Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

Re: [PATCH v4.10] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
- From: Greg KH <greg@xxxxxxxxx>
[PATCH net-next v2 2/3] netfilter: nf_conntrack_reasm: make nf_ct_frag6_gather elide the CB clear
- From: wenxu@xxxxxxxxx
[PATCH net-next v2 1/3] net: ip_fragment: Add ip_defrag_ignore_cb support
- From: wenxu@xxxxxxxxx
[PATCH net-next v2 3/3] net/sched: act_ct: fix clobber qdisc_skb_cb in defrag
- From: wenxu@xxxxxxxxx
[PATCH net-next v2 0/3] make nf_ct_frag/6_gather elide the skb CB clear
- From: wenxu@xxxxxxxxx
Re: [PATCH net-next 1/3] netfilter: nf_defrag_ipv4: Add nf_ct_frag_gather support
- From: wenxu <wenxu@xxxxxxxxx>
Re: [PATCH ghak90 V9 01/13] audit: collect audit task parameters
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH] Replace HTTP links with HTTPS ones: IPv*
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH] Replace HTTP links with HTTPS ones: IPv*
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
Re: [PATCH net-next 1/3] netfilter: nf_defrag_ipv4: Add nf_ct_frag_gather support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net-next 1/3] netfilter: nf_defrag_ipv4: Add nf_ct_frag_gather support
- From: wenxu <wenxu@xxxxxxxxx>
Re: [PATCH net-next 1/3] netfilter: nf_defrag_ipv4: Add nf_ct_frag_gather support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] segtree: zap element statement when decomposing interval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] tests: shell: Add help output to run-tests.sh
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH net-next 1/3] netfilter: nf_defrag_ipv4: Add nf_ct_frag_gather support
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
Re: [PATCH ghak90 V9 13/13] audit: add capcontid to set contid outside init_user_ns
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 12/13] audit: track container nesting
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 10/13] audit: add support for containerid to network namespaces
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 08/13] audit: add containerid support for user records
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 07/13] audit: add support for non-syscall auxiliary records
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 04/13] audit: log drop of contid on exit of last task
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 02/13] audit: add container id
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 01/13] audit: collect audit task parameters
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH net-next 1/3] netfilter: nf_defrag_ipv4: Add nf_ct_frag_gather support
- From: wenxu@xxxxxxxxx
[PATCH net-next 0/3] make nf_ct_frag/6_gather elide the skb CB clear
- From: wenxu@xxxxxxxxx
[PATCH net-next 3/3] net/sched: act_ct: fix clobber qdisc_skb_cb in defrag
- From: wenxu@xxxxxxxxx
[PATCH net-next 2/3] netfilter: nf_conntrack_reasm: make nf_ct_frag6_gather elide the CB clear
- From: wenxu@xxxxxxxxx
Re: [PATCH 29/29] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [PATCH 0/2] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 02/13] audit: add container id
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 V9 02/13] audit: add container id
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 1/1 v2] netfilter: Restore the CT mark in Flow Offload
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: reject unsupported chain flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 2/2] src: support for implicit chain bindings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v2 1/2] datatype: convert chain name from gmp value to string
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/2] netfilter: conntrack: refetch conntrack after nf_conntrack_update()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/2] netfilter: ipset: call ip_set_free() instead of kfree()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1 v2] netfilter: Restore the CT mark in Flow Offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] libxtables/xtables.c - compiler warning fixes for NO_SHARED_LIBS
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] [net/ipv6] Remove redundant null check in ah_mt6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 6/6] netfilter: nf_tables: add NFT_CHAIN_BINDING
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 5/6] netfilter: nf_tables: add nft_chain_add()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 4/6] netfilter: nf_tables: expose enum nft_chain_flags through UAPI
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 3/6] netfilter: nf_tables: add NFTA_VERDICT_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 2/6] netfilter: nf_tables: add NFTA_RULE_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3 1/6] netfilter: nf_tables: add NFTA_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: allow connection reuse for unconfirmed conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] audit: use the proper gfp flags in the audit_log_nfcfg() calls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak124 v3fix] audit: add gfp parameter to audit_log_nfcfg
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: "Timo Sigurdsson" <public_timo.s@xxxxxxxxxxxxxx>
Re: [PATCH ghak124 v3fix] audit: add gfp parameter to audit_log_nfcfg
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH] audit: use the proper gfp flags in the audit_log_nfcfg() calls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH nft] src: Allow for empty set variable definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak124 v3fix] audit: add gfp parameter to audit_log_nfcfg
- From: Jones Desougi <jones.desougi+netfilter@xxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Moving from ipset to nftables: Sets not ready for prime time yet?
