Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- [NET] netfilter: nat: fix ICMP header corruption on ICMP errors
- From: Eyal Birger <eyal.birger@xxxxxxxxx>
- Re: [PATCH nf-next 8/9] netfilter: flowtable: add flow_offload_tuple() helper
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next 9/9] netfilter: flowtable: add nf_flow_table_offload_cmd()
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [RFC nf-next 0/4] netfilter: conntrack: allow insertion of clashing entries
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: bitwise: add support for shifts.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- WARNING: locking bug in finish_task_switch
- From: syzbot <syzbot+edec84a8b77e5a0cae31@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue v2 0/1] New pktb_make() function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 6/9] netfilter: flowtable: add nf_flowtable_hw_offload() helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 2/9] netfilter: flowtable: restrict flow dissector match on meta ingress device
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 9/9] netfilter: flowtable: add nf_flow_table_offload_cmd()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 7/9] netfilter: flowtable: refresh flow if hardware offload fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 8/9] netfilter: flowtable: add flow_offload_tuple() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 4/9] netfilter: flowtable: remove dying bit, use teardown bit instead
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 5/9] netfilter: flowtable: use atomic bitwise operations for flow flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 3/9] netfilter: flowtable: add nf_flow_offload_work_alloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v3 1/9] netfilter: flowtable: fetch stats only if flow is still alive
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [Patch net] netfilter: fix a use-after-free in mtype_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: store transaction list locally while requesting module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] monitor: Fix output for ranges in anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC nf-next 0/4] netfilter: conntrack: allow insertion of clashing entries
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH] monitor: Fix output for ranges in anonymous sets
- From: Phil Sutter <phil@xxxxxx>
- vmaps and default action
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in xt_rateest_put
- From: syzbot <syzbot+91bdd8eece0f6629ec8b@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft 1/3] libnftables: add nft_ctx_set_netns()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/3] libnftables: add nft_ctx_set_netns()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in xt_rateest_put
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- Re: general protection fault in xt_rateest_put
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in xt_rateest_put
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- general protection fault in xt_rateest_put
- From: syzbot <syzbot+91bdd8eece0f6629ec8b@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [Patch net] netfilter: fix a use-after-free in mtype_destroy()
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- Re: KASAN: use-after-free Read in bitmap_port_ext_cleanup
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- Re: KASAN: use-after-free Read in bitmap_port_ext_cleanup
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- KASAN: use-after-free Read in bitmap_port_ext_cleanup
- From: syzbot <syzbot+4c3cc6dbe7259dbf9054@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH netfilter/iptables] Add new slavedev match extension
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
- INFO: task hung in hashlimit_mt_check_common
- From: syzbot <syzbot+adf6c6c2be1c3a718121@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft] evaluate: better error notice when interval flag is not set on
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/3] libnftables: add nft_ctx_set_netns()
- From: Phil Sutter <phil@xxxxxx>
- Re: Unable to create htb tc classes more than 64K
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- [PATCH nft 6/7] netlink: add support for handling shift expressions.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 7/7] tests: shell: add bit-shift tests.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 5/7] parser: add parenthesized statement expressions.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 1/7] Update gitignore.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 4/7] netlink_delinearize: remove commented out pr_debug statement.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 2/7] src: white-space fixes.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 3/7] netlink_delinearize: fix typo.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 0/7] bitwise shift support
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH libnftnl 2/2] bitwise: add support for left and right shifts.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH libnftnl 1/2] gitignore: add tag and Emacs back-up files.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH libnftnl 0/2] bitwise shift support
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: bitwise: replace gotos with returns.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: bitwise: add support for shifts.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nf_tables: white-space fixes.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 0/3] netfilter: nft_bitwise: shift support
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [nft PATCH 3/3] tests: monitor: Support running individual test cases
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/3] monitor: Fix for use after free when printing map elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 1/3] monitor: Do not decompose non-anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/1] src: Fix value returned by nfq_tcp_get_payload_len()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: doc: Final polish for current round
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC libnetfilter_queue] src: Simplify struct pkt_buff
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH 0/3] Fixes for monitor/echo mode with maps
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 3/3] tests: monitor: Support running individual test cases
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/3] monitor: Fix for use after free when printing map elements
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/3] monitor: Do not decompose non-anonymous sets
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] evaluate: better error notice when interval flag is not set on
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC libnetfilter_queue] src: Simplify struct pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue v2 0/1] New pktb_make() function
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue] src: doc: Final polish for current round
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [ANNOUNCE] ipset 7.5 released
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH nft 3/3] main: add -w/--netns option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/3] main: split parsing from libnftables initialization
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/3] libnftables: add nft_ctx_set_netns()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/3] netns support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] main: restore --debug
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/9] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 3/9] netfilter: nf_flow_table_offload: fix incorrect ethernet dst address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/9] netfilter: nf_flow_table_offload: check the status of dst_neigh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/9] netfilter: flowtable: add nf_flowtable_time_stamp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/9] netfilter: nf_flow_table_offload: fix the nat port mangle.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 9/9] netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 8/9] netfilter: conntrack: dccp, sctp: handle null timeout argument
