Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- [PATCH nf-next v4 1/2] netfilter: Make IP6_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- [PATCH nf-next v4 0/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- [PATCH v2 2/2] netfilter: nf_tables: Fix percpu address space issues in nf_tables_api.c
- From: Uros Bizjak <ubizjak@xxxxxxxxx>
- [PATCH v2 1/2] err.h: Add ERR_PTR_PCPU(), PTR_ERR_PCPU() and IS_ERR_PCPU() macros
- From: Uros Bizjak <ubizjak@xxxxxxxxx>
- [PATCH v2 0/2] netfilter: nf_tables: Fix percpu address space issues in nf_tables_api.c
- From: Uros Bizjak <ubizjak@xxxxxxxxx>
- Re: [PATCH nf-next v3 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH nf-next v3 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH nft 1/5] cache: assert filter when calling nft_cache_evaluate()
- From: Eric Garver <eric@xxxxxxxxxxx>
- Re: [PATCH iptables 1/1] configure: Determine if musl is used for build
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH iptables 1/1] configure: Determine if musl is used for build
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH iptables 1/1] configure: Determine if musl is used for build
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft 4/5] cache: relax requirement for replace rule command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/5] cache: remove full cache requirement when echo flag is set on
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 5/5] cache: position does not require full cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/5] cache: clean up evaluate_cache_del()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/5] cache: assert filter when calling nft_cache_evaluate()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v3 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: nf_tables: restore IP sanity checks for netdev/egress
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net-next] selftests: netfilter: nft_queue.sh: reduce test file size for debug build
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net-next] selftests: netfilter: nft_queue.sh: reduce test file size for debug build
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- Re: [PATCH net-next] selftests: netfilter: nft_queue.sh: reduce test file size for debug build
- From: Florian Westphal <fw@xxxxxxxxx>
- BUG: general protection fault in arpt_do_table
- From: Xingyu Li <xli399@xxxxxxx>
- Re: [PATCH net-next] selftests: netfilter: nft_queue.sh: reduce test file size for debug build
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add __percpu annotation to *stats pointer in nf_tables_updchain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/2] netfilter: nf_tables_ipv6: consider network offset in netdev/egress validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: nf_tables: restore IP sanity checks for netdev/egress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_tables: Correct spelling in nf_tables.h
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: Stateless NAT ICMP Payload Mismatch
- From: Echo Nar <echo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add __percpu annotation to *stats pointer in nf_tables_updchain()
- From: Uros Bizjak <ubizjak@xxxxxxxxx>
- Re: [PATCH nf-next v3 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH nf-next v3 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add __percpu annotation to *stats pointer in nf_tables_updchain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next] selftests: netfilter: nft_queue.sh: reduce test file size for debug build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v3 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH nft,v2 0/7] cache updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Stateless NAT ICMP Payload Mismatch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 1/1] configure: Determine if musl is used for build
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- [PATCH iptables 0/1] configure: Determine if musl is used for build
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- [PATCH net-next v2 2/6] net/ipv6: replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next v2 1/6] net: prefer strscpy over strcpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next v2 6/6] net/ipv4: net: prefer strscpy over strcpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next v2 3/6] net/netrom: prefer strscpy over strcpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next v2 5/6] net/tipc: replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next v2 4/6] net/netfilter: replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next v2 0/6] replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH v1] netfilter: conntrack: Convert to use ERR_CAST()
- From: Shen Lichuan <shenlichuan@xxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: drop unused 3rd argument from validate callback ops
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 1/6] net: prefer strscpy over strcpy
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
- Re: [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 1/6] net: prefer strscpy over strcpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- Re: [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
- [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
- [PATCH -next 2/5] netfilter: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
- [PATCH -next 1/5] nfc: core: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
- [PATCH -next 5/5] netfilter: nf_nat: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
- [PATCH -next 3/5] netfilter: arptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
- [PATCH -next 0/5] net: Use kmemdup_array() instead of kmemdup() for multiple allocation
- From: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
- Re: [PATCH net-next 3/5] net/netfilter: make use of the helper macro LIST_HEAD()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 3/5] net/netfilter: make use of the helper macro LIST_HEAD()
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH] ext4: Fix error message when rejecting the default hash
- From: Gabriel Krisman Bertazi <krisman@xxxxxxx>
