Linux TCP/IP Netfilter Devel

• Thread Index

• Re: [PATCH net] net: netfilter: Fix use-after-free in get_info()
  • From: "dongchenchen (A)" <dongchenchen2@xxxxxxxxxx>
• Re: [PATCH v2 1/6] LSM: Ensure the correct LSM context releaser
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH net] net: netfilter: Fix use-after-free in get_info()
  • From: Simon Horman <horms@xxxxxxxxxx>
• [PATCH iptables,v3] tests: iptables-test: extend coverage for ip6tables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net] selftests: netfilter: nft_flowtable.sh: make first pass deterministic
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH iptables] tests: iptables-test: extend coverage for ip6tables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [iptables PATCH] tests: iptables-test: Fix for duplicate supposed-to-fail errors
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH iptables] tests: iptables-test: extend coverage for ip6tables
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft] tests: shell: don't rely on writable test directory
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH iptables] tests: iptables-test: extend coverage for ip6tables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [libnftnl PATCH] src/utils: Add a common dev_array parser
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH iptables] tests: iptables-test: extend coverage for ip6tables
  • From: Phil Sutter <phil@xxxxxx>
• Re: [libnftnl PATCH] src/utils: Add a common dev_array parser
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH iptables] tests: iptables-test: extend coverage for ip6tables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf-next PATCH v5 00/18] Dynamic hook interface binding
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH iptables] tests: iptables-test: extend coverage for ip6tables
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft] doc: extend description of fib expression
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf-next PATCH v5 00/18] Dynamic hook interface binding
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH net 0/1] Netfilter fixes for net
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH net 1/2] netfilter: bpf: must hold reference on net namespace
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH nf] netfilter: xtables: fix typo causing some targets to not load on IPv6
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH conntrack,v2 2/2] conntrack: improve --mark parser
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] net: netfilter: Fix use-after-free in get_info()
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net] net: netfilter: Fix use-after-free in get_info()
  • From: Yue Haibing <yuehaibing@xxxxxxxxxx>
• [PATCH net] net: netfilter: Fix use-after-free in get_info()
  • From: Dong Chenchen <dongchenchen2@xxxxxxxxxx>
• Re: [PATCH net-next v3 05/10] net: ip: make ip_route_input_slow() return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• Re: [PATCH net-next v3 07/10] net: ip: make ip_route_input_noref() return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• Re: [PATCH net-next v3 02/10] net: ip: make fib_validate_source() return drop reason
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• Re: [PATCH net 2/2] netfilter: xtables: fix typo causing some targets not to load on IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net 2/2] netfilter: xtables: fix typo causing some targets not to load on IPv6
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH net 2/2] netfilter: xtables: fix typo causing some targets not to load on IPv6
  • From: "Linux regression tracking (Thorsten Leemhuis)" <regressions@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: [PATCH v2 1/6] LSM: Ensure the correct LSM context releaser
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v2 1/6] LSM: Ensure the correct LSM context releaser
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH v4 net-next 13/14] tcp: fast path functions later
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 14/14] net: sysctl: introduce sysctl SYSCTL_FIVE
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 11/14] tcp: allow ECN bits in TOS/traffic class
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 12/14] tcp: Pass flags to __tcp_send_ack
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 10/14] tcp: AccECN support to tcp_add_backlog
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 07/14] tcp: helpers for ECN mode handling
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 09/14] gro: prevent ACE field corruption & better AccECN handling
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 08/14] gso: AccECN support
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 06/14] tcp: rework {__,}tcp_ecn_check_ce() -> tcp_data_ecn_check()
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 04/14] tcp: extend TCP flags to allow AE bit/ACE field
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 05/14] tcp: reorganize SYN ECN code
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 03/14] tcp: use BIT() macro in include/net/tcp.h
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 02/14] tcp: create FLAG_TS_PROGRESS
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 01/14] tcp: reorganize tcp_in_ack_event() and tcp_count_delivered()
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• [PATCH v4 net-next 00/14] AccECN protocol preparation patch series
  • From: chia-yu.chang@xxxxxxxxxxxxxxxxxxx
• Re: [PATCH conntrack,v2 1/2] conntrack: improve --secmark,--id,--zone parser
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• Re: [PATCH conntrack,v2 2/2] conntrack: improve --mark parser
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Vladimir Oltean <olteanv@xxxxxxxxx>
• Re: [nf-next PATCH v5 00/18] Dynamic hook interface binding
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net-next v3 07/10] net: ip: make ip_route_input_noref() return drop reasons
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net-next v3 05/10] net: ip: make ip_route_input_slow() return drop reasons
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net-next v3 07/10] net: ip: make ip_route_input_noref() return drop reasons
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net-next v3 02/10] net: ip: make fib_validate_source() return drop reason
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net-next v3 02/10] net: ip: make fib_validate_source() return drop reason
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• [PATCH iptables,v2] tests: iptables-test: extend coverage for ip6tables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next v3 01/10] net: ip: refactor fib_validate_source/__fib_validate_source
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net 0/2] Netfilter fixes for net (v2)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 1/2] netfilter: bpf: must hold reference on net namespace
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 2/2] netfilter: xtables: fix typo causing some targets not to load on IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 0/2] Netfilter fixes for net (v2)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] selftests: netfilter: remove unused parameter
  • From: Liu Jing <liujing@xxxxxxxxxxxxxxxxxxxx>
• Re: 6.6.57-stable regression: "netfilter: xtables: avoid NFPROTO_UNSPEC where needed" broke NFLOG on IPv6
  • From: Krzysztof Olędzki <ole@xxxxxx>
• [PATCH iptables] tests: iptables-test: extend coverage for ip6tables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [syzbot] [netfilter?] INFO: task hung in do_arpt_get_ctl (2)
  • From: syzbot <syzbot+47dcc37219cf4421eec6@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: 6.6.57-stable regression: "netfilter: xtables: avoid NFPROTO_UNSPEC where needed" broke NFLOG on IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v3] netfilter: xtables: fix a bunch of typos causing some targets to not load on IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf] netfilter: xtables: fix typo causing some targets to not load on IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: 6.6.57-stable regression: "netfilter: xtables: avoid NFPROTO_UNSPEC where needed" broke NFLOG on IPv6
  • From: "Linux regression tracking (Thorsten Leemhuis)" <regressions@xxxxxxxxxxxxx>
• 6.6.57-stable regression: "netfilter: xtables: avoid NFPROTO_UNSPEC where needed" broke NFLOG on IPv6