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/9] netfilter: nf_tables: unbind callbacks from flowtable destroy path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/9] netfilter: nft_flow_offload: fix underflow in flowtable reference counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/9] netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/9] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue v2 0/1] New pktb_make() function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC libnetfilter_queue 0/1] Make usable man pages
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nft v3] evaluate: fix expr_set_context call for shift binops.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: conntrack: dccp, sctp: handle null timeout argument
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: general protection fault in hash_ipportnet4_uadt
- From: syzbot <syzbot+34bd2369d38707f3f4a7@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH ghak25 v2 1/9] netfilter: normalize x_table function declarations
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: general protection fault in hash_ipportip6_uadt
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- general protection fault in hash_ipportip6_uadt
- From: syzbot <syzbot+19df0457b3f8383e02bd@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [RFC nf-next 4/4] netfilter: conntrack: allow insertion of duplicate/clashing entries
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 3/4] netfilter: conntrack: split resolve_clash function
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 2/4] netfilter: conntrack: place confirm-bit setting in a helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 1/4] netfilter: conntrack: remove two args from resolve_clash
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 0/4] netfilter: conntrack: allow insertion of clashing entries
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH] netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH nf] netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH nf] netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_mac4_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_netport4_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_ipportnet6_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_ip4_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_netport6_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_net4_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_netnet4_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_ip6_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in hash_ipport4_uadt
- From: Florian Westphal <fw@xxxxxxxxx>
- WARN on nft_set_destroy (probably use-after-free)
- From: Marco Oliverio <marco.oliverio@xxxxxxxxxx>
- general protection fault in hash_ip4_uadt
- From: syzbot <syzbot+0be5fe9e46479a332a4a@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_ip6_uadt
- From: syzbot <syzbot+7f87c1e8811ab0c1ca1f@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_net4_uadt
- From: syzbot <syzbot+b8e32edde51fdcc8c2c4@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_netnet4_uadt
- From: syzbot <syzbot+654d1074cc322943fbba@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_netport6_uadt
- From: syzbot <syzbot+e2362b2c3f229b2c9447@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_ipportnet6_uadt
- From: syzbot <syzbot+6da1a8be3fc79ab3e2d9@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_ipport4_uadt
- From: syzbot <syzbot+f35ea63f7eb0be42fa5d@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_netport4_uadt
- From: syzbot <syzbot+83fef78f45f4342655d8@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: Adding NAT64 to Netfilter
- From: Alberto Leiva <ydahhrk@xxxxxxxxx>
- [PATCH libnetfilter_queue 1/1] src: Fix value returned by nfq_tcp_get_payload_len()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 0/1] src: Fix value returned by nfq_tcp_get_payload_len()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: general protection fault in hash_mac4_uadt
- From: syzbot <syzbot+cabfabc5c6bf63369d04@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: general protection fault in hash_ipportnet4_uadt
- From: syzbot <syzbot+34bd2369d38707f3f4a7@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_mac4_uadt
- From: syzbot <syzbot+cabfabc5c6bf63369d04@xxxxxxxxxxxxxxxxxxxxxxxxx>
- INFO: task hung in ip_set_net_exit
- From: syzbot <syzbot+06b04e24a895e5e349f0@xxxxxxxxxxxxxxxxxxxxxxxxx>
- INFO: task hung in nfnetlink_rcv_msg
- From: syzbot <syzbot+da20e617ce568adf13f3@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in hash_ipportnet4_uadt
- From: syzbot <syzbot+34bd2369d38707f3f4a7@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: Adding NAT64 to Netfilter
- From: Laurent Fasnacht <lf@xxxxxx>
- Re: Adding NAT64 to Netfilter
- From: Laura Garcia <nevola@xxxxxxxxx>
- [PATCH nf-next] netfilter: hashlimit: do not use indirect calls during gc
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: add kernel side filtering for dump
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- Re: general protection fault in dccp_timeout_nlattr_to_obj
- From: syzbot <syzbot+46a4ad33f345d1dd346e@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: flowtable: restrict flow dissector match on meta ingress device
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: flowtable: refresh flow if hardware offload fails
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH nft v3] evaluate: fix expr_set_context call for shift binops.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf] netfilter: conntrack: dccp, sctp: handle null timeout argument
- From: Florian Westphal <fw@xxxxxxxxx>
- general protection fault in dccp_timeout_nlattr_to_obj
- From: syzbot <syzbot+46a4ad33f345d1dd346e@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH ghak25 v2 3/9] netfilter: normalize ebtables function declarations II
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ghak25 v2 2/9] netfilter: normalize ebtables function declarations
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ghak25 v2 1/9] netfilter: normalize x_table function declarations
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ghak25 v2 8/9] netfilter: add audit operation field
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH ghak25 v2 9/9] netfilter: audit table unregister actions
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 8/9] netfilter: add audit operation field
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 7/9] netfilter: ebtables audit table registration
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 6/9] netfilter: ebtables audit only on syscall rule
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 5/9] netfilter: x_tables audit only on syscall rule
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 4/9] audit: record nfcfg params
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 3/9] netfilter: normalize ebtables function declarations II
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 2/9] netfilter: normalize ebtables function declarations
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 1/9] netfilter: normalize x_table function declarations
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak25 v2 0/9] Address NETFILTER_CFG issues
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH 2/7] nft: split parsing from netlink commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/7] nft: calculate cache requirements from list of commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/7] nft: missing nft_fini() call in bridge family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/7] nft: remove cache build calls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/7] nft: restore among support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/7] nft: skip table list release if uninitialized
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/7] nft: do not check for existing chain from parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/7] iptables: introduce cache evaluation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: flowtable: refresh flow if hardware offload fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: flowtable: restrict flow dissector match on meta ingress device