- Re: [PATCH net-next 2/5] net/tipc: make use of the helper macro LIST_HEAD()
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH net-next 3/5] net/netfilter: make use of the helper macro LIST_HEAD()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [no subject]
- [PATCH nf] netfilter: nf_tables_ipv6: consider network offset in netdev/egress validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v3 2/2] netfilter: Make IP6_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- [PATCH nf-next v3 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- [PATCH nf-next v3 0/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH net-next 1/6] net: prefer strscpy over strcpy
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
- [PATCH net-next 6/6] net/ipv4: net: prefer strscpy over strcpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 5/6] net/tipc: replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 4/6] net/netfilter: replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 3/6] net/netrom: prefer strscpy over strcpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 2/6] net/ipv6: replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 1/6] net: prefer strscpy over strcpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 0/6] replace deprecated strcpy with strscpy
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 5/5] net/core: make use of the helper macro LIST_HEAD()
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 4/5] net/ipv6: make use of the helper macro LIST_HEAD()
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 3/5] net/netfilter: make use of the helper macro LIST_HEAD()
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 2/5] net/tipc: make use of the helper macro LIST_HEAD()
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 1/5] net/ipv4: make use of the helper macro LIST_HEAD()
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next 0/5] make use of the helper macro LIST_HEAD()
- From: Hongbo Li <lihongbo22@xxxxxxxxxx>
- [PATCH net-next] selftests: netfilter: nft_queue.sh: reduce test file size for debug build
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: restore IP sanity checks for netdev/egress
- From: Jorge Ortiz Escribano <jorge.ortiz.escribano@xxxxxxxxx>
- Re: [PATCH net-next 2/9] selftests: netfilter: nft_queue.sh: sctp coverage
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [PATCH nft] tests: shell: extend coverage for meta l4proto netdev/egress matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 1/9] netfilter: nfnetlink_queue: unbreak SCTP traffic
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH nft,v2 0/7] cache updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: restore IP sanity checks for netdev/egress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 5/7] cache: consolidate reset command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 6/7] tests: shell: cover anonymous set with reset command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 7/7] tests: shell: cover reset command with counter and quota
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 3/7] cache: add filtering support for objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 0/7] cache updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 1/7] cache: reset filter for each command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 4/7] cache: only dump rules for the given table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 2/7] cache: accumulate flags in batch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v1] netfilter: Use kmemdup_array instead of kmemdup for multiple allocation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH net-next v1] netfilter: Use kmemdup_array instead of kmemdup for multiple allocation
- From: Yan Zhen <yanzhen@xxxxxxxx>
- [PATCH nft 5/5] tests: shell: cover reset command with counter and quota
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/5] cache: consolidate reset command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/5] cache: add filtering support for objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/5] tests: shell: cover anonymous set with reset command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/5] cache updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/5] cache: only dump rules for the given table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v2 2/2] netfilter: Make IP6_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- [PATCH nf-next v2 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH nf-next 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH] iptables: align xt_CONNMARK with current kernel headers
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [PATCH] iptables: align xt_CONNMARK with current kernel headers
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH net-next 00/12] Unmask upper DSCP bits - part 1
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net-next 9/9] netfilter: nf_tables: don't initialize registers in nft_do_chain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 8/9] netfilter: nf_tables: allow loads only when register is initialized
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 7/9] netfilter: nf_tables: pass context structure to nft_parse_register_load
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 6/9] netfilter: move nf_ct_netns_get out of nf_conncount_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 5/9] netfilter: nf_tables: do not remove elements if set backend implements .abort
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 4/9] netfilter: nf_tables: store new sets in dedicated list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 2/9] selftests: netfilter: nft_queue.sh: sctp coverage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 0/9] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 3/9] netfilter: nfnetlink: convert kfree_skb to consume_skb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 1/9] netfilter: nfnetlink_queue: unbreak SCTP traffic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/3] netfilter: nft_counter: Disable BH in nft_counter_offload_stats().
