Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- RE: [PATCH][next] treewide: uapi: Replace zero-length arrays with flexible-array members
- From: Dan Williams <dan.j.williams@xxxxxxxxx>
- Re: [PATCH][next] treewide: uapi: Replace zero-length arrays with flexible-array members
- From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
- Re: [PATCH][next] treewide: uapi: Replace zero-length arrays with flexible-array members
- From: "Gustavo A. R. Silva" <gustavoars@xxxxxxxxxx>
- Re: [PATCH][next] treewide: uapi: Replace zero-length arrays with flexible-array members
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH][next] treewide: uapi: Replace zero-length arrays with flexible-array members
- From: "Gustavo A. R. Silva" <gustavoars@xxxxxxxxxx>
- Re: [PATCH] src: proto: support DF, LE, VA for DSCP
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: xt_esp: add support for ESP match in NAT Traversal
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] flow_table: do not try to add already offloaded entries
- From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Switch to node list walk for overlap detection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] flow_table: do not try to add already offloaded entries
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
- [PATCH nf-next] flow_table: do not try to add already offloaded entries
- From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
- [PATCH nft] segtree: fix map listing with interface wildcard
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] intervals: fix crash when trying to remove element in empty set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/3] parser_bison: fix error location for set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/3] parser: fix scope closing with > 1 nested scope
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH] evaluate: fix segfault when adding elements to invalid set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] conntrack: fixes for handling unknown protocols
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] evaluate: fix segfault when adding elements to invalid set
- From: Peter Tirsek <peter@xxxxxxxxxx>
- [PATCH] ebtables: extend the 'static' build target fix.
- From: Justin Swartz <justin.swartz@xxxxxxxxxxxxxxxx>
- [PATCH v2 1/3] conntrack: set reply l4 proto for unknown protocol
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH v2 0/3] conntrack: fixes for handling unknown protocols
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH v2 2/3] conntrack: fix protocol number parsing
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH v2 3/3] conntrack: fix -o save dump for unknown protocols
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: [PATCH] netfilter: xt_esp: add support for ESP match in NAT Traversal
- From: Wei Han <lailitty@xxxxxxxxxxx>
- [PATCH nft 3/3] scanner: don't pop active flex scanner scope
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/3] tests/py: Add a test for failing ipsec after counter
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/3] parser: fix scope closing with > 1 nested scope
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/3] parser: add missing synproxy scope closure
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: xt_esp: add support for ESP match in NAT Traversal
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/6] conntrack: set reply l4 proto for unknown protocol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 5/6] tests/conntrack: ct -o save for unknown protocols
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/6] tests/conntrack: invalid protocol values
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4/6] conntrack: fix protocol number parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 6/6] conntrack: fix -o save dump for unknown protocols
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH bpf-next v5 5/8] net: netfilter: Add kfuncs to set and change CT status
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 0/8] New nf_conntrack kfuncs for insertion, changing timeout, status
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 4/8] net: netfilter: Add kfuncs to set and change CT timeout
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 8/8] selftests/bpf: Add negative tests for new nf_conntrack kfuncs
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 7/8] selftests/bpf: Add tests for new nf_conntrack kfuncs
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 3/8] net: netfilter: Add kfuncs to allocate and insert CT
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 6/8] selftests/bpf: Add verifier tests for forced kfunc ref args
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 2/8] net: netfilter: Deduplicate code in bpf_{xdp,skb}_ct_lookup
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH bpf-next v5 1/8] bpf: Add support for forcing kfunc args to be referenced
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH nft 1/2] intervals: fix crash when trying to remove element in empty set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] intervals: check for EXPR_F_REMOVE in case of element mismatch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] netlink_delinearize: memleak when parsing concatenation data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/6] tests/conntrack: ct -o save for unknown protocols
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 3/6] tests/conntrack: invalid protocol values
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 4/6] conntrack: fix protocol number parsing
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 2/6] conntrack: set reply l4 proto for unknown protocol
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 6/6] conntrack: fix -o save dump for unknown protocols
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 0/6] conntrack: fixes for handling unknown protocols
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 1/6] tests/conntrack: ct create for unknown protocols
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: [PATCH nft 2/2,v2] intervals: Do not sort cached set elements over and over again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 00/18] fixes and improvements for -o/--optimize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v2] Revert "scanner: remove saddr/daddr from initial state"
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 2/2,v2] intervals: Do not sort cached set elements over and over again
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] intervals: Do not sort cached set elements over and over again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] tests: shell: large set overlap and automerge
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] tests: shell: large set overlap and automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] intervals: Do not sort cached set elements over and over again