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft v2] evaluate: fix expr_set_context call for shift binops.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH nft v2] evaluate: fix expr_set_context call for shift binops.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf,v3] netfilter: flowtable: add nf_flowtable_time_stamp
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH nf,v3] netfilter: flowtable: add nf_flowtable_time_stamp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC libnetfilter_queue 0/1] Make usable man pages
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH RFC libnetfilter_queue 1/1] doc: setup: Add shell script fixmanpages.sh to make usable man pages
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: flowtable: add nf_flowtable_time_stamp
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf,v2] netfilter: flowtable: fetch stats only if flow is still alive
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH libnetfilter_queue v2 1/1] src: Add alternative function to pktb_alloc to avoid malloc / free overhead
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue v2 0/1] New pktb_make() function
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH nf-next,v2 3/3] netfilter: flowtable: use atomic bitwise operations for flow flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 2/3] netfilter: flowtable: remove dying bit, use teardown bit instead
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 1/3] netfilter: flowtable: add nf_flow_offload_work_alloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: flowtable: fetch stats only if flow is still alive
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: flowtable: fetch stats only if flow is still alive
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: flowtable: use atomic bitwise operations for flow flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: flowtable: remove dying bit, use teardown bit instead
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: flowtable: add nf_flow_offload_work_alloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: flowtable: add nf_flowtable_time_stamp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nftables] bug: rejects empty set literals
- From: Florian Zumbiehl <florz@xxxxxxxx>
- Re: [PATCH libnftnl] include: Remove buffer.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nftables] bug: set output inconsistent syntax and missing information
- From: Florian Zumbiehl <florz@xxxxxxxx>
- [nftables] bug: prefix masks applied to set lookup keys are decompiled as a prefix length applied to the set
- From: Florian Zumbiehl <florz@xxxxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unbind callbacks from flowtable destroy path
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_flow_offload: fix unnecessary use counter decrease in destory
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nftables geoip 0/1] contrib: geoip: add geoip python script
- From: "Jose M. Guisado" <guigom@xxxxxxxxxx>
- [PATCH libnftnl] include: Remove buffer.h
- From: Brett Mastbergen <brett.mastbergen@xxxxxxxxx>
- Adding NAT64 to Netfilter
- From: Alberto Leiva <ydahhrk@xxxxxxxxx>
- Re: [PATCH nf v3 0/3] netfilter: nf_flow_table_offload: something fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_flow_offload: fix unnecessary use counter decrease in destory
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: flowtable: add nf_flowtable_time_stamp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: unbind callbacks from flowtable destroy path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] scanner: incorrect error reporting after file inclusion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: checksum.c: remove redundant 0xFFFF mask of uint16_t
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nftables geoip 0/1] contrib: geoip: add geoip python script
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/1] New pktb_usebuf() function
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Calling mnl_socket_sendto caused error of netlink attribute type 1 has an invalid length
- From: JH <jupiter.hce@xxxxxxxxx>
- Re: [PATCH nf-next v3 0/4] netfilter: nf_flow_table_offload: support tunnel offload
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH nf-next] netfilter: nft_bitwise: correct uapi header comment.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ghak90 V8 15/16] audit: check contid count per netns and add config param limit
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 14/16] audit: check contid depth and add limit config param
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 16/16] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 12/16] audit: contid check descendancy and nesting
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 13/16] audit: track container nesting
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 11/16] audit: add support for containerid to network namespaces
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 10/16] audit: add containerid filtering
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 09/16] audit: add containerid support for user records
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 08/16] audit: add support for non-syscall auxiliary records
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 06/16] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 05/16] audit: log drop of contid on exit of last task
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 04/16] audit: convert to contid list to check for orch/engine ownership
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 03/16] audit: read container ID of a process
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 02/16] audit: add container id
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 01/16] audit: collect audit task parameters
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH ghak90 V8 00/16] audit: implement container identifier
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH libnetfilter_queue] src: Always use pktb as formal arg of type struct pkt_buff
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_flow_offload: fix unnecessary use counter decrease in destory
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH libnetfilter_queue 2/2] src: doc: Eliminate doxygen warnings from libnetfilter_queue.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 1/2] src: libnetfilter_queue.c: whitespace: remove trailing spaces
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue] src: checksum.c: remove redundant 0xFFFF mask of uint16_t
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_flow_offload: fix unnecessary use counter decrease in destory
- From: wenxu <wenxu@xxxxxxxxx>
- Re: Calling mnl_socket_sendto caused error of netlink attribute type 1 has an invalid length
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH 00/17] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH nftables geoip 1/1] contrib: geoip: add geoip python script
- From: "Jose M. Guisado Gomez" <guigom@xxxxxxxxxx>
- [PATCH nftables geoip 0/1] contrib: geoip: add geoip python script
- From: "Jose M. Guisado Gomez" <guigom@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_flow_offload: fix unnecessary use counter decrease in destory
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v3 0/3] netfilter: nf_flow_table_offload: something fixes
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_flow_offload: fix unnecessary use counter decrease in destory
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: add kernel side filtering for dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] doc: Fix typo in IGMP section
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: doc: Eliminate doxygen warnings from libnetfilter_queue.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/2] src: tcp.c: change 1 remaining pkt formal arg to pktb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 2/2] src: doc: tcp.c: fix remaining doxygen warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 2/2] doc: doxygen.cfg.in: Eliminate 20 doxygen warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/2] doc: whitespace: Remove trailing spaces from doxygen.cfg.in
