Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH 12/13] fs: remove __vfs_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 13/13] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 11/13] fs: implement kernel_read using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 06/13] fs: implement kernel_write using __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Phil Sutter <phil@xxxxxx>
Re: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Phil Sutter <phil@xxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: [PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/4] netfilter: nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/4] netfilter: ctnetlink: memleak in filter initialization error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/4] netfilter: nf_tables: hook list memleak in flowtable deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/4] netfilter: nft_set_rbtree: Don't account for expired elements on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nf-next] nft_set_pipapo: Drop useless assignment of scratch map index on insert
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: shell: Allow wrappers to be passed as nft command
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: David Howells <dhowells@xxxxxxxxxx>
Good idea to rename files in include/uapi/ ?
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
Vim Syntax for NFTABLES -- Beta
- From: "SBCGlobal.Net" <s.egbert@xxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: hook list memleak in flowtable deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
Re: [ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
[ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 2/2] netfilter: nft: add support of reject verdict from ingress
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: Julian Anastasov <ja@xxxxxx>
[PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
[PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: hook list memleak in flowtable deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: ctnetlink: memleak in filter initialization error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -next] netfilter: ctnetlink: Fix memleak in ctnetlink_alloc_filter
- From: Zheng Bin <zhengbin13@xxxxxxxxxx>
[PATCH] netfiler: ipset: fix unaligned atomic access
- From: Russell King <rmk+kernel@xxxxxxxxxxxxxxx>
Re: [PATCH v4.10] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] net: flow_offload: remove indirect flow_block declarations leftover
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: memory leak in ctnetlink_start
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: memory leak in nf_tables_parse_netdev_hooks (3)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
memory leak in ctnetlink_del_conntrack
- From: syzbot <syzbot+38b8b548a851a01793c5@xxxxxxxxxxxxxxxxxxxxxxxxx>
memory leak in nf_tables_parse_netdev_hooks (3)
- From: syzbot <syzbot+eb9d5924c51d6d59e094@xxxxxxxxxxxxxxxxxxxxxxxxx>
memory leak in ctnetlink_start
- From: syzbot <syzbot+b005af2cfb0411e617de@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] net: flow_offload: remove indirect flow_block declarations leftover
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] src: Quote user-defined names
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] build: Fix for failing 'make uninstall'
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH nf-next 2/2] netfilter: nft: add support of reject verdict from ingress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] build: Fix for failing 'make uninstall'
- From: Phil Sutter <phil@xxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH libnetfilter_queue] configure: Make --help show doxygen is off by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v4.10] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
- From: Vasily Averin <vvs@xxxxxxxxxxxxx>
[PATCH libnetfilter_queue] configure: Make --help show doxygen is off by default
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH AUTOSEL 5.7 124/274] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 5.4 082/175] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 043/106] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 34/72] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.9 23/50] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.4 17/37] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
Re: [PATCH 8/8 net] net: remove indirect block netdev event registration
- From: Jacob Keller <jacob.e.keller@xxxxxxxxx>
Re: [PATCH 8/8 net] net: remove indirect block netdev event registration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/2] Force 'make distcheck' to pass
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnetfilter_queue] configure: disable doxygen by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 8/8 net] net: remove indirect block netdev event registration
- From: Jacob Keller <jacob.e.keller@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
nf_defrag_ipv6 / ip6_udp_tunnel on pure ipv4 setups
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
[PATCH nf-next 2/2] netfilter: nft: add support of reject verdict from ingress
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
[PATCH nf-next 1/2] netfilter: nft: refactor reject verdict source code
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Extensions for ICMP[6] with sport, dport
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: [PATCH nftables] src/main.c: fix build with gcc <= 4.8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH libnetfilter_queue 2/2] build: dist: Force 'make distcheck' to pass
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/2] Force 'make distcheck' to pass
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 1/2] build: dist: Add fixmanpages.sh to distribution tree
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH v2 08/18] netfilter: conntrack: Use sequence counter with associated spinlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
[PATCH v2 09/18] netfilter: nft_set_rbtree: Use sequence counter with associated rwlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
