Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- [syzbot] [netfilter?] inconsistent lock state in valid_state (4)
- From: syzbot <syzbot+d43eb079c2addf2439c3@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Phil Sutter <phil@xxxxxx>
- [ANNOUNCE] Security evaluation by ANSSI of nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v4 4/4] netfilter: nfnetlink: Handle ACK flags for batch messages
- From: Jiri Slaby <jirislaby@xxxxxxxxxx>
- Re: [PATCH net-next v4 4/4] netfilter: nfnetlink: Handle ACK flags for batch messages
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v4 4/4] netfilter: nfnetlink: Handle ACK flags for batch messages
- From: Jiri Slaby <jirislaby@xxxxxxxxxx>
- Re: Please comment on my libnetfilter_queue build speedup patch
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [RFC PATCH v1 4/4] selftests/landlock: Add realworld workload based on find tool
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 3/4] selftests/landlock: Implement custom libbpf-based tracer
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 2/4] selftests/landlock: Implement per-syscall microbenchmarks
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 1/4] selftests/landlock: Implement performance impact measurement tool
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 0/4] Implement performance impact measurement tool
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: pgnd <pgnd@xxxxxxxxxxxx>
- [PATCH nft] cache: revisit reset command flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- [PATCH 5.10 342/352] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 341/352] netfilter: nf_tables: allow clone callbacks to sleep
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 340/352] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 339/352] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 253/259] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 252/259] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 251/259] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 470/484] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 469/484] netfilter: nf_tables: allow clone callbacks to sleep
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 468/484] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 467/484] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 466/484] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4.19 191/196] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 4.19 190/196] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 4.19 189/196] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] parser_bison: allow 0 burst in limit rate byte mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 5/5] cache: do not fetch set inconditionally on delete
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/5] cache: populate chains on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/5] cache: rule by index requires full cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/5] cache: populate flowtable on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/5] cache: populate objecs on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/8] netfilter: allow ipv6 fragments to arrive on different devices
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] tests: shell: add a few tests for nft -i
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: icejl <icejl0001@xxxxxxxxx>
- Re: Please comment on my libnetfilter_queue build speedup patch
- From: Florian Westphal <fw@xxxxxxxxx>
- Please comment on my libnetfilter_queue build speedup patch
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH net 7/8] netfilter: nf_tables: Introduce nf_tables_getobj_single
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 6/8] netfilter: nf_tables: Audit log dump reset after the fact
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/8] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/8] netfilter: nf_queue: drop packets with cloned unconfirmed conntracks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/8] netfilter: allow ipv6 fragments to arrive on different devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/8] netfilter: flowtable: initialise extack before use
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/8] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/8] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] cache: populate chains on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next v2 0/3] Preparations for FIB rule DSCP selector
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- [PATCH net-next v2 3/3] ipv4: Centralize TOS matching
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next v2 1/3] ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next v2 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next v2 0/3] Preparations for FIB rule DSCP selector
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH nft,v2 2/2] datatype: improve error reporting when time unit is not correct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] datatype: improve error reporting when time unit is not correct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] tests: shell: skip vlan mangling testcase if egress is not support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests: shell: Extend table persist flag test a bit
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH 0/8] nft: Implement forward compat for future binaries
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [RFC PATCH v2 9/9] samples/landlock: Support LANDLOCK_ACCESS_NET_LISTEN
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 8/9] selftests/landlock: Test changing socket backlog with listen(2)
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 6/9] selftests/landlock: Test listening without explicit bind restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 5/9] selftests/landlock: Test listen on connected socket
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 1/9] landlock: Refactor current_check_access_socket() access right check
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 0/9] Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 4/9] selftests/landlock: Test listening restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests: shell: Extend table persist flag test a bit
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH] tests: shell: Extend table persist flag test a bit
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/8] netfilter: nf_tables: reject element expiration with no timeout
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next 1/8] netfilter: nf_tables: elements with timeout less than HZ/10 never expire
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Florian Westphal <fw@xxxxxxxxx>
