Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- [PATCH 7/7] netfilter: nft_flow_offload: fix checking method of conntrack helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/7] netfilter: nf_tables: Fix for endless loop when dumping ruleset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_tables: Support RULE_ID reference in new rule
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH] src: chain: Fix nftnl_chain_rule_insert_at()
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf 3/3] netfilter: nft_compat: destroy function must not have side effects
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 2/3] netfilter: nft_compat: make lists per netns
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/3] netfilter: nft_compat: use refcnt_t type for nft_xt reference count
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 0/3] netfilter: nft_compat: fix race conditions
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: fix checking method of conntrack helper
- From: John Crispin <john@xxxxxxxxxxx>
- [PATCH] netfilter: fix checking method of conntrack helper
- From: Henry Yen <henry.yen@xxxxxxxxxxxx>
- Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf 2/2] netfilter: nft_compat: protect lists between select_ops and init
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12
- From: Martin Kratochvíl <martin.kratochvil@xxxxxxxxx>
- Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH v3] vrf: Fix conntrack-dnat conflict in vrf-device PREROUTING hook
- Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12
- From: Martin Kratochvíl <martin.kratochvil@xxxxxxxxx>
- Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12
- From: Martin Kratochvíl <martin.kratochvil@xxxxxxxxx>
- [PATCH nf-next] netfilter: physdev: relax br_netfilter dependency
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v4 3/5] xtables: Set errno in nft_rule_check() if chain not found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 4/5] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v4 3/5] xtables: Set errno in nft_rule_check() if chain not found
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v2] netfilter: x_tables: add xt_tunnel match
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH v3] netfilter: nft_flow_offload: fix interaction with vrf slave device
- Re: IPtables v 1.8.2 patch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: IPtables v 1.8.2 patch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] nft_flow_offload: Make flow offload work with vrf slave device correct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 5/5] xtables: Do not change ruleset while listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 5/5] xtables: Do not change ruleset while listing
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v4 5/5] xtables: Do not change ruleset while listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 4/5] xtables: Fix for inserting rule at wrong position
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 2/2] netfilter: nft_compat: protect lists between select_ops and init
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] payload: refine payload expr merging
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: x_tables: add xt_tunnel match
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 2/2] netfilter: nft_compat: protect lists between select_ops and init
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nft_compat: fix a race condition in match/target list
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf 0/2] netfilter: nft_compat: fix a race condition in nft_compat module
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] netfilter: nat: Update comment of get_unique_tuple
- From: YueHaibing <yuehaibing@xxxxxxxxxx>
- [PATCH nft] payload: refine payload expr merging
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v4 5/5] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v4 4/5] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: fix a missing check of nla_parse
- From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
- [PATCH v2] nft_flow_offload: Make flow offload work with vrf slave device correct
- [PATCH v2] netfilter: x_tables: add xt_tunnel match
- IPtables v 1.8.2 patch
- From: "Nathan O." <ndowens04@xxxxxxxxx>
- Re: [PATCH] netfilter: x_tables: add xt_tunnel match
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH] netfilter: x_tables: add xt_tunnel match
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft_flow_offload: Make flow offload work with vrf slave device correct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 5/5] xtables: Do not change ruleset while listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 4/5] xtables: Fix for inserting rule at wrong position
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: fix a missing check of nla_parse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: fix netdev family device name parsing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] src: fix netdev family device name parsing
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: remove helper hook again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: remove helper hook again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Jann Haber <jann.haber@xxxxxxxxxx>
- Re: [PATCH RESEND] nft_flow_offload: Fix the peer route get from wrong daddr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RESEND] nft_flow_offload: Fix the peer route get from wrong daddr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: x_tables: add xt_tunnel match
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 3/5] xtables: Set errno in nft_rule_check() if chain not found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 2/5] nft: Simplify flush_chain_cache()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 1/5] nft: Simplify nft_is_chain_compatible()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: remove helper hook again
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: fix leaking object reference count
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH] nft_flow_offload: Make flow offload work with vrf slave device correct
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH] netfilter: x_tables: add xt_tunnel match
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH RESEND] nft_flow_offload: Fix the peer route get from wrong daddr
- Re: [PATCH nf] netfilter: nf_tables: fix leaking object reference count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: fix leaking object reference count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_tables: selective rule dump needs table to be specified
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat: return the same reply tuple for matching CTs
- From: Johannes Würbach <johannes.wuerbach@xxxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.20 001/117] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.20 084/117] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.20 085/117] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.20 086/117] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH] [v2] netfilter: ipset: fix a missing check of nla_parse
- From: Kadlecsik József <kadlecsik.jozsef@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.19 01/97] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH v2 2/2] ipset: merge uadd and udel functions
- From: Kadlecsik József <kadlecsik.jozsef@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.19 68/97] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 70/97] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 69/97] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH v2 1/2] ipset: remove useless memset() calls
- From: Kadlecsik József <kadlecsik.jozsef@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.14 37/53] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: add direct calls for all builtin expressions
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: nf_tables: handle nft_object lookups via rhltable
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: nf_tables: prepare nft_object for lookups via hashtable
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [apparmor] Apparmor netfiter support?