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] tests: shell: large set overlap and automerge
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,v2 1/2] rule: collapse set element commands
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH v2] Revert "scanner: remove saddr/daddr from initial state"
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] doc: Document limitations of ipsec expression with xfrm_interface
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 2/2] Revert "scanner: remove saddr/daddr from initial state"
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 2/2] Revert "scanner: remove saddr/daddr from initial state"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/2] Revert "scanner: remove saddr/daddr from initial state"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH 0/2] Fix for failing 'counter ipsec ...' rule
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/2] Revert "scanner: remove saddr/daddr from initial state"
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/2] tests/py: Add a test for failing ipsec after counter
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next 3/6] netfilter: nf_tables: use the correct get/put helpers
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/6] netfilter: nf_tables: add and use BE register load-store helpers
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 5/6] netfilter: nf_tables: use correct integer types
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 6/6] netfilter: nf_tables: move nft_cmp_fast_mask to where its used
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/6] netfilter: x_tables: use correct integer types
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/6] netfilter: sparse fixups
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/6] netfilter: nfnetlink: add missing __be16 cast
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: xt_esp: add support for ESP match in NAT Traversal
- From: Wei Han <lailitty@xxxxxxxxxxx>
- Re: [PATCH] xtables-monitor: add missing spaces in printed str
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] nft: allow deletion of rule by full statement form
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft: allow deletion of rule by full statement form
- From: Chander Govindarajan <mail@xxxxxxxxxxxxxxxxx>
- [PATCH] netfilter: Fix spelling mistake
- From: Zhang Jiaming <jiaming@xxxxxxxxxxxx>
- [PATCH] xtables-monitor: add missing spaces in printed str
- From: Anton Luka Šijanec <anton@xxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: avoid skb access on nf_stolen
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/3] conntrack: introduce new -A command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/3] conntrack: introduce new -A command
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: [PATCH nf] netfilter: br_netfilter: do not skip all hooks with 0 priority
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_dynset: restore set element counter when failing to update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v2 2/3] netfilter: nf_conntrack: use rcu accessors where needed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 0/3] netfilter: conntrack sparse annotations
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 1/3] netfilter: nf_conntrack: add missing __rcu annotations
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 3/3] netfilter: h323: merge nat hook pointers into one
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/3] conntrack: introduce new -A command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/3] conntrack: introduce new -A command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/5] netfilter: use get_random_u32 instead of prandom
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH 3/3] tests/conntrack: -A command support
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 0/3] conntrack: -A command implementation
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 2/3] conntrack.8: man update for -A command support
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 1/3] conntrack: introduce new -A command
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: h323: merge nat hook pointers into one
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH nf] netfilter: br_netfilter: do not skip all hooks with 0 priority
- From: Florian Westphal <fw@xxxxxxxxx>
- large number of sparse warnings in nf_flow_table_offload
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nf_conntrack: add missing __rcu annotations
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: h323: merge nat hook pointers into one
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/3] netfilter: conntrack sparse annotations
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nf_conntrack: use rcu accessors where needed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH net 5/5] netfilter: nf_dup_netdev: add and use recursion counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/5] netfilter: cttimeout: fix slab-out-of-bounds read typo in cttimeout_net_exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/5] selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/5] netfilter: nf_dup_netdev: do not push mac header a second time
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/5] netfilter: use get_random_u32 instead of prandom
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 0/2] netfilter: fix two nf_dup bugs with egress hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v6 17/17] samples/landlock: adds network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 16/17] seltests/landlock: adds invalid input data test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 15/17] seltests/landlock: adds ruleset expanding test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 11/17] seltests/landlock: adds tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 12/17] seltests/landlock: adds tests for connect() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 14/17] seltests/landlock: adds rules overlapping test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 08/17] landlock: adds support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 13/17] seltests/landlock: adds AF_UNSPEC family test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 10/17] seltests/landlock: moves helper function
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 04/17] landlock: moves helper functions
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 07/17] landlock: user space API network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 03/17] landlock: refactors merge and inherit functions
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 06/17] landlock: refactors landlock_add_rule syscall
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 01/17] landlock: renames access mask
