Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC] concat with dynamically sized fields like vlan id
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- [RFC] netlink: do not alter set element width
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] rule: fix out of memory write if num_stmts is too low
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- [PATCH nf-next v6] netfilter: ctnetlink: add kernel side filtering for dump
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC] concat with dynamically sized fields like vlan id
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] main: fix get_optstring truncating output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH] main: fix get_optstring truncating output
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- Re: [PATCH] tests: dump generated use new nft tool
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] tests: dump generated use new nft tool
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- Re: [PATCH v1 1/1] xtables-addons: geoip: install and document xt_geoip_fetch
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [RFC] concat with dynamically sized fields like vlan id
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- Re: [PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
- Re: [PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/3] utils: fix UBSAN warning in fls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/3] main: fix ASAN -fsanizize=address error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] ct: Add support for the 'id' key
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] ct: Add support for the 'id' key
- From: Brett Mastbergen <brett.mastbergen@xxxxxxxxx>
- Re: strage iptables counts of wireguard traffic
- From: Sven-Haegar Koch <haegar@xxxxxxxxx>
- Re: strage iptables counts of wireguard traffic
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
- Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH 1/3] main: fix ASAN -fsanizize=address error
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- [PATCH 3/3] datatype: fix double-free resulting in use-after-free in datatype_free
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- [PATCH 2/3] utils: fix UBSAN warning in fls
- From: Michael Braun <michael-dev@xxxxxxxxxxxxx>
- Re: strage iptables counts of wireguard traffic
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
- Re: strage iptables counts of wireguard traffic
- From: Jan Engelhardt <jengelh@xxxxxxx>
- strage iptables counts of wireguard traffic
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/2] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH v1 1/1] xtables-addons: geoip: install and document xt_geoip_fetch
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH 00/15] gcc-10 warning fixes
- From: Arnd Bergmann <arnd@xxxxxxxx>
- [PATCH 06/15] netfilter: conntrack: avoid gcc-10 zero-length-bounds warning
- From: Arnd Bergmann <arnd@xxxxxxxx>
- Re: [PATCH 00/37] net: manually convert files to ReST format - part 2
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 00/37] net: manually convert files to ReST format - part 2
- From: Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx>
- [PATCH 37/37] docs: networking: convert tproxy.txt to ReST
- From: Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx>
- Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] rule: memleak in __do_add_setelems()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] rule: memleak in __do_add_setelems()
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 4/4] segtree: Fix get element command with prefixes
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/4] segtree: Use expr_clone in get_set_interval_*()
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 3/4] segtree: Merge get_set_interval_find() and get_set_interval_end()
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 0/4] Two bugfixes around prefixes in sets
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/4] segtree: Fix missing expires value in prefixes
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] rule: memleak in __do_add_setelems()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] rule: fix element cache update in __do_add_setelems()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 5.6 43/79] netfilter: nat: fix error handling upon registering inet hook
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH nft] rule: memleak in __do_add_setelems()
- From: Phil Sutter <phil@xxxxxx>
- [PATCH AUTOSEL 5.4 29/57] netfilter: nat: fix error handling upon registering inet hook
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] rule: memleak in __do_add_setelems()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] rule: memleak in __do_add_setelems()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/3] pktbuff: add pktb_alloc_head() and pktb_build_data()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH 2/2] netfilter: nf_osf: avoid passing pointer to local var
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2] netfilter: nat: never update the UDP checksum when it's 0
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH 0/6] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH 5/6] netfilter: nft_nat: add helper function to set up NAT address and protocol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/6] netfilter: nft_nat: add netmap support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/6] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/6] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/6] netfilter: nft_nat: set flags from initialization path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/6] netfilter: nf_tables: allow up to 64 bytes in the set element data area
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/6] netfilter: nf_conntrack: add IPS_HW_OFFLOAD status bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_osf: avoid passing pointer to local var
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_osf: avoid passing pointer to local var
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH] netfilter: nf_osf: avoid passing pointer to local var
- From: Arnd Bergmann <arnd@xxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- Re: Issues with nft typeof
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
- Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH nft] nat: transform range to prefix expression when possible
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Issues with nft typeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] evaluate: incorrect byteorder with typeof and integer_datatype
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: flush stdout after every verbose log.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] do not typedef socklen_t on Android
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak25 v4 2/3] netfilter: add audit table unregister actions
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak25 v4 1/3] audit: tidy and extend netfilter_cfg x_tables and ebtables logging
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Issues with nft typeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH nft,v3 1/9] src: NAT support for intervals in maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 7/9] mnl: restore --debug=netlink output with sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 8/9] tests: py: remove range test with service names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 9/9] tests: shell: add NAT mappings tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 6/9] tests: py: concatenation, netmap and nat mappings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 4/9] src: add STMT_NAT_F_CONCAT flag and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 3/9] src: add netmap support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 5/9] evaluate: fix crash when handling concatenation without map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 2/9] include: resync nf_nat.h kernel header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 0/9] netmap support for nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] tests: shell: Add test for nfbz#1391
