Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- Re: [PATCH nf-next,v2] netfilter: nf_tables: add last expression
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [syzbot] general protection fault in kcm_sendmsg
- From: Pavel Skripkin <paskripkin@xxxxxxxxx>
- Re: [syzbot] BUG: using smp_processor_id() in preemptible code in radix_tree_node_alloc
- From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
- Re: [syzbot] BUG: using smp_processor_id() in preemptible code in radix_tree_node_alloc
- From: syzbot <syzbot+3eec59e770685e3dc879@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next,v2] netfilter: nf_tables: add last expression
- From: kernel test robot <lkp@xxxxxxxxx>
- [syzbot] general protection fault in kcm_sendmsg
- From: syzbot <syzbot+65badd5e74ec62cb67dc@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH nft v2 3/3] doc: add LISTING section
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 2/3] src: add support for base hook dumping
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 1/3] scanner: add list cmd parser scope
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next v2 0/2] netfilter: new hook nfnl subsystem
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/3] Control nf flow table timeouts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2] netfilter: nf_tables: add last expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] rule: rework CMD_OBJ_SETELEMS logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/4] tests: add test case for removal of anon sets with only a single element
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 3/4] evaluate: remove anon sets with exactly one element
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/4] tests: remove redundant test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/4] tests: ct: prefer normal cmp
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/4] nftables: convert single-elem anon sets to compare operation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 2/2] netfilter: add new hook nfnl subsystem
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 1/2] netfilter: annotate nf_tables base hook ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 0/2] netfilter: new hook nfnl subsystem
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: add last expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] KMSAN: uninit-value in translate_table (2)
- From: syzbot <syzbot+761644ed2ba863e99b41@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: add last expression
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [netfilter] a0aa657b74: WARNING:at_kernel/locking/lockdep.c:#lockdep_init_map_type
- From: Florian Westphal <fw@xxxxxxxxx>
- [netfilter] a0aa657b74: WARNING:at_kernel/locking/lockdep.c:#lockdep_init_map_type
- From: kernel test robot <oliver.sang@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: initialize set before expression setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: add last expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables,v2 5/5] extensions: libxt_conntrack: simplify translation using negation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables,v2 4/5] extensions: libxt_tcp: rework translation to use flags match representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables,v2 3/5] extensions: libxt_connlimit: add translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables,v2 2/5] tests: xlate-test: support multiline expectation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables,v2 1/5] libxtables: extend xlate infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables,v2 0/5] iptables-translation enhancements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: nft_ct: skip expectations for confirmed conntrack
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [syzbot] memory leak in ip_vs_add_service
- From: Xin Long <lucien.xin@xxxxxxxxx>
- Re: [syzbot] memory leak in ip_vs_add_service
- From: Julian Anastasov <ja@xxxxxx>
- [PATCH nf-next 3/3] netfilter: flowtable: Set offload timeouts according to proto values
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: conntrack: Introduce udp offload timeout configuration
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: conntrack: Introduce tcp offload timeout configuration
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
- [PATCH nf-next 0/3] Control nf flow table timeouts
- From: Oz Shlomo <ozsh@xxxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: remove the repeated declaration
- From: Shaokun Zhang <zhangshaokun@xxxxxxxxxxxxx>
- [PATCH iptables] extensions: libxt_conntrack: simplify translation using negation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] extensions: libxt_tcp: rework translation to use flags match representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] statement: connlimit: remove extra whitespace in print function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 2/2] extensions: libxt_connlimit: add translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 1/2] libxtables: extend xlate infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [syzbot] memory leak in ip_vs_add_service
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nft] tests: py: update netdev reject test file
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] json: catchall element support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] general protection fault in nft_set_elem_expr_alloc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] general protection fault in nft_set_elem_expr_alloc
- From: syzbot <syzbot+ce96ca2b1d0b37c6422d@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [syzbot] general protection fault in lock_page_memcg
- From: syzbot <syzbot+15a9609cfd4687eb7269@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [iptables PATCH 0/9] Fix a bunch of static analyzer warnings
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/9] libxtables: Fix memleak in xtopt_parse_hostmask()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 7/9] extensions: libebt_ip6: Use xtables_ip6parse_any()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/9] nft: Avoid buffer size warnings copying iface names
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 9/9] extensions: libxt_string: Avoid buffer size warning for strncpy()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/9] extensions: libebt_ip6: Drop unused variables
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 4/9] nft: Avoid memleak in error path of nft_cmd_new()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/9] libxtables: Drop leftover variable in xtables_numeric_to_ip6addr()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 8/9] libxtables: Introduce xtables_strdup() and use it everywhere
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/9] iptables-apply: Drop unused variable
- From: Phil Sutter <phil@xxxxxx>
- [PATCH net 2/2] netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: nft_ct: skip expectations for confirmed conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] json: fix parse of flagcmp expression
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] json: fix base chain output
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] WARNING in idr_get_next
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: [syzbot] WARNING in idr_get_next
- From: syzbot <syzbot+f7204dcf3df4bb4ce42c@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [syzbot] WARNING in idr_get_next
- From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
- Re: [syzbot] WARNING in idr_get_next
- From: syzbot <syzbot+f7204dcf3df4bb4ce42c@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: remove the repeated declaration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nftables: add nf_ct_pernet() helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [syzbot] WARNING in idr_get_next
- From: syzbot <syzbot+f7204dcf3df4bb4ce42c@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH net-next 01/16] netfilter: nft_exthdr: Support SCTP chunks