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: pktb_mangle has signed offset arg so can mangle MAC header with -ve one
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 2/2] src: add mangle functions for IPv6, IPv6/TCP and IPv6/UDP
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/2] src: more IPv6 checksum fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/17] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/17] netfilter: nft_tunnel: also dump ERSPAN_VERSION
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/17] netfilter: conntrack: remove two export symbols
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/17] netfilter: nft_meta: move time handling to helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/17] netfilter: nft_meta: move pkttype handling to helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/17] netfilter: nft_tunnel: also dump OPTS_ERSPAN/VXLAN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/17] netfilter: nft_meta: move cgroup handling to helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/17] netfilter: nft_meta: place prandom handling in a helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/17] netfilter: nft_meta: move all interface related keys to helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/17] netfilter: nft_meta: add support for slave device ifindex matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/17] netfilter: nft_meta: place rtclassid handling in a helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/17] netfilter: nft_meta: move interface kind handling to helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/17] netfilter: nft_meta: move sk uid/git handling to helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/17] netfilter: nft_tunnel: add the missing nla_nest_cancel()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/17] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/17] netfilter: Document ingress hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/17] netfilter: Clean up unnecessary #ifdef
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/17] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] extensions: AUDIT: fix man-page typo.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Calling mnl_socket_sendto caused error of netlink attribute type 1 has an invalid length
- From: JH <jupiter.hce@xxxxxxxxx>
- Re: general protection fault in nf_ct_netns_do_get
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in nf_ct_netns_do_get
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: general protection fault in nf_ct_netns_do_get
- From: syzbot <syzbot+19616eedf6fd8e241e50@xxxxxxxxxxxxxxxxxxxxxxxxx>
- general protection fault in nf_ct_netns_do_get
- From: syzbot <syzbot+19616eedf6fd8e241e50@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 0/2] src: doc: fix remaining doxygen warnings
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 1/2] src: tcp.c: change 1 remaining pkt formal arg to pktb
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 2/2] src: doc: tcp.c: fix remaining doxygen warnings
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.9 03/38] netfilter: ctnetlink: netns exit must wait for callbacks
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 09/38] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.4 02/25] netfilter: ctnetlink: netns exit must wait for callbacks
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.4 04/25] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.4 05/25] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 08/38] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 03/57] netfilter: ctnetlink: netns exit must wait for callbacks
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 07/57] netfilter: nf_queue: enqueue skbs with NULL dst
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 12/57] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 13/57] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 14/57] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 014/187] netfilter: ctnetlink: netns exit must wait for callbacks
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 017/187] netfilter: nf_tables_offload: Check for the NETDEV_UNREGISTER event
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 025/187] netfilter: nf_queue: enqueue skbs with NULL dst
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 034/187] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 032/187] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 033/187] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 035/187] netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 037/187] netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 036/187] netfilter: nf_tables: skip module reference count bump on object updates
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 038/187] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 07/84] netfilter: ctnetlink: netns exit must wait for callbacks
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 12/84] netfilter: nf_queue: enqueue skbs with NULL dst
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 18/84] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 19/84] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 21/84] netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 20/84] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 22/84] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- Re: general protection fault in xt_rateest_tg_checkentry
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- Re: general protection fault in xt_rateest_tg_checkentry
- From: syzbot <syzbot+d7358a458d8a81aee898@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: Weird/High CPU usage caused by LOG target
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
- Re: Weird/High CPU usage caused by LOG target
- From: Tom Yan <tom.ty89@xxxxxxxxx>
- Re: Weird/High CPU usage caused by LOG target
- From: Tom Yan <tom.ty89@xxxxxxxxx>
- Re: Weird/High CPU usage caused by LOG target
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Weird/High CPU usage caused by LOG target
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- general protection fault in xt_rateest_tg_checkentry
- From: syzbot <syzbot+d7358a458d8a81aee898@xxxxxxxxxxxxxxxxxxxxxxxxx>
- INFO: task hung in htable_put
- From: syzbot <syzbot+84936245a918e2cddb32@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 0/4] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/9] netfilter: nft_meta: add support for slave device matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/4] selftests: netfilter: extend flowtable test script with dnat rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/4] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/4] netfilter: ebtables: compat: reject all padding in matches/watchers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/4] netfilter: nf_flow_table: fix big-endian integer overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v3 0/4] netfilter: nf_flow_table_offload: support tunnel offload
- From: wenxu <wenxu@xxxxxxxxx>
- Re: Weird/High CPU usage caused by LOG target
- From: Thomas Korimort <tomkori@xxxxxxx>
- Weird/High CPU usage caused by LOG target
- From: Tom Yan <tom.ty89@xxxxxxxxx>
- [PATCH] doc: Fix typo in IGMP section
- From: Benjamin Poirier <benjamin.poirier@xxxxxxxxx>
- [PATCH libnetfilter_queue] src: doc: Eliminate doxygen warnings from libnetfilter_queue.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [nftables] bug: rejects single-element intervals as supposedly empty
- From: Florian Zumbiehl <florz@xxxxxxxx>
- Re: [nftables] bug: rejects single-element intervals as supposedly empty
- From: Florian Westphal <fw@xxxxxxxxx>
- [nftables] bug: rejects single-element intervals as supposedly empty
- From: Florian Zumbiehl <florz@xxxxxxxx>
- Re: [PATCH nf-next v3 0/4] netfilter: nf_flow_table_offload: support tunnel offload
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH net-next 2/5] netfilter: nf_flow_table_offload: refactor nf_flow_table_offload_setup to support indir setup
- [PATCH net-next 1/5] flow_offload: add TC_SETP_FT type in flow_indr_block_call
- [PATCH net-next 4/5] netfilter: nf_flow_table_offload: add tunnel match offload support
- [PATCH net-next 5/5] netfilter: nf_flow_table_offload: add tunnel encap/decap action offload support