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 2/2] expr: add jool expressions
- From: Alberto Leiva <ydahhrk@xxxxxxxxx>
- Issues with nft typeof
- From: michael-dev <michael-dev@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 04/18] nft: cache: Fetch sets per table
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v2 03/18] nft: cache: Init per table set list along with chain list
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v2 02/18] nft: cache: Eliminate init_chain_cache()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v2 01/18] ebtables-restore: Drop custom table flush routine
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH v2 10/18] nft: missing nft_fini() call in bridge family
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 04/18] nft: cache: Fetch sets per table
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 01/18] ebtables-restore: Drop custom table flush routine
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 13/18] nft: cache: Introduce struct nft_cache_req
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 14/18] nft-cache: Fetch cache per table
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 02/18] nft: cache: Eliminate init_chain_cache()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 07/18] nft: calculate cache requirements from list of commands
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 09/18] nft: remove cache build calls
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 16/18] nft: cache: Fetch cache for specific chains
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 18/18] nft: Fix for '-F' in iptables dumps
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 00/18] iptables: introduce cache evaluation phase
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 06/18] nft: split parsing from netlink commands
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 12/18] nft: cache: Improve fake cache integration
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 03/18] nft: cache: Init per table set list along with chain list
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 08/18] nft: restore among support
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 17/18] nft: cache: Optimize caching for flush command
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 11/18] nft: cache: Simplify rule and set fetchers
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 05/18] ebtables-restore: Table line to trigger implicit commit
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 15/18] nft-cache: Introduce __fetch_chain_cache()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/2] expr: add jool expressions
- From: Laura Garcia <nevola@xxxxxxxxx>
- WARNING in __nf_unregister_net_hook
- From: syzbot <syzbot+01d3835be1106c3083ba@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [nft PATCH 2/2] expr: add jool expressions
- From: Alberto Leiva <ydahhrk@xxxxxxxxx>
- Re: [PATCH] do not typedef socklen_t on Android
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] iptables: flush stdout after every verbose log.
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] libxt_IDLETIMER.c - fix target v1 help alignment and doc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] do not typedef socklen_t on Android
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: flush stdout after every verbose log.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] xshared.h - include sys/time.h to fix lack of struct timeval declaration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] libxt_addrtype.c - include strings.h for the definition of ffs()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] libipt_ULOG.c - include strings.h for the definition of ffs()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrack-tools] conntrack: add support for the IPS_HW_OFFLOAD flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_conntrack] src: add IPS_HW_OFFLOAD flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 1/9] src: NAT support for intervals in maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 9/9] tests: shell: add NAT mappings tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 7/9] mnl: restore --debug=netlink output with sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 6/9] tests: py: concatenation, netmap and nat mappings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 8/9] tests: py: remove range test with service names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 4/9] src: add STMT_NAT_F_CONCAT flag and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 3/9] src: add netmap support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 5/9] evaluate: fix crash when handling concatenation without map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 2/9] include: resync nf_nat.h kernel header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 0/9] netmap support for nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] udata: add NFTNL_UDATA_SET_DATA_INTERVAL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next V2] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Bodong Wang <bodong@xxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: nat: never update the UDP checksum when it's 0
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next V2] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 0/3] pktbuff API updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 3/3] pktbuff: add pktb_reset_network_header() and pktb_set_network_header()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 1/3] pktbuff: add pktb_alloc_head() and pktb_build_data()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 2/3] example: nf-queue: use pkt_buff
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- FW: pktb_alloc2
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [nft 1/3] src: NAT support for intervals in maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft 3/3] src: add netmap support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft 2/3] include: resync nf_nat.h kernel header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/5] netfilter: nft_nat: add netmap support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/5] netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/5] netfilter: nft_nat: set flags from initialization path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/5] netfilter: nft_nat: add helper function to set up NAT address and protocol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/5] netfilter: nf_tables: allow up to 64 bytes in the set element data area
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 0/5] netmap support for nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- mlx5: Panic with conntrack offload
- From: Marcelo Ricardo Leitner <mleitner@xxxxxxxxxx>
- [PATCH nft] src: NAT support for intervals in maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: nat: never update the UDP checksum when it's 0
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook
- From: Lukas Wunner <lukas@xxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: Problem with flushing nftalbes sets
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: Problem with flushing nftalbes sets
- From: Florian Westphal <fw@xxxxxxxxx>
- Problem with flushing nftalbes sets
- From: Milan JEANTON <m.jeanton@xxxxxxxxxxx>
- [PATCH ghak25 v4 1/3] audit: tidy and extend netfilter_cfg x_tables and ebtables logging
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v4 2/3] netfilter: add audit table unregister actions
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v4 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v4 0/3] Address NETFILTER_CFG issues
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH net-next] net/sched: act_ct: update nf_conn_acct for act_ct SW offload in flowtable
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH 4.19 00/40] 4.19.117-rc1 review
- From: Ben Hutchings <ben.hutchings@xxxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: nfnetlink: This library is not meant as a public API for application developers.