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net-next 16/16] netfilter: fix clang-12 fmt string warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 14/16] netfilter: nf_tables: remove xt_action_param from nft_pktinfo
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 15/16] netfilter: nft_set_pipapo_avx2: fix up description warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 13/16] netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 12/16] netfilter: nf_tables: add and use nft_thoff helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 09/16] netfilter: x_tables: reduce xt_action_param by 8 byte
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 10/16] netfilter: reduce size of nf_hook_state on 32bit platforms
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 11/16] netfilter: nf_tables: add and use nft_sk helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 04/16] netfilter: nf_tables: prefer direct calls for set lookups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 06/16] netfilter: x_tables: improve limit_mt scalability
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 07/16] netfilter: xt_CT: Remove redundant assignment to ret
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 08/16] netfilter: use nfnetlink_unicast()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 05/16] netfilter: Remove leading spaces in Kconfig
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 03/16] netfilter: add and use nft_set_do_lookup helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 02/16] netfilter: nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 01/16] netfilter: nft_exthdr: Support SCTP chunks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 00/16] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: add new hook nfnl subsystem
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: annotate nf_tables base hook ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/2] netfilter: new hook nfnl subsystem
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [ebtables PATCH 2/2] configure.ac: add option --enable-kernel-64-userland-32
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH ipset,v2] add ipset to nftables translation infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH ipset 3/3] add ipset to nftables translation infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH ipset 2/3] lib: Detach restore routine from parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH ipset 1/3] lib: split parser from command execution
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ebtables PATCH 2/2] configure.ac: add option --enable-kernel-64-userland-32
- From: Thomas De Schampheleire <patrickdepinguin@xxxxxxxxx>
- Re: [PATCH RFC libnetfilter_queue 0/1] Eliminate packet copy when constructing struct pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nf_tables: remove nft_ctx_init_from_setattr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/3,v3] netfilter: nf_tables: remove nft_ctx_init_from_elemattr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3,v3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 3/3] netfilter: nf_tables: remove nft_ctx_init_from_setattr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 2/3] netfilter: nf_tables: remove nft_ctx_init_from_elemattr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 1/3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nf_tables: remove nft_ctx_init_from_setattr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nf_tables: remove nft_ctx_init_from_elemattr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nft_compat: fix bridge family target evaluation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: fix clang-12 fmt string warnings
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: nft_set_pipapo_avx2: fix up description warnings
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: nft_compat: fix bridge family target evaluation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: remove the repeated declaration
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: conntrack: remove the repeated declaration
- From: Shaokun Zhang <zhangshaokun@xxxxxxxxxxxxx>
- [nf-next:master 14/14] net/netfilter/nft_compat.c:113:10: warning: address of 'xt.hotdrop' will always evaluate to 'true'
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [nf-next:master 4/14] net/netfilter/nft_set_pipapo.c:412:6: error: static declaration of 'nft_pipapo_lookup' follows non-static declaration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next:master 4/14] net/netfilter/nft_set_pipapo.c:412:6: error: static declaration of 'nft_pipapo_lookup' follows non-static declaration
- From: Florian Westphal <fw@xxxxxxxxx>
- [nf-next:master 4/14] net/netfilter/nft_set_pipapo.c:412:6: error: static declaration of 'nft_pipapo_lookup' follows non-static declaration
- From: kernel test robot <lkp@xxxxxxxxx>
- rebasing nf-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ebtables PATCH 2/2] configure.ac: add option --enable-kernel-64-userland-32
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH conntrackd] cthelper: fix overlapping queue numbers in example file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd,v2 2/2] doc: manual: Document userspace helper configuration at daemon startup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd,v2 1/2] cthelper: Set up userspace helpers when daemon starts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/6] netfilter: reduce size of core data structures
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 6/6] netfilter: nf_tables: remove xt_action_param from nft_pktinfo
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 5/6] netfilter: nft_set_pktinfo_unspec: remove unused arg
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/6] netfilter: nf_tables: add and use nft_thoff helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/6] netfilter: nf_tables: add and use nft_sk helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/6] netfilter: reduce size of nf_hook_state on 32bit platforms
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/6] netfilter: x_tables: reduce xt_action_param by 8 byte
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/6] netfilter: reduce size of core data structures
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: add new sysctl to disable RST check
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] MAINTAINERS: netfilter: add irc channel
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH net 0/5] Netfilter/IPVS fixes for net
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [PATCH conntrackd] doc: manual: Document userspace helper configuration at daemon startup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd] cthelper: Set up userspace helpers when daemon starts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd] cthelper: Set up userspace helpers when daemon starts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue v2 1/1] Eliminate packet copy when constructing struct pkt_buff
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: nft_ct: skip expectations for confirmed conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ebtables PATCH 2/2] configure.ac: add option --enable-kernel-64-userland-32
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v3] netfilter: use nfnetlink_unicast()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/5] netfilter: nf_tables: fix table flag updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/5] ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/5] netfilter: nf_tables: extended netlink error reporting for chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/5] netfilter: nf_tables: missing error reporting for not selected expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/5] netfilter: conntrack: unregister ipv4 sockopts on error unwind
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/5] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next] netfilter: x_tables: improve limit_mt scalability