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 09/17] landlock: implements TCP network hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 05/17] landlock: refactors helper functions
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 02/17] landlock: refactors landlock_find/insert_rule
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v6 00/17] Network support for Landlock
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH] src: proto: support DF, LE, VA for DSCP
- From: Oleksandr Natalenko <oleksandr@xxxxxxxxxxxxxx>
- Re: [PATCH 12/12] netfilter: conntrack: use correct format characters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 1/1] conntrack: use same modifier socket for bulk ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 2/2] netfilter: nf_dup_netdev: add and use recursion counter
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_dup_netdev: do not push mac header a second time
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 0/2] netfilter: fix two nf_dup bugs with egress hook
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Support for String Match Blocking in NFTables
- From: Gmail Support <testingforadept@xxxxxxxxx>
- [PATCH nft,v2 1/2] rule: collapse set element commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 18/18] libnftables: release top level scope
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 07/18] optimize: add osf expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 10/18] optimize: add binop expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 15/18] optimize: only merge OP_IMPLICIT and OP_EQ relational
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 12/18] optimize: add hash expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 17/18] optimize: limit statement is not supported yet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 14/18] tests: shell: run -c -o on ruleset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 13/18] optimize: add unsupported statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 16/18] optimize: assume verdict is same when rules have no verdict
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 11/18] optimize: add numgen expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 05/18] optimize: fix reject statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 00/18] fixes and improvements for -o/--optimize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 03/18] optimize: do not print stateful information
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 08/18] optimize: add xfrm expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 09/18] optimize: add fib expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 04/18] optimize: remove comment after merging
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 02/18] optimize: do not merge rules with set reference in rhs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 06/18] optimize: fix verdict map merging
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 01/18] optimize: do not compare relational expression rhs when collecting statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Intermittent performance regression related to ipset between 5.10 and 5.15
- From: Thorsten Leemhuis <regressions@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue v4] src: eliminate packet copy when constructing struct pktbuff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Support for String Match Blocking in NFTables
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH v4 bpf-next 00/14] net: netfilter: add kfunc helper to update ct timeout
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: [PATCH] netfilter: add nf_log.h
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH] netfilter: add nf_log.h
- From: Markus Mayer <mmayer@xxxxxxxxxxxx>
- Re: [PATCH] selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [nft PATCH] intervals: Do not sort cached set elements over and over again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] intervals: Do not sort cached set elements over and over again
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: shell: large set overlap and automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] intervals: do not empty cache for maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2,v2] intervals: Do not sort cached set elements over and over again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] intervals: Do not sort cached set elements over and over again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] intervals: Do not sort cached set elements over and over again
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: cttimeout: fix slab-out-of-bounds read typo in cttimeout_net_exit
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] KASAN: slab-out-of-bounds Read in cttimeout_net_exit
- From: syzbot <syzbot+92968395eedbdbd3617d@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2] build: fix clang+glibc snprintf substitution error
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2] build: fix clang+glibc snprintf substitution error
- From: Nicholas Vinson <nvinson234@xxxxxxxxx>
- Re: [PATCH] build: fix clang+glibc snprintf substitution error
- From: Nicholas Vinson <nvinson234@xxxxxxxxx>
- [PATCH net-next v4 0/2] Conntrack offload debuggability improvements
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v4 1/2] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v4 2/2] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [iptables PATCH v2] nft: Exit if nftnl_alloc_expr fails
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] nft: Exit if nftnl_alloc_expr fails
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] build: fix clang+glibc snprintf substitution error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] nft: Exit if nftnl_alloc_expr fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] build: fix clang+glibc snprintf substitution error
- From: Nicholas Vinson <nvinson234@xxxxxxxxx>
- [iptables PATCH] nft: Exit if nftnl_alloc_expr fails
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH v4 bpf-next 00/14] net: netfilter: add kfunc helper to update ct timeout
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH nf] nft_set_rbtree: Switch to node list walk for overlap detection
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH v4 bpf-next 00/14] net: netfilter: add kfunc helper to update ct timeout
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: [PATCH 08/12] cdrom: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- Re: [PATCH 07/12] driver/char: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH conntrack-tools 1/2] conntrack: pass command object to nfct_mnl_request()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrack-tools 2/2] conntrack: update CT_GET to use libmnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4 bpf-next 00/14] net: netfilter: add kfunc helper to update ct timeout
