Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH v4 bpf-next 10/14] selftests/bpf: Add verifier tests for rdonly PTR_TO_BTF_ID
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 05/14] bpf: Support passing rdonly PTR_TO_BTF_ID to kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 11/14] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 14/14] selftests/bpf: Add negative tests for bpf_nf
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 07/14] bpf: Define acquire-release pairs for kfuncs
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 08/14] selftests/bpf: Add verifier tests for forced kfunc ref args
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 12/14] net: netfilter: add kfunc helpers to alloc and insert a new ct entry
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 09/14] selftests/bpf: Add C tests for rdonly PTR_TO_BTF_ID
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 13/14] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 03/14] bpf: Support rdonly PTR_TO_BTF_ID for pointer to const return value
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 01/14] bpf: Add support for forcing kfunc args to be referenced
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 02/14] bpf: Print multiple type flags in verifier log
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v4 bpf-next 00/14] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH net 2/2] netfilter: nft_limit: Clone packet limits' cost value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/2] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf PATCH] netfilter: nft_limit: Clone packet limits' cost value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] nft: allow deletion of rule by full statement form
- From: Chander Govindarajan <mail@xxxxxxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v2] build: Fix error during out of tree build
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH nf-next v2 2/3] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: wenxu@xxxxxxxxxxxxxxx
[PATCH nf-next v2 1/3] nf_flow_table_offload: offload the vlan encap in the flowtable
- From: wenxu@xxxxxxxxxxxxxxx
[PATCH nf-next v2 3/3] selftests: netfilter: flowtable vlan filtering bridge support
- From: wenxu@xxxxxxxxxxxxxxx
Re: [PATCH nf-next v2] selftests: netfilter: flowtable vlan filtering bridge support
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
Re: [PATCH bpf-next v8 09/10] selftests/bpf: Extend kfunc selftests
- From: Benjamin Poirier <benjamin.poirier@xxxxxxxxx>
Re: [PATCH bpf-next v8 09/10] selftests/bpf: Extend kfunc selftests
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
[PATCH nf-next 2/2] netfilter: flowtable: fix nft_flow_route use saddr for nat case
- From: wenxu@xxxxxxxxxxxxxxx
[PATCH nf-next 1/2] netfilter: flowtable: fix nft_flow_route miss FLOWI_FLAG_ANYSRC flag
- From: wenxu@xxxxxxxxxxxxxxx
Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
Re: [PATCH bpf-next v8 09/10] selftests/bpf: Extend kfunc selftests
- From: Benjamin Poirier <benjamin.poirier@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v2] build: Fix error during out of tree build
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: wenxu@xxxxxxxxxxxxxxx
[iptables PATCH v2] build: Fix error during out of tree build
- From: Ben Brown <ben@xxxxxxxxxxx>
Re: [iptables PATCH] build: Fix error during out of tree build
- From: Ben Brown <ben@xxxxxxxxxxx>
Re: [nf-next PATCH v4 0/4] nf_tables: Export rule optimizer results to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [iptables PATCH] build: Fix error during out of tree build
- From: Phil Sutter <phil@xxxxxx>
[PATCH] nft: simplify chain lookup in do_list_chain
- From: Chander Govindarajan <mail@xxxxxxxxxxxxxxxxx>
Re: [PATCH v5 00/15] Network support for Landlock - UDP discussion
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH nf-next v2] selftests: netfilter: flowtable vlan filtering bridge support
- From: wenxu@xxxxxxxxxxxxxxx
[PATCH] netfilter: conntrack: use fallthrough to cleanup
- From: Jackie Liu <liu.yun@xxxxxxxxx>
[nf PATCH] netfilter: nft_limit: Clone packet limits' cost value
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 07/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH] nft: update json output ordering to place rules after chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v4 14/32] evaluate: relax type-checking for integer arguments in mark statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v4 13/32] evaluate: support shifts larger than the width of the left operand
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v4 10/32] netlink_delinearize: correct type and byte-order of shifts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v4 09/32] netlink_delinearize: add postprocessing for payload binops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v4 11/32] netlink_delinearize: correct length of right bitwise operand
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v4 08/32] netlink: send bit-length of bitwise binops to kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] nft: update json output ordering to place rules after chains
- From: Chander Govindarajan <mail@xxxxxxxxxxxxxxxxx>
Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [iptables PATCH] Revert "fix build for missing ETH_ALEN definition"
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH v5 00/15] Network support for Landlock - UDP discussion
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 01/11] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
[PATCH nft] netlink_delinearize: memleak when parsing concatenation data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 11/11] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 09/11] netfilter: conntrack: re-fetch conntrack after insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 07/11] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 10/11] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 08/11] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 05/11] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 02/11] netfilter: nf_conncount: reduce unnecessary GC
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 04/11] netfilter: ctnetlink: fix up for "netfilter: conntrack: remove unconfirmed list"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 03/11] netfilter: conntrack: remove pr_debug callsites from tcp tracker