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH nf-next 2/2] netfilter: Make IP6_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: netfilter: Kconfig: IP6_NF_IPTABLES_LEGACY old =y behaviour question
- From: Breno Leitao <leitao@xxxxxxxxxx>
- [kernel PATCH] nf_tables_ipv4: fix transport header offset comparison
- From: Jorge Ortiz <jorge.ortiz.escribano@xxxxxxxxx>
- Re: [PATCH V6] fs/ext4: Filesystem without casefold feature cannot be mounted with spihash
- From: "Theodore Ts'o" <tytso@xxxxxxx>
- Re: netfilter: Kconfig: IP6_NF_IPTABLES_LEGACY old =y behaviour question
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: netfilter: Kconfig: IP6_NF_IPTABLES_LEGACY old =y behaviour question
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: netfilter: Kconfig: IP6_NF_IPTABLES_LEGACY old =y behaviour question
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: Don't track counter updates of do_add_counters()
- From: takakura@xxxxxxxxxxxxx
- Re: [PATCH net 3/3] netfilter: flowtable: validate vlan header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/3] netfilter: nft_counter: Disable BH in nft_counter_offload_stats().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net,v2 0/3] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/3] netfilter: nft_counter: Synchronize nft_counter_reset() against reader.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/3] netfilter: flowtable: validate vlan header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- netfilter: Kconfig: IP6_NF_IPTABLES_LEGACY old =y behaviour question
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: support CTA_FILTER for flush
- From: Changliang Wu <changliang.wu@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH net 3/3] netfilter: flowtable: validate vlan header
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- Re: [syzbot] [ppp?] inconsistent lock state in valid_state (4)
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- Re: [PATCH] netfilter: Don't track counter updates of do_add_counters()
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- [syzbot] [netfilter?] inconsistent lock state in gfs2_fill_super
- From: syzbot <syzbot+e9708296aa2eef438a51@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH] netfilter: Don't track counter updates of do_add_counters()
- From: takakura@xxxxxxxxxxxxx
- [PATCH net 3/3] netfilter: flowtable: validate vlan header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/3] netfilter: nft_counter: Synchronize nft_counter_reset() against reader.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/3] netfilter: nft_counter: Disable BH in nft_counter_offload_stats().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/3] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: flowtable: validate vlan header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [syzbot] [ppp?] inconsistent lock state in valid_state (4)
- From: syzbot <syzbot+d43eb079c2addf2439c3@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] xtables: Fix compilation error with musl-libc
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- nftables build warning, parser_bison.y:206.1-19: warning: deprecated directive: ‘%name-prefix "nft_"’
- From: pgnd <pgnd@xxxxxxxxxxxx>
- Re: [PATCH net-next 00/12] Unmask upper DSCP bits - part 1
- From: David Ahern <dsahern@xxxxxxxxxx>
- Re: [PATCH net-next 12/12] ipv4: Unmask upper DSCP bits when using hints
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 11/12] ipv4: udp: Unmask upper DSCP bits during early demux
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 10/12] ipv4: icmp: Pass full DS field to ip_route_input()
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 09/12] ipv4: Unmask upper DSCP bits in RTM_GETROUTE input route lookup
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 08/12] ipv4: Unmask upper DSCP bits in input route lookup
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 07/12] ipv4: Unmask upper DSCP bits in fib_compute_spec_dst()
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 06/12] ipv4: ipmr: Unmask upper DSCP bits in ipmr_rt_fib_lookup()
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 05/12] netfilter: nft_fib: Unmask upper DSCP bits
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 04/12] netfilter: rpfilter: Unmask upper DSCP bits
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 00/12] Unmask upper DSCP bits - part 1
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 03/12] ipv4: Unmask upper DSCP bits when constructing the Record Route option
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 02/12] ipv4: Unmask upper DSCP bits in NETLINK_FIB_LOOKUP family
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH net-next 01/12] bpf: Unmask upper DSCP bits in bpf_fib_lookup() helper
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- [PATCH net-next 12/12] ipv4: Unmask upper DSCP bits when using hints
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 11/12] ipv4: udp: Unmask upper DSCP bits during early demux
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 09/12] ipv4: Unmask upper DSCP bits in RTM_GETROUTE input route lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 10/12] ipv4: icmp: Pass full DS field to ip_route_input()
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 06/12] ipv4: ipmr: Unmask upper DSCP bits in ipmr_rt_fib_lookup()
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 08/12] ipv4: Unmask upper DSCP bits in input route lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 07/12] ipv4: Unmask upper DSCP bits in fib_compute_spec_dst()
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 05/12] netfilter: nft_fib: Unmask upper DSCP bits
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 04/12] netfilter: rpfilter: Unmask upper DSCP bits
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 03/12] ipv4: Unmask upper DSCP bits when constructing the Record Route option
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 02/12] ipv4: Unmask upper DSCP bits in NETLINK_FIB_LOOKUP family
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 01/12] bpf: Unmask upper DSCP bits in bpf_fib_lookup() helper
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next 00/12] Unmask upper DSCP bits - part 1
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- Re: [RFC PATCH v2 6/9] selftests/landlock: Test listening without explicit bind restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 0/2 nft] mnl: query netdevices for in/egress hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] src: mnl: always dump all netdev hooks if no interface name was given
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 0/2 nft] mnl: query netdevices for in/egress hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/2] src: mnl: prepare for listing all device netdev device hooks
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RFC PATCH v2 4/9] selftests/landlock: Test listening restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH net-next v2 3/3] ipv4: Centralize TOS matching
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [RFC PATCH v2 0/9] Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v2 6/9] selftests/landlock: Test listening without explicit bind restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v2 5/9] selftests/landlock: Test listen on connected socket
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v2 0/9] Support TCP listen access-control
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH net-next v2 0/3] Preparations for FIB rule DSCP selector
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [RFC PATCH v2 0/9] Support TCP listen access-control
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [RFC PATCH v2 6/9] selftests/landlock: Test listening without explicit bind restriction
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [RFC PATCH v2 5/9] selftests/landlock: Test listen on connected socket
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v2 4/9] selftests/landlock: Test listening restriction
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH] xtables: Fix compilation error with musl-libc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink_log: remove unnecessary check in __build_packet_message()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC PATCH v2 1/9] landlock: Refactor current_check_access_socket() access right check
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/3] netfilter: nf_tables: reject loads from
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 0/3] netfilter: nft_counter: Statistics fixes/ optimisation.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nf_tables: don't initialize registers in nft_do_chain()
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nf_tables: allow loads only when register is initialized
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/3] netfilter: nf_tables: reject loads from
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nf_tables: pass context structure to nft_parse_register_load
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH] doc: Update outdated info
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net 0/3] netfilter: nft_counter: Statistics fixes/ optimisation.