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH ghak25 v3 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak25 v3 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH 0/2] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH ghak25 v3 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- [nf-next V2] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Bodong Wang <bodong@xxxxxxxxxxxx>
- Re: [PATCH] libipt_ULOG.c - include strings.h for the definition of ffs()
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] libipt_ULOG.c - include strings.h for the definition of ffs()
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH AUTOSEL 5.5 27/35] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Greg KH <greg@xxxxxxxxx>
- [iptables PATCH] xshared: Drop pointless assignment in add_param_to_argv()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/3] tests: shell: Extend ipt-restore/0004-restore-race_0
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/3] tests: shell: Test -F in dump files
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/3] tests: shell: Improve ipt-restore/0001load-specific-table_0 a bit
- From: Phil Sutter <phil@xxxxxx>
- Re: libmnl & rtnetlink questions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH AUTOSEL 5.5 27/35] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: libmnl & rtnetlink questions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] libipt_ULOG.c - include strings.h for the definition of ffs()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2] netfilter: nat: fix error handling upon registering inet hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2] netfilter: flowtable: Free block_cb when being deleted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v1 1/1] Update download script for DBIP database
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH 4.19 00/40] 4.19.117-rc1 review
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH] libxt_IDLETIMER.c - fix target v1 help alignment and doc
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH net-next] net/sched: act_ct: update nf_conn_acct for act_ct SW offload in flowtable
- From: Roi Dayan <roid@xxxxxxxxxxxx>
- [PATCH] do not typedef socklen_t on Android
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH] iptables: flush stdout after every verbose log.
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH] xshared.h - include sys/time.h to fix lack of struct timeval declaration
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH] libxt_addrtype.c - include strings.h for the definition of ffs()
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH] libipt_ULOG.c - include strings.h for the definition of ffs()
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH net] netfilter: nat: never update the UDP checksum when it's 0
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- [PATCH net-next] net/sched: act_ct: update nf_conn_acct for act_ct SW offload in flowtable
- Re: [PATCH 4.19 00/40] 4.19.117-rc1 review
- From: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
- Re: [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Bodong Wang <bodong@xxxxxxxxxxxx>
- Re: [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Bodong Wang <bodong@xxxxxxxxxxxx>
- Re: [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Bodong Wang <bodong@xxxxxxxxxxxx>
- Re: [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nf-next] netfilter: nf_conntrack, add IPS_HW_OFFLOAD status bit
- From: Bodong Wang <bodong@xxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- [PATCH v1 1/1] Update download script for DBIP database
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v1 1/1] xtables-addons: geoip: Update download script for DBIP database
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nftables] build: Allow building from tarballs without yacc/lex
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables] doc: Include generated man pages in dist tarball
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: WARNING in nf_nat_unregister_fn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net] net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DISABLED
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/2] expr: add jool expressions
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: WARNING in nf_nat_unregister_fn
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH ghak25 v3 3/3] audit: add subj creds to NETFILTER_CFG record to cover async unregister
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: WARNING in nf_nat_unregister_fn
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nftables] build: Allow building from tarballs without yacc/lex
- From: Matt Turner <mattst88@xxxxxxxxx>
- Re: [PATCH nftables] doc: Include generated man pages in dist tarball
- From: Matt Turner <mattst88@xxxxxxxxx>
- WARNING in nf_nat_unregister_fn
- From: syzbot <syzbot+33e06702fd6cffc24c40@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH] [nf,v3] idletimer extension : Add alarm timer option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] [nf,v3] idletimer extension : Add alarm timer option
- From: Manoj Basapathi <manojbm@xxxxxxxxxxxxxx>
- Re: [nft PATCH 2/2] expr: add jool expressions
- From: Alberto Leiva <ydahhrk@xxxxxxxxx>
- [PATCH parser_bison] parser_bison: proper ct timeout list initialization
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/2] expr: add jool expressions
- From: Alberto Leiva <ydahhrk@xxxxxxxxx>
- [PATCH iptables] nft-shared: skip check for jumpto if cs->target is unset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] [nf,v2] idletimer extension : Add alarm timer option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] extensions: libxt_CT: add translation for NOTRACK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] [nf,v2] idletimer extension : Add alarm timer option
- From: Manoj Basapathi <manojbm@xxxxxxxxxxxxxx>
- Re: [PATCH] idletimer extension : Add alarm timer option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] idletimer extension : Add alarm timer option
- From: manojbm@xxxxxxxxxxxxxx
- Re: [PATCH] idletimer extension : Add alarm timer option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] idletimer extension : Add alarm timer option
- From: Manoj Basapathi <manojbm@xxxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: flowtable: Free block_cb when being deleted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 0/3] nft: cache: Minor review
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] libnetfilter_conntrack.pc.in: add LIBMNL_LIBS to Libs.Private