Re: [PATCH] build: resolve iptables-apply not getting installed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: document danger of applying REJECT to INVALID CTs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nftables] src/main.c: fix build with gcc <= 4.8
- From: Fabrice Fontaine <fontaine.fabrice@xxxxxxxxx>
Re: [PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] cmd: add misspelling suggestions for rule commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] meta: fix asan runtime error in tc handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] segtree: fix asan runtime error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] netlink: release dummy rule object from netlink_parse_set_expr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: remove superfluous check in set_evaluate()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v2] evaluate: missing datatype definition in implicit_set_declaration()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft,v2] evaluate: missing datatype definition in implicit_set_declaration()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: missing datatype definition in implicit_set_declaration()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH lnf-queue] configure: add --with/without-doxygen switch
- From: Florian Westphal <fw@xxxxxxxxx>
[ANNOUNCE] nftables 0.9.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH libnetfilter_queue 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Nicolas Pitre <nico@xxxxxxxxxxx>
[ANNOUNCE] libnftnl 1.1.7 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] libnetfilter_queue 1.0.4 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Philippe Mathieu-Daudé <f4bug@xxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
[PATCH ghak124 v3] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: Florian Westphal <fw@xxxxxxxxx>
RE: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: dwilder <dwilder@xxxxxxxxxx>
Re: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: David Wilder <dwilder@xxxxxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Harald Welte <laforge@xxxxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Phil Sutter <phil@xxxxxx>
[PATCH] build: resolve iptables-apply not getting installed
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH] doc: document danger of applying REJECT to INVALID CTs
- From: Jan Engelhardt <jengelh@xxxxxxx>
[ANNOUNCE] iptables 1.8.5 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
[MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] build: bump dependency on libnftnl
- From: Phil Sutter <phil@xxxxxx>
[PATCH RFC libnetfilter_queue 0/1] Avoid packet copy in nfq_nlmsg_verdict_put_pkt
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH RFC libnetfilter_queue 1/1] examples: Use sendmsg() to avoid packet copy in nfq_nlmsg_verdict_put_pkt()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nft] tests: 0044interval_overlap_0: Repeat insertion tests with timeout
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH 0/9] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH net-next 0/8] the indirect flow_block infrastructure, revisited
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 1/1 v2] netfilter: Restore the CT mark in Flow Offload
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH 1/1] Restore the CT mark in Flow Offload
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Logan Gunthorpe <logang@xxxxxxxxxxxx>
[PATCH v3 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Andreas Dilger <adilger@xxxxxxxxx>
Re: [PATCH v2 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Markus Elfring <Markus.Elfring@xxxxxx>
[PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v2 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] include: Avoid undefined left-shift in xt_sctp.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] include: Avoid undefined left-shift in xt_sctp.h
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/9] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/9] netfilter: nf_tables: generalise flowtable hook parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 9/9] netfilter: nf_tables: skip flowtable hooknum and priority on device updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/9] netfilter: nf_tables: delete devices from flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/9] netfilter: nf_tables: add nft_flowtable_hooks_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 8/9] netfilter: nf_tables: allow to register flowtable with no devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/9] netfilter: nf_tables: add devices to existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/9] netfilter: nf_tables: pass hook list to flowtable event notifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/9] netfilter: nf_tables: pass hook list to nft_{un,}register_flowtable_net_hooks()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/9] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] tests: shell: Fix syntax in ipt-restore/0010-noflush-new-chain_0
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
RE: clean up kernel_{read,write} & friends v2
- From: David Laight <David.Laight@xxxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH v2 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH 06/14] fs: remove the call_{read,write}_iter functions
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH ghak124 v2] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH net-next 2/8] net: flow_offload: consolidate indirect flow_block infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 3/8] net: cls_api: add tcf_block_offload_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 1/8] netfilter: nf_flowtable: expose nf_flow_table_gc_cleanup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 6/8] nfp: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 4/8] net: use flow_indr_dev_setup_offload()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 7/8] bnxt_tc: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 8/8] net: remove indirect block netdev event registration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 0/8] the indirect flow_block infrastructure, revisited