- [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH -stable,4.19.x 0/3] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,5.4.x 0/3] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,5.10.x 0/4] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,5.15.x 0/5] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH nf] netfilter: flowtable: validate vlan header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6.1 148/150] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 6.1 146/150] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 6.1 147/150] netfilter: nf_tables: allow clone callbacks to sleep
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,6.1.x 0/3] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,6.6.x 0/1] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 3/3] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 2/3] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 1/3] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 3/3] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 2/3] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 1/3] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 4/4] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 3/4] netfilter: nf_tables: allow clone callbacks to sleep
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 2/4] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 1/4] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 0/4] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 5/5] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 4/5] netfilter: nf_tables: allow clone callbacks to sleep
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 3/5] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 1/5] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 2/5] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 0/5] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 3/3] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 2/3] netfilter: nf_tables: allow clone callbacks to sleep
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 1/3] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.6.x 1/1] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.6.x 0/1] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] set: export nftnl_set_clone
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nf PATCH v4 0/3] Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl] set: export nftnl_set_clone
- From: chayleaf <chayleaf-git@xxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink_log: remove unnecessary check in __build_packet_message()
- From: Sergey Shtylyov <s.shtylyov@xxxxxx>
- Re: [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Simon Horman <horms@xxxxxxxxxx>
- [syzbot] [netfilter?] KMSAN: uninit-value in nf_flow_offload_inet_hook
- From: syzbot <syzbot+8407d9bb88cd4c6bf61a@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Donald Hunter <donald.hunter@xxxxxxxxx>
- [nf PATCH v4 2/3] netfilter: nf_tables: Introduce nf_tables_getobj_single
- From: Phil Sutter <phil@xxxxxx>
- [nf PATCH v4 1/3] netfilter: nf_tables: Audit log dump reset after the fact
- From: Phil Sutter <phil@xxxxxx>
- [nf PATCH v4 0/3] Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Phil Sutter <phil@xxxxxx>
- [nf PATCH v4 3/3] netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf v1] netfilter: flowtable: initialise extack before use
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Simon Horman <horms@xxxxxxxxxx>
- [PATCH] netfilter: nfnetlink_log: remove unnecessary check in __build_packet_message()
- From: Roman Smirnov <r.smirnov@xxxxxx>
- [PATCH nft] optimize: compare meta inner_desc pointers too
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf v2 2/2] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add __percpu annotation to *stats pointer in nf_tables_updchain()
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables RFC PATCH 8/8] nft: Support compat extensions in rule userdata
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables: compiling with kernel headers
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH nf 2/2] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 2/2] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_queue: drop packets with cloned unconfirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 0/2] netfilter: disable support for queueing cloned conntrack entries
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [iptables RFC PATCH 8/8] nft: Support compat extensions in rule userdata
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft v2 0/5] src: mnl: rework list hooks infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables: compiling with kernel headers
- From: Florian Westphal <fw@xxxxxxxxx>
- iptables: compiling with kernel headers
- From: josh lant <joshualant@xxxxxxxxxxxxxx>
- [PATCH nft] src: add never expires marker for element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 6/8] netfilter: nf_tables: consolidate timeout extension for elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 8/8] netfilter: nf_tables: set element timeout update support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/8] netfilter: nf_tables: annotate data-races around element expiration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/8] netfilter: nft_dynset: annotate data-races around set timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/8] netfilter: nf_tables: reject element expiration with no timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/8] netfilter: nf_tables: remove annotation to access set timeout while holding lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/8] netfilter: nf_tables: elements with timeout less than HZ/10 never expire
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 0/8] nf_tables: support for updating set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: CVE-2024-39503: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: CVE-2024-39503: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
- From: Siddh Raman Pant <siddh.raman.pant@xxxxxxxxxx>
- [PATCH nf v1] netfilter: flowtable: initialise extack before use
- From: Donald Hunter <donald.hunter@xxxxxxxxx>
- [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Donald Hunter <donald.hunter@xxxxxxxxx>
- [PATCH v2] netfilter: allow ipv6 fragments to arrive on different devices
- From: Tom Hughes <tom@xxxxxxxxxx>
- Re: [PATCH] netfilter: allow ipv6 fragments to arrive on different devices
- From: Tom Hughes <tom@xxxxxxxxxx>
- Re: [PATCH] netfilter: allow ipv6 fragments to arrive on different devices
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: allow ipv6 fragments to arrive on different devices