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH] doc: Update outdated info
- From: 谢致邦 (XIE Zhibang) <Yeking@xxxxxxxxx>
- [PATCH net-next 3/3] netfilter: nft_counter: Use u64_stats_t for statistic.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH net 2/3] netfilter: nft_counter: Synchronize nft_counter_reset() against reader.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH net 1/3] netfilter: nft_counter: Disable BH in nft_counter_offload_stats().
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH net 0/3] netfilter: nft_counter: Statistics fixes/ optimisation.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH bpf-next] bpf: use kfunc hooks instead of program types
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [PATCH bpf-next] bpf: use kfunc hooks instead of program types
- From: Matteo Croce <technoboy85@xxxxxxxxx>
- Re: [PATCH nft 1/5] datatype: make "flags" field of datatype struct simple booleans
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/4] parser_json: fix crash in json_parse_set_stmt_list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/4] parser_json: fix several expression memleaks from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/4] parser_json: fix handle memleak from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/4] parser_json: release buffer returned by json_dumps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/4] fixes for json parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] src: remove DTYPE_F_PREFIX
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] datatype: replace DTYPE_F_ALLOC by bitfield
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [RFC PATCH v2 1/9] landlock: Refactor current_check_access_socket() access right check
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: pgnd <pgnd@xxxxxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: support CTA_FILTER for flush
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: pgnd <pgnd@xxxxxxxxxxxx>
- Re: [PATCH] xtables: Fix compilation error with musl-libc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: remove unnecessary assignment in translate_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: do not remove elements if set backend implements .abort
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] selftests: netfilter: nft_queue.sh: sctp coverage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: store new sets in dedicated list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: move nf_ct_netns_get out of nf_conncount_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [syzbot] [netfilter?] inconsistent lock state in valid_state (4)
- From: syzbot <syzbot+d43eb079c2addf2439c3@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Phil Sutter <phil@xxxxxx>
- [ANNOUNCE] Security evaluation by ANSSI of nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v4 4/4] netfilter: nfnetlink: Handle ACK flags for batch messages
- From: Jiri Slaby <jirislaby@xxxxxxxxxx>
- Re: [PATCH net-next v4 4/4] netfilter: nfnetlink: Handle ACK flags for batch messages
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next v4 4/4] netfilter: nfnetlink: Handle ACK flags for batch messages
- From: Jiri Slaby <jirislaby@xxxxxxxxxx>
- Re: Please comment on my libnetfilter_queue build speedup patch
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [RFC PATCH v1 4/4] selftests/landlock: Add realworld workload based on find tool
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 3/4] selftests/landlock: Implement custom libbpf-based tracer
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 2/4] selftests/landlock: Implement per-syscall microbenchmarks
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 1/4] selftests/landlock: Implement performance impact measurement tool
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 0/4] Implement performance impact measurement tool
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Fwd: correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`
- From: pgnd <pgnd@xxxxxxxxxxxx>
- [PATCH nft] cache: revisit reset command flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- [PATCH 5.10 342/352] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 341/352] netfilter: nf_tables: allow clone callbacks to sleep
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 340/352] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 339/352] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 253/259] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 252/259] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 251/259] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 470/484] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 469/484] netfilter: nf_tables: allow clone callbacks to sleep
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 468/484] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 467/484] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 466/484] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4.19 191/196] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 4.19 190/196] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 4.19 189/196] netfilter: nf_tables: set element extended ACK reporting support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] parser_bison: allow 0 burst in limit rate byte mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 5/5] cache: do not fetch set inconditionally on delete
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/5] cache: populate chains on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/5] cache: rule by index requires full cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/5] cache: populate flowtable on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/5] cache: populate objecs on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/5] relax cache requirements, speed up incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/8] netfilter: allow ipv6 fragments to arrive on different devices
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] tests: shell: add a few tests for nft -i
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Breno Leitao <leitao@xxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nfnetlink: fix uninitialized local variable
- From: icejl <icejl0001@xxxxxxxxx>
- Re: Please comment on my libnetfilter_queue build speedup patch
- From: Florian Westphal <fw@xxxxxxxxx>
- Please comment on my libnetfilter_queue build speedup patch
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH net 7/8] netfilter: nf_tables: Introduce nf_tables_getobj_single
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 6/8] netfilter: nf_tables: Audit log dump reset after the fact
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 5/8] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/8] netfilter: nf_queue: drop packets with cloned unconfirmed conntracks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/8] netfilter: allow ipv6 fragments to arrive on different devices
