlock when nat rewrite is needed
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 2/5] netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 3/5] netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 1/5] netfilter: conntrack: remove nf_conntrack_helper documentation
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 0/5] netfilter: bugfixes for net
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nf PATCH] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Phil Sutter <phil@xxxxxx>
Re: [nf PATCH] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next v3 3/3] bpf: Move nf_conn extern declarations to filter.h
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
Re: [PATCH bpf-next v3 0/3] bpf: Small nf_conn cleanups
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[nf PATCH] netfilter: nft_fib: Fix for rpath check with VRF devices
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] netfilter: nf_ct_ftp: fix deadlock when nat rewrite is needed
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Question for table netdev set list
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: [PATCH bpf-next v2 3/3] bpf: Move nf_conn extern declarations to filter.h
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 3/3] bpf: Move nf_conn extern declarations to filter.h
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 1/3] bpf: Remove unused btf_struct_access stub
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 0/3] bpf: Small nf_conn cleanups
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v3 2/3] bpf: Rename nfct_bsa to nfct_btf_struct_access
- From: Daniel Xu <dxu@xxxxxxxxx>
Question for table netdev set list
- From: Martin Zaharinov <micron10@xxxxxxxxx>
Re: [PATCH nft] evaluate: un-break rule insert with intervals
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] evaluate: un-break rule insert with intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: un-break rule insert with intervals
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: ebtables: fix memory leak when blob is malformed
- From: Florian Westphal <fw@xxxxxxxxx>
Re: removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Thorsten Leemhuis <regressions@xxxxxxxxxxxxx>
Re: removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Chris Clayton <chris2553@xxxxxxxxxxxxxx>
Re: [PATCH bpf-next v2 3/3] bpf: Move nf_conn extern declarations to filter.h
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
[syzbot] memory leak in do_replace
- From: syzbot <syzbot+a24c5252f3e3ab733464@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH iptables-nft] iptables-nft: must withdraw PAYLOAD flag after parsing
- From: Florian Westphal <fw@xxxxxxxxx>
Re: removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Florian Westphal <fw@xxxxxxxxx>
Re: removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft] iptables-nft: must withdraw PAYLOAD flag after parsing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH bpf-next v2 3/3] bpf: Move nf_conn extern declarations to filter.h
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 2/3] bpf: Rename nfct_bsa to nfct_btf_struct_access
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 1/3] bpf: Remove unused btf_struct_access stub
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v2 0/3] bpf: Small nf_conn cleanups
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH nf 0/2] netfilter: conntrack: fix the gc rescheduling delay
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 0/2] Fix listing of sets containing unclosed address prefix intervals
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
ox16: First Workshop, Mini Netfilter workshop
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
[PATCH nft 2/2] segtree: fix decomposition of unclosed intervals containing address prefixes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH nft 1/2] segtree: refactor decomposition of closed intervals
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH nft 0/2] Fix listing of sets containing unclosed address prefix intervals
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [PATCH nft] tests: py: fix payloads for sets with user data
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH nft] tests: py: fix payloads for sets with user data
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [syzbot] WARNING: locking bug in tee_netdev_event
- From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
[syzbot] WARNING: locking bug in tee_netdev_event
- From: syzbot <syzbot+68f4b631890adeb054ae@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
Re: [PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
Re: [PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h
- From: Martin KaFai Lau <martin.lau@xxxxxxxxx>
[PATCH nft,RFC] src: add vxlan matching support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,RFC 1/1] netfilter: nft_inner: support for inner header matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl,RFC] expr: add inner support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,RFC 0/1] nf_tables inner match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/2] netfilter: conntrack: fix the gc rescheduling delay
- From: Antoine Tenart <atenart@xxxxxxxxxx>
[PATCH nf 2/2] netfilter: conntrack: revisit the gc initial rescheduling bias
- From: Antoine Tenart <atenart@xxxxxxxxxx>
[PATCH nf 0/2] netfilter: conntrack: fix the gc rescheduling delay
- From: Antoine Tenart <atenart@xxxxxxxxxx>
Re: [PATCH 1/3 nft] py: extend python API to support libnftables API
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] json: add stateful object comment support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] json: add secmark object reference support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables-nft 1/2] nft: support ttl/hoplimit dissection
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v7 17/18] samples/landlock: add network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 18/18] landlock: Document Landlock's network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 16/18] seltests/landlock: add invalid input data test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 09/18] landlock: implement TCP network hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 08/18] landlock: add network rules support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 05/18] landlock: refactor helper functions
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 03/18] landlock: refactor merge/inherit_ruleset functions
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 02/18] landlock: refactor landlock_find_rule/insert_rule
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 01/18] landlock: rename access mask
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
- From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()
- From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