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH nft 2/2] intervals: do not report exact overlaps for new elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] rule: collapse set element commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: shell: runtime set element automerge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] rule: collapse set element commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] intervals: do not report exact overlaps for new elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft: allow deletion of rule by full statement form
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 08/12] cdrom: use correct format characters
- From: Phillip Potter <phil@xxxxxxxxxxxxxxxx>
- Re: [PATCH v4 bpf-next 00/14] net: netfilter: add kfunc helper to update ct timeout
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [iptables PATCH 0/2] Review xtables.h vs. xshared.h
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/2] libxtables: Define XT_OPTION_OFFSET_SCALE in xtables.h
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/2] libxtables: Move struct xtables_afinfo into xtables.h
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Joe Perches <joe@xxxxxxxxxxx>
- [PATCH nft] Revert "scanner: flags: move to own scope"
- From: Florian Westphal <fw@xxxxxxxxx>
- RE: [PATCH 00/12] Clang -Wformat warning fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
- RE: [PATCH 00/12] Clang -Wformat warning fixes
- From: David Laight <David.Laight@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conntrack_tcp: re-init for syn packets only
- From: Jaco Kroon <jaco@xxxxxxxxx>
- RE: [PATCH 00/12] Clang -Wformat warning fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
- RE: [PATCH 00/12] Clang -Wformat warning fixes
- From: David Laight <David.Laight@xxxxxxxxxx>
- Re: [PATCH 04/12] blk-cgroup: use correct format characters
- From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 07/12] driver/char: use correct format characters
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
- Re: [PATCH 01/12] x86/mce: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Bill Wendling <morbo@xxxxxxxxxx>
- Re: [PATCH 01/12] x86/mce: use correct format characters
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
- [PATCH v36 19/33] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 16/33] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 15/33] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 09/33] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 08/33] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Bill Wendling <morbo@xxxxxxxxxx>
- Re: [PATCH 00/12] Clang -Wformat warning fixes
- From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
- [PATCH 12/12] netfilter: conntrack: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 11/12] ALSA: control: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 10/12] ALSA: seq: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 09/12] ALSA: seq: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 08/12] cdrom: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 07/12] driver/char: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 06/12] PNP: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 05/12] fs: quota: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 04/12] blk-cgroup: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 03/12] x86/e820: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 02/12] x86/CPU/AMD: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 01/12] x86/mce: use correct format characters
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH 00/12] Clang -Wformat warning fixes
- From: Bill Wendling <morbo@xxxxxxxxxx>
- [PATCH v2 1/1] conntrack: use same modifier socket for bulk ops
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH v2 0/1] Reusing modifier socket for bulk ct loads
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [iptables PATCH 1/2] iptables-legacy: Drop redundant include of xtables-multi.h
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/2] xshared: Make some functions static
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH 1/9] Makefile: Add --enable-profiling configure option
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 4/9] tests: shell: Extend zero counters test a bit further
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/9] tests: shell: Extend iptables-xml test a bit
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 7/9] extensions: string: Do not print default --to value
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/9] ebtables-restore: Deny --init-table
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 9/9] extensions: string: Fix and enable tests
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/9] tests: shell: Add some more rules to 0002-verbose-output_0
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 8/9] extensions: string: Review parse_string() function
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/9] extensions: libebt_standard.t: Test logical-{in,out} as well
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/9] Improve testsuites' code coverage
- From: Phil Sutter <phil@xxxxxx>
- Re: Add action to "finally" accept packets?
- From: Nick <vincent@xxxxxxxxxxxx>
- Add action to "finally" accept packets?
- From: Nick <vincent@xxxxxxxxxxxx>
- Re: Add action to "finally" accept packets?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: [PATCH nf] netfilter: use get_random_u32 instead of prandom
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 7/7] netfilter: nf_tables: bail out early if hardware offload is not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrack-tools] conntrackd: build: always add ports to sync message
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/7] netfilter: nat: really support inet nat without l3 address
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net 7/7] netfilter: nf_tables: bail out early if hardware offload is not supported
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH v2] netfilter: conntrack: Fix clang -Wformat warning in print_tuple()
- From: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
- [iptables PATCH v2] arptables: Support -x/--exact flag
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH] arptables: Support -x/--exact flag
- From: Phil Sutter <phil@xxxxxx>
- CFS for Netdev 0x16 open!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- [ANNOUNCE] nftables 1.0.4 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.2.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4.9.y] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH v4.9.y] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Ajay Kaher <akaher@xxxxxxxxxx>
- [PATCH v4.14.y] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Ajay Kaher <akaher@xxxxxxxxxx>