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
- Re: [nf-next] netfilter: Add support for inner IPv6 packet match
- From: "David R. Bild" <david.bild@xxxxxxxxxx>
- [PATCH] [v2] netfilter: ipset: fix a missing check of nla_parse
- From: Aditya Pakki <pakki001@xxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 01/10] audit: collect audit task parameters
- From: Guenter Roeck <linux@xxxxxxxxxxxx>
- [PATCH nft 4/4] tests: shell: remove RETURNCODE_SEPARATOR
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 2/4] tests: shell: change all test scripts to return 0
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 3/4] tests: shell: fix up redefine test case
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/4] tests: shell: add test case for leaking of stateful object refcount
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/4] tests: change test scripts to return 0
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 01/10] audit: collect audit task parameters
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: fix leaking object reference count
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 01/10] audit: collect audit task parameters
- From: Guenter Roeck <linux@xxxxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 00/10] audit: implement container identifier
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 00/10] audit: implement container identifier
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 05/10] audit: add support for non-syscall auxiliary records
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 00/10] audit: implement container identifier
- From: Guenter Roeck <linux@xxxxxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Jann Haber <jann.haber@xxxxxxxxxx>
- Re: nftables Newcomers Tasks from Bugzilla
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 00/10] audit: implement container identifier
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: Selfnet: Possible Bugs found in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Selfnet: Possible Bugs found in nftables
- From: Jann Haber <jann.haber@xxxxxxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 00/10] audit: implement container identifier
- From: Guenter Roeck <linux@xxxxxxxxxxxx>
- Re: nftables Newcomers Tasks from Bugzilla
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: William Kucharski <william.kucharski@xxxxxxxxxx>
- [PATCH v2] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- Re: [PATCH net-next] vrf: Add VRF_F_BYPASS_RCV_NF flag to vrf device
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next] vrf: Add VRF_F_BYPASS_RCV_NF flag to vrf device
- From: David Ahern <dsahern@xxxxxxxxx>
- [PATCH nft] rule: fix object listing when no table is given
- From: Florian Westphal <fw@xxxxxxxxx>
- Re:Re: [PATCH] nft_flow_offload: Fix the peer route get from wrong daddr
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- [PATCH v2] net: nf_tables: Fix speedup of selective rule dumps
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: xt_connlimit: fix race in connection counting
- From: Nivedita Singhvi <nivedita.singhvi@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: xt_connlimit: fix race in connection counting
- From: Nivedita Singhvi <nivedita.singhvi@xxxxxxxxxxxxx>
- Re: [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH v4 4/5] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 5/5] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 0/5] Separate rule cache per chain et al.