- From: "Timo Sigurdsson" <public_timo.s@xxxxxxxxxxxxxx>
[PATCH nft] src: support for implicit chain bindings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: allow connection reuse for unconfirmed conntrack
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
[PATCH nf-next,v2 6/6] netfilter: nf_tables: add NFT_CHAIN_BINDING
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 5/6] netfilter: nf_tables: add nft_chain_add()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 4/6] netfilter: nf_tables: expose enum nft_chain_flags through UAPI
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 3/6] netfilter: nf_tables: add NFTA_VERDICT_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 2/6] netfilter: nf_tables: add NFTA_RULE_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2 1/6] netfilter: nf_tables: add NFTA_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 6/6,v2] netfilter: nf_tables: add NFT_CHAIN_BINDING
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [fs] 140402bab8: stress-ng.splice.ops_per_sec -100.0% regression
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
[PATCH net-next] ipvs: allow connection reuse for unconfirmed conntrack
- From: Julian Anastasov <ja@xxxxxx>
Re: [libnf_ct PATCH v2 1/9] Handle negative snprintf return values properly
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_conntrack: refetch conntrack after nf_conntrack_update()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [fs] 140402bab8: stress-ng.splice.ops_per_sec -100.0% regression
- From: Christoph Hellwig <hch@xxxxxx>
Re: [libnf_ct PATCH v2 1/9] Handle negative snprintf return values properly
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[fs] 140402bab8: stress-ng.splice.ops_per_sec -100.0% regression
- From: kernel test robot <rong.a.chen@xxxxxxxxx>
Re: [PATCH net-next] ipvs: avoid expiring many connections from timer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: avoid expiring many connections from timer
- From: Simon Horman <horms@xxxxxxxxxxxx>
LPC 2020 Networking and BPF Track CFP
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: ipset: call ip_set_free() instead of kfree()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] nft_set_pipapo: Drop useless assignment of scratch map index on insert
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: register hooks only with services
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: avoid expiring many connections from timer
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH net-next] ipvs: register hooks only with services
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: avoid expiring many connections from timer
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH nf-next 1/5] netfilter: nf_tables: add NFTA_RULE_CHAIN_ID attribute
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH v3 11/20] netfilter: nft_set_rbtree: Use sequence counter with associated rwlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
[PATCH v3 10/20] netfilter: conntrack: Use sequence counter with associated spinlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
[PATCH net] netfilter: ipset: call ip_set_free() instead of kfree()
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
Re: [PATCH ghak124 v3fix] audit: add gfp parameter to audit_log_nfcfg
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH nft WIP] src: support for implicit chain bindings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 5/5] netfilter: nf_tables: add NFT_CHAIN_BINDING
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/5] netfilter: nf_tables: expose enum nft_chain_flags through UAPI
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 4/5] netfilter: nf_tables: add nft_chain_add()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/5] netfilter: nf_tables: add NFTA_RULE_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 0/5,v2] nftables: support for implicit chains binding
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/5] netfilter: nf_tables: add NFTA_VERDICT_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH ghak124 v3fix] audit: add gfp parameter to audit_log_nfcfg
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [bug report] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
mDNS helper fails to add expectations if host joined 224.0.0.251 multicast group
- From: Andrei Borzenkov <arvidjaar@xxxxxxxxx>
[PATCH ghak90 V9 10/13] audit: add support for containerid to network namespaces
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 09/13] audit: add containerid filtering
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 13/13] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 12/13] audit: track container nesting
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 02/13] audit: add container id
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 05/13] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 08/13] audit: add containerid support for user records
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 07/13] audit: add support for non-syscall auxiliary records
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 04/13] audit: log drop of contid on exit of last task
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 03/13] audit: read container ID of a process
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 01/13] audit: collect audit task parameters
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak90 V9 00/13] audit: implement container identifier
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[bug report] audit: log nftables configuration change events
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Re: [PATCH 0/7] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/5] support for anonymous non-base chains in nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/5] support for anonymous non-base chains in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 1/7] netfilter: ipset: fix unaligned atomic access