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/8] netfilter: flowtable: initialise extack before use
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/8] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/8] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] cache: populate chains on demand from error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next v2 0/3] Preparations for FIB rule DSCP selector
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- [PATCH net-next v2 3/3] ipv4: Centralize TOS matching
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next v2 1/3] ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next v2 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH net-next v2 0/3] Preparations for FIB rule DSCP selector
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [PATCH nft,v2 2/2] datatype: improve error reporting when time unit is not correct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2 1/2] datatype: reject rate in quota statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] datatype: improve error reporting when time unit is not correct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] tests: shell: skip vlan mangling testcase if egress is not support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests: shell: Extend table persist flag test a bit
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH 0/8] nft: Implement forward compat for future binaries
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [RFC PATCH v2 9/9] samples/landlock: Support LANDLOCK_ACCESS_NET_LISTEN
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 8/9] selftests/landlock: Test changing socket backlog with listen(2)
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 6/9] selftests/landlock: Test listening without explicit bind restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 5/9] selftests/landlock: Test listen on connected socket
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 1/9] landlock: Refactor current_check_access_socket() access right check
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 0/9] Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 4/9] selftests/landlock: Test listening restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v2 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests: shell: Extend table persist flag test a bit
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH] tests: shell: Extend table persist flag test a bit
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/8] netfilter: nf_tables: reject element expiration with no timeout
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next 1/8] netfilter: nf_tables: elements with timeout less than HZ/10 never expire
- From: Phil Sutter <phil@xxxxxx>
- Re: [netfilter-core] [Q] The usage of xt_recseq.
- From: Florian Westphal <fw@xxxxxxxxx>
- [Q] The usage of xt_recseq.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH -stable,4.19.x 0/3] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,5.4.x 0/3] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,5.10.x 0/4] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,5.15.x 0/5] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH nf] netfilter: flowtable: validate vlan header
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6.1 148/150] netfilter: nf_tables: prefer nft_chain_validate
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 6.1 146/150] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 6.1 147/150] netfilter: nf_tables: allow clone callbacks to sleep
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,6.1.x 0/3] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH -stable,6.6.x 0/1] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 3/3] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 2/3] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 1/3] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,4.19.x 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 3/3] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 2/3] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 1/3] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4.x 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 4/4] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 3/4] netfilter: nf_tables: allow clone callbacks to sleep
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 2/4] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 1/4] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10.x 0/4] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 5/5] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 4/5] netfilter: nf_tables: allow clone callbacks to sleep
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 3/5] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 1/5] netfilter: nf_tables: set element extended ACK reporting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 2/5] netfilter: nf_tables: use timestamp to check for set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15.x 0/5] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 3/3] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 2/3] netfilter: nf_tables: allow clone callbacks to sleep
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 1/3] netfilter: nf_tables: bail out if stateful expression provides no .clone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1.x 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.6.x 1/1] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.6.x 0/1] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] set: export nftnl_set_clone
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nf PATCH v4 0/3] Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl] set: export nftnl_set_clone
- From: chayleaf <chayleaf-git@xxxxxxxxxx>
- Re: [PATCH] netfilter: nfnetlink_log: remove unnecessary check in __build_packet_message()
- From: Sergey Shtylyov <s.shtylyov@xxxxxx>
- Re: [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Simon Horman <horms@xxxxxxxxxx>
- [syzbot] [netfilter?] KMSAN: uninit-value in nf_flow_offload_inet_hook
- From: syzbot <syzbot+8407d9bb88cd4c6bf61a@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Donald Hunter <donald.hunter@xxxxxxxxx>
- [nf PATCH v4 2/3] netfilter: nf_tables: Introduce nf_tables_getobj_single
- From: Phil Sutter <phil@xxxxxx>
- [nf PATCH v4 1/3] netfilter: nf_tables: Audit log dump reset after the fact
- From: Phil Sutter <phil@xxxxxx>
- [nf PATCH v4 0/3] Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Phil Sutter <phil@xxxxxx>
- [nf PATCH v4 3/3] netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf v1] netfilter: flowtable: initialise extack before use
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Simon Horman <horms@xxxxxxxxxx>