- [PATCH net-next 3/5] netfilter: nf_flow_table_offload: add indr block setup support
- [PATCH net-next 0/5] netfilter: add indr block setup in nf_flow_table_offload
- Re: [PATCH nftables] evaluate: remove expr_set_context call.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft v2] evaluate: fix expr_set_context call for shift binops.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nftables] evaluate: remove expr_set_context call.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH] netfilter: xt_LOG: remove unused headers
- From: Geliang Tang <geliangtang@xxxxxxxxx>
- [PATCH libnetfilter_queue 1/2] doc: whitespace: Remove trailing spaces from doxygen.cfg.in
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 2/2] doc: doxygen.cfg.in: Eliminate 20 doxygen warnings
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue] src: pktb_mangle has signed offset arg so can mangle MAC header with -ve one
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Documentation question
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/1] New pktb_usebuf() function
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Documentation question
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH iptables] extensions: AUDIT: fix man-page typo.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nftables] evaluate: remove expr_set_context call.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 3/3] netfilter: nf_tables: fix miss dec set use counter in the nf_tables_destroy_set
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH nf] netfilter: nft_flow_offload: fix unnecessary use counter decrease in destory
- Re: [PATCH nf 2/3] netfilter: nf_tables: fix miss activate operation in the
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: flowtable: clean up entries for FLOW_BLOCK_UNBIND
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_flow_table: clean up entries in hardware
- [PATCH libnetfilter_queue 0/2] Add mangle functions for IPv6, IPv6/TCP and IPv6/UDP
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 1/2] src: more IPv6 checksum fixes
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 2/2] src: add mangle functions for IPv6, IPv6/TCP and IPv6/UDP
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH nf v3 2/3] netfilter: nf_flow_table_offload: check the status of dst_neigh
- [PATCH nf v3 1/3] netfilter: nf_flow_table_offload: fix incorrect ethernet dst address
- [PATCH nf v3 3/3] netfilter: nf_flow_table_offload: fix the nat port mangle.
- [PATCH nf v3 0/3] netfilter: nf_flow_table_offload: something fixes
- Re: [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf 2/3] netfilter: nf_tables: fix miss activate operation in the
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next 9/9] netfilter: nft_meta: add support for slave device ifindex matching
- From: David Ahern <dsahern@xxxxxxxxx>
- Re: [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf PATCH] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: ebtables: compat: reject all padding in matches/watchers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] selftests: netfilter: extend flowtable test script with dnat rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_flow_table: fix big-endian integer overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Documentation question
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 3/3] netfilter: nf_tables: fix miss dec set use counter in the nf_tables_destroy_set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 2/3] netfilter: nf_tables: fix miss activate operation in the
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 1/3] netfilter: nf_tables: fix rule release in err path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_flow_table: big endian fix for TCP flags
- From: Olof Johansson <olof@xxxxxxxxx>
- Re: [PATCH nf v2 3/3] netfilter: nf_flow_table_offload: fix the nat port mangle.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- Re: [PATCH nf-next 9/9] netfilter: nft_meta: add support for slave device ifindex matching
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 9/9] netfilter: nft_meta: add support for slave device ifindex matching
- From: David Ahern <dsahern@xxxxxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- Re: Numen with reference to vmap
- From: Phil Sutter <phil@xxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- [PATCH nf] netfilter: flowtable: clean up entries for FLOW_BLOCK_UNBIND
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf PATCH] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Máté Eckl <ecklm94@xxxxxxxxx>
- [PATCH nf-next] netfilter: flowtable: clean up entries on NETDEV_UNREGISTER
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Numen with reference to vmap
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next] netfilter: ctnetlink: add kernel side filtering for dump
- From: Romain Bellan <romain.bellan@xxxxxxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- Re: Numen with reference to vmap
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- Re: Numen with reference to vmap
- From: Phil Sutter <phil@xxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- [PATCH nf 1/3] netfilter: nf_tables: fix rule release in err path
- [PATCH nf 3/3] netfilter: nf_tables: fix miss dec set use counter in the nf_tables_destroy_set
- [PATCH nf 2/3] netfilter: nf_tables: fix miss activate operation in the
- [PATCH nf 0/3] netfilter: nf_tables: fix use counter for rule
- Re: [nf PATCH] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] meta: add slave device matching
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl] expr: meta: add slave device matching
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 9/9] netfilter: nft_meta: add support for slave device ifindex matching
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 8/9] netfilter: nft_meta: place rtclassid handling in a helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 7/9] netfilter: nft_meta: place prandom handling in a helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 6/9] netfilter: nft_meta: move all interface related keys to helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 5/9] netfilter: nft_meta: move interface kind handling to helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/9] netfilter: nft_meta: move cgroup handling to helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/9] netfilter: nft_meta: move sk uid/git handling to helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/9] netfilter: nft_meta: move pkttype handling to helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/9] netfilter: nft_meta: move time handling to helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/9] netfilter: nft_meta: add support for slave device matching
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCHv2 nf-next 2/5] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- Re: trying to duplicate udp packets destined for port 67 to port 6767 on same host
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [nf PATCH] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nf PATCH] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Phil Sutter <phil@xxxxxx>
- Re: [nf PATCH] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Florian Westphal <fw@xxxxxxxxx>
- [nf PATCH] netfilter: nft_tproxy: Fix port selector on Big Endian
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next] netfilter: Document ingress hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: Clean up unnecessary #ifdef
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: remove two export symbols
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 2/5] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 0/5] netfilter: nft_tunnel: a bunch of fixes and improvements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 06/21] audit: contid limit of 32k imposed to avoid DoS
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 06/21] audit: contid limit of 32k imposed to avoid DoS
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 06/21] audit: contid limit of 32k imposed to avoid DoS