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/2] Prevent kernel from adding concatenated ranges if they're not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH AUTOSEL 5.5 27/35] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH AUTOSEL 5.5 27/35] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nft 2/2] src: Set NFT_SET_CONCAT flag for sets with concatenated ranges
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nft 1/2] include: Resync nf_tables.h cache copy
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nft 0/2] Prevent kernel from adding concatenated ranges if they're not supported
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- libmnl & rtnetlink questions
- From: Ian Pilcher <arequipeno@xxxxxxxxx>
- Re: [PATCH AUTOSEL 5.5 27/35] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH net] netfilter: flowtable: Free block_cb when being deleted
- From: Roi Dayan <roid@xxxxxxxxxxxx>
- [PATCH AUTOSEL 5.6 003/149] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.6 117/149] netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.5 002/121] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.5 095/121] netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 002/108] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 083/108] netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH nft] segtree: broken error reporting with mappings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: BUG: Anonymous maps with adjacent intervals broken since Linux 5.6
- From: Thorsten Knabe <linux@xxxxxxxxxxxxxxxxx>
- Re: BUG: Anonymous maps with adjacent intervals broken since Linux 5.6
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH libnetfilter_queue 1/1] New faster pktb_alloc2 replaces pktb_alloc & pktb_free
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 0/1] src & doc: pktb_alloc2
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- BUG: Anonymous maps with adjacent intervals broken since Linux 5.6
- From: Thorsten Knabe <linux@xxxxxxxxxxxxxxxxx>
- Re: ipv6 rpfilter and.. fw mark? problems with wireguard
- From: Andreas Jaggi <andreas.jaggi@xxxxxxxxxxxx>
- Re: ipv6 rpfilter and.. fw mark? problems with wireguard
- From: Dominique Martinet <asmadeus@xxxxxxxxxxxxx>
- ipv6 rpfilter and.. fw mark? problems with wireguard
- From: Dominique Martinet <asmadeus@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/2] expr: add jool expressions
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 0/7] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 1/7] netfilter: nft_set_rbtree: Drop spurious condition for overlap detection on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/7] netfilter: nf_tables: do not leave dangling pointer in nf_tables_set_alloc_name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/7] netfilter: nf_tables: reintroduce the NFT_SET_CONCAT flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/7] netfilter: ipset: Pass lockdep expression to RCU lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/7] netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/7] netfilter: xt_IDLETIMER: target v1 - match Android layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/7] netfilter: nf_tables: do not update stateful expressions if lookup is inverted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/7] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] build: Allow building from tarballs without yacc/lex
- From: Matt Turner <mattst88@xxxxxxxxx>
- [iptables PATCH] ebtables-restore: Table line to trigger implicit commit
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nftables] doc: Include generated man pages in dist tarball
- From: Matt Turner <mattst88@xxxxxxxxx>
- [nft PATCH 2/2] expr: add jool expressions
- From: Alberto Leiva Popper <ydahhrk@xxxxxxxxx>
- [libnftnl PATCH 1/2] expr: add jool support
- From: Alberto Leiva Popper <ydahhrk@xxxxxxxxx>
- Re: [PATCH nf 2/2] netfilter: nf_tables: reintroduce the NFT_SET_CONCAT flag
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf 2/2] netfilter: nf_tables: reintroduce the NFT_SET_CONCAT flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH 1/3] nft: cache: Eliminate init_chain_cache()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/3] nft: cache: Init per table set list along with chain list
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/3] nft: cache: Fetch sets per table
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/3] nft: cache: Minor review
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH AUTOSEL 5.5 27/35] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH AUTOSEL 5.5 28/35] netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.5 29/35] netfilter: nft_set_rbtree: Detect partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 24/32] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 26/32] netfilter: nft_set_rbtree: Detect partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 25/32] netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 08/13] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 09/13] netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 10/13] netfilter: nft_set_rbtree: Detect partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 6/9] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 3/5] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.5 27/35] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH] nft_set_pipapo: remove unused pointer lt
- From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
- Re: [PATCH] nft_set_pipapo: remove unused pointer lt
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH] nft_set_pipapo: remove unused pointer lt
- From: Colin King <colin.king@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipset: Pass lockdep expression to RCU lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipset: Pass lockdep expression to RCU lists
- From: Amol Grover <frextrite@xxxxxxxxx>
- Re: [PATCH libnetfilter_queue v2] src: Add faster alternatives to pktb_alloc()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2] nft_set_rbtree: Drop spurious condition for overlap detection on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 1/1] netfilter: nf_tables: do not leave dangling pointer in nf_tables_set_alloc_name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- flowtable crash in nf_flow_table_indr_block_cb
- From: wenxu <wenxu@xxxxxxxxx>
- segfault while trying to load module br_netfilter
- From: Benjamin Doppler <benjamin.doppler@xxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] segtree: bail out on concatenations
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH] segtree: bail out on concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ANNOUNCE] nftables 0.9.4 release
- From: Brett Mastbergen <bmastbergen@xxxxxxxxxxxx>