- From: Tom Hughes <tom@xxxxxxxxxx>
- [PATCH] netfilter: nf_tables: Add __percpu annotation to *stats pointer in nf_tables_updchain()
- From: Uros Bizjak <ubizjak@xxxxxxxxx>
- [syzbot] Monthly netfilter report (Aug 2024)
- From: syzbot <syzbot+listca8d1ea06b0f6972495e@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 5/9] selftests/landlock: Test listen on connected socket
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 5/9] selftests/landlock: Test listen on connected socket
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [iptables PATCH 4/8] nft: ruleparse: Drop 'iter' variable in nft_rule_to_iptables_command_state
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/8] nft: ruleparse: Introduce nft_parse_rule_expr()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 7/8] nft: Introduce UDATA_TYPE_COMPAT_EXT
- From: Phil Sutter <phil@xxxxxx>
- [iptables RFC PATCH 8/8] nft: Support compat extensions in rule userdata
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/8] nft: Reduce overhead in nft_rule_find()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/8] nft: __add_{match,target}() can't fail
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/8] nft: Implement forward compat for future binaries
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/8] ebtables: Zero freed pointers in ebt_cs_clean()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/8] ebtables: Introduce nft_bridge_init_cs()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v1 nf 0/2] netfilter: iptables: Fix null-ptr-deref in ip6?table_nat_table_init().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/2] netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 00/14] Some fixes and trivial improvements
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [PATCH nft v2 5/5] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 4/5] src: add egress support for 'list hooks'
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 3/5] src: drop obsolete hook argument form hook dump functions
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 1/5] src: mnl: clean up hook listing code
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 2/5] src: mnl: make family specification more strict when listing
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 0/5] src: mnl: rework list hooks infra
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libmnl] README: Document the contribution process
- From: Petr Machata <petrm@xxxxxxxxxx>
- Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
- From: Phil Sutter <phil@xxxxxx>
- [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
- From: Danielle Ratson <danieller@xxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH nft 2/4] src: remove decnet support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: patchwork-bot+linux-riscv@xxxxxxxxxx
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: patchwork-bot+linux-riscv@xxxxxxxxxx
- Re: [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC PATCH v1 9/9] samples/landlock: Support LANDLOCK_ACCESS_NET_LISTEN
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 8/9] selftests/landlock: Test changing socket backlog with listen(2)
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 6/9] selftests/landlock: Test listening without explicit bind restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 5/9] selftests/landlock: Test listen on connected socket
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 1/9] landlock: Refactor current_check_access_socket() access right check
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 4/9] selftests/landlock: Test listening restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 0/9] Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [iptables PATCH 02/14] nft: Fix for zeroing existent builtin chains
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 06/14] nft: Add potentially missing init_cs calls
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 07/14] arptables: Fix conditional opcode/proto-type printing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 10/14] xshared: Make save_iface() static
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 13/14] arptables: Introduce print_iface()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 09/14] extensions: conntrack: Reuse print_state() for old state match
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 12/14] libxtables: Debug: Slightly improve extension ordering debugging
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 05/14] nft: cmd: Init struct nft_cmd::head early
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 08/14] xshared: Do not omit all-wildcard interface spec when inverted
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 11/14] xshared: Move NULL pointer check into save_iface()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 04/14] extensions: conntrack: Use the right callbacks
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 14/14] ebtables: Omit all-wildcard interface specs from output
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 01/14] nft: cache: Annotate faked base chains as such
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 00/14] Some fixes and trivial improvements
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 03/14] extensions: recent: Fix format string for unsigned values
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] extensions: recent: New kernels support 999 hits
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] nft: Fix for zeroing non-existent builtin chains
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH 0/8] Fix xtables-monitor rule printing, partially RFC
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [RFC PATCH net-next 1/3] ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/4] src: add egress support for 'list hooks'
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 3/4] src: mnl: clean up hook listing code
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/4] src: remove decnet support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/4] list hooks refactoring
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v1 nf 0/2] netfilter: iptables: Fix null-ptr-deref in ip6?table_nat_table_init().
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: pr-tracker-bot@xxxxxxxxxx
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v1 nf 2/2] netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
- From: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
- [PATCH v1 nf 1/2] netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
- From: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
- [PATCH v1 nf 0/2] netfilter: iptables: Fix null-ptr-deref in ip6?table_nat_table_init().