- [PATCH] netfilter: nfnetlink_log: remove unnecessary check in __build_packet_message()
- From: Roman Smirnov <r.smirnov@xxxxxx>
- [PATCH nft] optimize: compare meta inner_desc pointers too
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf v2 2/2] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add __percpu annotation to *stats pointer in nf_tables_updchain()
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables RFC PATCH 8/8] nft: Support compat extensions in rule userdata
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables: compiling with kernel headers
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH nf 2/2] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 2/2] selftests: netfilter: add test for br_netfilter+conntrack+queue combination
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_queue: drop packets with cloned unconfirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 0/2] netfilter: disable support for queueing cloned conntrack entries
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [iptables RFC PATCH 8/8] nft: Support compat extensions in rule userdata
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft v2 0/5] src: mnl: rework list hooks infra
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: iptables: compiling with kernel headers
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables: compiling with kernel headers
- From: Florian Westphal <fw@xxxxxxxxx>
- iptables: compiling with kernel headers
- From: josh lant <joshualant@xxxxxxxxxxxxxx>
- [PATCH nft] src: add never expires marker for element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 6/8] netfilter: nf_tables: consolidate timeout extension for elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 7/8] netfilter: nf_tables: add never expires marker to elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 8/8] netfilter: nf_tables: set element timeout update support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/8] netfilter: nf_tables: annotate data-races around element expiration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/8] netfilter: nft_dynset: annotate data-races around set timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/8] netfilter: nf_tables: reject element expiration with no timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/8] netfilter: nf_tables: remove annotation to access set timeout while holding lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/8] netfilter: nf_tables: elements with timeout less than HZ/10 never expire
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 0/8] nf_tables: support for updating set element timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: CVE-2024-39503: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: CVE-2024-39503: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
- From: Siddh Raman Pant <siddh.raman.pant@xxxxxxxxxx>
- [PATCH nf v1] netfilter: flowtable: initialise extack before use
- From: Donald Hunter <donald.hunter@xxxxxxxxx>
- [PATCH nf v1] netfilter: nfnetlink: Initialise extack before use in ACKs
- From: Donald Hunter <donald.hunter@xxxxxxxxx>
- [PATCH v2] netfilter: allow ipv6 fragments to arrive on different devices
- From: Tom Hughes <tom@xxxxxxxxxx>
- Re: [PATCH] netfilter: allow ipv6 fragments to arrive on different devices
- From: Tom Hughes <tom@xxxxxxxxxx>
- Re: [PATCH] netfilter: allow ipv6 fragments to arrive on different devices
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: allow ipv6 fragments to arrive on different devices
- From: Tom Hughes <tom@xxxxxxxxxx>
- [PATCH] netfilter: nf_tables: Add __percpu annotation to *stats pointer in nf_tables_updchain()
- From: Uros Bizjak <ubizjak@xxxxxxxxx>
- [syzbot] Monthly netfilter report (Aug 2024)
- From: syzbot <syzbot+listca8d1ea06b0f6972495e@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 5/9] selftests/landlock: Test listen on connected socket
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 5/9] selftests/landlock: Test listen on connected socket
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [iptables PATCH 4/8] nft: ruleparse: Drop 'iter' variable in nft_rule_to_iptables_command_state
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/8] nft: ruleparse: Introduce nft_parse_rule_expr()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 7/8] nft: Introduce UDATA_TYPE_COMPAT_EXT
- From: Phil Sutter <phil@xxxxxx>
- [iptables RFC PATCH 8/8] nft: Support compat extensions in rule userdata
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/8] nft: Reduce overhead in nft_rule_find()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/8] nft: __add_{match,target}() can't fail
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/8] nft: Implement forward compat for future binaries
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/8] ebtables: Zero freed pointers in ebt_cs_clean()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/8] ebtables: Introduce nft_bridge_init_cs()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v1 nf 0/2] netfilter: iptables: Fix null-ptr-deref in ip6?table_nat_table_init().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/2] netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 00/14] Some fixes and trivial improvements
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [PATCH nft v2 5/5] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 4/5] src: add egress support for 'list hooks'
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 3/5] src: drop obsolete hook argument form hook dump functions
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 1/5] src: mnl: clean up hook listing code
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 2/5] src: mnl: make family specification more strict when listing
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft v2 0/5] src: mnl: rework list hooks infra
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libmnl] README: Document the contribution process
- From: Petr Machata <petrm@xxxxxxxxxx>
- Re: [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
- From: Phil Sutter <phil@xxxxxx>
- [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function
- From: Danielle Ratson <danieller@xxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: [PATCH nft 2/4] src: remove decnet support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: patchwork-bot+linux-riscv@xxxxxxxxxx
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: patchwork-bot+linux-riscv@xxxxxxxxxx
- Re: [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC PATCH v1 9/9] samples/landlock: Support LANDLOCK_ACCESS_NET_LISTEN
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 8/9] selftests/landlock: Test changing socket backlog with listen(2)
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 7/9] selftests/landlock: Test listen on ULP socket without clone method