  • From: Krzysztof Olędzki <ole@xxxxxx>
• Re: [PATCH net] netfilter: xtables: fix a bad copypaste in xt_nflog module
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [netfilter-core] [PATCH v2] netfilter: xtables: fix typo causing some targets to not load on IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v3] netfilter: xtables: fix a bunch of typos causing some targets to not load on IPv6
  • From: Ilya Katsnelson <me@xxxxxxxx>
• Re: [PATCH v2] netfilter: xtables: fix typo causing some targets to not load on IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v2] netfilter: xtables: fix typo causing some targets to not load on IPv6
  • From: Ilya Katsnelson <me@xxxxxxxx>
• Re: [PATCH RFC v1 net-next 02/12] netfilter: bridge: Add conntrack double vlan and pppoe
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: strange error from the xt_mark module for kernels 6.1.113 & 6.11.4
  • From: Fred Richards <fredr@xxxxxxxxxxxxx>
• Re: [RFC PATCH v2 1/8] landlock: Fix non-TCP sockets restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• strange error from the xt_mark module for kernels 6.1.113 & 6.11.4
  • From: Fred Richards <fredr@xxxxxxxxxxxxx>
• [PATCH net] netfilter: xtables: fix a bad copypaste in xt_nflog module
  • From: Ignat Korchagin <ignat@xxxxxxxxxxxxxx>
• Re: [PATCH] netfliter: xtables: fix typo causing some targets to not load on IPv6
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH] netfliter: xtables: fix typo causing some targets to not load on IPv6
  • From: Ilya Katsnelson <me@xxxxxxxx>
• Re: [PATCH RFC v1 net-next 02/12] netfilter: bridge: Add conntrack double vlan and pppoe
  • From: Vladimir Oltean <olteanv@xxxxxxxxx>
• Re: [PATCH] selftests: netfilter: remove unused rplnlh parameter
  • From: Antoine Tenart <atenart@xxxxxxxxxx>
• Re: [PATCH nft] doc: extend description of fib expression
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH] netfilter: bridge: fix build failures in nf_ct_bridge_pre()
  • From: Vladimir Oltean <vladimir.oltean@xxxxxxx>
• Re: [PATCH nf-next] netfilter: bpf: Pass string literal as format argument of request_module()
  • From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
• [PATCH] selftests: netfilter: remove unused rplnlh parameter
  • From: Liu Jing <liujing@xxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: bpf: Pass string literal as format argument of request_module()
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next] netfilter: bpf: Pass string literal as format argument of request_module()
  • From: Simon Horman <horms@xxxxxxxxxx>
• Re: KASAN: use-after-free Read in __nf_hook_entries_try_shrink
  • From: Eric Dumazet <edumazet@xxxxxxxxxx>
• KASAN: use-after-free Read in __nf_hook_entries_try_shrink
  • From: Xia Chu <jiangmo9@xxxxxxxxx>
• Re: [PATCH libmnl v2] build: do not build documentation automatically
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [PATCH nf-next v3 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next v3 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Felix Fietkau <nbd@xxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Felix Fietkau <nbd@xxxxxxxx>
• Re: [PATCH nf-next v3 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nftables] libnftables-json: fix raw payload expression documentation
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nftables] libnftables-json: fix raw payload expression documentation
  • From: Eric Long via B4 Relay <devnull+i.hack3r.moe@xxxxxxxxxx>
• Re: [RFC PATCH v2 1/8] landlock: Fix non-TCP sockets restriction
  • From: Matthieu Baerts <matttbe@xxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 1/1] netfilter: bpf: must hold reference on net namespace
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 0/1] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [RFC PATCH v2 3/8] landlock: Fix inconsistency of errors for TCP actions
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 2/8] landlock: Make network stack layer checks explicit for each TCP action
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 6/8] selftests/landlock: Test consistency of errors for TCP actions
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 5/8] selftests/landlock: Test that MPTCP actions are not restricted
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 8/8] selftests/landlock: Test that SCTP actions are not restricted
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 0/8] Fix non-TCP restriction and inconsistency of TCP errors
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 4/8] selftests/landlock: Test TCP accesses with protocol=IPPROTO_TCP
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 7/8] landlock: Add note about errors consistency in documentation
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 1/8] landlock: Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v2 3/8] landlock: Fix inconsistency of errors for TCP actions
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Felix Fietkau <nbd@xxxxxxxx>
• Re: [PATCH libnftnl] include: refresh nf_tables.h copy
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libnftnl] include: refresh nf_tables.h copy
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• 0x19: Dates And Location for upcoming conference
  • From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
• Re: [RFC libnftnl/nft 0/5] nftables: indicate presence of unsupported netlink attributes
  • From: Phil Sutter <phil@xxxxxx>
• Re: [RFC libnftnl/nft 0/5] nftables: indicate presence of unsupported netlink attributes
  • From: Jan Engelhardt <ej@xxxxxxx>
• Re: [RFC libnftnl/nft 0/5] nftables: indicate presence of unsupported netlink attributes
  • From: Jan Engelhardt <ej@xxxxxxx>
• Re: [libnftnl PATCH] examples: Fix for incomplete license text in nft-ruleset-get.c
  • From: Jan Engelhardt <ej@xxxxxxx>
• Re: [RFC libnftnl/nft 0/5] nftables: indicate presence of unsupported netlink attributes
  • From: Phil Sutter <phil@xxxxxx>
• Re: [RFC libnftnl/nft 0/5] nftables: indicate presence of unsupported netlink attributes
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: linux-next: duplicate patches in the ipvs-next tree
  • From: Simon Horman <horms@xxxxxxxxxx>
• Re: [RFC libnftnl/nft 0/5] nftables: indicate presence of unsupported netlink attributes
  • From: Phil Sutter <phil@xxxxxx>
• [libnftnl PATCH] examples: Fix for incomplete license text in nft-ruleset-get.c
  • From: Phil Sutter <phil@xxxxxx>
• [libnftnl PATCH] src/utils: Add a common dev_array parser
  • From: Phil Sutter <phil@xxxxxx>
• Re: [netfilter-core] [PATCH v1] netfilter: x_tables: fix ordering of get and update table private
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf-next v3 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: [PATCH RFC v1 net-next 06/12] net: core: dev: Add dev_fill_bridge_path()
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: [PATCH bpf v1 1/2] bpf: fix link info netfilter flags to populate defrag flag
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH bpf v1 1/2] bpf: fix link info netfilter flags to populate defrag flag
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH nf-next v3 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v1] netfilter: x_tables: fix ordering of get and update table private
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next v3 3/5] netfiler: nf_tables: preemitve fix for audit failure
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v3 4/5] netfilter: nf_tables: switch trans_elem to real flex array
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v3 5/5] netfilter: nf_tables: allocate element update information dynamically
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v3 2/5] netfilter: nf_tables: prepare for multiple elements in nft_trans_elem structure
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v3 1/5] netfilter: nf_tables: add nft_trans_commit_list_add_elem helper
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v3 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [iptables PATCH 1/3] ebtables: Fix for -S with rule number
  • From: Phil Sutter <phil@xxxxxx>
• Re: [iptables PATCH 0/5] Some minor fixes
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH 17/17] netfilter: xt_hashlimit: replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Uladzislau Rezki <urezki@xxxxxxxxx>
• Re: [PATCH 15/17] netfilter: nf_conncount: replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Uladzislau Rezki <urezki@xxxxxxxxx>