- Re: [ANNOUNCE] nftables 0.9.4 release
- From: sbezverk <sbezverk@xxxxxxxxx>
- Re: [ANNOUNCE] nftables 0.9.4 release
- From: Phil Sutter <phil@xxxxxx>
- Re: [ANNOUNCE] nftables 0.9.4 release
- From: sbezverk <sbezverk@xxxxxxxxx>
- [ANNOUNCE] conntrack-tools 1.4.6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] libnetfilter_conntrack 1.0.8 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 1/1] netfilter: nf_tables: do not leave dangling pointer in nf_tables_set_alloc_name
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- [PATCH libnetfilter_conntrack] expect: parse_mnl: fix gcc compile warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] tests: shell: add typeof with concatenations
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] doc: add hashing expressions description
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] concat: provide proper dtype when parsing typeof udata
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: shell: add typeof with concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] doc: add hashing expressions description
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH nf v2] nft_set_rbtree: Drop spurious condition for overlap detection on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nf] nft_set_rbtree: Drop spurious condition for overlap detection on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf] nft_set_rbtree: Drop spurious condition for overlap detection on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.1.6 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] nftables 0.9.4 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] concat: provide proper dtype when parsing typeof udata
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] ipvs: optimize tunnel dumps for icmp errors
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH nft] netlink: Show the handles of unknown rules in "nft monitor trace"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ANNOUNCE] nftlb 0.6 release
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [ANNOUNCE] nftlb 0.6 release
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: do not update stateful expressions if lookup is inverted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 4/4] nft_set_rbtree: Detect partial overlaps on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nf v2 4/4] nft_set_rbtree: Detect partial overlaps on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] parser_bison: simplify error in chain type and hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] evaluate: check for device in non-netdev chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] nftlb 0.6 release
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: IDLETIMER target v1 - match Android layout
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH v3] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH nft 1/3] rule: add hook_spec
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/3] evaluate: improve error reporting in netdev ingress chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/3] parser_bison: store location of basechain definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 5.5 138/170] netfilter: nft_fwd_netdev: allow to redirect to ifb via ingress
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 5.5 138/170] netfilter: nft_fwd_netdev: allow to redirect to ifb via ingress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/28] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v4 1/2] netfilter: ctnetlink: add kernel side filtering for dump
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- [PATCH nf-next v5 1/1] netfilter: ctnetlink: add kernel side filtering for dump
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH 19/28] netfilter: nf_queue: do not release refcouts until nf_reinject is done
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/28] netfilter: nf_tables: move nft_expr_clone() to nf_tables_api.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 22/28] netfilter: nft_set_bitmap: initialize set element extension in lookups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/28] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/28] netfilter: nf_tables: allow to specify stateful expression in set definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 24/28] netfilter: nf_tables: skip set types that do not support for expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/28] netfilter: nf_tables: fix double-free on set expression from the error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 26/28] netfilter: flowtable: add counter support in HW offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/28] netfilter: ctnetlink: Add missing annotation for ctnetlink_parse_nat_setup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 28/28] ipvs: fix uninitialized variable warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/28] netfilter: conntrack: Add missing annotations for nf_conntrack_all_lock() and nf_conntrack_all_unlock()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 25/28] netfilter: conntrack: add nf_ct_acct_add()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/28] netfilter: nf_tables: add enum nft_flowtable_flags to uapi
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/28] netfilter: nf_queue: make nf_queue_entry_release_refs static
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/28] netfilter: flowtable: add counter support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/28] ipvs: optimize tunnel dumps for icmp errors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 27/28] netfilter: nft_exthdr: fix endianness of tcp option cast
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/28] netfilter: conntrack: export nf_ct_acct_update()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/28] netfilter: flowtable: Fix incorrect tc_setup_type type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/28] netfilter: flowtable: Use work entry per offload command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/28] netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/28] netfilter: nf_queue: place bridge physports into queue_entry struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/28] netfilter: flowtable: Use rw sem as flow block lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/28] netfilter: flowtable: fix NULL pointer dereference in tunnel offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/28] netfilter: nf_tables: add nft_set_elem_expr_destroy() and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 23/28] netfilter: nft_dynset: validate set expression definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/28] netfilter: nf_tables: pass context to nft_set_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 21/28] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 20/28] netfilter: nf_queue: prefer nf_queue_entry_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/26] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH 00/26] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH nf-next] ipvs: fix uninitialized variable warning