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH nft 10/11] fib: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 06/11] ct: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 01/11] meta: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 08/11] hash: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 09/11] rt: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 07/11] numgen: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 11/11] xfrm: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 05/11] osf: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 03/11] exthdr: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 04/11] socket: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 02/11] exthdr: add exthdr_desc_id enum and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 00/11] complete typeof support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Numen with reference to vmap
- From: Phil Sutter <phil@xxxxxx>
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- [PATCH nf-next] netfilter: xt_slavedev: Add new L3master slave input device match
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
- [PATCH netfilter/iptables] Add new slavedev match extension
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
- [PATCH iptables] extensions: Add new xt_slavedev input interface match extension
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
- Re: Numen with reference to vmap
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,RFC] main: remove need to escape quotes
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft v3 10/10] tests: add typeof test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 09/10] doc: mention 'typeof' as alternative to 'type' keyword
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 08/10] evaluate: print a hint about 'typeof' syntax on 0 keylen
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 07/10] mnl: round up the map data size too
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 06/10] src: add "typeof" build/parse/print support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 05/10] parser: add typeof keyword for declarations
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 04/10] expr: add expr_ops_by_type()
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 03/10] proto: add proto_desc_id enumeration
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 02/10] src: store expr, not dtype to track data in sets
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 01/10] parser: add a helper for concat expression handling
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v3 00/10] add typeof keyword
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft,RFC] main: remove need to escape quotes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf v2 3/3] netfilter: nf_flow_table_offload: fix the nat port mangle.
- [PATCH nf v2 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- [PATCH nf v2 0/3] netfilter: nf_flow_table_offload: something fixes
- [PATCH nf v2 2/3] netfilter: nf_flow_table_offload: check the status of dst_neigh
- Re: Numen with reference to vmap
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- Re: [PATCH nft,RFC] main: remove need to escape quotes
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft,RFC] main: remove need to escape quotes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/3] typeof incremental enhancements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 2/2] src: doc: Eliminate doxygen warnings from udp.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/2] src: doc: udp.c: rename 1 more formal pkt arg to pktb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/3] typeof incremental enhancements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/3] typeof incremental enhancements
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 0/3] typeof incremental enhancements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/3] typeof incremental enhancements
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 0/3] typeof incremental enhancements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/3] typeof incremental enhancements
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl 2/2] udata: support for TLV attribute nesting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 1/2] udata: add NFTNL_UDATA_SET_*TYPEOF* definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/3] expr: add parse and build userdata interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/3] proto: add proto_desc_id enumeration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/3] expr: add expr_ops_by_type()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/3] typeof incremental enhancements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Introduction to Community
- From: Jaswanth Bommidi <jassu.bommidi@xxxxxxxxx>
- Re: KASAN: vmalloc-out-of-bounds Read in compat_copy_entries
- From: syzbot <syzbot+f68108fed972453a0ad4@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH nf] netfilter: ebtables: compat: reject all padding in matches/watchers
- From: Florian Westphal <fw@xxxxxxxxx>
- Documentation question
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- KASAN: vmalloc-out-of-bounds Read in compat_copy_entries
- From: syzbot <syzbot+f68108fed972453a0ad4@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 5/5] netfilter: nft_tunnel: add the missing nla_nest_cancel()
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 4/5] netfilter: nft_tunnel: also dump OPTS_ERSPAN/VXLAN
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 3/5] netfilter: nft_tunnel: also dump ERSPAN_VERSION
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 2/5] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 1/5] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- [PATCH nft v2 11/11] tests: add typeof test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 10/11] doc: mention 'typeof' as alternative to 'type' keyword
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 09/11] evaluate: print a hint about 'type,width' syntax on 0 keylen
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 08/11] src: netlink: remove assertion
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 07/11] mnl: round up the map data size too
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 06/11] src: add "typeof" print support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 03/11] src: store expr, not dtype to track data in sets
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 05/11] parser: add typeof keyword for declarations
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 04/11] src: parser: add syntax to provide size of variable-sized data types
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 02/11] libnftnl: split nft_ctx_new/free
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 01/11] parser: add a helper for concat expression handling
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 00/10] add typeof keyword
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] main: enforce options before commands
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] main: enforce options before commands
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] main: enforce options before commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- [PATCHv2 nf-next 5/5] netfilter: nft_tunnel: add the missing nla_nest_cancel()
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCHv2 nf-next 4/5] netfilter: nft_tunnel: also dump OPTS_ERSPAN/VXLAN
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCHv2 nf-next 3/5] netfilter: nft_tunnel: also dump ERSPAN_VERSION
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCHv2 nf-next 2/5] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCHv2 nf-next 1/5] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCHv2 nf-next 0/5] netfilter: nft_tunnel: a bunch of fixes and improvements
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: remove two export symbols
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] selftests: netfilter: extend flowtable test script with dnat rule
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] main: allow for getopt parser from top-level scope only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/7] netfilter: nft_tunnel: reinforce key opts support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 3/3] netfilter: nf_flow_table_offload: fix the nat port mangle.