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 5/8] mlx5: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Dave Airlie <airlied@xxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: David Howells <dhowells@xxxxxxxxxx>
RE: clean up kernel_{read,write} & friends v2
- From: "Deucher, Alexander" <Alexander.Deucher@xxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Sedat Dilek <sedat.dilek@xxxxxxxxx>
Re: [PATCH 06/14] fs: remove the call_{read,write}_iter functions
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 0/3] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
[PATCH 01/14] cachefiles: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 02/14] autofs: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 03/14] bpfilter: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 04/14] fs: unexport __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 06/14] fs: remove the call_{read,write}_iter functions
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 07/14] fs: implement kernel_write using __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 08/14] fs: remove __vfs_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 11/14] integrity/ima: switch to using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 12/14] fs: implement kernel_read using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 13/14] fs: remove __vfs_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 10/14] fs: add a __kernel_read helper
- From: Christoph Hellwig <hch@xxxxxx>
clean up kernel_{read,write} & friends v2
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH nft v2 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/3] netfilter: conntrack: comparison of unsigned in cthelper confirmation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/3] netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/3] netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/3] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v6] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3] Avoid gretap fragmentation with nftables on bridge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft v2 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft v2 2/2] tests: py: Enable anonymous set rule with concatenated ranges in inet/sets.t
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft v2 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH ghak124 v1] audit: log nftables configuration change events
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH ghak124 v1] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH ghak124 v1] audit: log nftables configuration change events
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH ghak124 v1] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH nf] netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_conntrack: comparison of unsigned in cthelper confirmation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: nfnetlink_cthelper: protocol offset signess in IPv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net] netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
- From: Nathan Chancellor <natechancellor@xxxxxxxxx>
Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 7/8 net] bnxt_tc: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire no destination connections in kthread if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire no destination connections in kthread if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 4/5] netfilter: conntrack: make conntrack userspace helpers work again
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
re: netfilter: nfnetlink_queue: resolve clash for unconfirmed conntracks
- From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
[PATCH][next] netfilter: conntrack: fix an unsigned int comparison to less than zero
- From: Colin King <colin.king@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Phil Sutter <phil@xxxxxx>
Re: iptables 1.8.5 ETA ?
- From: Etienne Champetier <champetier.etienne@xxxxxxxxx>
Re: [PATCH 1/1] geoip: add quiet flag to xt_geoip_build
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: How to test the kernel netfilter logic?
- From: Konstantin Khorenko <khorenko@xxxxxxxxxxxxx>
Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: How to test the kernel netfilter logic?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH 1/5] netfilter: nft_reject_bridge: enable reject with bridge vlan
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/5] netfilter: conntrack: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/5] netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/5] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/5] netfilter: ipset: Fix subcounter update skip
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/1] geoip: add quiet flag to xt_geoip_build
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH nft] tests: py: Actually use all available hooks in bridge/chains.t
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] build: Fix doc build, restore A2X assignment for doc/Makefile
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/3] netfilter: enable reject with bridge vlan
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [net PATCH] netfilter: ipset: Fix subcounter update skip
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] flowtable: relax logic to build NFTA_FLOWTABLE_HOOK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: skip flowtable hooknum and priority on device updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] build: Fix doc build, restore A2X assignment for doc/Makefile
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Phil Sutter <phil@xxxxxx>
Re: How to test the kernel netfilter logic?
- From: Konstantin Khorenko <khorenko@xxxxxxxxxxxxx>
Re: How to test the kernel netfilter logic?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nf,v2 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf,v2 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2 2/2] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
How to test the kernel netfilter logic?