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: Remove redundant assignment to ret
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ulogd2 PATCH] ulogd: printpkt: print pkt mark like kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 5/6] tests: add test case for -O no-remove-dependencies
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 6/6] tests: add test case for removal of anon sets with only a single element
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 4/6] evaluate: optionally kill anon sets with one element
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 3/6] main: add -O help to dump list of supported optimzation flags
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/6] src: allow to turn off dependency removal
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/6] src: add proto ctx options
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/6] nftables: add --optimize support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next,v2] netfilter: use nfnetlink_unicast()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH-v2] netfilter: conntrack: add new sysctl to disable RST check
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: add new sysctl to disable RST check
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: add new sysctl to disable RST check
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: add new sysctl to disable RST check
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: add new sysctl to disable RST check
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- [PATCH] netfilter: conntrack: add new sysctl to disable RST check
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] Disable RST seq number check when tcp_be_liberal is greater 1
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- [ANNOUNCE] nftables 0.9.9 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/4] netfilter: nf_tables: include table and chain name when dumping hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/4] netfilter: annotate nf_tables base hook ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/4] netfilter: nf_tables: include function and module name in hook dumps
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/4] netfilter: nf_tables: allow to dump all registered base hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 0/4] netfilter: add hook dump feature
- From: Florian Westphal <fw@xxxxxxxxx>
- [ANNOUNCE] libnftnl 1.2.0 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ebtables PATCH 2/2] configure.ac: add option --enable-kernel-64-userland-32
- From: Thomas De Schampheleire <patrickdepinguin@xxxxxxxxx>
- Re: [PATCH net] ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [ulogd2 PATCH] ulogd: printpkt: print pkt mark like kernel
- From: Cole Dishington <Cole.Dishington@xxxxxxxxxxxxxxxxxxx>
- [PATCH nftables] expression: display an error on unknown datatype
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] evaluate: allow == and != in the new shortcut syntax to match for flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net] ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
- From: Julian Anastasov <ja@xxxxxx>
- Re: [ebtables PATCH 2/2] configure.ac: add option --enable-kernel-64-userland-32
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: fix table flag updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] memory leak in ip_vs_add_service
- From: syzbot <syzbot+e562383183e4b1766930@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [nftables PATCH] files: improve secmark.nft example
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nftables PATCH] files: improve secmark.nft example
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
- Re: [PATCH] Disable RST seq number check when tcp_be_liberal is greater 1
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH nf-next 4/4] netfilter: nf_tables: include table and chain name when dumping hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 4/4] netfilter: nf_tables: include table and chain name when dumping hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 4/4] netfilter: nf_tables: include table and chain name when dumping hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 4/4] netfilter: nf_tables: include table and chain name when dumping hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 4/4] netfilter: nf_tables: include table and chain name when dumping hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- linux-next: Fixes tag needs some work in the netfilter tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/4] netfilter: nf_tables: allow to dump all registered base hooks
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH nft 3/3] doc: add LISTING section
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH nft 3/3] doc: add LISTING section
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/3] src: add support for base hook dumping
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/3] scanner: add list cmd parser scope
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/3] hook dump support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/4] netfilter: nf_tables: include table and chain name when dumping hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/4] netfilter: annotate nf_tables base hook ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/4] netfilter: nf_tables: include function and module name in hook dumps
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/4] netfilter: nf_tables: allow to dump all registered base hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/4] netfilter: add hook dump feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: nftables: accept all dummy chain when table is dormant
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] Disable RST seq number check when tcp_be_liberal is greater 1
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST drop.
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: mmotm 2021-05-19-23-58 uploaded (net/netfilter/nft_set_pipapo_avx2.c)
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
- Re: linux-next: manual merge of the netfilter-next tree with the net tree
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: mmotm 2021-05-19-23-58 uploaded (net/netfilter/nft_set_pipapo_avx2.c)
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxx>
- Re: linux-next: manual merge of the netfilter-next tree with the net tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: nftables: accept all dummy chain when table is dormant
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: mmotm 2021-05-19-23-58 uploaded (net/netfilter/nft_set_pipapo_avx2.c)
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_ct: skip unconfirmed helper extension for unconfirmed conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: warning splat in nftables ct expect
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: warning splat in nftables ct expect
- From: Stéphane Veyret <sveyret@xxxxxxxxx>
- [nft PATCH] expr_postprocess: Avoid an unintended fall through
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: conntrack: improve RST handling when tuple is re-used
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST drop.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: extended netlink error reporting for chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] rule: skip exact matches on fuzzy lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] cmd: typo in chain fuzzy lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] libnftables: location-based error reporting for chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: nftables: accept all dummy chain when table is dormant
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: nftables: accept all dummy chain when table is dormant
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST drop.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: nftables: accept all dummy chain when table is dormant
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST drop.