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 2/5] nft: Simplify flush_chain_cache()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 1/5] nft: Simplify nft_is_chain_compatible()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 3/5] xtables: Set errno in nft_rule_check() if chain not found
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH] src: chain: Add missing nftnl_chain_rule_del()
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v3 21/21] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v3 17/21] xtables: Optimize list command with given chain
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v3 16/21] xtables: Optimize user-defined chain deletion
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v3 11/21] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- Re: [PATCH 0/9] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- [PATCH v2 1/2] ipset: remove useless memset() calls
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- [PATCH v2 2/2] ipset: merge uadd and udel functions
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- [PATCH 3/9] netfilter: nf_conncount: don't skip eviction when age is negative
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/9] netfilter: nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/9] netfilter: nf_tables: fix a missing check of nla_put_failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 8/9] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/9] netfilter: nf_conncount: restart search when nodes have been erased
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/9] netfilter: nf_conncount: merge lookup and add functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 9/9] netfilter: nf_conncount: fix argument order to find_next_bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/9] netfilter: nf_conncount: move all list iterations under spinlock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/9] netfilter: nf_conncount: split gc in two phases
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/9] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft_flow_offload: Fix the peer route get from wrong daddr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] nft_flow_offload: Make flow offload work with vrf slave device correct
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- [PATCH] netfilter: account ebt_table_info to kmemcg
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
- Re: [PATCH] netfilter: fix a missing check of nla put failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] ipset: remove useless memset() calls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] libxtables: work around unwanted kernel module load
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] libxtables: work around unwanted kernel module load
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] libxtables: work around unwanted kernel module load
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 0/8] netfilter: nf_conncount: rework locking and memory management
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] src: add igmp support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] doc: refer to meta protocol in icmp and icmpv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2] ipset: merge uadd and udel functions
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- [PATCH 1/2] ipset: remove useless memset() calls
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- Re: [PATCH nf 0/8] netfilter: nf_conncount: rework locking and memory management
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH nf 4/8] netfilter: nf_conncount: restart search when nodes have been erased
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH nf 4/8] netfilter: nf_conncount: restart search when nodes have been erased
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [iptables PATCH v3 03/21] xtables-restore: Review chain handling
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf 8/8] netfilter: nf_conncount: fix argument order to find_next_bit
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 7/8] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 6/8] netfilter: nf_conncount: move all list iterations under spinlock
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 5/8] netfilter: nf_conncount: merge lookup and add functions
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 4/8] netfilter: nf_conncount: restart search when nodes have been erased
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 3/8] netfilter: nf_conncount: split gc in two phases
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 2/8] netfilter: nf_conncount: don't skip eviction when age is negative
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/8] nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 0/8] netfilter: nf_conncount: rework locking and memory management
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 09/10] audit: NETFILTER_PKT: record each container ID associated with a netNS
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH nft] src: remove deprecated code for export/import commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 21/21] xtables: Do not change ruleset while listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 17/21] xtables: Optimize list command with given chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 16/21] xtables: Optimize user-defined chain deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 11/21] xtables: Implement per chain rule cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 06/21] nft: Reduce indenting level in flush_chain_cache()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 04/21] nft: Review is_*_compatible() routines
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 03/21] xtables-restore: Review chain handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 00/21] Separate rule cache per chain et al.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 3/3] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 3/3] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH nf 3/3] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 3/3] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 09/10] audit: NETFILTER_PKT: record each container ID associated with a netNS
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 21/97] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 20/97] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 08/35] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 12/35] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 36/97] netfilter: nat: can't use dst_hold on noref dst
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 35/97] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 37/97] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 12/59] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 23/59] netfilter: nat: can't use dst_hold on noref dst
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 22/59] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH nf 3/3] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf 2/3] netfilter: nf_conncount: double connection deletion from packet path
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf 1/3] netfilter: nf_conncount: remove workqueue garbage collector
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 3/3] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 2/3] netfilter: nf_conncount: double connection deletion from packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 1/3] netfilter: nf_conncount: remove workqueue garbage collector
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH v2 2/3] nf_conncount: GC dead rbnodes when inserting a new node that is exact match
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_conncount: speculative garbage collection on empty lists
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: fix a missing check of nla_parse
- From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
- [PATCH] ipset: fix a missing check of nla_parse
- From: Kangjie Lu <kjlu@xxxxxxx>
- Re: [PATCH 2/5] ipset: Implement ip,port,ip,port hash set.
