Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH nft,v4 2/3] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v3 1/3] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v3 3/3] src: introduce simple hints on incorrect set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft,v3 2/3] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/2] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
[PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH xtables] arptables-nft: use generic expression parsing function
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Baruch Siach <baruch@xxxxxxxxxx>
Re: [PATCH iptables] xtables-monitor: fix build with musl libc
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables] xtables-monitor: fix build with musl libc
- From: Baruch Siach <baruch@xxxxxxxxxx>
Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v2] xtables: Introduce per table chain caches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 4/4] xtables: constify struct builtin_table and struct builtin_chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 3/4] nft: move initialize to struct nft_handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 2/4] nft: move chain_cache back to struct nft_handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 1/4] nft: add type field to builtin_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH nf] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
- From: Florian Westphal <fw@xxxxxxxxx>
WARNING in cttimeout_default_get
- From: syzbot <syzbot+2fae8fa157dd92618cae@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH nf] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH iptables] include: fix build with kernel headers before 4.2
- From: Baruch Siach <baruch@xxxxxxxxxx>
Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH xtables v2] xtables-monitor: fix build with older glibc
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables v2] xtables-monitor: fix build with older glibc
- From: Baruch Siach <baruch@xxxxxxxxxx>
[ANNOUNCE] nftlb 0.3 release
- From: Laura Garcia <nevola@xxxxxxxxx>
Re: Different namespaces share the same xtables lock
- From: Phil Sutter <phil@xxxxxx>
Different namespaces share the same xtables lock
- From: wenxian li <wofanli@xxxxxxxxx>
Re: linux-next: Tree for Nov 15 (netfilter/xt_TEE)
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
[iptables PATCH v2] xtables: Introduce per table chain caches
- From: Phil Sutter <phil@xxxxxx>
Re: iptc_delete_entry matchmask parameter
- From: Florian Westphal <fw@xxxxxxxxx>
Re: iptc_delete_entry matchmask parameter
- From: Tom Cook <tom.k.cook@xxxxxxxxx>
[iptables PATCH] xtables: Introduce per table chain caches
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: nat: remove l4 protocol port rovers
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH xtables] xtables-monitor: fix build with older glibc
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH xtables] xtables-monitor: fix build with older glibc
- From: Baruch Siach <baruch@xxxxxxxxxx>
Re: [PATCH xtables] xtables-monitor: fix build with older glibc
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCH xtables] xtables-monitor: fix build with older glibc
- From: Baruch Siach <baruch@xxxxxxxxxx>
[PATCH AUTOSEL 4.18 05/59] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.18 06/59] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.18 07/59] netfilter: ipset: fix ip_set_list allocation failure
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.18 16/59] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.18 18/59] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.18 15/59] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.18 17/59] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 02/27] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 08/27] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 09/27] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.9 02/13] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.9 06/13] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.9 05/13] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.4 2/8] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.4 5/8] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.4 4/8] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 03/27] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
iptc_delete_entry matchmask parameter
- From: Tom Cook <tom.k.cook@xxxxxxxxx>
Re: [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH iptables] extensions: format-security fixes in libip[6]t_icmp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables] extensions: format-security fixes in libip[6]t_icmp
- From: Adam Gołębiowski <adamg@xxxxxxxxxxxxx>
Re: [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH xtables] ebtables: vlan: fix userspace/kernel headers collision
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: Julian Anastasov <ja@xxxxxx>
[PATCH xtables] ebtables: vlan: fix userspace/kernel headers collision
- From: Baruch Siach <baruch@xxxxxxxxxx>
[PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
[ANNOUNCE] libnftnl 1.1.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: grammar fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: grammar fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH] doc: grammar fixes
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH] doc: grammar fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] iptables 1.8.2 release
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] doc: grammar fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH nftables] doc: Spelling and grammar fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nftables] doc: Spelling and grammar fixes
- From: Ville Skyttä <ville.skytta@xxxxxx>
Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: BUG: Fatal in exception in interrupt, at nf_conncount_count [regression in 4.19(.1)]
- From: Bruno Prémont <bonbons@xxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [ebtables PATCH] extensions: among: Fix bitmask check
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables] libxtables: xlate: init buffer to zero
- From: Florian Westphal <fw@xxxxxxxxx>
[ebtables PATCH] extensions: among: Fix bitmask check
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next 0/2] netfilter: nf_flow_table: remove duplicate code in nf_flow_table_core.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] nft.8: Clarify 'index' option of add rule command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: remove NFC_* cache bits
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: don't use position attribute on rule replacement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 0/2] netfilter: nf_tables: don't skip inactive chains during update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2 0/3] netfilter: nf_conncount: fix bugs in conn_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 0/2] netfilter: nf_conncount: fix bugs in conn_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH xtables 13/13] arptables: fix --version info