- From: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
- [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [RFC PATCH net-next 1/3] ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [RFC PATCH net-next 0/3] Preparations for FIB rule DSCP selector
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- Re: [PATCH net 1/1] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [GIT PULL] sysctl constification changes for v6.11-rc1
- From: Joel Granados <j.granados@xxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- [PATCH net 1/1] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/1] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- Re: Sets update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nf_tables/set: Is dynamic + interval possible?
- From: Florian Westphal <fw@xxxxxxxxx>
- nf_tables/set: Is dynamic + interval possible?
- From: caskd <caskd@xxxxxxxxx>
- Re: Speedup patch ping
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Speedup patch ping
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [iptables PATCH] extensions: recent: New kernels support 999 hits
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] optimize: skip variables in nat statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/4] netfilter: ctnetlink: use helper function to calculate expect ID
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net] net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH nf-next] netfilter: move nf_ct_netns_get out of nf_conncount_init
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: move nf_ct_netns_get out of nf_conncount_init
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH net 0/4] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/4] selftests: netfilter: add test case for recent mismatch bug
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/4] ipvs: properly dereference pe in ip_vs_add_service
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/4] netfilter: nf_set_pipapo: fix initial map fill
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/4] netfilter: ctnetlink: use helper function to calculate expect ID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] nft: Fix for zeroing non-existent builtin chains
- From: Phil Sutter <phil@xxxxxx>
- [ANNOUNCE] nftables 1.1.0 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Transparent SNAT bridge with physdev module
- From: Matt Ayre <maayr3@xxxxxxxxx>
- Are there Any Side Effects when net.netfilter.nf_conntrack_tcp_be_liberal is set to 1?
- From: renmingshuai <renmingshuai@xxxxxxxxxx>
- [iptables PATCH 3/8] xtables-monitor: Align builtin chain and table output
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 4/8] xtables-monitor: Support arptables chain events
- From: Phil Sutter <phil@xxxxxx>
- [RFC iptables PATCH 8/8] xtables-monitor: Print commands instead of -4/-6/-0 flags
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/8] Fix xtables-monitor rule printing, partially RFC
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/8] xtables-monitor: Proper re-init for rule's family
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 7/8] xtables-monitor: Ignore ebtables policy rules unless tracing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/8] xtables-monitor: Fix for ebtables rule events
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/8] tests: shell: New xtables-monitor test
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/8] xtables-monitor: Flush stdout after all lines of output
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] conntrack: tcp: fix parsing of tuple-port-src and tuple-port-dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH net] net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
- Re: [PATCH nf] selftests: netfilter: add test case for recent mismatch bug
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_set_pipapo: fix initial map fill
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf] netfilter: ctnetlink: use helper function to calculate expect ID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: restore default behavior for nf_conntrack_events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: do not remove elements if set backend implements .abort
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net] net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] conntrack: tcp: fix parsing of tuple-port-src and tuple-port-dst
- From: Stephan Brunner <s.brunner@xxxxxxxxxxxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.2.7 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
- [PATCH nf] selftests: netfilter: add test case for recent mismatch bug
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: nf_set_pipapo: fix initial map fill
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ulogd2] README: update project homepage and mailing list addresses
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] configure: Add option for building with musl
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH] configure: Add option for building with musl
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH] configure: Add option for building with musl
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH] xtables: Fix compilation error with musl-libc
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- [PATCH ulogd2] README: update project homepage and mailing list addresses
- From: Harald Welte <laforge@xxxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: nfnetlink_queue: drop bogus WARN_ON
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net 2/2] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: nfnetlink_queue: drop bogus WARN_ON
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: prefer nft_chain_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: support CTA_FILTER for flush
- From: Changliang Wu <changliang.wu@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH nft 3/3] tests: connect chains to hook point
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/3] testcases: test jump to basechain is rejected, even if there is no loop