- [PATCH net 3/7] netfilter: nf_tables: delete flowtable hooks via transaction list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/7] netfilter: nf_tables: release new hooks on unsupported flowtable flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/7] netfilter: nat: really support inet nat without l3 address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 6/7] netfilter: nf_tables: memleak flow rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/7] netfilter: nf_tables: always initialize flowtable hook list in transaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/7] netfilter: nf_tables: use kfree_rcu(ptr, rcu) to release hooks in clean_net path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 7/7] netfilter: nf_tables: bail out early if hardware offload is not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/7] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v3] netfilter: nf_tables: bail out early if hardware offload is not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: netfilter: xtables: Bring SPDX identifier back
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: netfilter: xtables: Bring SPDX identifier back
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: netfilter: xtables: Bring SPDX identifier back
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: nf_tables: bail out early if hardware offload is not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: netfilter: xtables: Bring SPDX identifier back
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- netfilter: xtables: Bring SPDX identifier back
- From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: memleak flow rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5.4.y] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Greg KH <greg@xxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: release new hooks on unsupported flowtable flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v4.19.y] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Ajay Kaher <akaher@xxxxxxxxxx>
- [PATCH v5.4.y] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Ajay Kaher <akaher@xxxxxxxxxx>
- Re: Expired Cert
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Expired Cert
- From: Scott Wisniewski <scott@xxxxxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [iptables PATCH] libxtables: Unexport init_extensions*() declarations
- From: Nick <vincent@xxxxxxxxxxxx>
- Re: [iptables PATCH] libxtables: Unexport init_extensions*() declarations
- From: Nick <vincent@xxxxxxxxxxxx>
- Re: [PATCH nf 2/3] netfilter: nf_tables: memleak in nft_expr_init() path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] libxtables: Unexport init_extensions*() declarations
- From: Phil Sutter <phil@xxxxxx>
- [PATCH 1/1] conntrack: use same modifier socket for bulk ops
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- [PATCH 0/1] Reusing modifier socket for bulk ct loads
- From: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
- Re: Alternative SCTP l4 tracker?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: bail out early if hardware offload is not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] tests: shell: Check overhead in iptables-save and -restore
- From: Phil Sutter <phil@xxxxxx>
- Alternative SCTP l4 tracker?
- From: Sriram Yagnaraman <sriram.yagnaraman@xxxxxxxx>
- rebasing libnftnl git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: shell: remove leftover modules on cleanup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 3/3] netfilter: nf_tables: always initialize flowtable hook list in transaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 1/3,v3] netfilter: nf_tables: delete flowtable hooks via transaction list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 2/3] netfilter: nf_tables: memleak in nft_expr_init() path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] evaluate: reset ctx->set after set interval evaluation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Revert "Simplify static build extension loading"
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] Revert "Simplify static build extension loading"
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH nft] tests: shell: sets_with_ifnames release netns on exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Revert "Simplify static build extension loading"
- From: Nick <vincent@xxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: use kfree_rcu(ptr, rcu) to release hooks in clean_net path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nat: really support inet nat without l3 address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Revert "Simplify static build extension loading"
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] Revert "Simplify static build extension loading"
- From: Nick Hainke <vincent@xxxxxxxxxxxx>
- Re: [nf PATCH] netfilter: nft_nat: Fix inet l4-only NAT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf PATCH] netfilter: nft_nat: Fix inet l4-only NAT
- From: Phil Sutter <phil@xxxxxx>
- [nf PATCH] netfilter: nft_nat: Fix inet l4-only NAT
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nat: really support inet nat without l3 address
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] optimize: segfault when releasing unsupported statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/5] netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net 3/5] netfilter: nf_tables: double hook unregistration in netns path
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [PATCH net 3/5] netfilter: nf_tables: double hook unregistration in netns path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/5] netfilter: flowtable: fix nft_flow_route source address for nat case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/5] netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/5] netfilter: flowtable: fix missing FLOWI_FLAG_ANYSRC flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/5] netfilter: nf_tables: hold mutex on netns pre_exit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: flowtable: fix nft_flow_route use saddr for nat case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/2] netfilter: flowtable: fix nft_flow_route miss FLOWI_FLAG_ANYSRC flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] treewide: use uint* instead of u_int*
- From: Nick <vincent@xxxxxxxxxxxx>
- [ANNOUNCE] nftables 1.0.3 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Intermittent performance regression related to ipset between 5.10 and 5.15
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
- [PATCH nft] intervals: fix compilation --with-mini-gmp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft: simplify chain lookup in do_list_chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/2,v2] netfilter: nf_tables: delete flowtable hooks via transaction list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2 2/2] netfilter: nf_tables: double hook unregistration in netns path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2 1/2] netfilter: nf_tables: hold mutex on netns pre_exit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_tables: double hook unregistration in netns path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 2/2] netfilter: nf_tables: delete flowtable hooks via transaction list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Intermittent performance regression related to ipset between 5.10 and 5.15