- From: Julian Anastasov <ja@xxxxxx>
- [PATCH nf-next] ipvs: fix uninitialized variable warning
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH 01/26] netfilter: nf_tables: move nft_expr_clone() to nf_tables_api.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/26] netfilter: flowtable: fix NULL pointer dereference in tunnel offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/26] netfilter: nf_tables: allow to specify stateful expression in set definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/26] netfilter: nf_tables: pass context to nft_set_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/26] netfilter: conntrack: Add missing annotations for nf_conntrack_all_lock() and nf_conntrack_all_unlock()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/26] netfilter: ctnetlink: Add missing annotation for ctnetlink_parse_nat_setup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/26] netfilter: nf_tables: fix double-free on set expression from the error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/26] netfilter: conntrack: export nf_ct_acct_update()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/26] netfilter: nf_tables: add enum nft_flowtable_flags to uapi
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/26] netfilter: flowtable: add counter support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/26] netfilter: flowtable: Fix incorrect tc_setup_type type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/26] ipvs: optimize tunnel dumps for icmp errors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/26] netfilter: nf_queue: make nf_queue_entry_release_refs static
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/26] netfilter: flowtable: Use rw sem as flow block lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 20/26] netfilter: nf_queue: prefer nf_queue_entry_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/26] netfilter: flowtable: Use work entry per offload command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/26] netfilter: nf_queue: place bridge physports into queue_entry struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 19/26] netfilter: nf_queue: do not release refcouts until nf_reinject is done
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 21/26] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 23/26] netfilter: nft_dynset: validate set expression definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 26/26] netfilter: flowtable: add counter support in HW offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 24/26] netfilter: nf_tables: skip set types that do not support for expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 25/26] netfilter: conntrack: add nf_ct_acct_add()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 22/26] netfilter: nft_set_bitmap: initialize set element extension in lookups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/26] netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/26] netfilter: nf_tables: add nft_set_elem_expr_destroy() and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/26] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- linux-next: build warning after merge of the netfilter-next tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next v4 1/2] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Suggestion: replacement for physdev-is-bridged in nft
- From: jaroslav@xxxxxxxxxxx
- Re: [PATCH 2/2] netfilter: flowtable: add counter support in HW offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] netfilter: conntrack: add nf_ct_acct_add()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Suggestion: replacement for physdev-is-bridged in nft
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next v4 2/2] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v4 1/2] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/4] netfilter: nf_queue: rework refcount handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Suggestion: replacement for physdev-is-bridged in nft
- From: jaroslav@xxxxxxxxxxx
- Re: [PATCH nf] netfilter: nft_exthdr: fix endianness of tcp option cast
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: nft_exthdr: fix endianness of tcp option cast
- From: Sergey Marinkevich <sergey.marinkevich@xxxxxxxxxxx>
- [iptables] avoid raw sockets which requires CAP_NET_RAW
- From: Youfu Zhang <zhangyoufu@xxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_flow_table_offload: fix kernel NULL pointer dereference in nf_flow_table_indr_block_cb
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH 2/2] netfilter: flowtable: add counter support in HW offload
- [PATCH 1/2] netfilter: conntrack: add nf_ct_acct_add()
- [PATCH nft] evaluate: display error if statement is missing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2] netfilter: Fix incorrect tc_setup_type type for flowtable offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2 2/3] netfilter: flowtable: Use work entry per offload command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2 1/3] netfilter: flowtable: Use rw sem as flow block lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 5/8] netfilter: conntrack: Add missing annotations for nf_conntrack_all_lock() and nf_conntrack_all_unlock()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4/8] netfilter: Add missing annotation for ctnetlink_parse_nat_setup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nf_tables: skip set types that do not support for expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nft_dynset: validate set expression definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nft_set_bitmap: initialize set element extension in lookups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2] netfilter: Fix incorrect tc_setup_type type for flowtable offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2 0/3] netfilter: flowtable: Support offload of tuples in parallel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next v2 3/3] net/mlx5: CT: Use rhashtable's ct entries instead of a seperate list
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- [PATCH net-next v2 1/3] netfilter: flowtable: Use rw sem as flow block lock