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 6/9] selftests/landlock: Test listening without explicit bind restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 2/9] landlock: Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 5/9] selftests/landlock: Test listen on connected socket
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 1/9] landlock: Refactor current_check_access_socket() access right check
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 4/9] selftests/landlock: Test listening restriction
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 3/9] selftests/landlock: Support LANDLOCK_ACCESS_NET_LISTEN_TCP
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [RFC PATCH v1 0/9] Support TCP listen access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [iptables PATCH 02/14] nft: Fix for zeroing existent builtin chains
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 06/14] nft: Add potentially missing init_cs calls
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 07/14] arptables: Fix conditional opcode/proto-type printing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 10/14] xshared: Make save_iface() static
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 13/14] arptables: Introduce print_iface()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 09/14] extensions: conntrack: Reuse print_state() for old state match
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 12/14] libxtables: Debug: Slightly improve extension ordering debugging
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 05/14] nft: cmd: Init struct nft_cmd::head early
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 08/14] xshared: Do not omit all-wildcard interface spec when inverted
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 11/14] xshared: Move NULL pointer check into save_iface()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 04/14] extensions: conntrack: Use the right callbacks
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 14/14] ebtables: Omit all-wildcard interface specs from output
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 01/14] nft: cache: Annotate faked base chains as such
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 00/14] Some fixes and trivial improvements
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 03/14] extensions: recent: Fix format string for unsigned values
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] extensions: recent: New kernels support 999 hits
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] nft: Fix for zeroing non-existent builtin chains
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH 0/8] Fix xtables-monitor rule printing, partially RFC
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [RFC PATCH net-next 1/3] ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
- From: Guillaume Nault <gnault@xxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/4] src: add egress support for 'list hooks'
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 3/4] src: mnl: clean up hook listing code
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/4] src: remove decnet support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/4] doc: add documentation about list hooks feature
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/4] list hooks refactoring
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v1 nf 0/2] netfilter: iptables: Fix null-ptr-deref in ip6?table_nat_table_init().
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: pr-tracker-bot@xxxxxxxxxx
- Re: [GIT PULL] sysctl constification changes for v6.11-rc1
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v1 nf 2/2] netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
- From: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
- [PATCH v1 nf 1/2] netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
- From: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
- [PATCH v1 nf 0/2] netfilter: iptables: Fix null-ptr-deref in ip6?table_nat_table_init().
- From: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
- [RFC PATCH net-next 3/3] ipv4: Centralize TOS matching
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [RFC PATCH net-next 2/3] netfilter: nft_fib: Mask upper DSCP bits before FIB lookup
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [RFC PATCH net-next 1/3] ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- [RFC PATCH net-next 0/3] Preparations for FIB rule DSCP selector
- From: Ido Schimmel <idosch@xxxxxxxxxx>
- Re: [PATCH net 1/1] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [GIT PULL] sysctl constification changes for v6.11-rc1
- From: Joel Granados <j.granados@xxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- [PATCH net 1/1] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/1] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2,v2] cache: recycle existing cache with incremental updates
- From: Eric Garver <eric@xxxxxxxxxxx>
- Re: Sets update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nf_tables/set: Is dynamic + interval possible?
- From: Florian Westphal <fw@xxxxxxxxx>
- nf_tables/set: Is dynamic + interval possible?
- From: caskd <caskd@xxxxxxxxx>
- Re: Speedup patch ping
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Speedup patch ping
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [iptables PATCH] extensions: recent: New kernels support 999 hits
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf] netfilter: nft_set_pipapo_avx2: disable softinterrupts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] optimize: skip variables in nat statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net 1/4] netfilter: ctnetlink: use helper function to calculate expect ID
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net] net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH nf-next] netfilter: move nf_ct_netns_get out of nf_conncount_init
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: move nf_ct_netns_get out of nf_conncount_init
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH net 0/4] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 3/4] selftests: netfilter: add test case for recent mismatch bug
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 4/4] ipvs: properly dereference pe in ip_vs_add_service
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 2/4] netfilter: nf_set_pipapo: fix initial map fill
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/4] netfilter: ctnetlink: use helper function to calculate expect ID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] nft: Fix for zeroing non-existent builtin chains
- From: Phil Sutter <phil@xxxxxx>
- [ANNOUNCE] nftables 1.1.0 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Transparent SNAT bridge with physdev module
- From: Matt Ayre <maayr3@xxxxxxxxx>
- Are there Any Side Effects when net.netfilter.nf_conntrack_tcp_be_liberal is set to 1?