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- [PATCH v4] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH v2 3/3] nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 3/3] nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH v2 2/3] nf_conncount: GC dead rbnodes when inserting a new node that is exact match
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH v2 1/3] nf_conncount: Set correct parent rbnode when inserting on exact match
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH v2 0/3] nf_conntrack bugfixes
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH 3/3] nf_conncount: tree_gc_worker should gc trees > CONNCOUNT_LOCK_SLOTS
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 3/3] nf_conncount: tree_gc_worker should gc trees > CONNCOUNT_LOCK_SLOTS
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- Re: [PATCH 0/3] nf_conncount bugfixes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 3/3] nf_conncount: tree_gc_worker should gc trees > CONNCOUNT_LOCK_SLOTS
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 3/3] nf_conncount: tree_gc_worker should gc trees > CONNCOUNT_LOCK_SLOTS
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH 2/3] nf_conncount: GC dead rbnodes when inserting a new node that is exact match
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH 1/3] nf_conncount: Set correct parent rbnode when inserting on exact match
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH 0/3] nf_conncount bugfixes
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH] include: Use char* for arithmetic over void*
- From: William Woodruff <william@xxxxxxxxxxxxx>
- Re: [PATCH iptables] iptables-xml: fix symlink path
- From: Joel Carlson <joelsoncarl@xxxxxxxxx>
- Re: [PATCH iptables] iptables-xml: fix symlink path
- From: Joel Carlson <joelsoncarl@xxxxxxxxx>
- Re: nf_conncount_destroy bug in rb_erase()
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables] iptables-xml: fix symlink path
- From: Joel Carlson <joelsoncarl@xxxxxxxxx>
- Re: [PATCH iptables] libxtables: work around unwanted kernel module load
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH] xtables: Speed up chain deletion in large rulesets
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] xtables: Catch errors when zeroing rule rounters
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] xtables: Speed up chain deletion in large rulesets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] xtables: Catch errors when zeroing rule rounters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] libxtables: work around unwanted kernel module load
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] xtables: Catch errors when zeroing rule rounters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 5/5] src: flowtable: Fix for reading garbage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 4/5] src: flowtable: Fix memleak in nftnl_flowtable_parse_devs()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 3/5] src: flowtable: Fix use after free in two spots
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 2/5] src: flowtable: Add missing break
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 1/5] src: object: Avoid obj_ops array overrun
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: x_tables: add xt_tunnel match
- [PATCH] netfilter: fix a missing check of nla put failure
- From: Kangjie Lu <kjlu@xxxxxxx>
- Re: [PATCH 00/37] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [nft PATCH v2] nft: Reject 'export vm json' command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: register sysctl table for gre
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] netfilter: conntrack: udp: set stream timeout to 2 minutes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/6] netfilter: conntrack: reduce sysctl management copypaste
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/37] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/37] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/37] netfilter: remove NFC_* cache bits
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/37] netfilter: nat: remove l4 protocol port rovers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/37] netfilter: ipset: Introduction of new commands and protocol version 7
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/37] netfilter: ipset: fix ip_set_byindex function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/37] netfilter: ipset: replace a strncpy() with strscpy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/37] netfilter: nat: remove unnecessary 'else if' branch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/37] netfilter: nat: limit port clash resolution attempts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/37] netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/37] netfilter: nat: fold in_range indirection into caller
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 23/37] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 19/37] netfilter: nat: remove l4proto->in_range
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/37] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 26/37] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 27/37] netfilter: ipt_CLUSTERIP: fix sleep-in-atomic bug in clusterip_config_entry_put()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 21/37] netfilter: nat: remove l4proto->manip_pkt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 28/37] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 22/37] netfilter: nat: remove nf_nat_l4proto struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 24/37] netfilter: nf_tables: Speed up selective rule dumps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 30/37] netfilter: conntrack: udp: set stream timeout to 2 minutes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 29/37] netfilter: conntrack: udp: only extend timeout to stream mode after 2s
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 25/37] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 31/37] netfilter: conntrack: register sysctl table for gre
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 34/37] netfilter: conntrack: merge acct and helper sysctl table with main one
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 37/37] netfilter: netns: shrink netns_ct struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 36/37] netfilter: conntrack: remove empty pernet fini stubs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 35/37] netfilter: conntrack: merge ecache and timestamp sysctl tables with main one
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 33/37] netfilter: conntrack: add mnemonics for sysctl table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 32/37] netfilter: conntrack: un-export seq_print_acct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 20/37] netfilter: nat: remove l4proto->nlattr_to_range