- From: Konstantin Khorenko <khorenko@xxxxxxxxxxxxx>
[PATCH] netfilter/ipvs: immediately expire no destination connections in kthread if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nf] netfilter: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 2/2] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 0/2] restore userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: py: Actually use all available hooks in bridge/chains.t
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] build: Fix doc build, restore A2X assignment for doc/Makefile
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH 1/1] Remove flow offload when ct is removed from userspace
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
[PATCH 1/1] Restore the CT mark in Flow Offload
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
WARNING: proc registration bug in clusterip_tg_check (2)
- From: syzbot <syzbot+35e9c587ab6de655a1b3@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v4 net-next] net: flow_offload: simplify hw stats check handling
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: ipset make modules_install fails to honor INSTALL_MOD_PATH
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
Re: ipset make modules_install fails to honor INSTALL_MOD_PATH
- From: Jan Engelhardt <jengelh@xxxxxxx>
ipset make modules_install fails to honor INSTALL_MOD_PATH
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
Re: [PATCH ghak25 v6a] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
[PATCH ghak25 v6a] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH nft 3/4] src: delete devices to an existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/4] src: allow flowtable definitions with no devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/4] src: add devices to an existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/4] mnl: add function to convert flowtable device list to array
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v4 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
[PATCH nf-next 7/7] netfilter: nf_tables: allow to register flowtable with no devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 5/7] netfilter: nf_tables: add devices to existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 6/7] netfilter: nf_tables: delete devices from flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 4/7] netfilter: nf_tables: pass hook list to flowtable event notifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/7] netfilter: nf_tables: add nft_flowtable_hooks_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/7] netfilter: nf_tables: pass hook list to nft_{un,}register_flowtable_net_hooks()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/7] netfilter: nf_tables: generalise flowtable hook parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 0/7] dynamic device updates for flowtables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
[PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 2/2] pktbuff: add pktb_head_alloc(), pktb_setup() and pktb_head_size()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Phil Sutter <phil@xxxxxx>
[PATCH v1 16/25] netfilter: nft_set_rbtree: Use sequence counter with associated rwlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
[PATCH v1 15/25] netfilter: conntrack: Use sequence counter with associated spinlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
Re: [PATCH ghak25 v5] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire UDP connections matching unavailable destination if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH ghak25 v5] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH ghak25 v5] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
[PATCH ghak25 v5] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire UDP connections matching unavailable destination if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire UDP connections matching unavailable destination if expire_nodest_conn=1
- From: Marco Angaroni <marcoangaroni@xxxxxxxxx>
Re: [PATCH 7/8 net] bnxt_tc: update indirect block support
- From: Sriharsha Basavapatna <sriharsha.basavapatna@xxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire UDP connections matching unavailable destination if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire UDP connections matching unavailable destination if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
Re: [iptables PATCH v2 2/2] nfnl_osf: Improve error handling
- From: Phil Sutter <phil@xxxxxx>
kernel BUG at lib/list_debug.c:45!