- [PATCH nf 0/3] netfilter: nf_flow_table_offload: something fixes
- [PATCH nf 2/3] netfilter: nf_flow_table_offload: check the status of dst_neigh
- [PATCH nf 1/3] netfilter: nf_flow_table_offload: fix dst_neigh lookup for dnat
- Re: [PATCH nf 0/4] netfilter: nf_flow_table_offload: something fixes
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH nf 3/4] netfilter: nf_flow_table_offload: fix miss dst_neigh_lookup for ipv6
- [PATCH nf 1/4] netfilter: nf_flow_table_offload: fix dst_neigh lookup
- [PATCH nf 4/4] netfilter: nf_flow_table_offload: fix the nat port mangle.
- [PATCH nf 2/4] netfilter: nf_flow_table_offload: check the status of dst_neigh
- [PATCH nf 0/4] netfilter: nf_flow_table_offload: something fixes
- Re: [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Xin Long <lucien.xin@xxxxxxxxx>
- Re: [PATCH nf-next 0/7] netfilter: nft_tunnel: reinforce key opts support
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH libnetfilter_queue 2/2] src: doc: Eliminate doxygen warnings from udp.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 1/2] src: doc: udp.c: rename 1 more formal pkt arg to pktb
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/7] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/7] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_flow_table: fix big-endian integer overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: Fix value returned by nfq_udp_get_payload_len()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/7] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 6/7] netfilter: nft_tunnel: add the missing nla_nest_cancel()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 5/7] netfilter: nft_tunnel: also dump OPTS_ERSPAN/VXLAN
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 4/7] netfilter: nft_tunnel: also dump ERSPAN_VERSION
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/7] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/7] netfilter: nft_tunnel: parse VXLAN_GBP attr as u32 in nft_tunnel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] doc: nft.8: Add BUGS section about command line parsing
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next v2] netfilter: connmark: introduce set-dscpmark
- From: Kevin Darbyshire-Bryant <ldir@xxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH] netfilter: nf_flow_table: fix big-endian integer overflow
- From: Arnd Bergmann <arnd@xxxxxxxx>
- Re: [RFC PATCH nf-next] netfilter: conntrack: add support for storing DiffServ code-point as CT mark.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: KASAN: slab-out-of-bounds Read in bit_putcs
- From: syzbot <syzbot+998dec6452146bd7a90c@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH nf-next] netfilter: conntrack: add support for storing DiffServ code-point as CT mark.
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnetfilter_queue 1/1] src: Add alternative function to pktb_alloc to avoid malloc / free overhead
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 0/1] New pktb_usebuf() function
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [nft PATCH] py: load the SONAME-versioned shared object
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC PATCH nf-next] netfilter: conntrack: add support for storing DiffServ code-point as CT mark.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [nft PATCH] py: load the SONAME-versioned shared object
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- [PATCH nf-next v3 4/4] netfilter: nf_flow_table_offload: add tunnel encap/decap action offload support
- [PATCH nf-next v3 3/4] netfilter: nf_flow_table_offload: add tunnel match offload support
- [PATCH nf-next v3 2/4] netfilter: nf_flow_table_offload: add indr block setup support
- [PATCH nf-next v3 0/4] netfilter: nf_flow_table_offload: support tunnel offload
- [PATCH nf-next v3 1/4] netfilter: nf_flow_table_offload: refactor nf_flow_table_offload_setup to support indir setup
- Re: [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Xin Long <lucien.xin@xxxxxxxxx>
- Re: [RFC PATCH nf-next] netfilter: conntrack: add support for storing DiffServ code-point as CT mark.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/1] netfilter: connmark: introduce set-dscpmark
- From: "Kevin 'ldir' Darbyshire-Bryant" <ldir@xxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue] src: Fix value returned by nfq_udp_get_payload_len()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [RFC PATCH nf-next] netfilter: conntrack: add support for storing DiffServ code-point as CT mark.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [RFC PATCH nf-next] netfilter: conntrack: add support for storing DiffServ code-point as CT mark.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 00/17] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [RFC PATCH nftables] Add "ct dscpmark" conntrack statement.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [RFC PATCH nf-next] netfilter: conntrack: add support for storing DiffServ code-point as CT mark.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 2/2] src: doc: Fully document available verdicts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/2] src: doc: Update sample code to agree with documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RFC: libnetfilter_queue: nfq_udp_get_payload_len() gives wrong answer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH,nf-next RFC 1/2] netfilter: nf_tables: add nft_setelem_parse_key()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- [PATCH 02/17] netfilter: nf_flow_table_offload: Fix block setup as TC_SETUP_FT cmd
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/17] netfilter: nf_flow_table_offload: add IPv6 match description
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/17] netfilter: nf_flow_table_offload: Don't use offset uninitialized in flow_offload_port_{d,s}nat
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/17] netfilter: nf_tables_offload: Check for the NETDEV_UNREGISTER event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/17] netfilter: nf_queue: enqueue skbs with NULL dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/17] netfilter: conntrack: tell compiler to not inline nf_ct_resolve_clash
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/17] netfilter: nf_flow_table_offload: Fix block_cb tc_setup_type as TC_SETUP_CLSFLOWER