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- [PATCH net-next v2 2/3] netfilter: flowtable: Use work entry per offload command
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- [PATCH net-next v2 0/3] netfilter: flowtable: Support offload of tuples in parallel
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- [PATCH nf-next v4 2/2] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- [PATCH nf-next v4 1/2] netfilter: ctnetlink: add kernel side filtering for dump
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- Re: [PATCH net-next 0/3] netfilter: flowtable: Support offload of tuples in parallel
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH net-next v2] netfilter: Fix incorrect tc_setup_type type for flowtable offload
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH nf-next 4/4] netfilter: nf_queue: prefer nf_queue_entry_free
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/4] netfilter: nf_queue: do not release refcouts until nf_reinject is done
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/4] netfilter: nf_queue: place bridge physports into queue_entry struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/4] netfilter: nf_queue: make nf_queue_entry_release_refs static
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/4] netfilter: nf_queue: rework refcount handling
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] iptables: open eBPF programs in read only mode
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: [PATCH v2] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH v2] iptables: open eBPF programs in read only mode
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [PATCH nf-next v3 1/2] netfilter: ctnetlink: add kernel side filtering for dump
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- [PATCH nf-next v3 2/2] netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- [PATCH nft] netlink: Show the handles of unknown rules in "nft monitor trace"
- From: Luis Ressel <aranea@xxxxxxxx>
- [PATCH v2] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] iptables: open eBPF programs in read only mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH nft] tests: Introduce test for insertion of overlapping and non-overlapping ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- [PATCH nft] src: add support for flowtable counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipvs: optimize tunnel dumps for icmp errors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: open eBPF programs in read only mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter/nf_tables: silence a RCU-list warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: conntrack: export nf_ct_acct_update()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 3/3] net/mlx5: CT: Use rhashtable's ct entries instead of a seperate list
- From: Saeed Mahameed <saeedm@xxxxxxxxxxxx>
- Re: [PATCH] netfilter/nf_tables: silence a RCU-list warning
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 2/3] netfilter: flowtable: Use work entry per offload command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 1/3] netfilter: flowtable: Use rw sem as flow block lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: Fix CONFIG_NET_CLS_ACT=n and CONFIG_NFT_FWD_NETDEV={y,m} build
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter/nf_tables: silence a RCU-list warning
- From: Qian Cai <cai@xxxxxx>
- [PATCH net] net: Fix CONFIG_NET_CLS_ACT=n and CONFIG_NFT_FWD_NETDEV={y,m} build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH net-next] netfilter: flowtable: Fix accessing null dst entry
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- Re: [PATCH] netfilter: nft_fwd_netdev: Fix CONFIG_NET_CLS_ACT=n build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nft_fwd_netdev: Fix CONFIG_NET_CLS_ACT=n build
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
- Re: [PATCH net-next] netfilter: flowtable: Fix accessing null dst entry
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next] netfilter: flowtable: Fix accessing null dst entry
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- Re: [PATCH] netfilter: nft_fwd_netdev: Fix CONFIG_NET_CLS_ACT=n build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nft_fwd_netdev: Fix CONFIG_NET_CLS_ACT=n build
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: conntrack: export nf_ct_acct_update()
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH 0/7] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 0/7] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/7] netfilter: nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/7] netfilter: nft_fwd_netdev: validate family and chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/7] netfilter: nft_set_rbtree: Detect partial overlaps on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/7] netfilter: nft_fwd_netdev: allow to redirect to ifb via ingress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/7] netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/7] selftests: netfilter: add nfqueue test case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/7] netfilter: nft_set_pipapo: Separate partial and complete overlap cases on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH v3 nf] selftests: netfilter: add nfqueue test case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 0/4] nftables: Consistently report partial and entire set overlaps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: flowtable: add counter support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nf_tables: add enum nft_flowtable_flags to uapi
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: conntrack: export nf_ct_acct_update()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 1/3] netfilter: flowtable: Use rw sem as flow block lock
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- [PATCH net-next 3/3] net/mlx5: CT: Use rhashtable's ct entries instead of a seperate list
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- [PATCH net-next 2/3] netfilter: flowtable: Use work entry per offload command
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- [PATCH net-next 0/3] netfilter: flowtable: Support offload of tuples in parallel
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nft_fwd_netdev: validate family and chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 2/2] netfilter: nft_fwd_netdev: allow to redirect to ifb via ingress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH net-next v2] netfilter: Fix incorrect tc_setup_type type for flowtable offload
- Re: [PATCH net-next] flow_offload: add TC_SETP_FT type in flow_indr_block_call
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH v3 nf] selftests: netfilter: add nfqueue test case