[PATCH 3/3 nft] doc: add nft_ctx_add_var() and nft_ctx_clear_vars() docs
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 2/3 nft] py: support variables management and fix formatting
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 1/3 nft] py: extend python API to support libnftables API
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH iptables-nft 1/2] nft: support ttl/hoplimit dissection
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables] tests: add ebtables among testcase
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft 2/2] nft: prefer payload to ttl/hl module
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 3/4] net-next: frags: add inetpeer frag_mem tracking
- From: Richard Gobert <richardbgobert@xxxxxxxxx>
Re: [PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
[PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH bpf-next v5 0/6] Support direct writes to nf_conn:mark
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH] headers: Remove some left-over license text in include/uapi/linux/netfilter/
- From: Christophe JAILLET <christophe.jaillet@xxxxxxxxxx>
Re: [PATCH v2 bpf-next] selftests/bpf: fix ct status check in bpf_nf selftests
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH bpf-next v5 0/6] Support direct writes to nf_conn:mark
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH nft] json: add stateful object comment support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH v7 18/18] landlock: Document Landlock's network support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 17/18] samples/landlock: add network demo
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 16/18] seltests/landlock: add invalid input data test
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 14/18] seltests/landlock: add rules overlapping test
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 13/18] seltests/landlock: add AF_UNSPEC family test
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 11/18] seltests/landlock: add tests for bind() hooks
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 10/18] seltests/landlock: move helper function
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 09/18] landlock: implement TCP network hooks
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 08/18] landlock: add network rules support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 07/18] landlock: user space API network support
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 05/18] landlock: refactor helper functions
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 04/18] landlock: move helper functions
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
[PATCH nft] json: add secmark object reference support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Willy Tarreau <w@xxxxxx>
removing conntrack helper toggle to enable auto-assignment [was Re: b118509076b3 (probably) breaks my firewall]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH bpf-next v5 0/6] Support direct writes to nf_conn:mark
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH v7 03/18] landlock: refactor merge/inherit_ruleset functions
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 02/18] landlock: refactor landlock_find_rule/insert_rule
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v7 01/18] landlock: rename access mask
- From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@xxxxxxxxxx>
[PATCH nf] netfilter: conntrack: remove nf_conntrack_helper documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: conntrack: remove nf_conntrack_helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net 1/4] netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH net-next 1/8] netfilter: conntrack: prepare tcp_in_window for ternary return value
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH net-next] netfilter: rpfilter: Remove unused variable 'ret'.
- From: Guillaume Nault <gnault@xxxxxxxxxx>
Re: [PATCH v2 bpf-next] selftests/bpf: fix ct status check in bpf_nf selftests
- From: Song Liu <song@xxxxxxxxxx>
Re: [PATCH iptables-nft 0/3] nft: prefer meta pkttype to libxt_pkttype
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables-nft 0/3] nft: prefer meta pkttype to libxt_pkttype
- From: Phil Sutter <phil@xxxxxx>
[PATCH iptables-nft 3/3] extensions: libxt_pkttype: support otherhost
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft 0/3] nft: prefer meta pkttype to libxt_pkttype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft 1/3] nft: support dissection of meta pkktype mode
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables-nft 2/3] nft: prefer native 'meta pkttype' instead of xt match
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 4/4] netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 3/4] netfilter: nf_conntrack_irc: Tighten matching on DCC message
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 2/4] selftests: nft_concat_range: add socat support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 1/4] netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 0/4] netfilter: bugfixes for net
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 bpf-next] selftests/bpf: fix ct status check in bpf_nf selftests
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH bpf-next] selftests/bpf: fix ct status check in bpf_nf selftests
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH bpf-next] selftests/bpf: fix ct status check in bpf_nf selftests
- From: Song Liu <song@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
[PATCH bpf-next v5 5/6] bpf: Add support for writing to nf_conn:mark
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 2/6] bpf: Add stub for btf_struct_access()
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 1/6] bpf: Remove duplicate PTR_TO_BTF_ID RO check
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 3/6] bpf: Use 0 instead of NOT_INIT for btf_struct_access() writes
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 6/6] selftests/bpf: Add tests for writing to nf_conn:mark
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 4/6] bpf: Export btf_type_by_id() and bpf_log()
- From: Daniel Xu <dxu@xxxxxxxxx>
[PATCH bpf-next v5 0/6] Support direct writes to nf_conn:mark
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 8/8] netfilter: nat: avoid long-running port range loop
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 5/8] netfilter: remove NFPROTO_DECNET
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 2/8] netfilter: conntrack: ignore overly delayed tcp packets
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 4/8] netfilter: conntrack: reduce timeout when receiving out-of-window fin or rst
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 6/8] netfilter: move from strlcpy with unused retval to strscpy
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 7/8] netfilter: nat: move repetitive nat port reserve loop to a helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 3/8] netfilter: conntrack: remove unneeded indent level