- From: Thorsten Leemhuis <regressions@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/4] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net 3/4] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/4] netfilter: conntrack: re-fetch conntrack after insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/4] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/4] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v4 bpf-next 04/14] bpf: Support storing rdonly PTR_TO_BTF_ID in BPF maps
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 10/14] selftests/bpf: Add verifier tests for rdonly PTR_TO_BTF_ID
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 05/14] bpf: Support passing rdonly PTR_TO_BTF_ID to kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 11/14] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 14/14] selftests/bpf: Add negative tests for bpf_nf
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 07/14] bpf: Define acquire-release pairs for kfuncs
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 08/14] selftests/bpf: Add verifier tests for forced kfunc ref args
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 12/14] net: netfilter: add kfunc helpers to alloc and insert a new ct entry
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 09/14] selftests/bpf: Add C tests for rdonly PTR_TO_BTF_ID
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 06/14] bpf: Whitelist some fields in nf_conn for BPF_WRITE
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 13/14] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 03/14] bpf: Support rdonly PTR_TO_BTF_ID for pointer to const return value
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 01/14] bpf: Add support for forcing kfunc args to be referenced
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 02/14] bpf: Print multiple type flags in verifier log
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v4 bpf-next 00/14] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH net 2/2] netfilter: nft_limit: Clone packet limits' cost value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf PATCH] netfilter: nft_limit: Clone packet limits' cost value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] nft: allow deletion of rule by full statement form
- From: Chander Govindarajan <mail@xxxxxxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: disallow non-stateful expression in sets earlier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2] build: Fix error during out of tree build
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH nf-next v2 2/3] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: wenxu@xxxxxxxxxxxxxxx
- [PATCH nf-next v2 1/3] nf_flow_table_offload: offload the vlan encap in the flowtable
- From: wenxu@xxxxxxxxxxxxxxx
- [PATCH nf-next v2 3/3] selftests: netfilter: flowtable vlan filtering bridge support
- From: wenxu@xxxxxxxxxxxxxxx
- Re: [PATCH nf-next v2] selftests: netfilter: flowtable vlan filtering bridge support
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
- Re: [PATCH bpf-next v8 09/10] selftests/bpf: Extend kfunc selftests
- From: Benjamin Poirier <benjamin.poirier@xxxxxxxxx>
- Re: [PATCH bpf-next v8 09/10] selftests/bpf: Extend kfunc selftests
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: flowtable: fix nft_flow_route use saddr for nat case
- From: wenxu@xxxxxxxxxxxxxxx
- [PATCH nf-next 1/2] netfilter: flowtable: fix nft_flow_route miss FLOWI_FLAG_ANYSRC flag
- From: wenxu@xxxxxxxxxxxxxxx
- Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
- Re: [PATCH bpf-next v8 09/10] selftests/bpf: Extend kfunc selftests
- From: Benjamin Poirier <benjamin.poirier@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2] build: Fix error during out of tree build
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next] netfilter: flowtable: fix nft_flow_route use saddr for reverse route
- From: wenxu@xxxxxxxxxxxxxxx
- [iptables PATCH v2] build: Fix error during out of tree build
- From: Ben Brown <ben@xxxxxxxxxxx>
- Re: [iptables PATCH] build: Fix error during out of tree build
- From: Ben Brown <ben@xxxxxxxxxxx>
- Re: [nf-next PATCH v4 0/4] nf_tables: Export rule optimizer results to user space
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [iptables PATCH] build: Fix error during out of tree build
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] nft: simplify chain lookup in do_list_chain
- From: Chander Govindarajan <mail@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v5 00/15] Network support for Landlock - UDP discussion
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH nf-next v2] selftests: netfilter: flowtable vlan filtering bridge support
- From: wenxu@xxxxxxxxxxxxxxx
- [PATCH] netfilter: conntrack: use fallthrough to cleanup
- From: Jackie Liu <liu.yun@xxxxxxxxx>
- [nf PATCH] netfilter: nft_limit: Clone packet limits' cost value
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 07/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH] nft: update json output ordering to place rules after chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v4 14/32] evaluate: relax type-checking for integer arguments in mark statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v4 13/32] evaluate: support shifts larger than the width of the left operand
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v4 10/32] netlink_delinearize: correct type and byte-order of shifts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v4 09/32] netlink_delinearize: add postprocessing for payload binops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v4 11/32] netlink_delinearize: correct length of right bitwise operand
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v4 08/32] netlink: send bit-length of bitwise binops to kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] nft: update json output ordering to place rules after chains
- From: Chander Govindarajan <mail@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx>
- Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
- Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [iptables PATCH] Revert "fix build for missing ETH_ALEN definition"
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
- Re: [PATCH v5 00/15] Network support for Landlock - UDP discussion