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 01/11] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 00/11] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v3 0/3] Conntrack offload debuggability improvements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: re-fetch conntrack after insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] build: Fix error during out of tree build
- From: Ben Brown <ben@xxxxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Yonghong Song <yhs@xxxxxx>
Re: [iptables PATCH] Revert "fix build for missing ETH_ALEN definition"
- From: Phil Sutter <phil@xxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 07/15] landlock: add support network rules
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 08/15] landlock: TCP network hooks implementation
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH v5 07/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH net 1/7] netfilter: flowtable: fix excessive hw offload attempts after failure
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
[PATCH libnftnl 1/2] expr: fib: missing #include <assert.h>
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: use get_random_u32 instead of prandom
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnftnl 2/2] set_elem: missing export symbol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 6/7] netfilter: flowtable: move dst_check to packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 5/7] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/7] netfilter: flowtable: fix excessive hw offload attempts after failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 3/7] net: fix dev_fill_forward_path with pppoe + bridge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 7/7] netfilter: nf_tables: disable expression reduction infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 4/7] netfilter: nft_flow_offload: fix offload with pppoe + vlan
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/7] netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/7] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: use get_random_u32 instead of prandom
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Lorenzo Bianconi <lorenzo.bianconi@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 3/5] net: netfilter: add kfunc helper to update ct timeout
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo.bianconi@xxxxxxxxxx>
Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Yonghong Song <yhs@xxxxxx>
Re: [PATCH v3 bpf-next 2/5] selftests/bpf: Add verifier selftests for forced kfunc ref args
- From: Yonghong Song <yhs@xxxxxx>
Re: [PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Yonghong Song <yhs@xxxxxx>
[PATCH nf] netfilter: use get_random_u32 instead of prandom
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/3] src: remove NFT_NLATTR_LOC_MAX limit for netlink location error reporting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] mnl: store netlink error location for set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3] parser_bison: fix error location for set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Yonghong Song <yhs@xxxxxx>
Re: [PATCH nf,v2] netfilter: nf_tables: disable bh to update per-cpu rnd_state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf,v2] netfilter: nf_tables: disable bh to update per-cpu rnd_state
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: disable bh to update per-cpu rnd_state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nft_numgen: disable preempt to access per-cpu data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] Revert "fix build for missing ETH_ALEN definition"
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: nft_numgen: disable preempt to access per-cpu data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3] netfilter: nf_flowtable: move dst_check to packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] treewide: use uint* instead of u_int*
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] netfilter: nf_tables: disable expression reduction infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] netfilter: nf_tables: disable expression reduction infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] nft: support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf,v2] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Phil Sutter <phil@xxxxxx>
[PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 2/5] selftests/bpf: Add verifier selftests for forced kfunc ref args
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 0/5] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 3/5] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 03/15] landlock: merge and inherit function refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 01/15] landlock: access mask renaming
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
[PATCH nf-next] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit
- From: Florian Westphal <fw@xxxxxxxxx>
[syzbot] KASAN: slab-out-of-bounds Read in cttimeout_net_exit
- From: syzbot <syzbot+92968395eedbdbd3617d@xxxxxxxxxxxxxxxxxxxxxxxxx>
[PATCH nf-next] netfilter: conntrack: re-fetch conntrack after insertion
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [syzbot] KASAN: use-after-free Read in nf_confirm
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: Florian Westphal <fw@xxxxxxxxx>
[syzbot] WARNING in nfnetlink_unbind
- From: syzbot <syzbot+afd2d80e495f96049571@xxxxxxxxxxxxxxxxxxxxxxxxx>
[syzbot] KASAN: use-after-free Read in nf_confirm
- From: syzbot <syzbot+793a590957d9c1b96620@xxxxxxxxxxxxxxxxxxxxxxxxx>
[syzbot] UBSAN: array-index-out-of-bounds in nfnetlink_unbind
- From: syzbot <syzbot+4903218f7fba0a2d6226@xxxxxxxxxxxxxxxxxxxxxxxxx>
[PATCH v4 3/4] netfilter: nf_tables: Introduce expression flags
- From: Phil Sutter <phil@xxxxxx>
[PATCH v4 2/4] netfilter: nf_tables: Introduce struct nft_expr_dp
- From: Phil Sutter <phil@xxxxxx>
[PATCH v4 1/4] netfilter: nf_tables: Store net size in nft_expr_ops::size
- From: Phil Sutter <phil@xxxxxx>
[PATCH v4 4/4] netfilter: nf_tables: Annotate reduced expressions
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v4 0/4] nf_tables: Export rule optimizer results to user space
- From: Phil Sutter <phil@xxxxxx>
[PATCH net-next v3 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
[PATCH net-next v3 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
[PATCH net-next v3 1/3] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
[PATCH net-next v3 0/3] Conntrack offload debuggability improvements
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 2/2] selftests/bpf: add selftest for bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH v2] netfilter: nf_flowtable: move dst_check to packet path