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/37] netfilter: nat: remove l4proto->unique_tuple
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/37] netfilter: nat: un-export nf_nat_l4proto_unique_tuple
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/37] netfilter: remove NF_NAT_RANGE_PROTO_RANDOM support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/37] netfilter: nf_flow_table: make nf_flow_table_iterate() static
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/37] netfilter: ctnetlink: always honor CTA_MARK_MASK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/37] netfilter: nf_flow_table: simplify nf_flow_offload_gc_step()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/37] netfilter: ipset: Make invalid MAC address checks consistent
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH 0/5] Covscan indicated fixes
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 4/5] src: flowtable: Fix memleak in nftnl_flowtable_parse_devs()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 3/5] src: flowtable: Fix use after free in two spots
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 5/5] src: flowtable: Fix for reading garbage
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 2/5] src: flowtable: Add missing break
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/5] src: object: Avoid obj_ops array overrun
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 01/21] nft: Simplify nftnl_rule_list_chain_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 08/21] nft: Simplify nft_rule_insert() a bit
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 14/21] xtables: Optimize nft_chain_zero_counters()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 13/21] xtables: Optimize flushing a specific chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 19/21] nft: Make use of nftnl_rule_lookup_byindex()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 02/21] nft: Review unclear return points
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 05/21] nft: Reduce __nft_rule_del() signature
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 21/21] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 17/21] xtables: Optimize list command with given chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 12/21] nft: Drop nft_chain_list_find()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 15/21] tests: Extend verbose output and return code tests
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 20/21] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 03/21] xtables-restore: Review chain handling
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 06/21] nft: Reduce indenting level in flush_chain_cache()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 09/21] nft: Introduce fetch_chain_cache()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 11/21] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 00/21] Separate rule cache per chain et al.
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 07/21] nft: Simplify per table chain cache update
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 04/21] nft: Review is_*_compatible() routines
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 16/21] xtables: Optimize user-defined chain deletion
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 10/21] nft: Move nft_rule_list_get() above nft_chain_list_get()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 18/21] xtables: Optimize list rules command with given chain
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH iptables] include: Use char* for arithmetic over void*
- From: William Woodruff <william@xxxxxxxxxxxxx>
- [PATCH iptables] include: Use char* for arithmetic over void*
- From: William Woodruff <william@xxxxxxxxxxxxx>
- nf_conncount_destroy bug in rb_erase()
- From: Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx>
- [PATCH nf-next 6/6] netfilter: netns: shrink netns_ct struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 5/6] netfilter: conntrack: remove empty pernet fini stubs
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/6] netfilter: conntrack: merge ecache and timestamp sysctl tables with main one
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/6] netfilter: conntrack: merge acct and helper sysctl table with main one
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/6] netfilter: conntrack: add mnemonics for sysctl table
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/6] netfilter: conntrack: un-export seq_print_acct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/6] netfilter: conntrack: reduce sysctl management copypaste
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables] libxtables: work around unwanted kernel module load
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: register sysctl table for gre
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [PATCH 5/5] lib/ipset.c: Fix a compilation failure when using --enable-debug
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH 0/5] RFC: Add new ip/net,port,ip/net,port sets
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- nftables Newcomers Tasks from Bugzilla
- From: Karuna Grewal <karunagrewal98@xxxxxxxxx>
- [iptables PATCH] extensions: TRACE: Point at xtables-monitor in documentation
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] net: nf_tables: Speed up selective rule dumps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v2] netfilter: conntrack: udp: set stream timeout to 2 minutes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 nf-next 1/8] netfilter: remove NF_NAT_RANGE_PROTO_RANDOM support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nat: remove unnecessary 'else if' branch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3 nf-next] netfilter: nat: limit port clash resolution attempts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 03/14] xtables: Implement per chain rule cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 03/14] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v2 03/14] xtables: Implement per chain rule cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 03/14] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v2 03/14] xtables: Implement per chain rule cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH v2] nft: Reject 'export vm json' command
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] nft: Reject 'export vm json' command
- From: Phil Sutter <phil@xxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/5] ipset: Implement ip,port,ip,port hash set.
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 3/5] ipset: Implement ip,port,net,port hash set.
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 4/5] ipset: Implement net,port,net,port hash set.