- From: renmingshuai <renmingshuai@xxxxxxxxxx>
- [iptables PATCH 3/8] xtables-monitor: Align builtin chain and table output
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 4/8] xtables-monitor: Support arptables chain events
- From: Phil Sutter <phil@xxxxxx>
- [RFC iptables PATCH 8/8] xtables-monitor: Print commands instead of -4/-6/-0 flags
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/8] Fix xtables-monitor rule printing, partially RFC
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/8] xtables-monitor: Proper re-init for rule's family
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 7/8] xtables-monitor: Ignore ebtables policy rules unless tracing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/8] xtables-monitor: Fix for ebtables rule events
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/8] tests: shell: New xtables-monitor test
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/8] xtables-monitor: Flush stdout after all lines of output
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] conntrack: tcp: fix parsing of tuple-port-src and tuple-port-dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback
- From: Vlastimil Babka <vbabka@xxxxxxx>
- Re: [PATCH net] net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
- Re: [PATCH nf] selftests: netfilter: add test case for recent mismatch bug
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_set_pipapo: fix initial map fill
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH nf] netfilter: ctnetlink: use helper function to calculate expect ID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: restore default behavior for nf_conntrack_events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: do not remove elements if set backend implements .abort
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net] net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] conntrack: tcp: fix parsing of tuple-port-src and tuple-port-dst
- From: Stephan Brunner <s.brunner@xxxxxxxxxxxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.2.7 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
- [PATCH nf] selftests: netfilter: add test case for recent mismatch bug
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: nf_set_pipapo: fix initial map fill
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ulogd2] README: update project homepage and mailing list addresses
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] configure: Add option for building with musl
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH] configure: Add option for building with musl
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH] configure: Add option for building with musl
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [PATCH] xtables: Fix compilation error with musl-libc
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- [PATCH ulogd2] README: update project homepage and mailing list addresses
- From: Harald Welte <laforge@xxxxxxxxxxx>
- Re: [PATCH net 1/2] netfilter: nfnetlink_queue: drop bogus WARN_ON
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH net 2/2] netfilter: nf_tables: prefer nft_chain_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] netfilter: nfnetlink_queue: drop bogus WARN_ON
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: prefer nft_chain_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: support CTA_FILTER for flush
- From: Changliang Wu <changliang.wu@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH nft 3/3] tests: connect chains to hook point
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/3] testcases: test jump to basechain is rejected, even if there is no loop
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/3] tests: add more ruleset validation test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [libnftnl PATCH 1/2] chain: Support unsetting NFTNL_CHAIN_USERDATA attribute
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/2] chain: Support unsetting NFTNL_CHAIN_USERDATA attribute
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 2/2] table: Support unsetting NFTNL_TABLE_USERDATA attribute
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft 2/2] libnftables: skip useable checks for /dev/stdin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] libnftables: fix crash when freeing non-malloc'd address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH nft] libnftables: fix crash when freeing non-malloc'd address
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] xtables: Fix compilation error with musl-libc
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: yyxRoy <yyxroy22@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: store new sets in dedicated list
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/2] libnftables: skip useable checks for /dev/stdin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] parser_json: use stdin buffer if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] xtables: Fix compilation error with musl-libc
- From: Joshua Lant <joshualant@xxxxxxxxxxxxxx>
- Re: [libnftnl PATCH] expr: limit: Prepare for odd time units
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: nfnetlink_queue: drop bogus WARN_ON
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: yyxRoy <yyxroy22@xxxxxxxxx>
- [linux-next:master] [selftests] 742ad979f5: WARNING:at_net/netfilter/nfnetlink_queue.c:#nf_reinject[nfnetlink_queue]
- From: kernel test robot <oliver.sang@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [iptables PATCH] man: recent: Adjust to changes around ip_pkt_list_tot parameter
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables- accessing unallocated memory
- From: Phil Sutter <phil@xxxxxx>
- Re: iptables- accessing unallocated memory
- From: josh lant <joshualant@xxxxxxxxxxxxxx>
- Re: iptables- accessing unallocated memory
- From: Phil Sutter <phil@xxxxxx>
- [PATCH libnftnl] expr: use NFTA_* netlink attributes to build fields, not NFTNL_EXPR_*
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] optimize: clone counter before insertion into set element
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- iptables- accessing unallocated memory
- From: josh lant <joshualant@xxxxxxxxxxxxxx>
- Re: [syzbot] [netfilter?] KASAN: slab-use-after-free Read in nf_tables_trans_destroy_work
- From: syzbot <syzbot+4fd66a69358fc15ae2ad@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: unconditionally flush pending work before notifier
- From: Hillf Danton <hdanton@xxxxxxxx>
- Re: [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs
- From: yyxRoy <yyxroy22@xxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