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 12/13] arptables: ignore --table argument.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 11/13] arptables: make uni/multicast mac masks static
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 10/13] arptables: add test cases
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 09/13] arptables: pre-init hlen and ethertype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 08/13] arptables: fix src/dst mac handling
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 07/13] arptables: fix target ip offset
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 06/13] arptables: fix -s/-d handling for negation and mask
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 05/13] arptables: add basic test infra for arptables-nft
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 04/13] arptables: fix rule deletion/compare
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 03/13] arptables: remove code that is also commented-out in original arptables
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 02/13] arptables-save: add -c option, like xtables-save
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 01/13] arptables: use ->save for arptables-save, like xtables
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 00/13] arptables: make it work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: BUG: Fatal in exception in interrupt, at nf_conncount_count [regression in 4.19(.1)]
- From: Florian Westphal <fw@xxxxxxxxx>
BUG: Fatal in exception in interrupt, at nf_conncount_count [regression in 4.19(.1)]
- From: Bruno Prémont <bonbons@xxxxxxxxxx>
[nft PATCH] nft.8: Clarify 'index' option of add rule command
- From: Phil Sutter <phil@xxxxxx>
[PATCH xtables] xtables: add 'printf' attribute to xlate_add
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 0/3] A few minor fixes
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH 2/3] xtables: Clarify error message when deleting by index
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/3] xtables: Fix error return code in nft_chain_user_rename()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/3] A few minor fixes
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/3] xtables: Fix typo in do_command() error message
- From: Phil Sutter <phil@xxxxxx>
[PATCH iptables] nft: add NFT_TABLE_* enumeration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH xtables 2/2] ebtables: use extrapositioned negation consistently
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables 1/2] ebtables-save: add -c option, using xtables-style counters
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables] nft: replace nft_chain_dump() by nft_chain_get_list()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: always honor CTA_MARK_MASK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: always honor CTA_MARK_MASK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3] ipset patches for nf-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Matt Turner <mattst88@xxxxxxxxx>
[PATCH tip/core/rcu 30/41] netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh()
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxxxxx>
Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: "mirq-linux@xxxxxxxxxxxx" <mirq-linux@xxxxxxxxxxxx>
Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: "mirq-linux@xxxxxxxxxxxx" <mirq-linux@xxxxxxxxxxxx>
Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: Tariq Toukan <tariqt@xxxxxxxxxxxx>
[PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: [PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH net-next 8/9] mlx4: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 7/9] benet: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 1/9] cxgb4: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 2/9] nfnetlink/queue: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 5/9] bridge: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 9/9] sky2: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 4/9] 8021q: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 3/9] net/core: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
[PATCH net-next 6/9] ipv4/tunnel: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Jason Rippon <Jason.Rippon@xxxxxxxxxxxxxxxxxxx>
[PATCH net-next 2/2] br_netfilter: namespace bridge netfilter sysctls
- From: Christian Brauner <christian@xxxxxxxxxx>
[PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
[PATCH net-next 0/2] br_netfilter: enable in non-initial netns
- From: Christian Brauner <christian@xxxxxxxxxx>
Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: Only call ftp alg when needed
- From: Felix Jia <felix.jia@xxxxxxxxxxxxxxxxxxx>
[PATCH nf-next 2/2] netfilter: nf_flow_table: simplify nf_flow_offload_gc_step()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf-next 1/2] netfilter: nf_flow_table: make nf_flow_table_iterate() static
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf-next 0/2] netfilter: nf_flow_table: remove duplicate code in nf_flow_table_core.c
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nftables 2/2] xt: always build with a minimal support for xt match/target decode
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nftables 1/2] xt: pass octx to translate function
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nftables 0/2] add minimal x_tables output support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 00/14] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 06/14] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/14] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/14] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/14] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/14] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/14] netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/14] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/14] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/14] netfilter: ipset: fix ip_set_list allocation failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/14] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/14] netfilter: nft_osf: check if attribute is present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/14] netfilter: bridge: define INT_MIN & INT_MAX in userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/14] Revert "netfilter: nft_numgen: add map lookups for numgen random operations"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/14] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/14] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
CFS for Netdev 0x13 open!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [PATCH] doc: libnftables.adoc misc cleanups
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