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
Re: [PATCH net-next v2 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
Re: [PATCH net-next v2 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
[PATCH v3] netfilter: nf_flowtable: move dst_check to packet path
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
[PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: flowtable: fix TCP flow teardown
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH nf] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 08/15] landlock: TCP network hooks implementation
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 07/15] landlock: add support network rules
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v5 03/15] landlock: merge and inherit function refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH] treewide: use uint* instead of u_int*
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v5 01/15] landlock: access mask renaming
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH] treewide: use uint* instead of u_int*
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
[PATCH net-next v2 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
[PATCH net-next v2 1/3] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
[PATCH net-next v2 0/3] Conntrack offload debuggability improvements
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH] xtables: fix compilation with musl
- From: vincent@xxxxxxxxxxxx
[PATCH] treewide: use uint* instead of u_int*
- From: vincent@xxxxxxxxxxxx
Re: [PATCH conntrack-tools] conntrack: remove -o userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH conntrack-tools] conntrack: remove -o userspace
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 15/15] samples/landlock: adds network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 13/15] seltests/landlock: ruleset expanding test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 08/15] landlock: TCP network hooks implementation
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 02/15] landlock: landlock_find/insert_rule refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 14/15] seltests/landlock: invalid user input data test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 10/15] seltests/landlock: add tests for connect() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 03/15] landlock: merge and inherit function refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 04/15] landlock: helper functions refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 07/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 06/15] landlock: user space API network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 01/15] landlock: access mask renaming
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH v5 00/15] Network support for Landlock
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH v2] netfilter: nf_flowtable: move dst_check to packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: remove pr_debug callsites from tcp tracker
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2 2/2] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nf 1/4] netfilter: flowtable: fix excessive hw offload attempts after failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] treewide: use uint* instead of u_int*
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [RFC PATCH v4 10/15] seltest/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [RFC PATCH v4 10/15] seltest/landlock: add tests for bind() hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH net-next 01/17] netfilter: ecache: use dedicated list for event redelivery
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH nf] netfilter: nft_numgen: disable preempt to access per-cpu data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Nick <vincent@xxxxxxxxxxxx>
[PATCH] treewide: use uint* instead of u_int*
- From: vincent@xxxxxxxxxxxx
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] expr: extend support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net-next v2] net: ipvs: randomize starting destination of RR/WRR scheduler
- From: Menglong Dong <menglong8.dong@xxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH libnftnl] src: add dynamic register allocation infrastructure
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH libnftnl] src: add dynamic register allocation infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH iptables 2/2] xshared: fix compilation with musl
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH libnftnl] src: add dynamic register allocation infrastructure
- From: Phil Sutter <phil@xxxxxx>
[PATCH iptables 1/2] xtables: fix compilation with musl
- From: Nick Hainke <vincent@xxxxxxxxxxxx>
[PATCH iptables 2/2] xshared: fix compilation with musl
- From: Nick Hainke <vincent@xxxxxxxxxxxx>
Re: [PATCH v2 bpf-next 2/2] selftests/bpf: add selftest for bpf_ct_refresh_timeout kfunc
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH v2 bpf-next 2/2] selftests/bpf: add selftest for bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH v2 bpf-next 2/2] selftests/bpf: add selftest for bpf_ct_refresh_timeout kfunc
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
[PATCH net-next 12/17] netfilter: nfnetlink: allow to detect if ctnetlink listeners exist
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 17/17] netfilter: conntrack: skip verification of zero UDP checksum
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 14/17] netfilter: conntrack: add nf_conntrack_events autodetect mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 16/17] netfilter: flowtable: nft_flow_route use more data for reverse route
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 15/17] netfilter: prefer extension check to pointer check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 13/17] netfilter: conntrack: un-inline nf_ct_ecache_ext_add
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 09/17] netfilter: conntrack: remove unconfirmed list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 11/17] netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 10/17] netfilter: conntrack: avoid unconditional local_bh_disable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 07/17] netfilter: cttimeout: decouple unlink and free on netns destruction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 08/17] netfilter: conntrack: remove __nf_ct_unconfirmed_destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 01/17] netfilter: ecache: use dedicated list for event redelivery