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 5/5] lib/ipset.c: Fix a compilation failure when using --enable-debug
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 1/5] ipset: Support sets with 4 individual elements and an extra port
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 0/5] RFC: Add new ip/net,port,ip/net,port sets
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- Re: Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: William Woodruff <william@xxxxxxxxxxxxx>
- Re: Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: William Woodruff <william@xxxxxxxxxxxxx>
- [iptables PATCH] xtables: Catch errors when zeroing rule rounters
- From: Phil Sutter <phil@xxxxxx>
- ebtables & arptables releases
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: general protection fault in watchdog
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: general protection fault in watchdog
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- Re: general protection fault in watchdog
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 0/5] ipset patches for nf-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2 nf-next 8/8] netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 7/8] netfilter: nat: remove l4proto->manip_pkt
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 6/8] netfilter: nat: remove l4proto->nlattr_to_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 5/8] netfilter: nat: remove l4proto->in_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 4/8] netfilter: nat: fold in_range indirection into caller
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 3/8] netfilter: nat: remove l4proto->unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 2/8] netfilter: nat: un-export nf_nat_l4proto_unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 1/8] netfilter: remove NF_NAT_RANGE_PROTO_RANDOM support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next] netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [PATCH 0/5] ipset patches for nf-next
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
- [iptables PATCH v2 03/14] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 13/14] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 01/14] xtables: Review unclear return points
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 10/14] xtables: Optimize nft_rule_list()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 00/14] Separate rule cache per chain et al.
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 05/14] xtables: Drop nft_chain_list_find()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 09/14] xtables: Optimize nft_chain_user_del()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 11/14] xtables: Optimize nft_rule_list_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 08/14] tests: Extend verbose output and return code tests
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 07/14] xtables: Optimize nft_chain_zero_counters()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 02/14] xtables-restore: Review chain handling
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 12/14] xtables: Make use of nftnl_rule_lookup_byindex()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 04/14] nft: Simplify nftnl_rule_list_chain_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 14/14] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 06/14] xtables: Optimize flushing a specific chain
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v2] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH 4/5] netfilter: fix missed NULL check in nf_conntrack_proto_pernet_init()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/5] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/5] netfilter: nat: can't use dst_hold on noref dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/5] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/5] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/5] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v3 0/4] netfilter: ipt_CLUSTERIP: fix bugs in ipt_CLUSTERIP
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nat: can't use dst_hold on noref dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/5] ipset patches for nf-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/8] netfilter: nat: remove l4proto->in_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 8/8] netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 7/8] netfilter: nat: remove l4proto->manip_pkt
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 6/8] netfilter: nat: remove l4proto->nlattr_to_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/8] netfilter: nat: fold in_range indirection into caller
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/8] netfilter: nat: remove l4proto->unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/8] netfilter: nat: un-export nf_nat_l4proto_unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/8] netfilter: remove NF_NAT_RANGE_PROTO_RANDOM support
- From: Florian Westphal <fw@xxxxxxxxx>
- netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 4/5] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4/5] netfilter: fix missed NULL check in nf_conntrack_proto_pernet_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] xtables: Speed up chain deletion in large rulesets
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] net: nf_tables: Speed up selective rule dumps
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH] chain: Hash chain list by name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH] chain: Hash chain list by name
- From: Phil Sutter <phil@xxxxxx>
- [ANNOUNCE] ipset 7.1 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [iptables PATCH 12/14] xtables: Make use of nftnl_rule_lookup_byindex()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 05/14] xtables: Drop nft_chain_list_find()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 03/14] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 04/14] nft: Simplify nftnl_rule_list_chain_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 11/14] xtables: Optimize nft_rule_list_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 00/14] Separate rule cache per chain et al.