• Re: [PATCH 16/17] netfilter: expect: replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Uladzislau Rezki <urezki@xxxxxxxxx>
• Re: [PATCH RFC v1 net-next 06/12] net: core: dev: Add dev_fill_bridge_path()
  • From: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
• Re: [PATCH libmnl v2] build: do not build documentation automatically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: linux-next: duplicate patches in the ipvs-next tree
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• linux-next: duplicate patches in the ipvs-next tree
  • From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Felix Fietkau <nbd@xxxxxxxx>
• Re: [PATCH 00/17] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH bpf v1 1/2] bpf: fix link info netfilter flags to populate defrag flag
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net-next v3 10/10] net: ip: make ip_route_use_hint() return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 09/10] net: ip: make ip_mkroute_input/__mkroute_input return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 08/10] net: ip: make ip_route_input() return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 07/10] net: ip: make ip_route_input_noref() return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 06/10] net: ip: make ip_route_input_rcu() return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 05/10] net: ip: make ip_route_input_slow() return drop reasons
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 04/10] net: ip: make ip_mc_validate_source() return drop reason
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 03/10] net: ip: make ip_route_input_mc() return drop reason
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 02/10] net: ip: make fib_validate_source() return drop reason
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 01/10] net: ip: refactor fib_validate_source/__fib_validate_source
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• [PATCH net-next v3 00/10] net: ip: add drop reasons to input route
  • From: Menglong Dong <menglong8.dong@xxxxxxxxx>
• Re: [PATCH 00/17] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH 5.10 046/518] netfilter: nf_tables: missing iterator type in lookup walk
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH 5.10 045/518] netfilter: nft_set_pipapo: walk over current view on netlink dump
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Felix Fietkau <nbd@xxxxxxxx>
• [PATCH 5.15 082/691] netfilter: nf_tables: missing iterator type in lookup walk
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH 5.15 081/691] netfilter: nft_set_pipapo: walk over current view on netlink dump
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: [PATCH v2 1/6] LSM: Ensure the correct LSM context releaser
  • From: sergeh@xxxxxxxxxx
• Re: [PATCH net-next 0/9] Netfilter updates for net-net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next 0/9] Netfilter updates for net-net
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net-next 0/9] Netfilter updates for net-net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next 0/9] Netfilter updates for net-net
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net-next 0/9] Netfilter updates for net-net
  • From: Jakub Kicinski <kuba@xxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 06/12] net: core: dev: Add dev_fill_bridge_path()
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH v2 2/6] LSM: Replace context+len with lsm_context
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v2 1/6] LSM: Ensure the correct LSM context releaser
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Vladimir Oltean <olteanv@xxxxxxxxx>
• Re: [PATCH 00/17] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 3/9] netfilter: nf_tables: prefer nft_trans_elem_alloc helper
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 4/9] netfilter: nf_tables: add nft_trans_commit_list_add_elem helper
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 9/9] netfilter: replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 2/9] netfilter: nf_tables: replace deprecated strncpy with strscpy_pad
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 7/9] netfilter: nf_tables: allocate element update information dynamically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 8/9] netfilter: Make legacy configs user selectable
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 5/9] netfilter: nf_tables: prepare for multiple elements in nft_trans_elem structure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 6/9] netfilter: nf_tables: switch trans_elem to real flex array
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 0/9] Netfilter updates for net-net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next 1/9] netfilter: nf_tables: Fix percpu address space issues in nf_tables_api.c
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Jan Engelhardt <ej@xxxxxxx>
• [UPDATE] Renewing Netfilter coreteam PGP keys
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl,v2] attr: expand mnl_attr_get_uint() documentation
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH libmnl,v2] build: do not build documentation automatically
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [PATCH 00/17] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Vlastimil Babka <vbabka@xxxxxxx>
• Re: [PATCH RFC v1 net-next 06/12] net: core: dev: Add dev_fill_bridge_path()
  • From: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 04/12] bridge: br_vlan_fill_forward_path_pvid: Add port to port
  • From: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 05/12] bridge: br_fill_forward_path add port to port
  • From: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
• Re: [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
• Re: [PATCH 00/17] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
• Re: (subset) [PATCH 00/17] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Jens Axboe <axboe@xxxxxxxxx>
• [PATCH 17/17] netfilter: xt_hashlimit: replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Julia Lawall <Julia.Lawall@xxxxxxxx>
• [PATCH 16/17] netfilter: expect: replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Julia Lawall <Julia.Lawall@xxxxxxxx>
• [PATCH 15/17] netfilter: nf_conncount: replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Julia Lawall <Julia.Lawall@xxxxxxxx>
• [PATCH 00/17] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Julia Lawall <Julia.Lawall@xxxxxxxx>
• [PATCH libmnl,v2] attr: expand mnl_attr_get_uint() documentation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libmnl,v2] build: do not build documentation automatically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH RFC v1 net-next 12/12] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval()
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 11/12] bridge: br_vlan_fill_forward_path_mode no _UNTAG_HW for dsa
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 10/12] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info()
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 09/12] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 08/12] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 07/12] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge()
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 06/12] net: core: dev: Add dev_fill_bridge_path()
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 05/12] bridge: br_fill_forward_path add port to port
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 04/12] bridge: br_vlan_fill_forward_path_pvid: Add port to port
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 03/12] netfilter: nft_chain_filter: Add bridge double vlan and pppoe
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 02/12] netfilter: bridge: Add conntrack double vlan and pppoe
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 01/12] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• [PATCH RFC v1 net-next 00/12] bridge-fastpath and related improvements
  • From: Eric Woudstra <ericwouds@xxxxxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 15/15] build: Remove libnfnetlink from the build
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 13/15] src: Convert all nlif_* functions to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 14/15] include: Use libmnl.h instead of libnfnetlink.h
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 12/15] doc: Add iftable.c to the doxygen system