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 06/17] netfilter: extensions: introduce extension genid count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 05/17] netfilter: remove nf_ct_unconfirmed_destroy helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 03/17] netfilter: conntrack: remove the percpu dying list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 02/17] netfilter: conntrack: include ecache dying list in dumps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 04/17] netfilter: cttimeout: decouple unlink and free on netns destruction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 00/17] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: do not disable bh during destruction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] netlink_delinearize: release last register on exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] xshared: Fix build for -Werror=format-security
- From: Phil Sutter <phil@xxxxxx>
[ANNOUNCE] iptables 1.8.8 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] net: ipvs: random start for RR scheduler
- From: Julian Anastasov <ja@xxxxxx>
[PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
[nf-next PATCH v3 3/4] netfilter: nf_tables: Introduce expression flags
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v3 4/4] netfilter: nf_tables: Annotate reduced expressions
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v3 2/4] netfilter: nf_tables: Introduce struct nft_expr_dp
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v3 0/4] nf_tables: Export rule optimizer results to user space
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v3 1/4] netfilter: nf_tables: Store net size in nft_expr_ops::size
- From: Phil Sutter <phil@xxxxxx>
[PATCH v2 bpf-next 2/2] selftests/bpf: add selftest for bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v2 bpf-next 1/2] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH v2 bpf-next 0/2] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH nf-next] netfilter: conntrack: remove pr_debug callsites from tcp tracker
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nf-next PATCH v2 1/2] netfilter: nf_tables: Introduce expression flags
- From: Phil Sutter <phil@xxxxxx>
Re: [syzbot] INFO: task hung in usb_get_descriptor
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Re: [nf-next PATCH v2 1/2] netfilter: nf_tables: Introduce expression flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nf-next PATCH v2 0/2] nf_tables: Export rule optimizer results to user space
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v2 2/2] netfilter: nf_tables: Annotate reduced expressions
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v2 1/2] netfilter: nf_tables: Introduce expression flags
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH net-next v2] net: ipvs: randomize starting destination of RR/WRR scheduler
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH net-next v2] net: ipvs: randomize starting destination of RR/WRR scheduler
- From: Menglong Dong <menglong8.dong@xxxxxxxxx>
Re: [nf_flowtable] 2cd764935d: kernel-selftests.netfilter.nft_flowtable.sh.ipsec_tunnel_mode_for_ns1/ns2.fail
- From: Oliver Sang <oliver.sang@xxxxxxxxx>
Re: [nf-next PATCH 2/2] netfilter: nf_tables: Annotate reduced expressions
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [nf-next PATCH 2/2] netfilter: nf_tables: Annotate reduced expressions
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [nf-next PATCH 2/2] netfilter: nf_tables: Annotate reduced expressions
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: add kfunc helper to update ct timeout
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
[nf-next PATCH 1/2] netfilter: nf_tables: Introduce expression flags
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH 2/2] netfilter: nf_tables: Annotate reduced expressions
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH 0/2] nf_tables: Export rule optimizer results to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH bpf-next] net: netfilter: add kfunc helper to update ct timeout
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Call netfilter okfn on stolen packets
- From: Federico De Marchi <fede00001@xxxxxxxxxxxxxxxxxxxx>
[PATCH v2] netfilter: nf_flowtable: move dst_check to packet path
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
Re: [PATCH net-next 01/17] netfilter: ecache: use dedicated list for event redelivery
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 01/17] netfilter: ecache: use dedicated list for event redelivery
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net-next 01/17] netfilter: ecache: use dedicated list for event redelivery
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net-next v2] net: ipvs: randomize starting destination of RR/WRR scheduler
- From: Julian Anastasov <ja@xxxxxx>
[PATCH nf-next] netfilter: conntrack: do not disable bh during destruction
- From: Florian Westphal <fw@xxxxxxxxx>
[RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
Re: [PATCH net-next] net: ipvs: random start for RR scheduler
- From: Julian Anastasov <ja@xxxxxx>
[nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: wenxu@xxxxxxxxxxxxxxx
[PATCH net-next 12/17] netfilter: nfnetlink: allow to detect if ctnetlink listeners exist
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 17/17] netfilter: conntrack: skip verification of zero UDP checksum
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 10/17] netfilter: conntrack: avoid unconditional local_bh_disable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 06/17] netfilter: extensions: introduce extension genid count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 16/17] netfilter: flowtable: nft_flow_route use more data for reverse route
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 15/17] netfilter: prefer extension check to pointer check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 13/17] netfilter: conntrack: un-inline nf_ct_ecache_ext_add