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/3] tests: add more ruleset validation test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [libnftnl PATCH 1/2] chain: Support unsetting NFTNL_CHAIN_USERDATA attribute
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/2] chain: Support unsetting NFTNL_CHAIN_USERDATA attribute
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 2/2] table: Support unsetting NFTNL_TABLE_USERDATA attribute
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft 2/2] libnftables: skip useable checks for /dev/stdin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] libnftables: fix crash when freeing non-malloc'd address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH nft] libnftables: fix crash when freeing non-malloc'd address
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] xtables: Fix compilation error with musl-libc
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: yyxRoy <yyxroy22@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: store new sets in dedicated list
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/2] libnftables: skip useable checks for /dev/stdin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] xtables: Fix compilation error with musl-libc
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [libnftnl PATCH] expr: limit: Prepare for odd time units
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: nfnetlink_queue: drop bogus WARN_ON
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: yyxRoy <yyxroy22@xxxxxxxxx>
- [linux-next:master] [selftests] 742ad979f5: WARNING:at_net/netfilter/nfnetlink_queue.c:#nf_reinject[nfnetlink_queue]
- From: kernel test robot <oliver.sang@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [iptables PATCH] man: recent: Adjust to changes around ip_pkt_list_tot parameter
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables- accessing unallocated memory
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables- accessing unallocated memory
- From: josh lant <joshualant@xxxxxxxxxxxxxx>
- Re: iptables- accessing unallocated memory
- From: Phil Sutter <phil@xxxxxx>
- [PATCH libnftnl] expr: use NFTA_* netlink attributes to build fields, not NFTNL_EXPR_*
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] optimize: clone counter before insertion into set element
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- iptables- accessing unallocated memory
- From: josh lant <joshualant@xxxxxxxxxxxxxx>
- Re: [syzbot] [netfilter?] KASAN: slab-use-after-free Read in nf_tables_trans_destroy_work
- From: syzbot <syzbot+4fd66a69358fc15ae2ad@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: yyxRoy <yyxroy22@xxxxxxxxx>
- [PATCH nft] parser_bison: recursive table declaration in deprecated meter statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] parser_bison: remove deprecated flow statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/4] tests: shell: cover set element deletion in maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/4] intervals: fix element deletions with maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/4] evaluate: set on expr->len for catchall set elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/4] unbreak element deletion in map with ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/4] segtree: set on EXPR_F_KERNEL flag for catchall elements in the cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: iptables: reverting 34f085b16073 ("Revert "xshared: Print protocol numbers if --numeric was given"")
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH net 1/1] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/1] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net 1/1] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- [PATCH net 1/1] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/1] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: iptables: reverting 34f085b16073 ("Revert "xshared: Print protocol numbers if --numeric was given"")
- From: Eric Garver <eric@xxxxxxxxxxx>
- Re: iptables: reverting 34f085b16073 ("Revert "xshared: Print protocol numbers if --numeric was given"")
- From: Phil Sutter <phil@xxxxxx>
- iptables: reverting 34f085b16073 ("Revert "xshared: Print protocol numbers if --numeric was given"")
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH nf] netfilter: restore default behavior for nf_conntrack_events
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/2] landlock: Add hook on socket_listen()
- From: Ivanov Mikhail <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [PATCH nf-next] selftests: netfilter: nft_queue.sh: sctp coverage
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: remove unnecessary assignment in translate_table
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [RFC nf-next 3/4] netfilter: nf_tables: insert register zeroing instructions for dodgy chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC nf-next 3/4] netfilter: nf_tables: insert register zeroing instructions for dodgy chains
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RFC nf-next 2/4] netfilter: nf_tables: allow loads only when register is initialized
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 4.19 164/213] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
- From: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
- Re: [PATCH 4.19 164/213] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4.19 164/213] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4.19 164/213] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
- From: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
- Re: [RFC nf-next 2/4] netfilter: nf_tables: allow loads only when register is initialized
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC nf-next 3/4] netfilter: nf_tables: insert register zeroing instructions for dodgy chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] [netfilter?] KASAN: slab-use-after-free Read in nf_tables_trans_destroy_work
- From: syzbot <syzbot+4fd66a69358fc15ae2ad@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: linux-next: duplicate patch in the ipvs-next tree