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/7] netfilter: iptables: Add a .pre_exit hook in all iptable_foo.c.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/7] netfilter: ip6tables: Add a .pre_exit hook in all ip6table_foo.c.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/7] selftests: netfilter: add test case for conntrack helper assignment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/7] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/7] netfilter: ip6tables: Split ip6t_unregister_table() into pre_exit and exit helpers.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/7] netfilter: iptables: Split ipt_unregister_table() into pre_exit and exit helpers.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/7] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 5/5] netfilter: nf_tables: add NFT_CHAIN_ANONYMOUS
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/5] netfilter: nf_tables: add NFTA_VERDICT_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 4/5] netfilter: nf_tables: expose enum nft_chain_flags through UAPI
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/5] netfilter: nf_tables: add NFTA_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/5] netfilter: nf_tables: add NFTA_RULE_CHAIN_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 0/5] support for anonymous non-base chains in nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] [net/ipv6] Remove redundant null check in rt_mt6
- From: Gaurav Singh <gaurav1086@xxxxxxxxx>
[PATCH] [net/ipv6] Remove redundant null check in hbh_mt6
- From: Gaurav Singh <gaurav1086@xxxxxxxxx>
[PATCH] [net/ipv6] remove redundant null check in frag_mt6
- From: Gaurav Singh <gaurav1086@xxxxxxxxx>
[PATCH] [net/ipv6] Remove redundant null check in ah_mt6
- From: Gaurav Singh <gaurav1086@xxxxxxxxx>
[PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 04/14] fs: unexport __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 06/14] fs: implement kernel_write using __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 07/14] fs: remove __vfs_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 02/14] autofs: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 03/14] bpfilter: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 10/14] integrity/ima: switch to using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 08/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 11/14] fs: implement kernel_read using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 09/14] fs: add a __kernel_read helper
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 13/14] fs: implement default_file_splice_read using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 12/14] fs: remove __vfs_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 01/14] cachefiles: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
clean up kernel_{read,write} & friends v5
- From: Christoph Hellwig <hch@xxxxxx>
[libnf_ct PATCH v2 9/9] Fix buffer overflows in __snprintf_protoinfo* like in *2str fns
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 8/9] Fix buffer overflow in protocol related snprintf functions
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 2/9] Fix nfexp_snprintf return value docs
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 7/9] Move icmp request>reply type mapping to common file
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 5/9] Add ARRAY_SIZE() macro
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 3/9] Replace strncpy with snprintf to improve null byte handling
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 4/9] Fix incorrect snprintf size calculation
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 6/9] Fix buffer overflow on invalid icmp type in setters
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH v2 1/9] Handle negative snprintf return values properly
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH v4.10] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 1/1] selftests: netfilter: add test case for conntrack helper assignment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v1 0/4] iptables: Module unload causing NULL pointer reference.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [libnf_ct resend PATCH 6/8] Fix buffer overflow on invalid icmp type in setters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [libnf_ct resend PATCH 5/8] Add asizeof() macro
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [libnf_ct resend PATCH 1/8] Handle negative snprintf return values properly
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH iptables] libxtables/xtables.c - compiler warning fixes for NO_SHARED_LIBS
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH iptables] libxtables/xtables.c - compiler warning fixes for NO_SHARED_LIBS
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[libnf_ct resend PATCH 5/8] Add asizeof() macro
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct resend PATCH 8/8] Fix buffer overflows in __snprintf_protoinfo* like in *2str fns
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct resend PATCH 6/8] Fix buffer overflow on invalid icmp type in setters
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct resend PATCH 7/8] Fix buffer overflow in protocol related snprintf functions
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct resend PATCH 4/8] Fix incorrect snprintf size calculation
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct resend PATCH 2/8] Fix nfexp_snprintf return value docs
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct resend PATCH 3/8] Replace strncpy with snprintf to improve null byte handling
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct resend PATCH 1/8] Handle negative snprintf return values properly
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
Various memory-safety related fixes
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
Various memory-safety related fixes
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH 3/8] Replace strncpy with snprintf to improve null byte handling
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
[libnf_ct PATCH 4/8] Fix incorrect snprintf size calculation
- From: Daniel Gröber <dxld@xxxxxxxxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Good idea to rename files in include/uapi/ ?
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
[PATCH v1 0/4] iptables: Module unload causing NULL pointer reference.
- From: David Wilder <dwilder@xxxxxxxxxx>
[PATCH v1 4/4] netfilter: Add a .pre_exit hook in all ip6table_foo.c.
- From: David Wilder <dwilder@xxxxxxxxxx>
[PATCH v1 2/4] netfilter: Add a .pre_exit hook in all iptable_foo.c.