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 11/15] src: Copy nlif-related files from libnfnetlink
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 10/15] src: Convert remaining nfq_* functions to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 09/15] src: Convert nfq_fd() to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 08/15] src: Incorporate nfnl_rcvbufsiz() in libnetfilter_queue
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 07/15] src: Convert nfq_set_verdict() and nfq_set_verdict2() to use libmnl if there is no data
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 06/15] src: Convert nfq_handle_packet(), nfq_get_secctx(), nfq_get_payload() and all the nfq_get_ functions to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 05/15] src: Convert nfq_set_queue_flags(), nfq_set_queue_maxlen() & nfq_set_mode() to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 03/15] src: Convert nfq_close() to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 04/15] src: Convert nfq_create_queue(), nfq_bind_pf() & nfq_unbind_pf() to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 00/15] Convert libnetfilter_queue to not need libnfnetlink
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 02/15] src: Convert nfq_open_nfnl() to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH libnetfilter_queue v3 01/15] src: Convert nfq_open() to use libmnl
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH libmnl] attr: expand mnl_attr_get_uint() documentation
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH libmnl] attr: expand mnl_attr_get_uint() documentation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH conntrack,v2 2/2] conntrack: improve --mark parser
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH conntrack,v2 1/2] conntrack: improve --secmark,--id,--zone parser
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next 0/4] netfilter: use skb_drop_reason in more places
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH conntrack 1/3] conntrack: improve --secmark,--id,--zone parser
  • From: Jeremy Sowden <jeremy@xxxxxxxxxx>
• Re: [PATCH libmnl] build: do not build documentation automatically
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nf-next v6] netfilter: Make legacy configs user selectable
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next v2 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libmnl] build: do not build documentation automatically
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next 0/4] netfilter: use skb_drop_reason in more places
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] doc: extend description of fib expression
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next 0/4] netfilter: use skb_drop_reason in more places
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf-next 0/4] netfilter: use skb_drop_reason in more places
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH conntrack 3/3] tests: conntrack: missing space before option
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH conntrack 2/3] conntrack: improve --mark parser
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH conntrack 1/3] conntrack: improve --secmark,--id,--zone parser
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next 0/4] netfilter: use skb_drop_reason in more places
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf-next 0/4] netfilter: use skb_drop_reason in more places
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: Building libnetfilter_queue has required kernel headers for some time
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libnetfilter_queue] build: add missing backslash to build_man.sh
  • From: Phil Sutter <phil@xxxxxx>
• [syzbot] [bridge?] INFO: rcu detected stall in br_handle_frame (5)
  • From: syzbot <syzbot+c596faae21a68bf7afd0@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH libnetfilter_queue] build: add missing backslash to build_man.sh
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Building libnetfilter_queue has required kernel headers for some time
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH bpf v1 2/2] selftests/bpf: add asserts for netfilter link info
  • From: Tyrone Wu <wudevelops@xxxxxxxxx>
• [PATCH bpf v1 1/2] bpf: fix link info netfilter flags to populate defrag flag
  • From: Tyrone Wu <wudevelops@xxxxxxxxx>
• Re: [PATCH nf] netfilter: bpf: must hold reference on net namespace
  • From: Eric Dumazet <edumazet@xxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Richard Weinberger <richard@xxxxxxxxxxxxx>
• Re: [nft PATCH] tests: shell: Join arithmetic statements in maps/vmap_timeout
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nft PATCH] tests: shell: Join arithmetic statements in maps/vmap_timeout
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nft PATCH] tests: shell: Join arithmetic statements in maps/vmap_timeout
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft] tests: shell: fix spurious dump failure in vmap timeout test
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft] tests: shell: fix spurious dump failure in vmap timeout test
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v2 5/5] netfilter: nf_tables: allocate element update information dynamically
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v2 3/5] netfilter: nf_tables: prepare for multiple elements in nft_trans_elem structure
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v2 4/5] netfilter: nf_tables: switch trans_elem to real flex array
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v2 2/5] netfilter: nf_tables: add nft_trans_commit_list_add_elem helper
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v2 1/5] netfilter: nf_tables: prefer nft_trans_elem_alloc helper
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v2 0/5] netfilter: nf_tables: reduce set element transaction size
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft] tests: shell: fix spurious dump failure in vmap timeout test
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net] netfilter: nf_tables: Fix memory leak in nf_flow_offload_xdp_setup()
  • From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Richard Weinberger <richard@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Richard Weinberger <richard@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf] netfilter: bpf: must hold reference on net namespace
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft] doc: extend description of fib expression
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Jan Engelhardt <ej@xxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH libnftnl] include: refresh nf_tables.h copy
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] nf_conntrack_proto_udp: Set ASSURED for NAT_CLASH entries to avoid packets dropped
  • From: Hannes Reinecke <hare@xxxxxxx>
• Re: [PATCH] nf_conntrack_proto_udp: Set ASSURED for NAT_CLASH entries to avoid packets dropped
  • From: Florian Westphal <fw@xxxxxxxxx>
• [syzbot] [netfilter?] INFO: rcu detected stall in NF_HOOK (2)
  • From: syzbot <syzbot+34c2df040c6cfa15fdfe@xxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH] nf_conntrack_proto_udp: Set ASSURED for NAT_CLASH entries to avoid packets dropped
  • From: Yadan Fan <ydfan@xxxxxxxx>
• Re: [PATCH net 1/3] netfilter: xtables: avoid NFPROTO_UNSPEC where needed
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH] nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH
  • From: Yadan Fan <ydfan@xxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Richard Weinberger <richard@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Richard Weinberger <richard@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH net 3/3] selftests: netfilter: conntrack_vrf.sh: add fib test case
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 1/3] netfilter: xtables: avoid NFPROTO_UNSPEC where needed
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 2/3] netfilter: fib: check correct rtable in vrf setups
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 0/3] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf 1/2] netfilter: fib: check correct rtable in vrf setups
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf v3] netfilter: xtables: avoid NFPROTO_UNSPEC where needed
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
• [PATCH] netfilter: Record uid and gid in xt_AUDIT
  • From: Richard Weinberger <richard@xxxxxx>