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 14/14] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 10/14] xtables: Optimize nft_rule_list()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 02/14] xtables-restore: Review chain handling
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 07/14] xtables: Optimize nft_chain_zero_counters()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 06/14] xtables: Optimize flushing a specific chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 09/14] xtables: Optimize nft_chain_user_del()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 13/14] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 01/14] xtables: Review unclear return points
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 08/14] tests: Extend verbose output and return code tests
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- [PATCH nf] netfilter: nat: can't use dst_hold on noref dst
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH v3 nf-next] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 5/5] netfilter: ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 3/5] netfilter: ipset: Introduction of new commands and protocol version 7
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 4/5] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 1/5] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 2/5] netfilter: ipset: Make invalid MAC address checks consistent
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 0/5] ipset patches for nf-next
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH net-next v2] netfilter: ebtables: avoid resetting limit rule state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2] netfilter: nat: limit port clash resolution attempts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next v2] netfilter: ebtables: avoid resetting limit rule state
- From: Linus Lüssing <linus.luessing@xxxxxxxxx>
- [PATCH nf v2] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Another compilation error
- From: Ansuel Smith <ansuelsmth@xxxxxxxxx>
- Another compilation error
- From: Ansuel Smith <ansuelsmth@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nat: limit port clash resolution attempts
- From: Xiaozhou Liu <lxz1983@xxxxxxxxx>
- [PATCH nf] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH RFC] src: support for arp ether and IP source and destination fields
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC] src: support for arp ether and IP source and destination fields
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH RFC] src: support for arp ether and IP source and destination fields
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 0/2] chain: Support per chain rules list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH 2/2] chain: Add lookup functions for chain list and rules in chain
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/2] chain: Support per chain rules list
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 0/2] chain: Support per chain rules list
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v2 nf-next] netfilter: conntrack: udp: only extend timeout to stream mode after 2s
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: udp: only extend timeout after 2s
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: udp: reduce default timeouts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: nat: remove unnecessary 'else if' branch
- From: Xiaozhou Liu <liuxiaozhou@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 2/5] netfilter: register sysctl table for gre
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 3/5] procfs: fix double drop_sysctl_table()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 4/5] netfilter: fix missed NULL check in nf_conntrack_proto_pernet_init()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 5/5] netfilter: fix error return value of nf_ct_l4proto_pernet_register_one()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 1/5] netfilter: fix general protection fault when unregister sysctl table
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.19 018/123] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 017/123] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 019/123] netfilter: nf_conncount: fix unexpected permanent node of list.
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 023/123] netfilter: xt_RATEEST: remove netns exit routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 024/123] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 042/123] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 075/123] netfilter: ipv6: Preserve link scope traffic original oif
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 067/123] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 078/123] netfilter: nat: fix double register in masquerade modules
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 079/123] netfilter: nf_conncount: remove wrong condition check routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 077/123] netfilter: add missing error handling code for register functions
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 089/123] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 09/69] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 17/69] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 33/69] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 40/69] netfilter: ipv6: Preserve link scope traffic original oif
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 46/69] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 21/45] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: stable nftables kernel changes for port to 3.12 kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.19 020/123] netfilter: nf_tables: don't skip inactive chains during update
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: stable nftables kernel changes for port to 3.12 kernel
- From: Pavel Melnik <p.melnyk@xxxxxxxxxxxxxxxxxx>
- Re: stable nftables kernel changes for port to 3.12 kernel
- From: Florian Westphal <fw@xxxxxxxxx>
- stable nftables kernel changes for port to 3.12 kernel
- From: Pavel Melnik <p.melnyk@xxxxxxxxxxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [PATCH v3] netfilter/ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] parser: bail out on incorrect burst unit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RESEND iptables] include: extend the headers conflict workaround to in6.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] extensions: libipt_realm: Document allowed realm values
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] extensions: libipt_realm: Document allowed realm values
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v3] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- [PATCH RESEND iptables] include: extend the headers conflict workaround to in6.h
- From: Baruch Siach <baruch@xxxxxxxxxx>
- [PATCH v3] netfilter/ipset: replace a strncpy() with strscpy()
- From: Qian Cai <cai@xxxxxx>
- [PATCH nft] doc: nft: document ct count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipset: fix ip_set_byindex function