- From: David Wilder <dwilder@xxxxxxxxxx>
[PATCH v1 3/4] netfilter: Split ip6t_unregister_table() into pre_exit and exit helpers.
- From: David Wilder <dwilder@xxxxxxxxxx>
[PATCH v1 1/4] netfilter: Split ipt_unregister_table() into pre_exit and exit helpers.
- From: David Wilder <dwilder@xxxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Phil Sutter <phil@xxxxxx>
Re: iptables user space performance benchmarks published
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
KMSAN: uninit-value in hash_net6_add
- From: syzbot <syzbot+5d32b2edaf5048e61de0@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Phil Sutter <phil@xxxxxx>
Re: iptables user space performance benchmarks published
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Phil Sutter <phil@xxxxxx>
Re: iptables user space performance benchmarks published
- From: Phil Sutter <phil@xxxxxx>
Re: iptables user space performance benchmarks published
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Phil Sutter <phil@xxxxxx>
Re: iptables user space performance benchmarks published
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: kernel test robot <lkp@xxxxxxxxx>
Re: iptables user space performance benchmarks published
- From: Phil Sutter <phil@xxxxxx>
Re: iptables user space performance benchmarks published
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [nft PATCH] doc: Document notrack statement
- From: Florian Westphal <fw@xxxxxxxxx>
[nft PATCH] doc: Document notrack statement
- From: Phil Sutter <phil@xxxxxx>
Re: iptables user space performance benchmarks published
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH] netfiler: ipset: fix unaligned atomic access
- From: Russell King - ARM Linux admin <linux@xxxxxxxxxxxxxxx>
[PATCH nft] doc: revisit meta/rt primary expressions and ct statement
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 1/1] selftests: netfilter: add test case for conntrack helper assignment
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfiler: ipset: fix unaligned atomic access
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfiler: ipset: fix unaligned atomic access
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: [PATCH] netfiler: ipset: fix unaligned atomic access
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfiler: ipset: fix unaligned atomic access
- From: Russell King - ARM Linux admin <linux@xxxxxxxxxxxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
[PATCH net-next] ipvs: register hooks only with services
- From: Julian Anastasov <ja@xxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH v3] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: Rob Gill <rrobgill@xxxxxxxxxxxxxx>
Re: [PATCH v2] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: Rob Gill <rrobgill@xxxxxxxxxxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
Re: [PATCH] linux++, this: rename "struct notifier_block *this"
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: kernel test robot <lkp@xxxxxxxxx>
Re: Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Florian Westphal <fw@xxxxxxxxx>
Expose skb_gso_validate_network_len() [Was: ebtables: load-on-demand extensions]
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
[PATCH net-next] ipvs: avoid expiring many connections from timer
- From: Julian Anastasov <ja@xxxxxx>
[PATCH] netfilter: Add MODULE_DESCRIPTION entries to kernel modules
- From: Rob Gill <rrobgill@xxxxxxxxxxxxxx>
Re: [PATCH] linux++, this: rename "struct notifier_block *this"
- From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
Re: [PATCH] linux++, this: rename "struct notifier_block *this"
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: ebtables: load-on-demand extensions
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: ebtables: load-on-demand extensions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] ebtables-nft: introduce '-m <match_ext>' option
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
Allow dynamic loading of extentions in ebtables (-m option)
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
iptables user space performance benchmarks published
- From: Phil Sutter <phil@xxxxxx>
Re: ebtables: load-on-demand extensions
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
Re: [PATCH] linux++, this: rename "struct notifier_block *this"
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH] linux++, this: rename "struct notifier_block *this"
- From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
[PATCH] linux++, this: rename "struct notifier_block *this"
- From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
KMSAN: uninit-value in hash_ip6_add
- From: syzbot <syzbot+89bacaf2be1277d1e6de@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: ipset restore for bitmap:port terrible slow
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH nf-next] nft_set_pipapo: Drop useless assignment of scratch map index on insert
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nf-next] nft_set_pipapo: Drop useless assignment of scratch map index on insert
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] nft_set_pipapo: Drop useless assignment of scratch map index on insert
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: ipset restore for bitmap:port terrible slow
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
RE: [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
- From: David Laight <David.Laight@xxxxxxxxxx>
ipset restore for bitmap:port terrible slow
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: ebtables: load-on-demand extensions
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: ebtables: load-on-demand extensions
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
Re: ebtables: load-on-demand extensions
- From: Jan Engelhardt <jengelh@xxxxxxx>
ebtables: load-on-demand extensions
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
Re: [iptables PATCH] xtables-translate: don't fail if help was requested
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
[iptables PATCH] xtables-translate: Use proper clear_cs function
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] xtables-translate: don't fail if help was requested
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] xtables-translate: don't fail if help was requested
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
[PATCH] ipvs: avoid drop first packet by reusing conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
[PATCH] ipvs: avoid drop first packet by reusing conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