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 08/17] netfilter: conntrack: remove __nf_ct_unconfirmed_destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 14/17] netfilter: conntrack: add nf_conntrack_events autodetect mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 09/17] netfilter: conntrack: remove unconfirmed list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 11/17] netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 02/17] netfilter: conntrack: include ecache dying list in dumps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 03/17] netfilter: conntrack: remove the percpu dying list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 04/17] netfilter: cttimeout: decouple unlink and free on netns destruction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 00/17] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 07/17] netfilter: cttimeout: decouple unlink and free on netns destruction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 05/17] netfilter: remove nf_ct_unconfirmed_destroy helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 01/17] netfilter: ecache: use dedicated list for event redelivery
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf_flowtable] 2cd764935d: kernel-selftests.netfilter.nft_flowtable.sh.ipsec_tunnel_mode_for_ns1/ns2.fail
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nf_flowtable] 2cd764935d: kernel-selftests.netfilter.nft_flowtable.sh.ipsec_tunnel_mode_for_ns1/ns2.fail
- From: kernel test robot <oliver.sang@xxxxxxxxx>
[PATCH net-next v2] net: ipvs: randomize starting destination of RR/WRR scheduler
- From: menglong8.dong@xxxxxxxxx
Re: [PATCH net-next] net: ipvs: random start for RR scheduler
- From: Menglong Dong <menglong8.dong@xxxxxxxxx>
Re: [PATCH net-next] net: ipvs: random start for RR scheduler
- From: Menglong Dong <menglong8.dong@xxxxxxxxx>
Re: [PATCH net-next] net: ipvs: random start for RR scheduler
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH] nf_flowtable: teardown fix race condition
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH] nf_flowtable: teardown fix race condition
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] nf_flowtable: teardown fix race condition
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH net] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH] nf_flowtable: teardown fix race condition
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
Re: [PATCH net] netfilter: nf_flow_table: fix teardown flow timeout
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
[PATCH net-next] net: ipvs: random start for RR scheduler
- From: menglong8.dong@xxxxxxxxx
Re: [PATCH 2/4] netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices
- From: Felix Fietkau <nbd@xxxxxxxx>
Re: [PATCH net] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
[PATCH v2 nf 2/4] netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices
- From: Felix Fietkau <nbd@xxxxxxxx>
[PATCH v2 nf 4/4] netfilter: nft_flow_offload: fix offload with pppoe + vlan
- From: Felix Fietkau <nbd@xxxxxxxx>
[PATCH v2 nf 3/4] net: fix dev_fill_forward_path with pppoe + bridge
- From: Felix Fietkau <nbd@xxxxxxxx>
[PATCH v2 nf 1/4] netfilter: flowtable: fix excessive hw offload attempts after failure
- From: Felix Fietkau <nbd@xxxxxxxx>
Re: [PATCH net] netfilter: nf_flow_table: fix teardown flow timeout
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
[PATCH] nf_flowtable: teardown fix race condition
- From: Sven Auhagen <Sven.Auhagen@xxxxxxxxxxxx>
Re: [PATCH net] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
[PATCH net] netfilter: nf_flow_table: fix teardown flow timeout
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
Re: [PATCH] nf_flowtable: ensure dst.dev is not blackhole
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/4] netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/4] netfilter: conntrack: avoid eache extension allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v3] netfilter: conntrack: skip verification of zero UDP checksum
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] nf_flowtable: nft_flow_route use more data for reverse route
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] intervals: deletion should adjust range not yet in the kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH xtables-addons 1/2] doc: fix some typos in man-pages
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH xtables-addons 2/2] doc: fix typo in help
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH xtables-addons 1/2] doc: fix some typos in man-pages
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[iptables PATCH v2 4/4] nft: Fix EPERM handling for extensions without rev 0
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/5] xshared: Move arp_opcodes into shared space
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 5/5] libxtables: Revert change to struct xtables_pprot
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/5] libxtables: Drop xtables_globals 'optstring' field
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/5] xshared: Extend xtables_printhelp() for arptables
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/5] Restore libxtables ABI compatibility
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/5] extensions: MARK: Drop extra newline at end of help
- From: Phil Sutter <phil@xxxxxx>
Re: [nf-next PATCH v2 1/5] netfilter: bitwise: keep track of bit-length of expressions
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [iptables PATCH 4/4] nft: Fix EPERM handling for extensions without rev 0
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] libnetfilter_cttimeout 1.0.1 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] libnetfilter_cttimeout 1.0.1 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [iptables PATCH 4/4] nft: Fix EPERM handling for extensions without rev 0
- From: Phil Sutter <phil@xxxxxx>
[ANNOUNCE] libnetfilter_cttimeout 1.0.1 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
[ANNOUNCE] libnetfilter_cthelper 1.0.1 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
Re: [iptables PATCH 4/4] nft: Fix EPERM handling for extensions without rev 0
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Intermittent performance regression related to ipset between 5.10 and 5.15
- From: "U'ren, Aaron" <Aaron.U'ren@xxxxxxxx>
Re: [PATCH] netfilter: nf_conncount: reduce unnecessary GC
- From: William Tu <u9012063@xxxxxxxxx>
[PATCHv2] netfilter: nf_conncount: reduce unnecessary GC
- From: William Tu <u9012063@xxxxxxxxx>
Re: Intermittent performance regression related to ipset between 5.10 and 5.15
- From: Thorsten Leemhuis <regressions@xxxxxxxxxxxxx>
Re: [PATCH libnftnl,v3] src: add dynamic register allocation infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH 0/4] Some misc fixes
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/4] nft: Fix EPERM handling for extensions without rev 0