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 1/8] netfilter: conntrack: prepare tcp_in_window for ternary return value
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 0/8] netfilter: patches for net-next
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net-next 0/2] netlink: add range checks for network byte integers
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH bpf-next] selftests/bpf: fix ct status check in bpf_nf selftests
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 4/4] selftests/bpf: add tests for bpf_ct_set_nat_info kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH nf] netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH bpf-next v4 4/5] bpf: Add support for writing to nf_conn:mark
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH v2 bpf-next 4/4] selftests/bpf: add tests for bpf_ct_set_nat_info kfunc
- From: Song Liu <song@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Song Liu <song@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 2/4] selftests/bpf: Extend KF_TRUSTED_ARGS test for __ref annotation
- From: Song Liu <song@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 1/4] bpf: Add support for per-parameter trusted args
- From: Song Liu <song@xxxxxxxxxx>
[PATCH nf-next 2/2] netfilter: nat: avoid long-running port range loop
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/2] netfilter: nat: avoid long-running loops
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/2] netfilter: nat: move repetitive nat port reserve loop to a helper
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v7 01/18] landlock: rename access mask
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 02/18] landlock: refactor landlock_find_rule/insert_rule
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 05/18] landlock: refactor helper functions
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 03/18] landlock: refactor merge/inherit_ruleset functions
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 18/18] landlock: Document Landlock's network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH nft v2] json: fix empty statement list output in sets and maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v7 17/18] samples/landlock: add network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 16/18] seltests/landlock: add invalid input data test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 14/18] seltests/landlock: add rules overlapping test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 13/18] seltests/landlock: add AF_UNSPEC family test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 09/18] landlock: implement TCP network hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 07/18] landlock: user space API network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 11/18] seltests/landlock: add tests for bind() hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 10/18] seltests/landlock: move helper function
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 08/18] landlock: add network rules support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v7 04/18] landlock: move helper functions
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Eyal Birger <eyal.birger@xxxxxxxxx>
[PATCH nf] selftests: nft_concat_range: add socat support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v4] netlink: Bounds-check struct nlmsgerr creation
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH v2 nf] netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v2 bpf-next 4/4] selftests/bpf: add tests for bpf_ct_set_nat_info kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v2 bpf-next 1/4] bpf: Add support for per-parameter trusted args
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v2 bpf-next 2/4] selftests/bpf: Extend KF_TRUSTED_ARGS test for __ref annotation
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v2 bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH net-next 2/2] netfilter: nft_payload: reject out-of-range attributes via policy
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 1/2] netlink: introduce NLA_POLICY_MAX_BE
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 0/2] netlink: add range checks for network byte integers
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v2] json: fix empty statement list output in sets and maps
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH nft] json: fix empty statement list output in sets and maps
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH nft v2] json: add set statement list support
- From: "Fernando F. Mancera" <ffmancera@xxxxxxxxxx>
Re: [PATCH nft v2] json: add set statement list support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] json: add table map statement support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] json: fix json schema version verification
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: CPE-ID?
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
CPE-ID?
- From: Nick <vincent@xxxxxxxxxxxx>
[PATCH v4] netlink: Bounds-check struct nlmsgerr creation
- From: Kees Cook <keescook@xxxxxxxxxxxx>
Re: [PATCH net 1/4] netfilter: remove nf_conntrack_helper sysctl and modparam toggles
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH v3] netlink: Bounds-check struct nlmsgerr creation
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net 1/4] netfilter: remove nf_conntrack_helper sysctl and modparam toggles
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH v3] netlink: Bounds-check struct nlmsgerr creation
- From: Kees Cook <keescook@xxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo.bianconi@xxxxxxxxxx>
Re: [PATCH bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper
- From: Daniel Müller <deso@xxxxxxxxxx>
Re: [PATCH bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Re: [PATCH bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo.bianconi@xxxxxxxxxx>
Re: [PATCH bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
[PATCH nft] json: fix json schema version verification
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH bpf-next v4 4/5] bpf: Add support for writing to nf_conn:mark
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH nft] json: add table map statement support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH net 1/4] netfilter: remove nf_conntrack_helper sysctl and modparam toggles
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net 1/4] netfilter: remove nf_conntrack_helper sysctl and modparam toggles
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH v3] netlink: Bounds-check struct nlmsgerr creation
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH 1/2] netlink: Bounds-check nlmsg_len()
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
Re: [PATCH nftables] rule: check address family in set collapse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2] netlink: Bounds-check nlmsg_len()