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- [PATCH nf] netfilter: nf_tables: missing error reporting for not selected expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] doc: nft.8: Extend monitor description by trace
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf,v2] netfilter: nftables: accept all dummy chain when table is dormant
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] doc: document cgroupv2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nftables: accept all dummy chain when table is dormant
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nftables: accept all dummy chain when table is dormant
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nftables: accept all dummy chain when table is dormant
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: linux-next: manual merge of the netfilter-next tree with the net tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- linux-next: manual merge of the netfilter-next tree with the net tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nftables: accept all dummy chain when table is dormant
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nftables: accept all dummy chain when table is dormant
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: nftables: accept all dummy chain when table is dormant
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [ebtables PATCH 2/2] configure.ac: add option --enable-kernel-64-userland-32
- From: Thomas De Schampheleire <patrickdepinguin@xxxxxxxxx>
- [ebtables PATCH 1/2] ebtables.h: restore KERNEL_64_USERSPACE_32 checks
- From: Thomas De Schampheleire <patrickdepinguin@xxxxxxxxx>
- Re: [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state
- From: Andy Lutomirski <luto@xxxxxxxxxx>
- Re: [PATCH] netfilter: Remove leading spaces in Kconfig
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/2] nf_tables: avoid retpoline overhead on set lookups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [net-next PATCH] net: netfilter: nft_exthdr: Support SCTP chunks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- warning splat in nftables ct expect
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables,v2] datatype: skip cgroupv2 rootfs in listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables 1/2] src: use PRIu64 format
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables 2/2] datatype: skip cgroupv2 rootfs in listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue v2 1/1] Eliminate packet copy when constructing struct pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue v2 0/1] Speed-up
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: use nfnetlink_unicast()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: Remove leading spaces in Kconfig
- From: Juerg Haefliger <juerg.haefliger@xxxxxxxxxxxxx>
- Re: [PATCH] treewide: Remove leading spaces in Kconfig files
- From: Juerg Haefliger <juerg.haefliger@xxxxxxxxxxxxx>
- Re: [PATCH] treewide: Remove leading spaces in Kconfig files
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] treewide: Remove leading spaces in Kconfig files
- From: Juerg Haefliger <juerg.haefliger@xxxxxxxxxxxxx>
- Re: [PATCH] treewide: Remove leading spaces in Kconfig files
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH] treewide: Remove leading spaces in Kconfig files
- From: Juerg Haefliger <juerg.haefliger@xxxxxxxxxxxxx>
- [PATCH nftables,v3] parser_bison: add shortcut syntax for matching flags without binary operations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/2] nf_tables: avoid retpoline overhead on set lookups
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nftables,v2] parser_bison: add shortcut syntax for matching flags without binary operations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: flowtable: Remove redundant hw refresh bit
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH nf 2/2] netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 1/2] netfilter: flowtable: Remove redundant hw refresh bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [pablo@xxxxxxxxxxxxx: Re: [PATCH net 1/1] netfilter: flowtable: Remove redundant hw refresh bit]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nftables PATCH] cache: check errno before invoking cache_release()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN
- From: Dexuan Cui <decui@xxxxxxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: nf_tables: prefer direct calls for set lookups
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: add and use nft_set_do_lookup helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/2] nf_tables: avoid retpoline overhead on set lookups
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v26 16/25] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN
- From: Phil Sutter <phil@xxxxxx>
- [nftables PATCH] cache: check errno before invoking cache_release()
- From: Marco Oliverio <marco.oliverio@xxxxxxxxxx>
- Re: netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- RE: netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN
- From: Dexuan Cui <decui@xxxxxxxxxxxxx>
- RE: netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN
- From: Dexuan Cui <decui@xxxxxxxxxxxxx>
- RE: netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN
- From: Dexuan Cui <decui@xxxxxxxxxxxxx>
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] parser_bison: add shortcut syntax for matching flags without binary operations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] netlink_delinearize: fix binary operation postprocessing with sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN
- From: Dexuan Cui <decui@xxxxxxxxxxxxx>
- Re: [PATCH nftables,v3 2/2] src: add set element catch-all support
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nftables,v2 2/2] src: add set element catch-all support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables,v3 2/2] src: add set element catch-all support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables,v2 2/2] src: add set element catch-all support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables,v2 2/2] src: add set element catch-all support
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nftables 2/2] src: add set element catch-all support
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nftables,v2 2/2] src: add set element catch-all support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables 2/2] src: add set element catch-all support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables 2/2] src: add set element catch-all support
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [PATCH nftables 2/2] src: add set element catch-all support
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nftables] evaluate: don't crash on set definition with incorrect datatype
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables 2/2] src: add set element catch-all support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables 2/2] src: add set element catch-all support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables 1/2] parser_bison: add set_elem_key_expr rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf] nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH net 1/8] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net 8/8] netfilter: nftables: avoid potential overflows on 32bit arches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 7/8] netfilter: nftables: avoid overflows in nft_hash_buckets()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 6/8] netfilter: nftables: Fix a memleak from userdata error path in new objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/8] netfilter: remove BUG_ON() after skb_header_pointer()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/8] netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/8] netfilter: nfnetlink: add a missing rcu_read_unlock()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/8] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/8] netfilter: arptables: use pernet ops struct during unregister
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/8] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Florian Westphal <fw@xxxxxxxxx>
- nft_pipapo_avx2_lookup backtrace in linux 5.10
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [PATCH net 2/2] netfilter: nf_tables: avoid potential overflows on 32bit arches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: nf_tables: avoid overflows in nft_hash_buckets()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/2] netfilter: nf_tables: avoid potential overflows on 32bit arches
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- [PATCH net 1/2] netfilter: nf_tables: avoid overflows in nft_hash_buckets()
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] doc: Reduce size of NAT statement synopsis
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST drop.