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nat: remove l4 protocol port rovers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH tip/core/rcu 30/41] netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] src: introduce simple hints on incorrect identifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] src: introduce simple hints on incorrect object
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/3] misspell: add distance threshold for suggestions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/3] src: allow for misspellings in object names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/3] utils: remove type checks in min() and max()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH v2] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH nftables] src: xt: fix build when libxtables is not installed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [PATCH] netfilter: update comment about get_unique_tuple()
- From: Xiaozhou Liu <liuxiaozhou@xxxxxxxxxxxxx>
- Re: [PATCH 00/16] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- Re: 4.19.4 nf_conntrack_count kernel panic
- From: Sami Farin <hvtaifwkbgefbaei@xxxxxxxxx>
- Re: [PATCH 09/16] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Sergei Shtylyov <sergei.shtylyov@xxxxxxxxxxxxxxxxxx>
- Re: 4.19.x kernels oops in nf_conncount_destroy
- From: "Todd Eigenschink" <todd@xxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] tests: fix return codes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: fix return codes
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- [PATCH 00/16] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/16] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/16] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/16] netfilter: nf_tables: don't use position attribute on rule replacement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/16] selftests: add script to stress-test nft packet path vs. control plane
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/16] netfilter: ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/16] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/16] netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/16] netfilter: add missing error handling code for register functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/16] netfilter: nf_conncount: remove wrong condition check routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/16] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/16] netfilter: nat: fix double register in masquerade modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/16] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/16] netfilter: nf_conncount: fix unexpected permanent node of list.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/16] netfilter: nf_tables: don't skip inactive chains during update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/16] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/16] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- 4.19.x kernels oops in nf_conncount_destroy
- From: "Todd Eigenschink" <todd@xxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [iptables PATCH] xtables: Don't use native nftables comments
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] xtables: Don't use native nftables comments
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] netfilter: ipset: fix ip_set_byindex function
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- Re: iptables configure ignore "--disable-silent-rules"
- From: Jan Engelhardt <jengelh@xxxxxxx>
- iptables configure ignore "--disable-silent-rules"
- From: Rolf Eike Beer <eb@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
- [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: remove wrong condition check routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 0/2] netfilter: fix notifier registration bugs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: 4.19.4 nf_conntrack_count kernel panic
- From: Denys Fedoryshchenko <nuclearcat@xxxxxxxxxxxxxx>
- 4.19.4 nf_conntrack_count kernel panic
- From: Sami Farin <hvtaifwkbgefbaei@xxxxxxxxx>
- [PATCH v2] netfilter: ipset: replace a strncpy() with strscpy()
- From: Qian Cai <cai@xxxxxx>
- [PATCH] netfilter: update comment about get_unique_tuple()
- From: Xiaozhou Liu <liuxiaozhou@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Pan Bian <bianpan2016@xxxxxxx>
- Re: [PATCH] netfilter: ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nfnetlink_cttimeout: nf_proto_net must be first member of netns_proto_gre
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [RFC -next v0 0/3] netfilter: expose flow offload tables as an ebpf map
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [RFC -next v0 2/3] netfilter: nf_flow_table: support a new 'snoop' mode
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [RFC -next v0 3/3] netfilter: nf_flow_table_bpf_map: introduce new loadable bpf map
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH nf] netfilter: nf_conncount: remove wrong condition check routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] include: extend the headers conflict workaround to in6.h
- From: Baruch Siach <baruch@xxxxxxxxxx>
- Re: [iptables PATCH] ebtables: Use xtables_exit_err()
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH] ebtables: Use xtables_exit_err()
- From: Phil Sutter <phil@xxxxxx>
- compilation error glibc
- From: Ansuel Smith <ansuelsmth@xxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH] arptables: Support --set-counters option
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH] arptables: Support --set-counters option
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf v2 2/2] netfilter: nat: fix double register in masquerade modules
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v2 1/2] netfilter: add missing error handling code for register functions
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v2 0/2] netfilter: fix notifier registration bugs
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] netfilter: ipset: replace a strncpy() with strscpy()
- From: Qian Cai <cai@xxxxxx>
- [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- [PATCH nf] netfilter: nfnetlink_cttimeout: nf_proto_net must be first member of netns_proto_gre
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Jason Rippon <Jason.Rippon@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Baruch Siach <baruch@xxxxxxxxxx>
- RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next] netfilter: add missing error handling code for register functions.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: add missing error handling code for register functions.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: add missing error handling code for register functions.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH iptables] extensions: libip6t_mh: fix bogus translation error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v4 1/3] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v4 3/3] src: introduce simple hints on incorrect set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