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] selftests: netfilter: add nfqueue test case
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nf] selftests: netfilter: add nfqueue test case
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] selftests: netfilter: add nfqueue test case
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in nf_flow_table_offload_setup
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in nf_flow_table_offload_setup
- From: syzbot <syzbot+e93c1d9ae19a0236289c@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: KASAN: slab-out-of-bounds Read in bitmap_ip_add
- From: syzbot <syzbot+f3e96783d74ee8ea9aa3@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH nf v2 4/4] nft_set_rbtree: Detect partial overlaps on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf v2 3/4] nft_set_rbtree: Introduce and use nft_rbtree_interval_start()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf v2 2/4] nft_set_pipapo: Separate partial and complete overlap cases on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf v2 1/4] nf_tables: Allow set back-ends to report partial overlaps on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf v2 0/4] nftables: Consistently report partial and entire set overlaps
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH NOMERGE iptables 2/2] man: xt_set: Describe --update-counters-first flag
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH NOMERGE iptables 1/2] man: xt_set: Reflect current behaviour of counter update and match flags
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH NOMERGE iptables 0/2] man: xt_set: Describe existing behaviour and new counters update flag
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf-next 3/3] net/sched: act_ct: add nf_conn_acct for SW act_ct flowtable offload
- [PATCH nf-next 0/3] netfilter: nf_flow_table_offload: add nf_conn_acct for flowtable offload
- [PATCH nf-next 1/3] netfilter: nf_flow_table: add nf_conn_acct for SW flowtable offload
- [PATCH nf-next 2/3] netfilter: nf_flow_table: add nf_conn_acct for HW flowtable offload
- Re: [PATCH 0/4] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] netfilter: nf_flow_table_offload: set hw_stats_type of flow_action_entry to FLOW_ACTION_HW_STATS_ANY
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] netfilter: nf_flow_table_offload: set hw_stats_type of flow_action_entry to FLOW_ACTION_HW_STATS_ANY
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH 1/4] netfilter: flowtable: reload ip{v6}h in nf_flow_nat_ip{v6}
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/4] netfilter: flowtable: populate addr_type mask
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/4] netfilter: flowtable: Fix flushing of offloaded flows on free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/4] netfilter: flowtable: reload ip{v6}h in nf_flow_tuple_ip{v6}
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] netfilter: nf_flow_table_offload: set hw_stats_type of flow_action_entry to FLOW_ACTION_HW_STATS_ANY
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter:nf_flow_table: add HW stats type support in flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v2] netfilter: nf_flow_table_offload: set hw_stats_type of flow_action_entry to FLOW_ACTION_HW_STATS_ANY
- Re: [PATCH nf-next] netfilter: nf_flow_table_offload: fix kernel NULL pointer dereference in nf_flow_table_indr_block_cb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: py: update nat expressions payload to include proto flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 2/2] expr: nat: snprint flags in hexadecimal
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 1/2] expr: masq: revisit _snprintf()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_flow_table_offload: fix kernel NULL pointer dereference in nf_flow_table_indr_block_cb
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter:nf_flow_table: add HW stats type support in flowtable
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter:nf_flow_table: add HW stats type support in flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter:nf_flow_table: add HW stats type support in flowtable
- Re: INFO: task hung in htable_put
- From: syzbot <syzbot+84936245a918e2cddb32@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH] iptables: open eBPF programs in read only mode
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH nf 4/4] nft_set_rbtree: Detect partial overlaps on insertion
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH net] netfilter: nf_flow_table: populate addr_type mask
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_flow_table_offload: fix potential NULL pointer dereference for dst_cache in handling lwtstate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 2/2] netfilter: nf_flow_table: reload ip{v6}h in nf_flow_tuple_ip{v6}
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 1/2] netfilter: nf_flow_table: reload ip{v6}h in nf_flow_nat_ip{v6}
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: flowtable: Fix flushing of offloaded flows on free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 13/29] netfilter: flowtable: add tunnel match offload support
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH net-next 6/6] netfilter: nf_flow_table: hardware offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net] netfilter: nf_flow_table: populate addr_type mask
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH 13/29] netfilter: flowtable: add tunnel match offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 4/4] nft_set_rbtree: Detect partial overlaps on insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 13/29] netfilter: flowtable: add tunnel match offload support
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH net-next 6/6] netfilter: nf_flow_table: hardware offload support
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH net-next 6/6] netfilter: nf_flow_table: hardware offload support
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH 19/29] nft_set_pipapo: Introduce AVX2-based lookup implementation
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Bug URGENT Report with new kernel 5.5.10-5.6-rc6
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 19/29] nft_set_pipapo: Introduce AVX2-based lookup implementation
- From: Linus Walleij <linus.walleij@xxxxxxxxxx>
- Re: [PATCH nft] evaluate: add range specified flag setting (missing NF_NAT_RANGE_PROTO_SPECIFIED)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net] netfilter: flowtable: Fix flushing of offloaded flows on free
- From: Paul Blakey <paulb@xxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