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [iptables PATCH 2/2] nft: Drop save_counters callback from family_ops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 1/2] nft: Merge nft_*_rule_find() functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v2 0/2] Critical: Unbreak nfnl_osf tool
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH nft] build: fix tentative generation of nft.8 after disabled doc
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH nft] build: fix tentative generation of nft.8 after disabled doc
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] build: fix tentative generation of nft.8 after disabled doc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: expire no destination UDP connections when expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
[PATCH] netfilter/ipvs: immediately expire UDP connections matching unavailable destination if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: expire no destination UDP connections when expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH nft] build: fix tentative generation of nft.8 after disabled doc
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH nft] build: fix tentative generation of nft.8 after disabled doc
- From: Phil Sutter <phil@xxxxxx>
[PATCH v2 nf] netfilter: make conntrack userspace helpers work again
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: expire no destination UDP connections when expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
[PATCH nft] build: fix tentative generation of nft.8 after disabled doc
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Re: [PATCH 01/14] cachefiles: switch to kernel_write
- From: David Howells <dhowells@xxxxxxxxxx>
Re: userspace conntrack helper and confirming the master conntrack
- From: Michal Kubecek <mkubecek@xxxxxxx>
[PATCH nf] netfilter: make conntrack userspace helpers work again
- From: Florian Westphal <fw@xxxxxxxxx>
Re: userspace conntrack helper and confirming the master conntrack
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH v2 2/2] nfnl_osf: Improve error handling
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 1/2] nfnl_osf: Fix broken conversion to nfnl_query()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 0/2] Critical: Unbreak nfnl_osf tool
- From: Phil Sutter <phil@xxxxxx>
KMSAN: uninit-value in nf_ip6_checksum
- From: syzbot <syzbot+266e61dcc3259a67d5ec@xxxxxxxxxxxxxxxxxxxxxxxxx>
[PATCH] netfilter/ipvs: expire no destination UDP connections when expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH 0/8 net] the indirect flow_block offload, revisited
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 0/8 net] the indirect flow_block offload, revisited
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/6] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] libiptc.c: pragma disable a gcc compiler warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 0/3] Fix SECMARK target comparison
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] libip6t_srh.t: switch to lowercase, add /128 suffix, require success
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 0/3] Fix SECMARK target comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/6] netfilter: flowtable: Remove WQ_MEM_RECLAIM from workqueue
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/6] netfilter: conntrack: avoid gcc-10 zero-length-bounds warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/6] netfilter: flowtable: Add pending bit for offload work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/6] netfilter: flowtable: set NF_FLOW_TEARDOWN flag on entry expiration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/6] netfilter: nft_set_rbtree: Add missing expired checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/6] netfilter: conntrack: fix infinite loop on rmmod
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/8 net] the indirect flow_block offload, revisited
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
[net PATCH] netfilter: ipset: Fix subcounter update skip
- From: Phil Sutter <phil@xxxxxx>
Re: netfilter: does the API break or something else ?
- From: Xiubo Li <xiubli@xxxxxxxxxx>
Re: netfilter: does the API break or something else ?
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 02/14] autofs: switch to kernel_write
- From: Ian Kent <raven@xxxxxxxxxx>
Re: [PATCH libnetfilter_queue 2/3] example: nf-queue: use pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 1/1] example: nf-queue: use pkt_buff (updated)
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: userspace conntrack helper and confirming the master conntrack
- From: Jacob Rasmussen <jacobraz@xxxxxxxxxxxx>
Re: stable-rc 4.19: NETDEV WATCHDOG: eth0 (asix): transmit queue 0 timed out - net/sched/sch_generic.c:466 dev_watchdog
- From: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
[PATCH 4/8 net] net: use flow_indr_dev_setup_offload()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 8/8 net] net: remove indirect block netdev event registration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/8 net] mlx5: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/8 net] nfp: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/8 net] bnxt_tc: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/8 net] net: cls_api: add tcf_block_offload_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/8 net] netfilter: nf_flowtable: expose nf_flow_table_gc_cleanup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/8 net] net: flow_offload: consolidate indirect flow_block infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/8 net] the indirect flow_block offload, revisited
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v4] doc: document danger of applying REJECT to INVALID CTs
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
KMSAN: uninit-value in hash_ip6_test
- From: syzbot <syzbot+e66172c53a40c795a780@xxxxxxxxxxxxxxxxxxxxxxxxx>
netfilter: does the API break or something else ?