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH 1/2] landlock: Add hook on socket_listen()
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH v6 bpf-next 0/3] netfilter: Add the capability to offload flowtable in XDP layer
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH 1/2] landlock: Add hook on socket_listen()
- From: Ivanov Mikhail <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [PATCH] netfilter: remove unnecessary assignment in translate_table
- From: Liu Jing <liujing@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 1/2] landlock: Add hook on socket_listen()
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH net-next 01/17] netfilter: nf_tables: make struct nft_trans first member of derived subtypes
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH v5 bpf-next 3/3] selftests/bpf: Add selftest for bpf_xdp_flow_lookup kfunc
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- linux-next: duplicate patch in the ipvs-next tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- Re: [PATCH net-next v2] ipvs: properly dereference pe in ip_vs_add_service
- From: Simon Horman <horms@xxxxxxxxxx>
- [PATCH v6 bpf-next 3/3] selftests/bpf: Add selftest for bpf_xdp_flow_lookup kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v6 bpf-next 2/3] netfilter: add bpf_xdp_flow_lookup kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v6 bpf-next 1/3] netfilter: nf_tables: add flowtable map for xdp offload
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v6 bpf-next 0/3] netfilter: Add the capability to offload flowtable in XDP layer
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- Re: [PATCH v5 bpf-next 1/3] netfilter: nf_tables: add flowtable map for xdp offload
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- Re: [PATCH v5 bpf-next 3/3] selftests/bpf: Add selftest for bpf_xdp_flow_lookup kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- Re: [PATCH v5 bpf-next 2/3] netfilter: add bpf_xdp_flow_lookup kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- Re: [PATCH v5 bpf-next 2/3] netfilter: add bpf_xdp_flow_lookup kfunc
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH v5 bpf-next 3/3] selftests/bpf: Add selftest for bpf_xdp_flow_lookup kfunc
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH v5 bpf-next 1/3] netfilter: nf_tables: add flowtable map for xdp offload
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH v5 bpf-next 0/3] netfilter: Add the capability to offload flowtable in XDP layer
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [syzbot] [netfilter?] bpf test error: WARNING: suspicious RCU usage in corrupted
- From: syzbot <syzbot+784a3db26e5409459be4@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 1/2] landlock: Add hook on socket_listen()
- From: Ivanov Mikhail <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [PATCH net-next 11/17] netfilter: nf_tables: do not store nft_ctx in transaction objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 15/17] netfilter: nf_tables: rise cap on SELinux secmark context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 17/17] netfilter: xt_recent: Lift restrictions on max hitcount value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 16/17] selftests: netfilter: nft_queue.sh: add test for disappearing listener
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 10/17] netfilter: nf_tables: pass nft_table to destroy function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 05/17] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 14/17] netfilter: cttimeout: remove 'l3num' attr check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 13/17] netfilter: nf_conncount: fix wrong variable type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 12/17] ipvs: Avoid unnecessary calls to skb_is_gso_sctp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 09/17] netfilter: nf_tables: reduce trans->ctx.chain references
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 08/17] netfilter: nf_tables: store chain pointer in rule transaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 07/17] netfilter: nf_tables: avoid usage of embedded nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 06/17] netfilter: nf_tables: pass more specific nft_trans_chain where possible
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 02/17] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 01/17] netfilter: nf_tables: make struct nft_trans first member of derived subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 04/17] netfilter: nf_tables: reduce trans->ctx.table references
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 03/17] netfilter: nf_tables: compact chain+ft transaction objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 00/17] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Mirsad Todorovac <mtodorovac69@xxxxxxxxx>
- Re: [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue] build: Speed up build_man.sh
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Mirsad Todorovac <mtodorovac69@xxxxxxxxx>
- Re: [PATCH -stable,4.19.x] netfilter: nf_tables: validate family when identifying table via handle
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH -stable,6.1.x] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next v2] ipvs: properly dereference pe in ip_vs_add_service
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [ipset PATCH 0/3] Two fixes and fallout
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- [RFC nf-next 4/4] netfilter: nf_tables: don't initialize registers in nft_do_chain()
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 3/4] netfilter: nf_tables: insert register zeroing instructions for dodgy chains
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 1/4] netfilter: nf_tables: pass context structure to nft_parse_register_load
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 2/4] netfilter: nf_tables: allow loads only when register is initialized
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC nf-next 0/4] nf_tables: remove explicit register zeroing