Re: [PATCH nft] documentation: try to clarify iif vs. iifname.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH xtables] extensions: libebt_ip: fix tos negation
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables] extensions: libebt_ip6: fix ip6-dport negation
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH xtables] xtables-nft: make -Z option work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] doc: libnftables.adoc misc cleanups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf v3 4/4] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v3 3/4] netfilter: ipt_CLUSTERIP: fix sleep-in-atomic bug in clusterip_config_entry_put()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v3 2/4] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v3 1/4] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v3 0/4] netfilter: ipt_CLUSTERIP: fix bugs in ipt_CLUSTERIP
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nft] documentation: try to clarify iif vs. iifname.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf v2 3/3] netfilter: nf_conncount: fix unexpected permanent node of list.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v2 2/3] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v2 1/3] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v2 0/3] netfilter: nf_conncount: fix bugs in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: don't use position attribute on rule replacement
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] doc: libnftables.adoc misc cleanups
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH xtables] libxtables: add and use mac print helpers
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables] iptables-tests: add % to run iptables commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] iptables-tests: do not append xtables-multi to external commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables] iptables-tests: do not append xtables-multi to external commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] evaluate: Convert ranges of N-N to N
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 0/6] misc. ebtables-nft improvements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Rebasing nf.git ahead
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH xtables] iptables-nft: fix bogus handling of zero saddr/daddr
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables 6/6] ebtables-nft: add arpreply target
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables 5/6] ebtables: add redirect test case
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables 4/6] ebtables: add test cases
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables 3/6] ebtables: relax -t table restriction, add snat/dnat test cases
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables 2/6] ebtables: fix -j CONTINUE handling for add/delete
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables 1/6] tests: add basic ebtables test support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables 0/6] misc. ebtables-nft improvements
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf,v2 1/2] netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables] iptables-nft: fix bogus handling of zero saddr/daddr
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 12/31] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/2] netfilter: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] iptables: iptables-test: fix netns test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 05/10] audit: add support for non-syscall auxiliary records
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH 12/31] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH iptables] iptables: iptables-test: fix netns test
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH] netfilter: ctnetlink: always honor CTA_MARK_MASK
- From: Andreas Jaggi <andreas.jaggi@xxxxxxxxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Matt Turner <mattst88@xxxxxxxxx>
Re: [nft PATCH] doc: Fix for make distcheck
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v2] xtables: Fix for matching rules with wildcard interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] doc: Fix for make distcheck
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 09/10] audit: NETFILTER_PKT: record each container ID associated with a netNS
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[iptables PATCH v2] xtables: Fix for matching rules with wildcard interfaces
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] json: fix json_events_cb() declaration when libjansson is not present
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf 2/2] selftests: add script to stress-test nft packet path vs. control plane
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 1/2] netfilter: nf_tables: don't skip inactive chains during update
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 0/2] netfilter: nf_tables: don't skip inactive chains during update
- From: Florian Westphal <fw@xxxxxxxxx>
Re: stable regression: revert request for netfilter ipv6 defrag bug
- From: Sasha Levin <sashal@xxxxxxxxxx>
Re: [nft PATCH] py: Adjust Nftables class to output flags changes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] json: fix json_events_cb() declaration when libjansson is not present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] py: Adjust Nftables class to output flags changes
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] json: fix json_events_cb() declaration when libjansson is not present
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
Segmentation fault when using ebtables
- From: Dmitry Vinokurov <gim6626@xxxxxxxxx>
[PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
[PATCH v2] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH 5/5] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] ulogd2: fix build with musl libc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/3 nft,v2] expression: always print range expression numerically
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 2/3 nft,v3] src: add -p to print layer 4 protocol numerically
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 1/3 nft,v3] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] ulogd2: fix build with musl libc
- From: Cameron Norman <camerontnorman@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Yi-Hung Wei <yihung.wei@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Yi-Hung Wei <yihung.wei@xxxxxxxxx>
Re: [PATCH 5/5] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/5] ipset patches for nf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] ulogd2: fix build with musl libc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/3 nft,v3] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/3 nft,v2] expression: always print range expression numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/3 nft,v3] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft 1/2,v2] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] expression: always print range expression numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] JSON: Add support for echo option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2,v2] src: add NFT_CTX_OUTPUT_NUMERIC_PROTO