• [iptables PATCH 2/3] nft: Fix for -Z with bogus rule number
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 3/3] tests: shell: Test some commands involving rule numbers
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 1/3] ebtables: Fix for -S with rule number
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Julia Lawall <julia.lawall@xxxxxxxx>
• Re: Argument -S (--list-rules) in ebtables
  • From: Nicola Serafini <n.serafini@xxxxxxxxxxxx>
• [PATCH nft,v2] libnftables: remove set element uncollapse for error reporting
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [iptables PATCH v2 8/8] tests: iptables-test: Add nft-compat variant
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 6/8] nft: Pass nft_handle into add_{action,match}()
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 2/8] nft: ruleparse: Introduce nft_parse_rule_expr()
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 5/8] nft-ruleparse: Fallback to compat expressions in userdata
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 4/8] nft: Introduce UDATA_TYPE_COMPAT_EXT
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 3/8] nft: __add_{match,target}() can't fail
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 1/8] nft: Make add_log() static
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 7/8] nft: Embed compat extensions in rule userdata
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH v2 0/8] nft: Implement forward compat for future binaries
  • From: Phil Sutter <phil@xxxxxx>
• Re: Argument -S (--list-rules) in ebtables
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 2/5] man: xtables-legacy.8: Join two paragraphs
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 5/5] xshared: iptables does not support '-b'
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 0/5] Some minor fixes
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 3/5] man: ebtables-nft.8: Note that --concurrent is a NOP
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 1/5] tests: iptables-test: Append stderr output to log file
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH 4/5] gitignore: Ignore generated arptables-translate.8
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nft] libnftables: remove set element uncollapse for error reporting
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• kmemleak in flowtable xdp
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf 1/2] netfilter: fib: check correct rtable in vrf setups
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 1/2] netfilter: fib: check correct rtable in vrf setups
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf 2/2] selftests: netfilter: conntrack_vrf.sh: add fib test case
  • From: Florian Westphal <fw@xxxxxxxxx>
• Argument -S (--list-rules) in ebtables
  • From: Nicola Serafini <n.serafini@xxxxxxxxxxxx>
• [syzbot] [netfilter?] WARNING in __nf_unregister_net_hook (7)
  • From: syzbot <syzbot+90c2972f9dd6cdcf7b07@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
• Re: [PATCH] nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Vlastimil Babka <vbabka@xxxxxxx>
• Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
  • From: Vlastimil Babka <vbabka@xxxxxxx>
• Re: [PATCH] nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH
  • From: Yadan Fan <ydfan@xxxxxxxx>
• Re: [PATCH libnftnl 1/5] expr: add and use incomplete tag
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH libnftnl 1/5] expr: add and use incomplete tag
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libnftnl 1/5] expr: add and use incomplete tag
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH libnftnl 1/5] expr: add and use incomplete tag
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libnetfilter_queue] build: add missing backslash to build_man.sh
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [PATCH libnetfilter_queue] build: add missing backslash to build_man.sh
  • From: Phil Sutter <phil@xxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [PATCH nft 5/5] sets: inform user when set definition contains unknown attributes
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 4/5] netlink: tell user if libnftnl detected unknown attributes/features
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH libnftnl 3/5] libnftnl: add api to query dissection state
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH libnftnl 2/5] sets: add and use incomplete tag
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH libnftnl 1/5] expr: add and use incomplete tag
  • From: Florian Westphal <fw@xxxxxxxxx>
• [RFC libnftnl/nft 0/5] nftables: indicate presence of unsupported netlink attributes
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf v3] netfilter: xtables: avoid NFPROTO_UNSPEC where needed
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf] netfilter: nfnetlink_queue: reroute reinjected packets from postrouting
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nfnetlink_queue: reroute reinjected packets from postrouting
  • From: Antonio Ojea <antonio.ojea.garcia@xxxxxxxxx>
• Re: [PATCH libnetfilter_queue] build: add missing backslash to build_man.sh
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH] doc: don't suggest to disable GSO
  • From: Ronan Pigott <ronan@xxxxxx>
• Re: [PATCH nf] netfilter: nfnetlink_queue: reroute reinjected packets from postrouting
  • From: Antonio Ojea <antonio.ojea.garcia@xxxxxxxxx>
• Re: [PATCH nf v2] netfilter: xtables: avoid NFPROTO_UNSPEC where needed
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH AUTOSEL 6.11 049/244] netfilter: nf_tables: don't initialize registers in nft_do_chain()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• Re: [RFC PATCH v2 2/9] landlock: Support TCP listen access-control
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v2 2/9] landlock: Support TCP listen access-control
  • From: Günther Noack <gnoack3000@xxxxxxxxx>
• Re: [RFC PATCH v2 2/9] landlock: Support TCP listen access-control
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v2 9/9] samples/landlock: Support LANDLOCK_ACCESS_NET_LISTEN
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v2 8/9] selftests/landlock: Test changing socket backlog with listen(2)
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v2 9/9] samples/landlock: Support LANDLOCK_ACCESS_NET_LISTEN
  • From: Günther Noack <gnoack3000@xxxxxxxxx>
• Re: [RFC PATCH v2 8/9] selftests/landlock: Test changing socket backlog with listen(2)
  • From: Günther Noack <gnoack3000@xxxxxxxxx>
• Re: [RFC PATCH v2 2/9] landlock: Support TCP listen access-control
  • From: Günther Noack <gnoack3000@xxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• [PATCH nf v2] netfilter: xtables: avoid NFPROTO_UNSPEC where needed
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH AUTOSEL 6.1 33/42] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.6 47/58] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.6 46/58] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.10 54/70] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.10 53/70] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.11 60/76] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.11 59/76] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH libnetfilter_queue] build: add missing backslash to build_man.sh
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH] netfilter: nf_tables: replace deprecated strncpy with strscpy_pad
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2 2/2] netfilter: nf_tables: Fix percpu address space issues in nf_tables_api.c
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: xt_cluster: enable ebtables operation?
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: xt_cluster: restrict to ip/ip6tables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: xt_cluster: enable ebtables operation?
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [RFC PATCH v1 2/2] selftests/landlock: Test non-TCP INET connection-based protocols
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• [PATCH] netfilter: xt_cluster: restrict it to NFPROTO_IPV4 and NFPROTO_IPV6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libnetfilter_queue] build: add missing backslash to build_man.sh
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 2/2] selftests/landlock: Test non-TCP INET connection-based protocols
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: xt_cluster: enable ebtables operation?