- From: Xiubo Li <xiubli@xxxxxxxxxx>
Re: [nft PATCH] JSON: Improve performance of json_events_cb()
- From: Eric Garver <eric@xxxxxxxxxxx>
[nft PATCH] JSON: Improve performance of json_events_cb()
- From: Phil Sutter <phil@xxxxxx>
[PATCH v4] doc: document danger of applying REJECT to INVALID CTs
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH v3] doc: document danger of applying REJECT to INVALID CTs
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH v3] doc: document danger of applying REJECT to INVALID CTs
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH libnetfilter_queue 1/2] pktbuff: add __pktb_setup()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH 01/14] cachefiles: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
clean up kernel_{read,write} & friends v2
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 04/14] fs: unexport __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 08/14] fs: remove __vfs_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 11/14] integrity/ima: switch to using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 13/14] fs: remove __vfs_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 12/14] fs: implement kernel_read using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 10/14] fs: add a __kernel_read helper
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 07/14] fs: implement kernel_write using __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 06/14] fs: remove the call_{read,write}_iter functions
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 03/14] bpfilter: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 02/14] autofs: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH libnetfilter_queue 1/1] src & doc: Rename pktb_alloc2 to pktb_setup
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 1/1] src: add pktb_alloc2() and pktb_head_size()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 2/2] pktbuff: add pktb_head_alloc(), pktb_setup() and pktb_head_size()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH v2] doc: document danger of applying REJECT to INVALID CTs
- From: Benjamin Poirier <benjamin.poirier@xxxxxxxxx>
Re: [PATCH v1 1/1] xtables-addons: geoip: update scripts for DBIP names, etc.
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v2] doc: document danger of applying REJECT to INVALID CTs
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH v2] doc: document danger of applying REJECT to INVALID CTs
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH v1 1/1] xtables-addons: geoip: update scripts for DBIP names, etc.
- From: Jan Engelhardt <jengelh@xxxxxxx>
[iptables PATCH 2/3] libxtables: Introduce 'matchmask' target callback
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/3] Fix SECMARK target comparison
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/3] libxt_SECMARK: Fix for failing target comparison
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/3] xshared: Share make_delete_mask() between ip{,6}tables
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v1 1/1] xtables-addons: geoip: update scripts for DBIP names, etc.
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
Re: [iptables PATCH 2/2] nfnl_osf: Improve error handling
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 2/2] nfnl_osf: Improve error handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] xtables-restore: Fix verbose mode table flushing
- From: Phil Sutter <phil@xxxxxx>
Re: [nf PATCH v2] netfilter: nft_set_rbtree: Add missing expired checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v1 1/1] xtables-addons: geoip: update scripts for DBIP names, etc.
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH v1 1/1] xtables-addons: geoip: update scripts for DBIP names, etc.
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
[PATCH] libiptc.c: pragma disable a gcc compiler warning
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH] libip6t_srh.t: switch to lowercase, add /128 suffix, require success
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Correct usage of nf_ct_get
- From: b38911 Zxc <b38911@xxxxxxxxx>
Re: WARNING in cgroup_finalize_control
- From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
KMSAN: uninit-value in hash_net6_del
- From: syzbot <syzbot+3fba3936436897a34c8a@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: fix infinite loop on rmmod
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: nf_flow_table_offload: Remove WQ_MEM_RECLAIM from workqueue
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
WARNING in cgroup_finalize_control
- From: syzbot <syzbot+9c08aaa363ca5784c9e9@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH] iptables: flush stdout after every verbose log.