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 19/19] netfilter: xt_recent: Lift restrictions on max hitcount value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 18/19] selftests: netfilter: nft_queue.sh: add test for disappearing listener
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 17/19] selftests: netfilter: nft_queue.sh: sctp coverage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 16/19] netfilter: nfnetlink_queue: unbreak SCTP traffic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 15/19] netfilter: nf_tables: rise cap on SELinux secmark context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 14/19] netfilter: cttimeout: remove 'l3num' attr check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 13/19] netfilter: nf_conncount: fix wrong variable type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 12/19] ipvs: Avoid unnecessary calls to skb_is_gso_sctp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 11/19] netfilter: nf_tables: do not store nft_ctx in transaction objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 10/19] netfilter: nf_tables: pass nft_table to destroy function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 08/19] netfilter: nf_tables: store chain pointer in rule transaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 09/19] netfilter: nf_tables: reduce trans->ctx.chain references
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 07/19] netfilter: nf_tables: avoid usage of embedded nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 06/19] netfilter: nf_tables: pass more specific nft_trans_chain where possible
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 05/19] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 04/19] netfilter: nf_tables: reduce trans->ctx.table references
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 02/19] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 03/19] netfilter: nf_tables: compact chain+ft transaction objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 01/19] netfilter: nf_tables: make struct nft_trans first member of derived subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: fix undefined reference to 'netfilter_lwtunnel_*' when CONFIG_SYSCTL=n
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- Re: [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- [ipset PATCH 1/3] lib: data: Fix for global-buffer-overflow warning by ASAN
- From: Phil Sutter <phil@xxxxxx>
- [ipset PATCH 3/3] tests: Reduce testsuite run-time
- From: Phil Sutter <phil@xxxxxx>
- [ipset PATCH 2/3] lib: ipset: Avoid 'argv' array overstepping
- From: Phil Sutter <phil@xxxxxx>
- [ipset PATCH 0/3] Two fixes and fallout
- From: Phil Sutter <phil@xxxxxx>
- [PATCH net-next v2] ipvs: properly dereference pe in ip_vs_add_service
- From: Chen Hanxiao <chenhx.fnst@xxxxxxxxxxx>
- Re: [PATCH net-next] ipvs: properly dereference pe in ip_vs_add_service
- From: Ratheesh Kannoth <rkannoth@xxxxxxxxxxx>
- 回复: [PATCH net-next] ipvs: properly dereference pe in ip_vs_add_service
- From: "Hanxiao Chen (Fujitsu)" <chenhx.fnst@xxxxxxxxxxx>
- [PATCH nft] tests: shell: check for removing table via handle with incorrect family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxx>
- [PATCH -stable,5.10.x] netfilter: nf_tables: validate family when identifying table via handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x] netfilter: nf_tables: validate family when identifying table via handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,4.19.x] netfilter: nf_tables: validate family when identifying table via handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v2 1/2] netfilter: xt_recent: Reduce size of struct recent_entry::nstamps
- From: Phil Sutter <phil@xxxxxx>
- [PATCH -stable,6.1.x] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v2 1/2] netfilter: xt_recent: Reduce size of struct recent_entry::nstamps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: fix undefined reference to 'netfilter_lwtunnel_*' when CONFIG_SYSCTL=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/2] netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v2 1/2] netfilter: xt_recent: Reduce size of struct recent_entry::nstamps
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v2] netfilter: xt_recent: Lift restrictions on max hitcount value
- From: Phil Sutter <phil@xxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Mirsad Todorovac <mtodorovac69@xxxxxxxxx>
- Re: [PATCH net-next] ipvs: properly dereference pe in ip_vs_add_service
- From: Julian Anastasov <ja@xxxxxx>
- Re: [nf-next PATCH v2 1/2] netfilter: xt_recent: Reduce size of struct recent_entry::nstamps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: rise cap on SELinux secmark context
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: restore default behavior for nf_conntrack_events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v1] netfilter: cttimeout: remove 'l3num' attr check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] netfilter: nf_conncount: fix wrong variable type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: rise cap on SELinux secmark context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] ipvs: Avoid unnecessary calls to skb_is_gso_sctp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 02/11] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next] ipvs: properly dereference pe in ip_vs_add_service
- From: Chen Hanxiao <chenhx.fnst@xxxxxxxxxxx>
- Re: [PATCH nf-next 02/11] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: let nftables indicate incomplete dissections
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 02/11] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 02/11] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: let nftables indicate incomplete dissections
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] [lvs?] possible deadlock in start_sync_thread
- From: syzbot <syzbot+e929093395ec65f969c7@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 0/7] Dynamic hook interface binding