  • From: Jan Engelhardt <ej@xxxxxxx>
• [PATCH] xt_cluster: add logic for use from NFPROTO_BRIDGE
  • From: Jan Engelhardt <jengelh@xxxxxxx>
• [PATCH nf] netfilter: xt_cluster: restrict to ip/ip6tables
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [RFC PATCH v1 2/2] selftests/landlock: Test non-TCP INET connection-based protocols
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH v3 14/19] selftests/landlock: Test socketpair(2) restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v3 19/19] landlock: Document socket rule type support
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• [syzbot] [netfilter?] WARNING in xt_cluster_mt (2)
  • From: syzbot <syzbot+256c348558aa5cf611a9@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 2/2] selftests/landlock: Test non-TCP INET connection-based protocols
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• Re: [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• [RFC PATCH v1 2/2] selftests/landlock: Test non-TCP INET connection-based protocols
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v1 1/2] landlock: Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v1 0/2] Fix non-TCP sockets restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v3 19/19] landlock: Document socket rule type support
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v3 18/19] samples/landlock: Support socket protocol restrictions
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v3 17/19] samples/landlock: Replace atoi() with strtoull() in populate_ruleset_net()
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v3 16/19] selftests/landlock: Test that accept(2) is not restricted
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v3 15/19] selftests/landlock: Test SCTP peeloff restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH net 1/4] netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [syzbot] [tipc?] BUG: soft lockup in do_sock_setsockopt
  • From: syzbot <syzbot+10a41dc44eef71aa9450@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v4] net/bridge: Optimizing read-write locks in ebtables.c
  • From: Jakub Kicinski <kuba@xxxxxxxxxx>
• [ANNOUNCE] nftables 1.1.1 release
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [ANNOUNCE] libnftnl 1.2.8 release
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 4/4] selftests: netfilter: Add missing return value
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 3/4] netfilter: nf_tables: prevent nf_skb_duplicated corruption
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 2/4] selftests: netfilter: Fix nft_audit.sh for newer nft binaries
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 1/4] netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 0/4] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH 9/9] monitor: Support NFT_MSG_(NEW|DEL)DEV events
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 4/9] tests: monitor: Run in own netns
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 9/9] monitor: Support NFT_MSG_(NEW|DEL)DEV events
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 2/9] tests: py: Fix for storing payload into missing file
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 0/9] Support wildcard netdev hooks and events
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 7/9] tests: shell: Adjust to ifname-based flowtables
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 1/9] json: Support typeof in set and map types
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 6/9] parser_bison: Accept ASTERISK_STRING in flowtable_expr_member
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 8/9] tests: monitor: Support running external commands
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 5/9] mnl: Support simple wildcards in netdev hooks
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 3/9] monitor: Recognize flowtable add/del events
  • From: Phil Sutter <phil@xxxxxx>
• [libnftnl PATCH 4/4] device: Introduce nftnl_device
  • From: Phil Sutter <phil@xxxxxx>
• [libnftnl PATCH 3/4] utils: Introduce nftnl_parse_str_attr()
  • From: Phil Sutter <phil@xxxxxx>
• [libnftnl PATCH 0/4] Support wildcard netdev hooks and events
  • From: Phil Sutter <phil@xxxxxx>
• [libnftnl PATCH 2/4] utils: Add helpers for interface name wildcards
  • From: Phil Sutter <phil@xxxxxx>
• [libnftnl PATCH 1/4] include: utils.h needs errno.h
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH nf-next 3/4] netfilter: nf_nat: use skb_drop_reason
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 4/4] netfilter: nf_tables: use skb_drop_reason
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 2/4] netfilter: xt_nat: drop packet earlier
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 1/4] netfilter: xt_nat: compact nf_nat_setup_info calls
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 0/4] netfilter: use skb_drop_reason in more places
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [iptables PATCH] tests: shell: Adjust for recent changes in libnftnl
  • From: Phil Sutter <phil@xxxxxx>
• Re: [libnftnl PATCH] rule: Don't append a newline when printing a rule
  • From: Phil Sutter <phil@xxxxxx>
• [iptables PATCH] tests: shell: Adjust for recent changes in libnftnl
  • From: Phil Sutter <phil@xxxxxx>
• Re: [libnftnl PATCH] rule: Don't append a newline when printing a rule
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [libnftnl PATCH] rule: Don't append a newline when printing a rule
  • From: Phil Sutter <phil@xxxxxx>
• Re: [libnftnl PATCH] Partially revert "rule, set_elem: remove trailing \n in userdata snprintf"
  • From: Phil Sutter <phil@xxxxxx>
• Re: [libnftnl PATCH] Partially revert "rule, set_elem: remove trailing \n in userdata snprintf"
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [libnftnl PATCH] Partially revert "rule, set_elem: remove trailing \n in userdata snprintf"
  • From: Phil Sutter <phil@xxxxxx>
• Re: [libnftnl PATCH] Partially revert "rule, set_elem: remove trailing \n in userdata snprintf"
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [libnftnl PATCH] Partially revert "rule, set_elem: remove trailing \n in userdata snprintf"
  • From: Phil Sutter <phil@xxxxxx>
• RE: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Danielle Ratson <danieller@xxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Petr Machata <petrm@xxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Petr Machata <petrm@xxxxxxxxxx>
• Re: [RFC PATCH v3 18/19] samples/landlock: Support socket protocol restrictions
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• Re: [RFC PATCH v3 19/19] landlock: Document socket rule type support
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Petr Machata <petrm@xxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: "libmnl" project doxygen-generated documentation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Jakub Kicinski <kuba@xxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next v6] netfilter: Make legacy configs user selectable
  • From: Breno Leitao <leitao@xxxxxxxxxx>
• Re: [PATCH] nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH] nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH
  • From: Hannes Reinecke <hare@xxxxxxxxxx>
• Re: [RFC PATCH v3 14/19] selftests/landlock: Test socketpair(2) restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• RE: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
  • From: Danielle Ratson <danieller@xxxxxxxxxx>
• Re: [RFC PATCH v3 14/19] selftests/landlock: Test socketpair(2) restriction
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• Re: iptables 1.8.10 translate error
  • From: Phil Sutter <phil@xxxxxx>
• Re: iptables 1.8.10 translate error
  • From: <imnozi@xxxxxxxxx>
• Re: iptables 1.8.10 translate error
  • From: Florian Westphal <fw@xxxxxxxxx>
• iptables 1.8.10 translate error
  • From: <imnozi@xxxxxxxxx>
• Re: [RFC PATCH v3 17/19] samples/landlock: Replace atoi() with strtoull() in populate_ruleset_net()
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• Re: [RFC PATCH v3 16/19] selftests/landlock: Test that accept(2) is not restricted
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• Re: [RFC PATCH v3 15/19] selftests/landlock: Test SCTP peeloff restriction
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• [PATCH 6.1 62/73] netfilter: nf_tables: missing iterator type in lookup walk
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH 6.1 61/73] netfilter: nft_set_pipapo: walk over current view on netlink dump
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH 6.6 46/54] netfilter: nf_tables: missing iterator type in lookup walk
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH 6.6 45/54] netfilter: nft_set_pipapo: walk over current view on netlink dump
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH] selftests: netfilter: Add missing resturn value.
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] selftests: netfilter: Add missing resturn value.