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/4] extensions: LOG: Document --log-macdecode in man page
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/4] man: *NAT: Review --random* option descriptions
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/4] extensions: DNAT: Merge core printing functions
- From: Phil Sutter <phil@xxxxxx>
Re: [Bridge] [PATCH v2 0/1] UDP traceroute packets with no checksum
- From: Linus Lüssing <linus.luessing@xxxxxxxxx>
Re: [PATCH] netfilter: nf_conncount: reduce unnecessary GC
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH bpf-next] net: netfilter: add kfunc helper to update ct timeout
- From: kernel test robot <lkp@xxxxxxxxx>
[RFC PATCH] net: netfilter: bpf_ct_refresh_timeout() can be static
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH] netfilter: nf_conncount: reduce unnecessary GC
- From: William Tu <u9012063@xxxxxxxxx>
[PATCH] netfilter: nf_conncount: reduce unnecessary GC
- From: William Tu <u9012063@xxxxxxxxx>
[PATCH bpf-next] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[PATCH nft 2/3] optimize: do not clone unsupported statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3] optimize: incorrect logic in verdict comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] optimize: merge nat rules with same selectors into map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl,v3] src: add dynamic register allocation infrastructure
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 0/3] nftables: add support for wildcard interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH conntrack] conntrack: consolidate socket open call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl,v3] src: add dynamic register allocation infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl,v2] src: add dynamic register allocation infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables,v2] nft: support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] src: add dynamic register allocation infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] nf_flowtable: ensure dst.dev is not blackhole
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
[PATCH nf-next v3] netfilter: conntrack: skip verification of zero UDP checksum
- From: Kevin Mitchell <kevmitch@xxxxxxxxxx>
[PATCH nft 3/3] sets_with_ifnames: add test case for concatenated range
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/3] netlink: swap byteorder for host-endian concat data
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/3] segtree: add pretty-print support for wildcard strings in concatenated sets
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 0/3] nftables: add support for wildcard interfaces
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] selftests: netfilter: flowtable vlan filtering bridge support
- From: wenxu@xxxxxxxxxxxxxxx
Re: [PATCH net 1/3] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: Minor issue in iptables(8) man page
- From: Steve Brecher <steve@xxxxxxxxxxxx>
Re: Minor issue in iptables(8) man page
- From: Florian Westphal <fw@xxxxxxxxx>
Minor issue in iptables(8) man page
- From: Steve Brecher <steve@xxxxxxxxxxxx>
[PATCH net 3/3] netfilter: nft_socket: only do sk lookups when indev is available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/3] netfilter: conntrack: fix udp offload timeout sysctl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/3] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/3] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nf] netfilter: nft_socket: only do sk lookups when indev is available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 7/7] nft: support for dynamic register allocation
- From: Phil Sutter <phil@xxxxxx>
[PATCH v2 nf] netfilter: nft_socket: only do sk lookups when indev is available
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nft_socket: only do sk lookup when indev is available
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH nf-next] nf_flow_table_offload: offload the vlan encap in the flowtable
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
Re: [PATCH iptables 7/7] nft: support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_socket: only do sk lookup when indev is available
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] nf_flow_table_offload: offload the vlan encap in the flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] nf_flow_table_offload: offload the vlan encap in the flowtable
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_socket: allow socket expression from prerouting and input only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] nf_flowtable: ensure dst.dev is not blackhole
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH nf-next v2 1/1] netfilter: conntrack: skip verification of zero UDP checksum
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] nf_flow_table_offload: offload the vlan encap in the flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: conn: fix udp offload timeout sysctl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net] netfilter: conn: fix udp offload timeout sysctl
- From: Volodymyr Mytnyk <volodymyr.mytnyk@xxxxxxxxxxx>
[PATCH] nf_flowtable: nft_flow_route use more data for reverse route
- From: Sven Auhagen <Sven.Auhagen@xxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v35 08/29] LSM: Use lsmblob in security_secctx_to_secid
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
LPC 2022 Networking and BPF Track CFP
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Re: [PATCH iptables 7/7] nft: support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH iptables 7/7] nft: support for dynamic register allocation
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 1/1] configure: add an option to compile the examples
- From: Dario Binacchi <dariobin@xxxxxxxxx>
Re: [PATCH 1/1] configure: add an option to compile the examples
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] nf_flowtable: ensure dst.dev is not blackhole
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
Re: [PATCH] nf_flowtable: ensure dst.dev is not blackhole
- From: りたろう <ritarot634@xxxxxxxxx>
Re: [PATCH nft] src: fix always-true assertions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] nf_flowtable: ensure dst.dev is not blackhole
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: fix always-true assertions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] src: fix always-true assertions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [RFC PATCH v4 07/15] landlock: user space API network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [RFC PATCH v4 10/15] seltest/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [RFC PATCH v4 03/15] landlock: landlock_find/insert_rule refactoring (TCP port 0)