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Cole Dishington <Cole.Dishington@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] ipv6: netfilter.c: fix missing line after declaration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] tests: Introduce 0043_concatenated_ranges_1 for subnets of different sizes
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nft 0/2] Fix display of < 64 bits IPv6 masks in concatenated elements
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf,v2] netfilter: remove BUG_ON() after skb_header_pointer()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nftables: Fix a memleak from userdata error path in new objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: remove BUG_ON() after skb_header_pointer()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/3] exthdr: Implement SCTP Chunk matching
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST drop.
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] ipv6: netfilter.c: fix missing line after declaration
- From: Pallavi Prabhu <rpallaviprabhu@xxxxxxxxx>
- Re: [nft PATCH 1/3] scanner: sctp: Move to own scope
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net] netfilter: nfnetlink: add a missing rcu_read_unlock()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH v3] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH net] netfilter: nfnetlink: add a missing rcu_read_unlock()
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH v3] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH 2/2] extensions: sctp: Translate --chunk-types option
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/2] extensions: sctp: Fix nftables translation
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 3/3] exthdr: Implement SCTP Chunk matching
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/3] json: Simplify non-tcpopt exthdr printing a bit
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/3] scanner: sctp: Move to own scope
- From: Phil Sutter <phil@xxxxxx>
- [net-next PATCH] net: netfilter: nft_exthdr: Support SCTP chunks
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: conntrack: unregister ipv4 sockopts on error unwind
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] memory leak in nf_hook_entries_grow (2)
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] memory leak in nf_hook_entries_grow (2)
- From: syzbot <syzbot+050de9f900eb45b94ef9@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST check
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH RFC libnetfilter_queue 0/1] Eliminate packet copy when constructing struct pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH RFC libnetfilter_queue 1/1] Eliminate packet copy when constructing struct pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH RFC libnetfilter_queue 0/1] Eliminate packet copy when constructing struct pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [net-next PATCH v2] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: arptables: use pernet ops struct during unregister
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: conntrackd inverted NAT address, endianness issue?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4 0/5] conntrack: save output format
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrack-tools] conntrack: release options after parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [syzbot] upstream test error: WARNING in __nf_unregister_net_hook
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] net test error: WARNING in __nf_unregister_net_hook
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] bpf test error: WARNING in __nf_unregister_net_hook
- From: Florian Westphal <fw@xxxxxxxxx>
- [syzbot] bpf test error: WARNING in __nf_unregister_net_hook
- From: syzbot <syzbot+854457fa0d41f836cd0e@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [syzbot] net test error: WARNING in __nf_unregister_net_hook
- From: syzbot <syzbot+33d023f240aa788eb7fe@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [syzbot] memory leak in nf_hook_entries_grow (2)
- From: syzbot <syzbot+050de9f900eb45b94ef9@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [syzbot] upstream test error: WARNING in __nf_unregister_net_hook
- From: syzbot <syzbot+7ad5cd1615f2d89c6e7e@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH nf] netfilter: arptables: use pernet ops struct during unregister
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] bpf-next test error: WARNING in __nf_unregister_net_hook
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [syzbot] linux-next test error: WARNING in __nf_unregister_net_hook
- From: Florian Westphal <fw@xxxxxxxxx>
- [syzbot] bpf-next test error: WARNING in __nf_unregister_net_hook
- From: syzbot <syzbot+0d9ff6eeee8f4b6e2aed@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Cole Dishington <Cole.Dishington@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] parser: allow to load stateful ct connlimit elements in sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] linux-next test error: WARNING in __nf_unregister_net_hook
- From: syzbot <syzbot+dcccba8a1e41a38cb9df@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [iptables PATCH v2] extensions: SECMARK: Implement revision 1
- From: Phil Sutter <phil@xxxxxx>
- [net-next PATCH v2] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: Phil Sutter <phil@xxxxxx>
- Re: [net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] Avoid potentially erroneos RST drop.