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Add pending bit for offload work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Add pending bit for offload work
- From: Roi Dayan <roid@xxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Add pending bit for offload work
- From: Roi Dayan <roid@xxxxxxxxxxxx>
[iptables PATCH 1/2] nft: Merge nft_*_rule_find() functions
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] nft: Drop save_counters callback from family_ops
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] iptables-test: Don't choke on empty lines
- From: Phil Sutter <phil@xxxxxx>
[nf PATCH v2] netfilter: nft_set_rbtree: Add missing expired checks
- From: Phil Sutter <phil@xxxxxx>
Re: [nf PATCH] netfilter: nft_set_rbtree: Add missing expired checks
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] iptables: flush stdout after every verbose log.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Add pending bit for offload work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 2/2] nfnl_osf: Improve error handling
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: flowtable: set NF_FLOW_TEARDOWN flag on entry expiration
- From: Roi Dayan <roid@xxxxxxxxxxxx>
[PATCH nf] netfilter: flowtable: set NF_FLOW_TEARDOWN flag on entry expiration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Fix expired flow not being deleted from software
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Fix expired flow not being deleted from software
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Add pending bit for offload work
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Fix expired flow not being deleted from software
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
Re: [RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
Re: [PATCH v2] do not typedef socklen_t on Android
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Fix expired flow not being deleted from software
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: flowtable: Add pending bit for offload work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf PATCH] netfilter: nft_set_rbtree: Add missing expired checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 06/15] netfilter: conntrack: avoid gcc-10 zero-length-bounds warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 1/1] src: add pktb_alloc2() and pktb_head_size()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 1/1] src: add pktb_alloc2() and pktb_head_size()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnetfilter_queue 1/1] src: add pktb_alloc2() and pktb_head_size()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] pktb_alloc2()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nf] netfilter: conntrack: fix infinite loop on rmmod
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net] netfilter: nf_flow_table_offload: Remove WQ_MEM_RECLAIM from workqueue
- From: Roi Dayan <roid@xxxxxxxxxxxx>
Re: mlx5: Panic with conntrack offload
- From: Roi Dayan <roid@xxxxxxxxxxxx>
Re: [PATCH] doc: document danger of applying REJECT to INVALID CTs
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH] doc: document danger of applying REJECT to INVALID CTs
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH] doc: document danger of applying REJECT to INVALID CTs
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH] iptables: flush stdout after every verbose log.
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH v2] do not typedef socklen_t on Android
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH] document danger of '-j REJECT'ing of '-m state INVALID' packets
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH] document danger of '-j REJECT'ing of '-m state INVALID' packets
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [iptables PATCH 2/2] nfnl_osf: Improve error handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 2/2] pktbuff: add pktb_head_alloc(), pktb_setup() and pktb_head_size()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 2/2] pktbuff: add pktb_head_alloc(), pktb_setup() and pktb_head_size()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[iptables PATCH 1/2] nfnl_osf: Fix broken conversion to nfnl_query()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] nfnl_osf: Improve error handling
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/2] Critical: Unbreak nfnl_osf tool
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] document danger of '-j REJECT'ing of '-m state INVALID' packets
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH nft,v2] mnl: fix error rule reporting with missing table/chain and anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnetfilter_queue 1/2] pktbuff: add __pktb_setup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnetfilter_queue 2/2] pktbuff: add pktb_head_alloc(), pktb_setup() and pktb_head_size()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH] document danger of '-j REJECT'ing of '-m state INVALID' packets
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
[PATCH nft 1/3] src: rename CMD_OBJ_SETELEM to CMD_OBJ_ELEMENTS
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] src: add CMD_OBJ_SETELEMS
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/3] libnftables: call nft_cmd_expand() only with CMD_ADD
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
ETA of libnetfilter_queue-1.0.4?
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH nft] mnl: fix error rule reporting with missing table/chain and anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[RFC PATCH net] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH nft] mnl: fix error rule reporting with missing table/chain and anonymous sets
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net,v4] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH net,v4] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nft: crash parsing cmd line
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] mnl: fix error rule reporting with missing table/chain and anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net,v4] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
nft: crash parsing cmd line
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH net,v4] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH] netfilter: fix make target xt_TCPMSS.o error.