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [RFC PATCH v4 09/15] landlock: TCP network hooks implementation
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [RFC PATCH v4 06/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
[PATCH 1/1] configure: add an option to compile the examples
- From: Dario Binacchi <dariobin@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
Re: [RFC PATCH v4 07/15] landlock: user space API network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
[PATCH nf-next 4/4] netfilter: prefer extension check to pointer check
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/4] netfilter: conntrack: un-inline nf_ct_ecache_ext_add
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 3/4] netfilter: conntrack: add nf_conntrack_events autodetect mode
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/4] netfilter: nfnetlink: allow to detect if ctnetlink listeners exist
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/4] netfilter: conntrack: avoid eache extension allocation
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net 1/4] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH nf] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: Florian Westphal <fw@xxxxxxxxx>
Re: linux 5.17.1 disregarding ACK values resulting in stalled TCP connections
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net 2/4] netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/4] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 3/4] netfilter: flowtable: Remove the empty file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 4/4] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2 1/2] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] nf_flowtable: ensure dst.dev is not blackhole
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
[PATCH iptables 7/7] nft: support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 5/7] nft: prepare for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 4/7] nft: pass handle to helper functions to build netlink payload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 6/7] nft: split gen_payload() to allocate register and initialize expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 3/7] nft: native mark matching support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 1/7] nft-shared: update context register for bitwise expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 0/7] support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 2/7] nft: pass struct nft_xt_ctx to parse_meta()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v1] net: Use csum_replace_... and csum_sub() helpers instead of opencoding
- From: kernel test robot <lkp@xxxxxxxxx>
Re: linux 5.17.1 disregarding ACK values resulting in stalled TCP connections
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH nf] netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH] socket gid and socket uid
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
[PATCH] netfilter: nft_socket: socket expressions for GID & UID
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
[PATCH v1] netfilter: Remove the empty file
- From: clement wei <clementwei90@xxxxxxx>
Re: [PATCH nf v2 2/2] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: David Ahern <dsahern@xxxxxxxxxx>
Re: [PATCH nf v2 1/2] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: David Ahern <dsahern@xxxxxxxxxx>
[PATCH nf v2 0/2] netfilter: Fix/update mangled packet re-routing within VRF domains
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
[PATCH nf v2 2/2] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
[PATCH nf v2 1/2] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
Re: [PATCH nf-next v4 00/10] netfilter: conntrack: remove percpu lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf,v2] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf,v2] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH v35 16/29] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v35 15/29] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v35 18/29] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v35 09/29] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v35 08/29] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH nft] intervals: set on EXPR_F_KERNEL flag for new elements in set cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/2] allow base integer type in concatenation
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/2] src: allow use of base integer types as set keys in concatenations
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/2] tests: add concat test case with integer base type subkey
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v34 16/29] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v34 18/29] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v34 15/29] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v34 09/29] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v34 08/29] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH nf,v2] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: Julian Anastasov <ja@xxxxxx>
[PATCH nft,v2 2/3] intervals: fix deletion of multiple ranges with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 3/3] intervals: build list of elements to be added from cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 1/3] intervals: add elements with EXPR_F_KERNEL to purge list only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH nft 2/2] intervals: fix deletion of multiple ranges with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] intervals: Simplify element sanity checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] intervals: add elements with EXPR_F_KERNEL to purge list only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] intervals: Simplify element sanity checks
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: David Ahern <dsahern@xxxxxxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] intervals: remove check for EXPR_F_REMOVE in remove_element()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] intervals: unset EXPR_F_KERNEL for adjusted elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