Re: [PATCH nft] tests: 0044interval_overlap_0: Repeat insertion tests with timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Allow wrappers to be passed as nft command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] nftables 0.9.6 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/4] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH 10/13] integrity/ima: switch to using __kernel_read
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 10/13] integrity/ima: switch to using __kernel_read
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
KMSAN: uninit-value in hash_ip6_del
- From: syzbot <syzbot+81b3ea575b0ab527b8b4@xxxxxxxxxxxxxxxxxxxxxxxxx>
RE: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: dwilder <dwilder@xxxxxxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH] ipvs: avoid drop first packet by reusing conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
Re: [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
- From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
[PATCH 01/13] cachefiles: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 02/13] autofs: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
clean up kernel_{read,write} & friends v4
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 03/13] bpfilter: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 04/13] fs: unexport __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 08/13] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 07/13] fs: remove __vfs_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 09/13] fs: add a __kernel_read helper
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 10/13] integrity/ima: switch to using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 12/13] fs: remove __vfs_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 13/13] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 11/13] fs: implement kernel_read using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 06/13] fs: implement kernel_write using __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Phil Sutter <phil@xxxxxx>
Re: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Phil Sutter <phil@xxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: [PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/4] netfilter: nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/4] netfilter: ctnetlink: memleak in filter initialization error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/4] netfilter: nf_tables: hook list memleak in flowtable deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/4] netfilter: nft_set_rbtree: Don't account for expired elements on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nf-next] nft_set_pipapo: Drop useless assignment of scratch map index on insert
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: Run in separate network namespace, don't break connectivity
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: shell: Drop redefinition of DIFF variable
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: shell: Allow wrappers to be passed as nft command
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: Good idea to rename files in include/uapi/ ?
- From: David Howells <dhowells@xxxxxxxxxx>
Good idea to rename files in include/uapi/ ?
- From: "Alexander A. Klimov" <grandmaster@xxxxxxxxxxxx>
Vim Syntax for NFTABLES -- Beta
- From: "SBCGlobal.Net" <s.egbert@xxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: hook list memleak in flowtable deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
Re: [ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
[ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 2/2] netfilter: nft: add support of reject verdict from ingress
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: Julian Anastasov <ja@xxxxxx>
[PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
[PATCH] ipvs: avoid drop first packet to reuse conntrack
- From: YangYuxi <yx.atom1@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: hook list memleak in flowtable deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: ctnetlink: memleak in filter initialization error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -next] netfilter: ctnetlink: Fix memleak in ctnetlink_alloc_filter
- From: Zheng Bin <zhengbin13@xxxxxxxxxx>
[PATCH] netfiler: ipset: fix unaligned atomic access
- From: Russell King <rmk+kernel@xxxxxxxxxxxxxxx>
Re: [PATCH v4.10] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] net: flow_offload: remove indirect flow_block declarations leftover
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: memory leak in ctnetlink_start
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: memory leak in nf_tables_parse_netdev_hooks (3)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
memory leak in ctnetlink_del_conntrack
- From: syzbot <syzbot+38b8b548a851a01793c5@xxxxxxxxxxxxxxxxxxxxxxxxx>
memory leak in nf_tables_parse_netdev_hooks (3)
- From: syzbot <syzbot+eb9d5924c51d6d59e094@xxxxxxxxxxxxxxxxxxxxxxxxx>
memory leak in ctnetlink_start
- From: syzbot <syzbot+b005af2cfb0411e617de@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] net: flow_offload: remove indirect flow_block declarations leftover
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] src: Quote user-defined names
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] build: Fix for failing 'make uninstall'
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH nf-next 2/2] netfilter: nft: add support of reject verdict from ingress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] build: Fix for failing 'make uninstall'
- From: Phil Sutter <phil@xxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH libnetfilter_queue] configure: Make --help show doxygen is off by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v4.10] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
- From: Vasily Averin <vvs@xxxxxxxxxxxxx>
[PATCH libnetfilter_queue] configure: Make --help show doxygen is off by default
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Extensions for ICMP[6] with sport, dport
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH AUTOSEL 5.7 124/274] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 5.4 082/175] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 043/106] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 34/72] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.9 23/50] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.4 17/37] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Sasha Levin <sashal@xxxxxxxxxx>
Re: [PATCH 8/8 net] net: remove indirect block netdev event registration