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
[PATCH nft] evaluate: fix memleak in stmt_evaluate_reject_icmp()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] src: fix netlink_get_setelem() memleaks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net,v4] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net,v3] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
[iptables PATCH 06/15] nft: cache: Re-establish cache consistency check
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 05/15] tests: shell: Implement --valgrind mode
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 15/15] nft: Don't exit early after printing help texts
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 07/15] nft: Clear all lists in nft_fini()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 14/15] nft: Fix leak when replacing a rule
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 09/15] nft: Fix leak when deleting rules
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 13/15] arptables: Fix leak in nft_arp_print_rule()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 03/15] nft: Avoid use-after-free when rebuilding cache
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 01/15] nft: Free rule pointer in nft_cmd_free()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 10/15] ebtables: Free statically loaded extensions again
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 08/15] nft: Fix leaks in ebt_add_policy_rule()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 02/15] nft: Add missing clear_cs() calls
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 04/15] nft: Call nft_release_cache() in nft_fini()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 11/15] libxtables: Introduce xtables_fini()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 12/15] nft: Use clear_cs() instead of open coding
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 00/15] cache evaluation phase bonus material
- From: Phil Sutter <phil@xxxxxx>
Re: iptables 1.8.5 ETA ?
- From: Etienne Champetier <champetier.etienne@xxxxxxxxx>
Re: iptables 1.8.5 ETA ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: iptables 1.8.5 ETA ?
- From: Phil Sutter <phil@xxxxxx>
Re: iptables 1.8.5 ETA ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net,v3] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
iptables 1.8.5 ETA ?
- From: Etienne Champetier <champetier.etienne@xxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
[PATCH net] netfilter: flowtable: Fix expired flow not being deleted from software
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
[PATCH net] netfilter: flowtable: Add pending bit for offload work
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
[nf PATCH] netfilter: nft_set_rbtree: Add missing expired checks
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] rule: fix out of memory write if num_stmts is too low
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
[PATCH net] netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
[PATCH 2/3] nftables: enable reject with 802.1q
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
[PATCH 3/3] netfilter: enable reject with bridge vlan
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
[PATCH 1/3] nftables: add frag-needed (ipv4) to reject options
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
[PATCH 0/3] Avoid gretap fragmentation with nftables on bridge
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: fix make target xt_TCPMSS.o error.
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH] netfilter: fix make target xt_TCPMSS.o error.
- From: Huang Qijun <dknightjun@xxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] rule: fix out of memory write if num_stmts is too low
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] expr: dynset: release stateful expression from .free path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] src: ct_timeout: release policy string and state list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/3] parser_bison: release helper type string after parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3] parser_bison: release extended priority string after parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] expr: objref: add nftnl_expr_objref_free() to release object name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
[PATCH nft 2/2] src: add rule_stmt_append() and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] src: add rule_stmt_insert_at() and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
[PATCH net,v2] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] rule: fix out of memory write if num_stmts is too low
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] rule: fix out of memory write if num_stmts is too low
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
stable-rc 4.19: NETDEV WATCHDOG: eth0 (asix): transmit queue 0 timed out - net/sched/sch_generic.c:466 dev_watchdog
- From: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC] concat with dynamically sized fields like vlan id
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
[RFC] netlink: do not alter set element width
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
[PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] rule: fix out of memory write if num_stmts is too low
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
[PATCH nf-next v6] netfilter: ctnetlink: add kernel side filtering for dump
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Phil Sutter <phil@xxxxxx>
Re: [RFC] concat with dynamically sized fields like vlan id
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] main: fix get_optstring truncating output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH] main: fix get_optstring truncating output
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH] tests: dump generated use new nft tool
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] tests: dump generated use new nft tool
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH v1 1/1] xtables-addons: geoip: install and document xt_geoip_fetch
- From: Jan Engelhardt <jengelh@xxxxxxx>
[RFC] concat with dynamically sized fields like vlan id
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
Re: [PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/3] utils: fix UBSAN warning in fls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/3] main: fix ASAN -fsanizize=address error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] ct: Add support for the 'id' key
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] ct: Add support for the 'id' key
- From: Brett Mastbergen <brett.mastbergen@xxxxxxxxx>
Re: strage iptables counts of wireguard traffic
- From: Sven-Haegar Koch <haegar@xxxxxxxxx>
Re: strage iptables counts of wireguard traffic
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 1/3] main: fix ASAN -fsanizize=address error
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
[PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
[PATCH 2/3] utils: fix UBSAN warning in fls
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
Re: strage iptables counts of wireguard traffic
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]