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST check
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- [PATCH] netfilter: Remove redundant assignment to ret
- From: Yang Li <yang.lee@xxxxxxxxxxxxxxxxx>
- [PATCH nft 18/18] evaluate: remove object from cache on delete object command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 16/18] evaluate: remove set from cache on delete set command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 17/18] evaluate: remove flowtable from cache on delete flowtable command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 15/18] evaluate: remove chain from cache on delete chain command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 14/18] cache: add hashtable cache for table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 13/18] evaluate: add object to the cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 12/18] cache: missing table cache for several policy objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 11/18] evaluate: add flowtable to the cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 10/18] evaluate: add set to the cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 08/18] cache: add hashtable cache for flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 07/18] cache: add hashtable cache for object
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 09/18] cache: add set_cache_del() and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 06/18] src: consolidate object cache infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 05/18] src: consolidate nft_cache infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 04/18] src: pass chain name to chain_cache_find()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 03/18] rule: skip fuzzy lookup for unexisting 64-bit handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 02/18] src: unbreak deletion by table handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 01/18] tests: shell: remove missing modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 00/18] cache updates,v2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next] netfilter: x_tables: improve limit_mt scalability
- From: Jason Baron <jbaron@xxxxxxxxxx>
- Re: [net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [iptables PATCH] extensions: SECMARK: Implement revision 1
- From: Phil Sutter <phil@xxxxxx>
- [net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH] extensions: sctp: Explain match types in man page
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [iptables PATCH 0/5] Merge some common code
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/5] xshared: Eliminate iptables_command_state->invert
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/5] xshared: Merge invflags handling code
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/5] Use proto_to_name() from xshared in more places
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/5] xtables: Make invflags 16bit wide
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 4/5] ebtables-translate: Use shared ebt_get_current_chain() function
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Avoid potentially erroneos RST check
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] Avoid potentially erroneos RST check
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- [PATCH] Don't drop out of segments RST if tcp_be_liberal is set
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH net-next 1/7] netfilter: nftables: rename set element data activation/deactivation functions
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net-next 7/7] netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 6/7] netfilter: nft_socket: fix an unused variable warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 5/7] netfilter: nftables: add catch-all set element support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 4/7] netfilter: nftables: add helper function to validate set element data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 3/7] netfilter: nftables: add helper function to flush set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 2/7] netfilter: nftables: add loop check helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 1/7] netfilter: nftables: rename set element data activation/deactivation functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 0/7] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/2] netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] netfilter: nft_socket: fix an unused variable warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2] netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n
- From: Arnd Bergmann <arnd@xxxxxxxxxx>
- [PATCH 1/2] netfilter: nft_socket: fix an unused variable warning
- From: Arnd Bergmann <arnd@xxxxxxxxxx>
- [PATCH nf-next 2/5,v2] netfilter: nftables: add loop check helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/5, v2] netfilter: nftables: rename set element data activation/deactivation functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/5,v2] netfilter: nftables: add helper function to flush set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/5] netfilter: nftables: add helper function to validate set element data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/5,v4] netfilter: nftables: add catch-all set element support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH 1/2] Eliminate inet_aton() and inet_ntoa()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/2] Drop use of some obsolete functions
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/2] nft-arp: Make use of ipv4_addr_to_string()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH net-next 01/22] netfilter: nat: move nf_xfrm_me_harder to where it is used
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net-next 20/22] netfilter: nfnetlink: pass struct nfnl_info to batch callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 19/22] netfilter: nfnetlink: pass struct nfnl_info to rcu callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 18/22] netfilter: nfnetlink: add struct nfnl_info and pass it to callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 17/22] netfilter: nftables: add nft_pernet() helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 14/22] netfilter: ip6_tables: pass table pointer via nf_hook_ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 16/22] netfilter: nf_log_syslog: Unset bridge logger in pernet exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 15/22] netfilter: remove all xt_table anchors from struct net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 13/22] netfilter: arp_tables: pass table pointer via nf_hook_ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 12/22] netfilter: ip_tables: pass table pointer via nf_hook_ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 22/22] netfilter: allow to turn off xtables compat layer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 21/22] netfilter: nfnetlink: consolidate callback types
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 11/22] netfilter: xt_nat: pass table to hookfn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 10/22] netfilter: x_tables: remove paranoia tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 09/22] netfilter: arptables: unregister the tables by name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 08/22] netfilter: ip6tables: unregister the tables by name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 07/22] netfilter: iptables: unregister the tables by name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 06/22] netfilter: x_tables: add xt_find_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 05/22] netfilter: x_tables: remove ipt_unregister_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 04/22] netfilter: ebtables: remove the 3 ebtables pointers from struct net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 03/22] netfilter: disable defrag once its no longer needed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 02/22] netfilter: nft_socket: add support for cgroupsv2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 01/22] netfilter: nat: move nf_xfrm_me_harder to where it is used
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 00/22] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nf-next:for-net-next 25/25] net/netfilter/nf_tables_api.c:4448:22: warning: variable 'ext' set but not used