- From: Jacob Keller <jacob.e.keller@xxxxxxxxx>
Re: [PATCH 8/8 net] net: remove indirect block netdev event registration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/2] Force 'make distcheck' to pass
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnetfilter_queue] configure: disable doxygen by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 8/8 net] net: remove indirect block netdev event registration
- From: Jacob Keller <jacob.e.keller@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
nf_defrag_ipv6 / ip6_udp_tunnel on pure ipv4 setups
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
[PATCH nf-next 2/2] netfilter: nft: add support of reject verdict from ingress
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
[PATCH nf-next 1/2] netfilter: nft: refactor reject verdict source code
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Extensions for ICMP[6] with sport, dport
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: [PATCH nftables] src/main.c: fix build with gcc <= 4.8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] nft_set_pipapo: Disable preemption before getting per-CPU pointer
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH libnetfilter_queue 2/2] build: dist: Force 'make distcheck' to pass
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/2] Force 'make distcheck' to pass
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 1/2] build: dist: Add fixmanpages.sh to distribution tree
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH v2 08/18] netfilter: conntrack: Use sequence counter with associated spinlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
[PATCH v2 09/18] netfilter: nft_set_rbtree: Use sequence counter with associated rwlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
Re: [PATCH] build: resolve iptables-apply not getting installed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: document danger of applying REJECT to INVALID CTs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nftables] src/main.c: fix build with gcc <= 4.8
- From: Fabrice Fontaine <fontaine.fabrice@xxxxxxxxx>
Re: [PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] cmd: add misspelling suggestions for rule commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] meta: fix asan runtime error in tc handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] segtree: fix asan runtime error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] netlink: release dummy rule object from netlink_parse_set_expr()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: remove superfluous check in set_evaluate()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v2] evaluate: missing datatype definition in implicit_set_declaration()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft,v2] evaluate: missing datatype definition in implicit_set_declaration()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: missing datatype definition in implicit_set_declaration()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue v2 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH lnf-queue] configure: add --with/without-doxygen switch
- From: Florian Westphal <fw@xxxxxxxxx>
[ANNOUNCE] nftables 0.9.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH libnetfilter_queue 1/1] build: dist: Add fixmanpages.sh to distribution tree
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] URGENT: libnetfilter_queue-1.0.4 fails to build
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Nicolas Pitre <nico@xxxxxxxxxxx>
[ANNOUNCE] libnftnl 1.1.7 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] libnetfilter_queue 1.0.4 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Philippe Mathieu-Daudé <f4bug@xxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak124 v3] audit: log nftables configuration change events
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
[PATCH ghak124 v3] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: Florian Westphal <fw@xxxxxxxxx>
RE: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: dwilder <dwilder@xxxxxxxxxx>
Re: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
- From: David Wilder <dwilder@xxxxxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Harald Welte <laforge@xxxxxxxxxxxx>
Re: [PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Phil Sutter <phil@xxxxxx>
[PATCH] build: resolve iptables-apply not getting installed
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH] doc: document danger of applying REJECT to INVALID CTs
- From: Jan Engelhardt <jengelh@xxxxxxx>
[ANNOUNCE] iptables 1.8.5 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
[MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] build: bump dependency on libnftnl
- From: Phil Sutter <phil@xxxxxx>
[PATCH RFC libnetfilter_queue 0/1] Avoid packet copy in nfq_nlmsg_verdict_put_pkt
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH RFC libnetfilter_queue 1/1] examples: Use sendmsg() to avoid packet copy in nfq_nlmsg_verdict_put_pkt()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nft] tests: 0044interval_overlap_0: Repeat insertion tests with timeout
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nf] nft_set_rbtree: Don't account for expired elements on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH 0/9] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH net-next 0/8] the indirect flow_block infrastructure, revisited
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 1/1 v2] netfilter: Restore the CT mark in Flow Offload
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
Re: [PATCH 1/1] Restore the CT mark in Flow Offload
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH ghak124 v2] audit: log nftables configuration change events
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Logan Gunthorpe <logang@xxxxxxxxxxxx>
[PATCH v3 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Andreas Dilger <adilger@xxxxxxxxx>
Re: [PATCH v2 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Markus Elfring <Markus.Elfring@xxxxxx>
[PATCH] checkpatch/coding-style: Allow 100 column lines
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v2 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] include: Avoid undefined left-shift in xt_sctp.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] include: Avoid undefined left-shift in xt_sctp.h