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/17] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/17] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/17] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/17] selftests: netfilter: use randomized netns names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/17] netfilter: nf_tables: skip module reference count bump on object updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/17] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/17] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/17] netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/17] netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/17] netfilter: ctnetlink: netns exit must wait for callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/17] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle
- From: Justin Forbes <jmforbes@xxxxxxxxxxx>
- Re: [PATCH net] net: flow_dissector: fix tcp flags dissection on big-endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] net: flow_dissector: fix tcp flags dissection on big-endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: KASAN: global-out-of-bounds Read in fb_pad_aligned_buffer
- From: syzbot <syzbot+0568d05e486eee0a1ba2@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH net] net: flow_dissector: fix tcp flags dissection on big-endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH netfilter] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf PATCH] uapi: netfilter: Avoid undefined left-shift in xt_sctp.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables] doc: Remove repeated paragraph and fix typo
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 1/2] src: doc: Update sample code to agree with documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 2/2] src: doc: Fully document available verdicts
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH netfilter] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nf_flow on big-endian (was: Re: linux-next: build warning after merge of the net-next tree)
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
- [PATCH nftables] doc: Remove repeated paragraph and fix typo
- From: nl6720 <nl6720@xxxxxxxxx>
- Re: [PATCH nf-next 0/7] netfilter: nft_tunnel: reinforce key opts support
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 7/7] netfilter: nft_tunnel: add support for geneve opts
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 6/7] netfilter: nft_tunnel: add the missing nla_nest_cancel()
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 5/7] netfilter: nft_tunnel: also dump OPTS_ERSPAN/VXLAN
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 4/7] netfilter: nft_tunnel: also dump ERSPAN_VERSION
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 2/7] netfilter: nft_tunnel: parse VXLAN_GBP attr as u32 in nft_tunnel
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 1/7] netfilter: nft_tunnel: parse ERSPAN_VERSION attr as u8
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 3/7] netfilter: nft_tunnel: no need to call htons() when dumping ports
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next 0/7] netfilter: nft_tunnel: reinforce key opts support
- From: Xin Long <lucien.xin@xxxxxxxxx>
- RFC: libnetfilter_queue: nfq_udp_get_payload_len() gives wrong answer
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH,nf-next RFC 2/2] netfilter: nf_tables: add NFTA_SET_ELEM_KEY_END attribute
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH,nf-next RFC 1/2] netfilter: nf_tables: add nft_setelem_parse_key()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH netfilter] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_queue: enqueue skbs with NULL dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] selftests: netfilter: use randomized netns names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 0/6] A series of covscan-indicated fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 2/2] Minor tweak to pktb_len function description
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/2] src: doc: Major re-work of user packet buffer documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: Fix test for IPv6 header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nf_flow on big-endian (was: Re: linux-next: build warning after merge of the net-next tree)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Documentation question (verdicts)
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Documentation question (verdicts)
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Documentation question (verdicts)
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Phil Sutter <phil@xxxxxx>
- Re: KASAN: use-after-free Read in soft_cursor
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: Documentation question (verdicts)
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue 1/2] src: doc: Major re-work of user packet buffer documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: Fix test for IPv6 header
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle
- From: Justin Forbes <jmforbes@xxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: skip module reference count bump on object updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH,nf-next RFC 2/2] netfilter: nf_tables: add NFTA_SET_ELEM_KEY_END attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH,nf-next RFC 1/2] netfilter: nf_tables: add nft_setelem_parse_key()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: KASAN: use-after-free Read in soft_cursor
- From: syzbot <syzbot+cf43fb300aa142fb024b@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [iptables PATCH 1/6] xtables-restore: Avoid access of uninitialized data
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/6] extensions: time: Avoid undefined shift
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/6] extensions: cluster: Avoid undefined shift
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/6] A series of covscan-indicated fixes
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/6] xtables-translate: Guard strcpy() call in xlate_ifname()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/6] extensions: among: Check call to fstat()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 4/6] libxtables: Avoid buffer overrun in xtables_compatible_revision()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] selftests: netfilter: use randomized netns names
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] nftables: Bump dependency on libnftnl to 1.1.5
- From: Jan-Philipp Litza <jpl@xxxxxxxxx>
- Re: [PATCH 0/1] netfilter: connmark: introduce set-dscpmark
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH nft v2] doc: Clarify conditions under which a reject verdict is permissible
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2] doc: Clarify conditions under which a reject verdict is permissible
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH,nf-next RFC 2/2] netfilter: nf_tables: add NFTA_SET_ELEM_KEY_END attribute
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH,nf-next RFC 1/2] netfilter: nf_tables: add nft_setelem_parse_key()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