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 01/11] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [PATCH nft] netlink_delinearize: memleak when parsing concatenation data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 11/11] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 09/11] netfilter: conntrack: re-fetch conntrack after insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 07/11] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 10/11] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 08/11] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 05/11] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 02/11] netfilter: nf_conncount: reduce unnecessary GC
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 04/11] netfilter: ctnetlink: fix up for "netfilter: conntrack: remove unconfirmed list"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 03/11] netfilter: conntrack: remove pr_debug callsites from tcp tracker
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 01/11] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 00/11] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v3 0/3] Conntrack offload debuggability improvements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: re-fetch conntrack after insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] build: Fix error during out of tree build
- From: Ben Brown <ben@xxxxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Yonghong Song <yhs@xxxxxx>
- Re: [iptables PATCH] Revert "fix build for missing ETH_ALEN definition"
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Felix Fietkau <nbd@xxxxxxxx>
- Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 07/15] landlock: add support network rules
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 08/15] landlock: TCP network hooks implementation
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
- Re: [PATCH v5 07/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH net 1/7] netfilter: flowtable: fix excessive hw offload attempts after failure
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [PATCH libnftnl 1/2] expr: fib: missing #include <assert.h>
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: use get_random_u32 instead of prandom
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl 2/2] set_elem: missing export symbol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 6/7] netfilter: flowtable: move dst_check to packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/7] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/7] netfilter: flowtable: fix excessive hw offload attempts after failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/7] net: fix dev_fill_forward_path with pppoe + bridge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 7/7] netfilter: nf_tables: disable expression reduction infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/7] netfilter: nft_flow_offload: fix offload with pppoe + vlan
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/7] netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/7] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: use get_random_u32 instead of prandom
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Lorenzo Bianconi <lorenzo.bianconi@xxxxxxxxxx>
- Re: [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
- Re: [PATCH v3 bpf-next 3/5] net: netfilter: add kfunc helper to update ct timeout
- From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
- Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo.bianconi@xxxxxxxxxx>
- Re: [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Yonghong Song <yhs@xxxxxx>
- Re: [PATCH v3 bpf-next 2/5] selftests/bpf: Add verifier selftests for forced kfunc ref args
- From: Yonghong Song <yhs@xxxxxx>
- Re: [PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Yonghong Song <yhs@xxxxxx>
- [PATCH nf] netfilter: use get_random_u32 instead of prandom
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/3] src: remove NFT_NLATTR_LOC_MAX limit for netlink location error reporting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/3] mnl: store netlink error location for set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/3] parser_bison: fix error location for set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Yonghong Song <yhs@xxxxxx>
- Re: [PATCH nf,v2] netfilter: nf_tables: disable bh to update per-cpu rnd_state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: nf_tables: disable bh to update per-cpu rnd_state
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf,v2] netfilter: nf_tables: disable bh to update per-cpu rnd_state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_numgen: disable preempt to access per-cpu data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] Revert "fix build for missing ETH_ALEN definition"
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] netfilter: nft_numgen: disable preempt to access per-cpu data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3] netfilter: nf_flowtable: move dst_check to packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] treewide: use uint* instead of u_int*
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: nf_tables: disable expression reduction infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: nf_tables: disable expression reduction infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] nft: support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf,v2] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v3 bpf-next 5/5] selftests/bpf: add selftest for bpf_xdp_ct_add and bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v3 bpf-next 2/5] selftests/bpf: Add verifier selftests for forced kfunc ref args
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v3 bpf-next 0/5] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v3 bpf-next 3/5] net: netfilter: add kfunc helper to update ct timeout
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v3 bpf-next 1/5] bpf: Add support for forcing kfunc args to be referenced
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v3 bpf-next 4/5] net: netfilter: add kfunc helper to add a new ct entry
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH] netfilter: nf_tables: restrict expression reduction to first expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 03/15] landlock: merge and inherit function refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 01/15] landlock: access mask renaming
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit
- From: Florian Westphal <fw@xxxxxxxxx>
- [syzbot] KASAN: slab-out-of-bounds Read in cttimeout_net_exit
- From: syzbot <syzbot+92968395eedbdbd3617d@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: re-fetch conntrack after insertion
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] KASAN: use-after-free Read in nf_confirm
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: nfnetlink: fix warn in nfnetlink_unbind
- From: Florian Westphal <fw@xxxxxxxxx>
- [syzbot] WARNING in nfnetlink_unbind
- From: syzbot <syzbot+afd2d80e495f96049571@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [syzbot] KASAN: use-after-free Read in nf_confirm