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/9] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/9] netfilter: nf_tables: generalise flowtable hook parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 9/9] netfilter: nf_tables: skip flowtable hooknum and priority on device updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/9] netfilter: nf_tables: delete devices from flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/9] netfilter: nf_tables: add nft_flowtable_hooks_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 8/9] netfilter: nf_tables: allow to register flowtable with no devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/9] netfilter: nf_tables: add devices to existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/9] netfilter: nf_tables: pass hook list to flowtable event notifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/9] netfilter: nf_tables: pass hook list to nft_{un,}register_flowtable_net_hooks()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/9] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] tests: shell: Fix syntax in ipt-restore/0010-noflush-new-chain_0
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
RE: clean up kernel_{read,write} & friends v2
- From: David Laight <David.Laight@xxxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH v2 nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura García Liébana <nevola@xxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH 06/14] fs: remove the call_{read,write}_iter functions
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH ghak124 v2] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH net-next 2/8] net: flow_offload: consolidate indirect flow_block infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 3/8] net: cls_api: add tcf_block_offload_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 1/8] netfilter: nf_flowtable: expose nf_flow_table_gc_cleanup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 6/8] nfp: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 4/8] net: use flow_indr_dev_setup_offload()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 7/8] bnxt_tc: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 8/8] net: remove indirect block netdev event registration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 0/8] the indirect flow_block infrastructure, revisited
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 5/8] mlx5: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Dave Airlie <airlied@xxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: David Howells <dhowells@xxxxxxxxxx>
RE: clean up kernel_{read,write} & friends v2
- From: "Deucher, Alexander" <Alexander.Deucher@xxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Joe Perches <joe@xxxxxxxxxxx>
Re: [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Sedat Dilek <sedat.dilek@xxxxxxxxx>
Re: [PATCH 06/14] fs: remove the call_{read,write}_iter functions
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH 0/3] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: introduce support for reject at prerouting stage
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
[PATCH 01/14] cachefiles: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 02/14] autofs: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 03/14] bpfilter: switch to kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 04/14] fs: unexport __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 06/14] fs: remove the call_{read,write}_iter functions
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 07/14] fs: implement kernel_write using __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 08/14] fs: remove __vfs_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 11/14] integrity/ima: switch to using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 12/14] fs: implement kernel_read using __kernel_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 13/14] fs: remove __vfs_read
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH 10/14] fs: add a __kernel_read helper
- From: Christoph Hellwig <hch@xxxxxx>
clean up kernel_{read,write} & friends v2
- From: Christoph Hellwig <hch@xxxxxx>
[PATCH] netfilter/ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH nft v2 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/3] netfilter: conntrack: comparison of unsigned in cthelper confirmation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/3] netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/3] netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/3] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v6] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3] Avoid gretap fragmentation with nftables on bridge
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft v2 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft v2 2/2] tests: py: Enable anonymous set rule with concatenated ranges in inet/sets.t
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft v2 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH ghak124 v1] audit: log nftables configuration change events
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH ghak124 v1] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH ghak124 v1] audit: log nftables configuration change events
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH ghak124 v1] audit: log nftables configuration change events
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH nf] netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: nf_conntrack: comparison of unsigned in cthelper confirmation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: nfnetlink_cthelper: protocol offset signess in IPv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net] netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
- From: Nathan Chancellor <natechancellor@xxxxxxxxx>
Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 7/8 net] bnxt_tc: update indirect block support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire no destination connections in kthread if expire_nodest_conn=1
- From: Andrew Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH] netfilter/ipvs: immediately expire no destination connections in kthread if expire_nodest_conn=1
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 4/5] netfilter: conntrack: make conntrack userspace helpers work again
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
re: netfilter: nfnetlink_queue: resolve clash for unconfirmed conntracks
- From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
[PATCH][next] netfilter: conntrack: fix an unsigned int comparison to less than zero
- From: Colin King <colin.king@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Phil Sutter <phil@xxxxxx>
Re: iptables 1.8.5 ETA ?