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
[PATCH bpf-next 3/4] net: netfilter: add bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH bpf-next 4/4] selftests/bpf: add tests for bpf_ct_set_nat_info kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH bpf-next 1/4] bpf: Add support for per-parameter trusted args
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH bpf-next 2/4] selftests/bpf: Extend KF_TRUSTED_ARGS test for __ref annotation
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH nftables] rule: check address family in set collapse
- From: Derek Hageman <hageman@inthat.cloud>
Re: [PATCH 3/4] net-next: frags: add inetpeer frag_mem tracking
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
Re: [PATCH 3/4] net-next: frags: add inetpeer frag_mem tracking
- From: Richard Gobert <richardbgobert@xxxxxxxxx>
Re: [PATCH 2/4] net-next: ip6: fetch inetpeer in ip6frag_init
- From: Richard Gobert <richardbgobert@xxxxxxxxx>
Re: [PATCH net 1/3] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: Neal Cardwell <ncardwell@xxxxxxxxxx>
Re: [PATCH nft v2] json: add set statement list support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft v2] json: add set statement list support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH v2] netlink: Bounds-check struct nlmsgerr creation
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
[PATCH v3] netlink: Bounds-check struct nlmsgerr creation
- From: Kees Cook <keescook@xxxxxxxxxxxx>
[PATCH net 4/4] netfilter: nf_conntrack_irc: Fix forged IP logic
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 1/4] netfilter: remove nf_conntrack_helper sysctl and modparam toggles
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 2/4] netfilter: br_netfilter: Drop dst references before setting.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 3/4] netfilter: nf_tables: clean up hook list when offload flags check fails
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 0/4] netfilter: bug fixes for net
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2] netlink: Bounds-check struct nlmsgerr creation
- From: Kees Cook <keescook@xxxxxxxxxxxx>
[PATCH v2] netlink: Bounds-check struct nlmsgerr creation
- From: Kees Cook <keescook@xxxxxxxxxxxx>
Re: [PATCH 1/2] netlink: Bounds-check nlmsg_len()
- From: Kees Cook <keescook@xxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Eyal Birger <eyal.birger@xxxxxxxxx>
RE: [ANNOUNCE] 17th Netfilter Workshop in Seville, Spain
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
Re: [PATCH 2/2] netlink: Bounds-check struct nlmsgerr creation
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH 1/2] netlink: Bounds-check nlmsg_len()
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
[PATCH 2/2] netlink: Bounds-check struct nlmsgerr creation
- From: Kees Cook <keescook@xxxxxxxxxxxx>
[PATCH 0/2] netlink: Bounds-check struct nlmsgerr creation
- From: Kees Cook <keescook@xxxxxxxxxxxx>
[PATCH 1/2] netlink: Bounds-check nlmsg_len()
- From: Kees Cook <keescook@xxxxxxxxxxxx>
Re: [PATCH 2/2] netfilter: nf_conntrack_irc: Fix forged IP logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
[ANNOUNCE] 17th Netfilter Workshop in Seville, Spain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH nft] json: add set statement list support
- From: "Fernando F. Mancera" <ffmancera@xxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] json: add set statement list support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] tests/py: missing userdata in netlink payload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] rule, set_elem: remove trailing \n in userdata snprintf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] json: add set statement list support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: clean up hook list when offload flags check fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[conntrack-tools PATCH] local: Avoid sockaddr_un::sun_path buffer overflow
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] src: allow burst 0 for byte ratelimit and use it as default
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: nf_tables: add ebpf expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bridge, v3] br_netfilter: Drop dst references before setting.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH bridge, v3] br_netfilter: Drop dst references before setting.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH bridge, v3] br_netfilter: Drop dst references before setting.
- From: Harsh Modi <harshmodi@xxxxxxxxxx>
[PATCH AUTOSEL 5.15 15/23] netfilter: conntrack: work around exceeded receive window
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 5.19 21/33] netfilter: conntrack: work around exceeded receive window
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH nft] src: allow burst 0 for byte ratelimit and use it as default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v3] netfilter: remove nf_conntrack_helper sysctl and modparam toggles
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] doc: nft.8: Add missing '-T' in synopsis
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] erec: Dump locations' expressions only if set
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] doc: nft.8: Extend limit statement's burst value info
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] doc: nft.8: Extend limit statement's burst value info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: remove nf_conntrack_helper sysctl and modparam toggles
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: check offload flags before splicing hook list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[syzbot] memory leak in nft_chain_parse_hook
- From: syzbot <syzbot+5fcdbfab6d6744c57418@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 2/4] net-next: ip6: fetch inetpeer in ip6frag_init
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
Re: [PATCH 3/4] net-next: frags: add inetpeer frag_mem tracking
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
Re: [PATCH 4/4] net-next: frags: dynamic timeout under load
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
[PATCH v7 16/18] seltests/landlock: add invalid input data test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v7 15/18] seltests/landlock: add ruleset expanding test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v7 17/18] samples/landlock: add network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v7 18/18] landlock: Document Landlock's network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v7 08/18] landlock: add network rules support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v7 12/18] seltests/landlock: add tests for connect() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v7 13/18] seltests/landlock: add AF_UNSPEC family test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]