[PATCH nft,v6 3/8] src: remove rbtree datastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 7/8] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 8/8] src: restore interval sets work with string datatypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 5/8] intervals: add support to automerge with kernel elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 6/8] evaluate: allow for zero length ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 2/8] src: replace interval segment tree overlap and automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 0/8] revisit overlap/automerge codebase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 4/8] mnl: update mnl_nft_setelem_del() to allow for more reuse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v6 1/8] src: add EXPR_F_KERNEL to identify expression in the kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nftables 0/9] nftables: add support for wildcard string as set keys
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nftables 5/9] src: make interval sets work with string datatypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nftables 0/9] nftables: add support for wildcard string as set keys
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nftables 0/9] nftables: add support for wildcard string as set keys
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nftables 0/9] nftables: add support for wildcard string as set keys
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v5 7/7] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH] datatype: accept abbrevs and ignore case on parsing symbolic constants
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nftables 0/9] nftables: add support for wildcard string as set keys
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nftables 0/9] nftables: add support for wildcard string as set keys
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 1/1] xt_ECHO, xt_TARPIT: make properly conditional on IPv6
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH net 1/2] netfilter: nft_socket: make cgroup match work in input too
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [RFC PATCH v4 07/15] landlock: user space API network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH nft,v4 7/7] intervals: support to partial deletion with automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v4 2/7] src: replace interval segment tree overlap and automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v4 5/7] intervals: add support to automerge with kernel elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v4 6/7] evaluate: allow for zero length ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v4 4/7] mnl: update mnl_nft_setelem_del() to allow for more reuse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v4 3/7] src: remove rbtree datastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v4 0/7] revisit overlap/automerge codebase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v4 1/7] src: add EXPR_F_KERNEL to identify expression in the kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: David Ahern <dsahern@xxxxxxxxxx>
Re: [RFC PATCH v4 07/15] landlock: user space API network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: [RFC PATCH v4 07/15] landlock: user space API network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [RFC PATCH v4 07/15] landlock: user space API network support
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [RFC PATCH v4 06/15] landlock: landlock_add_rule syscall refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH nf,v2] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: Pengcheng Yang <yangpc@xxxxxxxxxx>
Re: [RFC PATCH v4 03/15] landlock: landlock_find/insert_rule refactoring (TCP port 0)
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
[PATCH net 1/2] netfilter: nft_socket: make cgroup match work in input too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/2] netfilter: nf_tables: nft_parse_register can return a negative value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: nft_parse_register can return a negative value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: Update ip6_route_me_harder to consider L3 domain
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
[PATCH nf] ipvs: correctly print the memory size of ip_vs_conn_tab
- From: Pengcheng Yang <yangpc@xxxxxxxxxx>
Re: [RFC PATCH v4 08/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: nft_parse_register can return a negative value
- From: Antoine Tenart <atenart@xxxxxxxxxx>
Re: [RFC PATCH v4 09/15] landlock: TCP network hooks implementation
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [RFC PATCH v4 08/15] landlock: add support network rules
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [RFC PATCH v4 08/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Re: Intermittent performance regression related to ipset between 5.10 and 5.15
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
[PATCH nf-next v4 10/10] netfilter: conntrack: avoid unconditional local_bh_disable
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 09/10] netfilter: conntrack: remove unconfirmed list
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 08/10] netfilter: conntrack: remove __nf_ct_unconfirmed_destroy
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 07/10] netfilter: cttimeout: decouple unlink and free on netns destruction
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 05/10] netfilter: remove nf_ct_unconfirmed_destroy helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 06/10] netfilter: extensions: introduce extension genid count
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 04/10] netfilter: cttimeout: decouple unlink and free on netns destruction
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 03/10] netfilter: conntrack: remove the percpu dying list
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 02/10] netfilter: conntrack: include ecache dying list in dumps
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 01/10] netfilter: ecache: use dedicated list for event redelivery
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 00/10] netfilter: conntrack: remove percpu lists
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net-next 01/11] netfilter: nf_tables: replace unnecessary use of list_for_each_entry_continue()
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: Intermittent performance regression related to ipset between 5.10 and 5.15
- From: Thorsten Leemhuis <regressions@xxxxxxxxxxxxx>
[PATCH net-next 09/11] netfilter: bitwise: improve error goto labels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]