- From: syzbot <syzbot+793a590957d9c1b96620@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [syzbot] UBSAN: array-index-out-of-bounds in nfnetlink_unbind
- From: syzbot <syzbot+4903218f7fba0a2d6226@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH v4 3/4] netfilter: nf_tables: Introduce expression flags
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v4 2/4] netfilter: nf_tables: Introduce struct nft_expr_dp
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v4 1/4] netfilter: nf_tables: Store net size in nft_expr_ops::size
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v4 4/4] netfilter: nf_tables: Annotate reduced expressions
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v4 0/4] nf_tables: Export rule optimizer results to user space
- From: Phil Sutter <phil@xxxxxx>
- [PATCH net-next v3 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v3 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v3 1/3] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v3 0/3] Conntrack offload debuggability improvements
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- Re: [PATCH v2 bpf-next 2/2] selftests/bpf: add selftest for bpf_ct_refresh_timeout kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_flowtable: move dst_check to packet path
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- Re: [PATCH net-next v2 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- Re: [PATCH net-next v2 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
- [PATCH v3] netfilter: nf_flowtable: move dst_check to packet path
- From: Ritaro Takenaka <ritarot634@xxxxxxxxx>
- [PATCH nf,v2] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: flowtable: fix TCP flow teardown
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
- Re: [PATCH v5 15/15] samples/landlock: adds network demo
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- [PATCH nf] netfilter: flowtable: fix TCP flow teardown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 08/15] landlock: TCP network hooks implementation
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 07/15] landlock: add support network rules
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v5 03/15] landlock: merge and inherit function refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH] treewide: use uint* instead of u_int*
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v5 01/15] landlock: access mask renaming
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH] treewide: use uint* instead of u_int*
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: wenxu <wenxu@xxxxxxxxxxxxxxx>
- Re: [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- [PATCH net-next v2 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v2 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v2 1/3] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- [PATCH net-next v2 0/3] Conntrack offload debuggability improvements
- From: Vlad Buslov <vladbu@xxxxxxxxxx>
- Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Move clauses for expired nodes, last active node as leaf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH v5 04/15] landlock: helper functions refactoring
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- [PATCH] xtables: fix compilation with musl
- From: vincent@xxxxxxxxxxxx
- [PATCH] treewide: use uint* instead of u_int*
- From: vincent@xxxxxxxxxxxx
- Re: [PATCH conntrack-tools] conntrack: remove -o userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrack-tools] conntrack: remove -o userspace
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v5 05/15] landlock: landlock_add_rule syscall refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 12/15] seltests/landlock: rules overlapping test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 15/15] samples/landlock: adds network demo
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 11/15] seltests/landlock: connect() with AF_UNSPEC tests
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 13/15] seltests/landlock: ruleset expanding test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 08/15] landlock: TCP network hooks implementation
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 02/15] landlock: landlock_find/insert_rule refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 14/15] seltests/landlock: invalid user input data test
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 10/15] seltests/landlock: add tests for connect() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 09/15] seltests/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 03/15] landlock: merge and inherit function refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 04/15] landlock: helper functions refactoring
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 07/15] landlock: add support network rules
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 06/15] landlock: user space API network support
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 01/15] landlock: access mask renaming
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- [PATCH v5 00/15] Network support for Landlock
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_flowtable: move dst_check to packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH] nf_flow_table_offload: offload the PPPoE encap in the flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: remove pr_debug callsites from tcp tracker
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 2/2] netfilter: Use l3mdev flow key when re-routing mangled packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 nf 1/4] netfilter: flowtable: fix excessive hw offload attempts after failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net v2] netfilter: nf_flow_table: fix teardown flow timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] treewide: use uint* instead of u_int*
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [RFC PATCH v4 10/15] seltest/landlock: add tests for bind() hooks
- From: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
- Re: [RFC PATCH v4 10/15] seltest/landlock: add tests for bind() hooks
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [PATCH net-next 01/17] netfilter: ecache: use dedicated list for event redelivery
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH nf] netfilter: nft_numgen: disable preempt to access per-cpu data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Nick <vincent@xxxxxxxxxxxx>
- [PATCH] treewide: use uint* instead of u_int*
- From: vincent@xxxxxxxxxxxx
- Re: [RFC] netfilter: nf_tables: ignore errors on flowtable device hw offload setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] expr: extend support for dynamic register allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables: fix compilation with musl
- From: Florian Westphal <fw@xxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