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH nf-next] netfilter: allow to turn off xtables compat layer
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: RSTs being marked as invalid because of wrong td_maxack value
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: RSTs being marked as invalid because of wrong td_maxack value
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] netfilter: nf_log_syslog: Unset bridge logger in pernet exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 00/12] netfilter: x_tables: remove ipt_unregister_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 nf-next] netfilter: disable defrag once its no longer needed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nat: move nf_xfrm_me_harder to where it is used
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/4,v3] netfilter: nftables: add catch-all set element support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/4] netfilter: nftables: add helper function to flush set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/4] netfilter: nftables: add loop check helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/4] netfilter: nftables: rename set element data activation/deactivation functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2] netfilter: nftables: add catch-all set element support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nftables: add catch-all set element support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RSTs being marked as invalid because of wrong td_maxack value
- From: Florian Westphal <fw@xxxxxxxxx>
- RSTs being marked as invalid because of wrong td_maxack value
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- [PATCH nf-next 5/5] netfilter: nfnetlink: consolidate callback types
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/5] netfilter: nfnetlink: pass struct nfnl_info to batch callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/5] netfilter: nfnetlink: add struct nfnl_info and pass it to callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/5] netfilter: nftables: add nft_pernet() helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/5] netfilter: nfnetlink: pass struct nfnl_info to rcu callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 0/5] nfnetlink housekeeping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled
- From: Duncan Roe <duncan.roe2@xxxxxxxxx>
- [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support
- From: Cole Dishington <Cole.Dishington@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] netfilter: nf_log_syslog: Unset bridge logger in pernet exit
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled
- From: Duncan Roe <duncan.roe2@xxxxxxxxx>
- [PATCH] netfilter: nf_log_syslog: Unset bridge logger in pernet exit
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next v2 11/12] netfilter: ip6_tables: pass table pointer via nf_hook_ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 12/12] netfilter: remove all xt_table anchors from struct net
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 09/12] netfilter: ip_tables: pass table pointer via nf_hook_ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 10/12] netfilter: arp_tables: pass table pointer via nf_hook_ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 07/12] netfilter: x_tables: remove paranoia tests
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 08/12] netfilter: xt_nat: pass table to hookfn
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 06/12] netfilter: arptables: unregister the tables by name
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 05/12] netfilter: ip6tables: unregister the tables by name
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 04/12] netfilter: iptables: unregister the tables by name
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 03/12] netfilter: add xt_find_table
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 02/12] netfilter: x_tables: remove ipt_unregister_table
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 01/12] netfilter: ebtables: remove the 3 ebtables pointers from struct net
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 00/12] netfilter: x_tables: remove ipt_unregister_table
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next] netfilter: disable defrag once its no longer needed
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled
- From: Duncan Roe <duncan.roe2@xxxxxxxxx>
- [PATCH nft] src: add cgroupsv2 support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] expr: socket: add cgroups v2 support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nft_socket: add support for cgroupsv2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Cole Dishington <Cole.Dishington@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: disable defrag once its no longer needed
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf-next 02/12] netfilter: x_tables: remove ipt_unregister_table
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf-next 02/12] netfilter: x_tables: remove ipt_unregister_table
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH nf-next] netfilter: disable defrag once its no longer needed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 12/12] netfilter: remove all xt_table anchors from struct net
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 11/12] netfilter: ip6_tables: pass table pointer via nf_hook_ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 10/12] netfilter: arp_tables: pass table pointer via nf_hook_ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 09/12] netfilter: ip_tables: pass table pointer via nf_hook_ops
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 08/12] netfilter: xt_nat: pass table to hookfn
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 07/12] netfilter: x_tables: remove paranoia tests
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 06/12] netfilter: arptables: unregister the tables by name
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 05/12] netfilter: ip6tables: unregister the tables by name
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: Reset the max ACK flag on SYN in ignore state
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 04/12] netfilter: iptables: unregister the tables by name
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 03/12] netfilter: add xt_find_table
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 02/12] netfilter: x_tables: remove ipt_unregister_table
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 01/12] netfilter: ebtables: remove the 3 ebtables pointers from struct net
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 00/12] netfilter: remove xtables pointers from struct net
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: conntrack: Reset the max ACK flag on SYN in ignore state
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Error when using clone option in iptables
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Error when using clone option in iptables
- From: Mohan Das <rajarammohandas@xxxxxxxxx>
- [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled
- From: Duncan Roe <duncan.roe2@xxxxxxxxx>
- Now have make distcheck passing with doxygen enabled
- From: Duncan Roe <duncan.roe2@xxxxxxxxx>
- Re: [PATCH net-next 01/14] netfilter: flowtable: add vlan match offload support
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH nf-next] netfilter: nat: move nf_xfrm_me_harder to where it is used