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf] netfilter: nf_tables: prevent nf_skb_duplicated corruption
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH] selftests: netfilter: Fix nft_audit.sh for newer nft binaries
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] selftests: netfilter: Add missing resturn value.
  • From: Phil Sutter <phil@xxxxxx>
• Re: [RFC PATCH v3 14/19] selftests/landlock: Test socketpair(2) restriction
  • From: "Günther Noack" <gnoack@xxxxxxxxxx>
• Re: [PATCH -stable,5.10 0/2] Netfilter fixes for -stable
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: stable request: netfilter: make cgroupsv2 matching work with namespaces
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH] selftests: netfilter: Add missing resturn value.
  • From: zhangjiao2 <zhangjiao2@xxxxxxxxxxxxxxxxxxxx>
• [PATCH nf] netfilter: nf_tables: prevent nf_skb_duplicated corruption
  • From: Eric Dumazet <edumazet@xxxxxxxxxx>
• [nf PATCH] selftests: netfilter: Fix nft_audit.sh for newer nft binaries
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nf-next v5 0/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf PATCH] netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft,v2 5/7] cache: consolidate reset command
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft,v2 5/7] cache: consolidate reset command
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net 01/14] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [RFC PATCH v2 4/9] selftests/landlock: Test listening restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• [PATCH net 13/14] kselftest: add test for nfqueue induced conntrack race
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 09/14] netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 02/14] netfilter: conntrack: add clash resolution for reverse collisions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next v5 0/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
  • From: Breno Leitao <leitao@xxxxxxxxxx>
• Re: [PATCH nf-next 5/7] netfilter: conntrack: rework offload nf_conn timeout extension logic
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net 10/14] netfilter: nf_tables: use rcu chain hook list iterator from netlink dump path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 06/14] docs: tproxy: ignore non-transparent sockets in iptables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 11/14] netfilter: nf_tables: missing objects with no memcg accounting
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 14/14] selftests: netfilter: Avoid hanging ipvs.sh
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 05/14] netfilter: ctnetlink: Guard possible unused functions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 12/14] netfilter: nfnetlink_queue: remove old clash resolution logic
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 08/14] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 07/14] netfilter: nf_tables: Keep deleted flowtable hooks until after RCU
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 04/14] selftests: netfilter: nft_tproxy.sh: add tcp tests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 01/14] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 03/14] selftests: netfilter: add reverse-clash resolution test case
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net,v2 00/14] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA)
  • From: наб <nabijaczleweli@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH net 00/14] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net 00/14] Netfilter fixes for net
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net 00/14] Netfilter fixes for net
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net 00/14] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net 00/14] Netfilter fixes for net
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nf-next PATCH v5 06/18] netfilter: nf_tables: Simplify chain netdev notifier
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 05/18] netfilter: nf_tables: Tolerate chains with no remaining hooks
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 14/18] netfilter: nf_tables: Wrap netdev notifiers
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 09/18] netfilter: nf_tables: Introduce nft_register_flowtable_ops()
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 08/18] netfilter: nf_tables: Introduce nft_hook_find_ops()
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 15/18] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 18/18] selftests: netfilter: Torture nftables netdev hooks
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 11/18] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 04/18] netfilter: nf_tables: Compare netdev hooks based on stored name
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 02/18] netfilter: nf_tables: Store user-defined hook ifname
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 00/18] Dynamic hook interface binding
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 01/18] netfilter: nf_tables: Flowtable hook's pf value never varies
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 13/18] netfilter: nf_tables: flowtable: Respect NETDEV_REGISTER events
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 12/18] netfilter: nf_tables: chain: Respect NETDEV_REGISTER events
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 16/18] netfilter: nf_tables: Support wildcard netdev hook specs
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 10/18] netfilter: nf_tables: Drop __nft_unregister_flowtable_net_hooks()
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 17/18] netfilter: nf_tables: Add notications for hook changes
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 03/18] netfilter: nf_tables: Use stored ifname in netdev hook dumps
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v5 07/18] netfilter: nf_tables: Introduce functions freeing nft_hook objects
  • From: Phil Sutter <phil@xxxxxx>
• [bug report] netfilter: nf_tables: no size estimation if number of set elements is unknown
  • From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
• Re: [PATCH net 00/14] Netfilter fixes for net
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH] conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA)
  • From: наб <nabijaczleweli@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH nft,v2 5/7] cache: consolidate reset command
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH] conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [RFC PATCH v2 4/9] selftests/landlock: Test listening restriction
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH v2 02/12] landlock: Add hook on socket creation
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [nf-next PATCH v4 15/16] netfilter: nf_tables: Add notications for hook changes
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf-next PATCH v4 15/16] netfilter: nf_tables: Add notications for hook changes
  • From: Phil Sutter <phil@xxxxxx>
• [nf PATCH] netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nf-next PATCH v4 15/16] netfilter: nf_tables: Add notications for hook changes
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf-next PATCH v4 15/16] netfilter: nf_tables: Add notications for hook changes
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH] conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA)
  • From: Ahelenia Ziemiańska <nabijaczleweli@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH] conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Unsubscribe
  • From: michael.steinmann@xxxxxxxxxxx
• Re: [PATCH AUTOSEL 6.11 049/244] netfilter: nf_tables: don't initialize registers in nft_do_chain()
  • From: Florian Westphal <fw@xxxxxxxxx>
• [ANNOUNCE] libnetfilter_conntrack 1.1.0 release
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [RFC PATCH v3 14/19] selftests/landlock: Test socketpair(2) restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH AUTOSEL 6.11 049/244] netfilter: nf_tables: don't initialize registers in nft_do_chain()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH AUTOSEL 6.6 038/139] netfilter: nf_tables: don't initialize registers in nft_do_chain()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.10 040/197] netfilter: nf_tables: don't initialize registers in nft_do_chain()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• Re: [PATCH AUTOSEL 6.11 049/244] netfilter: nf_tables: don't initialize registers in nft_do_chain()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH AUTOSEL 6.11 049/244] netfilter: nf_tables: don't initialize registers in nft_do_chain()