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Mirsad Todorovac <mtodorovac69@xxxxxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Mirsad Todorovac <mtodorovac69@xxxxxxxxx>
- Re: [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini'
- From: Mirsad Todorovac <mtodorovac69@xxxxxxxxx>
- Re: [PATCH] netfilter: fix undefined reference to 'netfilter_lwtunnel_*' when CONFIG_SYSCTL=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH v6.1] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Kuntal Nayak <kuntal.nayak@xxxxxxxxxxxx>
- Re: [syzbot] [netfilter?] [usb?] INFO: rcu detected stall in NF_HOOK
- From: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
- [syzbot] [netfilter?] [usb?] INFO: rcu detected stall in NF_HOOK
- From: syzbot <syzbot+696cffe71c444e4a2dd8@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH v9 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [no subject]
- [PATCH] netfilter: ctnetlink: support CTA_FILTER for flush
- From: Changliang Wu <changliang.wu@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH net 1/5] netfilter: ipset: Fix suspicious rcu_dereference_protected()
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net 4/5] selftests: add selftest for the SRv6 End.DX4 behavior with netfilter
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- Re: [PATCH v2 0/7] Dynamic hook interface binding
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] landlock: Add hook on socket_listen()
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- [PATCH nf-next] selftests: netfilter: nft_queue.sh: add test for disappearing listener
- From: Florian Westphal <fw@xxxxxxxxx>
- [no subject]
- Re: [PATCH 1/2] landlock: Add hook on socket_listen()
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- [PATCH net 5/5] selftests: add selftest for the SRv6 End.DX6 behavior with netfilter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/5] seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/5] selftests: add selftest for the SRv6 End.DX4 behavior with netfilter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/5] netfilter: move the sysctl nf_hooks_lwtunnel into the netfilter core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/5] netfilter: ipset: Fix suspicious rcu_dereference_protected()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- Re: [PATCH v2 0/7] Dynamic hook interface binding
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v2 0/7] Dynamic hook interface binding
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: AW: [PATCH] conntrackd: helpers/rpc: Don't add expectation table entry for portmap port
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/2] Forbid illegitimate binding via listen(2)
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- AW: [PATCH] conntrackd: helpers/rpc: Don't add expectation table entry for portmap port
- From: pda Pfeil Daniel <pda@xxxxxxxx>
- Re: [PATCH v2 0/7] Dynamic hook interface binding
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH] conntrackd: helpers/rpc: Don't add expectation table entry for portmap port
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrackd: helpers/rpc: Don't add expectation table entry for portmap port
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] src: add string preprocessor and use it for log prefix string
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -stable,5.4] netfilter: nftables: exthdr: fix 4-byte stack OOB write
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [no subject]
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- AW: [PATCH] conntrackd: helpers/rpc: Don't add expectation table entry for portmap port
- From: pda Pfeil Daniel <pda@xxxxxxxx>
- [PATCH v8 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [syzbot] [netfilter?] net-next test error: WARNING: suspicious RCU usage in corrupted
- From: syzbot <syzbot+6c048081aec46ad4ddf5@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- [PATCH nft] tests: py: drop redundant JSON outputs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: let nftables indicate incomplete dissections
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH nf-next 02/11] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 01/11] netfilter: nf_tables: make struct nft_trans first member of derived subtypes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 01/11] netfilter: nf_tables: make struct nft_trans first member of derived subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 02/11] netfilter: nf_tables: move bind list_head into relevant subtypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: let nftables indicate incomplete dissections
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v7 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/7] Dynamic hook interface binding
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [nf-next PATCH 2/2] netfilter: xt_recent: Largely lift restrictions on max hitcount value
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Uladzislau Rezki <urezki@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- [PATCH 0/1] ipset patch for nf
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- [PATCH 1/1] netfilter: ipset: Fix suspicious rcu_dereference_protected()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- [PATCH nft 1/2] libnftables: add base directory of -f/--filename to include path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] libnftables: search for default include path last
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/2] nft include path updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
- Re: [nf-next PATCH v2 2/2] netfilter: xt_recent: Lift restrictions on max hitcount value
- From: Fabio Pedretti <pedretti.fabio@xxxxxxxxx>
- [PATCH v5 bpf-next 2/3] netfilter: add bpf_xdp_flow_lookup kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v5 bpf-next 3/3] selftests/bpf: Add selftest for bpf_xdp_flow_lookup kfunc
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
- [PATCH v5 bpf-next 1/3] netfilter: nf_tables: add flowtable map for xdp offload
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