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 0/2] Two fixes related to '--concurrent'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] parser_bison: missing relational operation on flag list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 14/14] netfilter: nftables: counter hardware offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 13/14] selftests: fib_tests: Add test cases for interaction with mangling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 11/14] netfilter: nftables_offload: special ethertype handling for VLAN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 12/14] netfilter: Dissect flow after packet mangling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 10/14] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 09/14] netfilter: nft_payload: fix C-VLAN offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 08/14] netfilter: flowtable: Add FLOW_OFFLOAD_XMIT_UNSPEC xmit type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 06/14] netfilter: conntrack: move ct counter to net_generic data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 07/14] netfilter: conntrack: convert sysctls to u8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 05/14] netfilter: conntrack: move expect counter to net_generic data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 04/14] netfilter: conntrack: move autoassign_helper sysctl to net_generic data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 03/14] netfilter: conntrack: move autoassign warning member to net_generic data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 02/14] netfilter: flowtable: add vlan pop action offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 01/14] netfilter: flowtable: add vlan match offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 00/14] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/3,v4] netfilter: nftables_offload: special ethertype handling for VLAN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 0/2] netfilter: Dissect flow after packet mangling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2 2/2] ebtables: Spewing an error if --concurrent isn't first argument
- From: Firo Yang <firo.yang@xxxxxxxx>
- [PATCH v2 0/2] Two fixes related to '--concurrent'
- From: Firo Yang <firo.yang@xxxxxxxx>
- [PATCH v2 1/2] libebtc: Fix an issue that '--concurrent' doesn't work with NFS
- From: Firo Yang <firo.yang@xxxxxxxx>
- Re: [PATCH] netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect()
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH nf-next] netfilter: nftables: counter hardware offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling
- From: Michal Soltys <msoltyspl@xxxxxxxxx>
- [PATCH nft 10/10] evaluate: remove table_lookup_global()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 09/10] cache: add hashtable cache for table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 08/10] cache: move struct nft_cache declaration to cache.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 06/10] cache: missing table cache for several policy objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 07/10] evaluate: add object to the cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 05/10] evaluate: add flowtable to the cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 04/10] evaluate: add set to the cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 03/10] cache: add set_cache_del() and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 02/10] cache: add hashtable cache for flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 01/10] cache: add hashtable cache for object
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/10] cache updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
- From: Saeed Mahameed <saeed@xxxxxxxxxx>
- Re: [PATCH nf-next v2 2/2] selftests: fib_tests: Add test cases for interaction with mangling
- From: David Ahern <dsahern@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH] mnl: Increase BATCH_PAGE_SIZE to support huge rulesets
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next v2 2/2] selftests: fib_tests: Add test cases for interaction with mangling
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH nf-next v2 1/2] netfilter: Dissect flow after packet mangling
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH nf-next v2 0/2] netfilter: Dissect flow after packet mangling
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec
- From: Cole Dishington <Cole.Dishington@xxxxxxxxxxxxxxxxxxx>
- Re: [syzbot] WARNING: suspicious RCU usage in find_inlist_lock
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: [syzbot] KASAN: vmalloc-out-of-bounds Read in bpf_trace_run2
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state
- From: Ali Abdallah <ali.abdallah@xxxxxxxx>
- [PATCH nf-next,v3 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v3 3/3] netfilter: nftables_offload: special ethertype handling for VLAN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v3 1/3] netfilter: nft_payload: fix C-VLAN offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 0/5] netfilter: conntrack: shrink size of netns_ct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 2/2] netfilter: flowtable: add vlan pop action offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 1/2] netfilter: flowtable: add vlan match offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next,v2 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH nft] parser: allow to load stateful ct connlimit elements in sets
- From: nevola <nevola@xxxxxxxxx>
- Re: [PATCH net 1/7] netfilter: flowtable: fix NAT IPv6 offload mangling
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net 7/7] netfilter: nftables: clone set element expression template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 6/7] netfilter: x_tables: fix compat match/target pad out-of-bound write
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/7] netfilter: arp_tables: add pre_exit hook for table unregister
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/7] netfilter: bridge: add pre_exit hooks for ebtable unregistration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/7] netfilter: nft_limit: avoid possible divide error in nft_limit_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/7] netfilter: conntrack: do not print icmpv6 as unknown via /proc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/7] netfilter: flowtable: fix NAT IPv6 offload mangling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/7] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: fix compat match/target pad out-of-bound write
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v2 5/5] netfilter: conntrack: convert sysctls to u8
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 4/5] netfilter: conntrack: move ct counter to net_generic data
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 3/5] netfilter: conntrack: move expect counter to net_generic data
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 2/5] netfilter: conntrack: move autoassign_helper sysctl to net_generic data
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 1/5] netfilter: conntrack: move autoassign warning member to net_generic data
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 0/5] netfilter: conntrack: shrink size of netns_ct
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH nf-next,v2 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 3/3] netfilter: nftables_offload: special ethertype handling for VLAN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 1/3] netfilter: nft_payload: fix C-VLAN offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nftables_offload: special ethertype handling for VLAN
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf-next 4/5] netfilter: conntrack: move ct counter to net_generic data
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling
- From: Michal Soltys <msoltyspl@xxxxxxxxx>
- Re: linux-next: build failure after merge of the net-next tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nftables_offload: special ethertype handling for VLAN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nft_payload: fix C-VLAN offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: linux-next: build failure after merge of the net-next tree
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- linux-next: build failure after merge of the net-next tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling
- From: David Ahern <dsahern@xxxxxxxxx>
- [PATCH nf-next] netfilter: Dissect flow after packet mangling
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH nf,v4] netfilter: nftables: clone set element expression template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v3] netfilter: nftables: clone set element expression template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 0/2] arp,ebtables: add pre_exit hooks for arp/ebtable hook unregister
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: nft_limit: avoid possible divide error in nft_limit_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] WARNING in __nf_unregister_net_hook (4)
- From: syzbot <syzbot+154bd5be532a63aa778b@xxxxxxxxxxxxxxxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