- From: Etienne Champetier <champetier.etienne@xxxxxxxxx>
Re: [PATCH 1/1] geoip: add quiet flag to xt_geoip_build
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: How to test the kernel netfilter logic?
- From: Konstantin Khorenko <khorenko@xxxxxxxxxxxxx>
Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: How to test the kernel netfilter logic?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH 1/5] netfilter: nft_reject_bridge: enable reject with bridge vlan
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/5] netfilter: conntrack: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/5] netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/5] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/5] netfilter: ipset: Fix subcounter update skip
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/1] geoip: add quiet flag to xt_geoip_build
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH nft] tests: py: Actually use all available hooks in bridge/chains.t
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] build: Fix doc build, restore A2X assignment for doc/Makefile
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/3] netfilter: enable reject with bridge vlan
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [net PATCH] netfilter: ipset: Fix subcounter update skip
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] flowtable: relax logic to build NFTA_FLOWTABLE_HOOK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: skip flowtable hooknum and priority on device updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] build: Fix doc build, restore A2X assignment for doc/Makefile
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Phil Sutter <phil@xxxxxx>
Re: How to test the kernel netfilter logic?
- From: Konstantin Khorenko <khorenko@xxxxxxxxxxxxx>
Re: How to test the kernel netfilter logic?
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nf,v2 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf,v2 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2 2/2] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
How to test the kernel netfilter logic?
- From: Konstantin Khorenko <khorenko@xxxxxxxxxxxxx>
[PATCH] netfilter/ipvs: immediately expire no destination connections in kthread if expire_nodest_conn=1
- From: Andrew Sy Kim <kim.andrewsy@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nf] netfilter: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 2/2] netfilter: nfnetlink_cthelper: unbreak userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/2] netfilter: conntrack: make conntrack userspace helpers work again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 0/2] restore userspace helper support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/2] Fix evaluation of anonymous sets with concatenated ranges
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft 2/2] tests: shell: Introduce test for concatenated ranges in anonymous sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft 1/2] evaluate: Perform set evaluation on implicitly declared (anonymous) sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: py: Actually use all available hooks in bridge/chains.t
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] build: Fix doc build, restore A2X assignment for doc/Makefile
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft] tests: shell: Avoid breaking basic connectivity when run
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH 1/1] Remove flow offload when ct is removed from userspace
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
[PATCH 1/1] Restore the CT mark in Flow Offload
- From: Sven Auhagen <sven.auhagen@xxxxxxxxxxxx>
WARNING: proc registration bug in clusterip_tg_check (2)
- From: syzbot <syzbot+35e9c587ab6de655a1b3@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v4 net-next] net: flow_offload: simplify hw stats check handling
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: ipset make modules_install fails to honor INSTALL_MOD_PATH
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
Re: ipset make modules_install fails to honor INSTALL_MOD_PATH
- From: Jan Engelhardt <jengelh@xxxxxxx>
ipset make modules_install fails to honor INSTALL_MOD_PATH
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
Re: [PATCH ghak25 v6a] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
[PATCH ghak25 v6a] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH nft 3/4] src: delete devices to an existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/4] src: allow flowtable definitions with no devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/4] src: add devices to an existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/4] mnl: add function to convert flowtable device list to array
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v4 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
[PATCH nf-next 7/7] netfilter: nf_tables: allow to register flowtable with no devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 5/7] netfilter: nf_tables: add devices to existing flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 6/7] netfilter: nf_tables: delete devices from flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 4/7] netfilter: nf_tables: pass hook list to flowtable event notifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/7] netfilter: nf_tables: add nft_flowtable_hooks_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/7] netfilter: nf_tables: pass hook list to nft_{un,}register_flowtable_net_hooks()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/7] netfilter: nf_tables: generalise flowtable hook parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 0/7] dynamic device updates for flowtables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
[PATCH v3 net-next] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH ghak25 v6] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: clean up kernel_{read,write} & friends v2
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: flow_offload: simplify hw stats check handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue 2/2] pktbuff: add pktb_head_alloc(), pktb_setup() and pktb_head_size()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[iptables PATCH] doc: libxt_MARK: OUTPUT chain is fine, too
- From: Phil Sutter <phil@xxxxxx>
[PATCH v1 16/25] netfilter: nft_set_rbtree: Use sequence counter with associated rwlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>
[PATCH v1 15/25] netfilter: conntrack: Use sequence counter with associated spinlock
- From: "Ahmed S. Darwish" <a.darwish@xxxxxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]