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH AUTOSEL 6.11 048/244] netfilter: nf_tables: do not remove elements if set backend implements .abort
  • From: Sasha Levin <sashal@xxxxxxxxxx>
• [PATCH libnftnl] src: remove scaffolding around deprecated parser functions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libnetfilter_conntrack] src: remove unused parameter from build functions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v4] net/bridge: Optimizing read-write locks in ebtables.c
  • From: yushengjin <yushengjin@xxxxxxxxxxxxx>
• Re: [PATCH v3] net/bridge: Optimizing read-write locks in ebtables.c
  • From: yushengjin <yushengjin@xxxxxxxxxxxxx>
• [PATCH net 13/14] kselftest: add test for nfqueue induced conntrack race
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 14/14] selftests: netfilter: Avoid hanging ipvs.sh
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 12/14] netfilter: nfnetlink_queue: remove old clash resolution logic
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 11/14] netfilter: nf_tables: missing objects with no memcg accounting
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 10/14] netfilter: nf_tables: use rcu chain hook list iterator from netlink dump path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 08/14] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 09/14] netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 07/14] netfilter: nf_tables: Keep deleted flowtable hooks until after RCU
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 05/14] netfilter: ctnetlink: Guard possible unused functions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 06/14] docs: tproxy: ignore non-transparent sockets in iptables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 04/14] selftests: netfilter: nft_tproxy.sh: add tcp tests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 03/14] selftests: netfilter: add reverse-clash resolution test case
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 02/14] netfilter: conntrack: add clash resolution for reverse collisions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 01/14] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net 00/14] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 7/7] netfilter: nft_flow_offload: do not remove flowtable entry for fin packets
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 6/7] netfilter: nft_flow_offload: never grow the timeout when moving packets back to slowpath
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 5/7] netfilter: conntrack: rework offload nf_conn timeout extension logic
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 4/7] netfilter: flowtable: prefer plain nf_ct_refresh for setting initial timeout
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 3/7] netfilter: conntrack: remove skb argument from nf_ct_refresh
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 2/7] netfilter: nft_flow_offload: update tcp state flags under lock
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 1/7] netfilter: nft_flow_offload: clear tcp MAXACK flag before moving to slowpath
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next 0/7] netfilter: rework conntrack/flowtable interaction
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: ct hardware offload ignores RST packet
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v3] net/bridge: Optimizing read-write locks in ebtables.c
  • From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH v3] net/bridge: Optimizing read-write locks in ebtables.c
  • From: Eric Dumazet <edumazet@xxxxxxxxxx>
• Re: [PATCH v3] net/bridge: Optimizing read-write locks in ebtables.c
  • From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
• [PATCH v3] net/bridge: Optimizing read-write locks in ebtables.c
  • From: yushengjin <yushengjin@xxxxxxxxxxxxx>
• Re: [PATCH v2] net/bridge: Optimizing read-write locks in ebtables.c
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v2] net/bridge: Optimizing read-write locks in ebtables.c
  • From: yushengjin <yushengjin@xxxxxxxxxxxxx>
• Re: [PATCH v2] net/bridge: Optimizing read-write locks in ebtables.c
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH v2] net/bridge: Optimizing read-write locks in ebtables.c
  • From: yushengjin <yushengjin@xxxxxxxxxxxxx>
• Re: ct hardware offload ignores RST packet
  • From: Chris Mi <cmi@xxxxxxxxxx>
• Re: ct hardware offload ignores RST packet
  • From: Chris Mi <cmi@xxxxxxxxxx>
• Re: ct hardware offload ignores RST packet
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: ct hardware offload ignores RST packet
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: ct hardware offload ignores RST packet
  • From: Chris Mi <cmi@xxxxxxxxxx>
• Re: [RFC PATCH v1 0/4] Implement performance impact measurement tool
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v3 14/19] selftests/landlock: Test socketpair(2) restriction
  • From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH] net/bridge: Optimizing read-write locks in ebtables.c
  • From: Eric Dumazet <edumazet@xxxxxxxxxx>
• Re: [PATCH] net/bridge: Optimizing read-write locks in ebtables.c
  • From: yushengjin <yushengjin@xxxxxxxxxxxxx>
• Re: ct hardware offload ignores RST packet
  • From: Florian Westphal <fw@xxxxxxxxx>
• ct hardware offload ignores RST packet
  • From: Chris Mi <cmi@xxxxxxxxxx>
• Re: [PATCH] net/bridge: Optimizing read-write locks in ebtables.c
  • From: Eric Dumazet <edumazet@xxxxxxxxxx>
• [PATCH] net/bridge: Optimizing read-write locks in ebtables.c
  • From: yushengjin <yushengjin@xxxxxxxxxxxxx>
• [PATCH libnftnl] expr: dynset: validate expressions are of nested type
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v2 0/2] netfilter: nf_tables: Fix percpu address space issues in nf_tables_api.c
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nf-next PATCH v4 13/16] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH v2 0/2] netfilter: nf_tables: Fix percpu address space issues in nf_tables_api.c
  • From: Uros Bizjak <ubizjak@xxxxxxxxx>
• Re: [nf-next PATCH v4 13/16] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
  • From: Florian Westphal <fw@xxxxxxxxx>
• [nf-next:testing 4/5] net/netfilter/nf_nat_masquerade.c:273:6: warning: variable 'ret' is uninitialized when used here
  • From: kernel test robot <lkp@xxxxxxxxx>
• [nf-next:testing 4/5] net/netfilter/nf_nat_masquerade.c:252:30: warning: variable 'newrange' set but not used
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [nf-next PATCH v4 15/16] netfilter: nf_tables: Add notications for hook changes
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [syzbot] [netfilter] BUG: soft lockup in batadv_iv_send_outstanding_bat_ogm_packet
  • From: syzbot <syzbot+572f6e36bc6ee6f16762@xxxxxxxxxxxxxxxxxxxxxxxxx>
• [nf-next PATCH v4 15/16] netfilter: nf_tables: Add notications for hook changes
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 11/16] netfilter: nf_tables: chain: Respect NETDEV_REGISTER events
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 01/16] netfilter: nf_tables: Flowtable hook's pf value never varies
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 13/16] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 16/16] selftests: netfilter: Torture nftables netdev hooks
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 12/16] netfilter: nf_tables: flowtable: Respect NETDEV_REGISTER events
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 02/16] netfilter: nf_tables: Store user-defined hook ifname
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 08/16] netfilter: nf_tables: Introduce nft_register_flowtable_ops()
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 05/16] netfilter: nf_tables: Tolerate chains with no remaining hooks
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 04/16] netfilter: nf_tables: Compare netdev hooks based on stored name
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 14/16] netfilter: nf_tables: Support wildcard netdev hook specs
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 10/16] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 07/16] netfilter: nf_tables: Introduce nft_hook_find_ops()
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 03/16] netfilter: nf_tables: Use stored ifname in netdev hook dumps
  • From: Phil Sutter <phil@xxxxxx>
• [nf-next PATCH v4 06/16] netfilter: nf_tables: Introduce functions freeing nft_hook objects
  • From: Phil Sutter <phil@xxxxxx>