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/2,v2] src: add -y to priority base chain nummerically
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] expression: always print range expression numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] JSON: Add support for echo option
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: Add testcase for cache update problems
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] tests/shell: Add testcase for cache update problems
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] nft.8: Document log level audit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] JSON: Add support for echo option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2,v2] src: add -y to priority base chain nummerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2,v2] src: add NFT_CTX_OUTPUT_NUMERIC_PROTO
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2 nft,v2] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2 nft,v2] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,v3 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/2] src: add -y to priority base chain nummerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/2 nft,v2] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 4/5,v3] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft,v3 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/5,v3] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] src: default to numeric UID and GID listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 3/5,v2] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] src: default to numeric UID and GID listing
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 5/5,v2] src: add nft_ctx_output_{get,set}_echo() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft,v3 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 3/5,v2] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 2/5,v2] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 2/5,v2] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Phil Sutter <phil@xxxxxx>
[PATCH] src: default to numeric UID and GID listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/5,v4] src: Revert --literal, add -S/--service
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 5/5,v2] src: add nft_ctx_output_{get,set}_echo() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/5,v2] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/5,v2] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/5,v4] src: Revert --literal, add -S/--service
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] ulogd2: fix build with musl libc
- From: Cameron Norman <camerontnorman@xxxxxxxxx>
[ANNOUNCE] ipset 7.0 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 3/3] netfilter: ipset: Introduction of new commands and protocol version 7
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 1/3] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 2/3] netfilter: ipset: Make invalid MAC address checks consistent
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 0/3] ipset patches for nf-next
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 2/5] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 5/5] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 1/5] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 3/5] netfilter: ipset: fix ip_set_list allocation failure
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 4/5] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 0/5] ipset patches for nf
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH nft 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/5] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 5/5] src: add nft_ctx_output_{get,set}_echo() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/5,v3] src: Revert --literal, add -S/--services
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/5] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] nft.8: Document log level audit
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] JSON: Add support for echo option
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] tests/shell: Add testcase for cache update problems
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] Revert "netfilter: nft_numgen: add map lookups for numgen random operations"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Vasily Khoruzhick <vasilykh@xxxxxxxxxx>
[PATCH nft 2/2] evaluate: stmt_evaluate_map() needs right hand side evaluation too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] evaluate: do not pass EXPR_SET_ELEM to stmt_evaluate_arg() for set/map evaluation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
[PATCH nf 2/2] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 0/2] netfilter: nf_conncount: fix bugs in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter: bridge: define INT_MIN & INT_MAX in userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Vasiliy Khoruzhick <vasilykh@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Dmitry Safonov <dima@xxxxxxxxxx>
[PATCH] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Vasily Khoruzhick <vasilykh@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [nft PATCH] json: Work around segfault when encountering xt stmt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: bridge: define INT_MIN & INT_MAX in userspace
- From: Máté Eckl <ecklm94@xxxxxxxxx>
[nft PATCH] json: Work around segfault when encountering xt stmt
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH 2/3] json: Fix osf ttl support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [nft PATCH] mnl: Improve error checking in mnl_nft_event_listener()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] mnl: Improve error checking in mnl_nft_event_listener()
- From: Phil Sutter <phil@xxxxxx>
[RFC] [PATCH] netfilter: Fix kmemleak false positive reports
- From: <zhe.he@xxxxxxxxxxxxx>
[PATCH libnftnl] src: remove nftnl_rule_cmp() and nftnl_expr_cmp()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] netlink: remove netlink_batch_send()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] mnl: remove alloc_nftnl_flowtable()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] mnl: Improve error checking in mnl_nft_event_listener()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] mnl: Improve error checking in mnl_nft_event_listener()
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft,v2] src: Revert --literal, add -S/--services
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: iptables-1.8.1: cannot build without libnftnl
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] src: Revert --literal, add --service
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: bridge: define INT_MIN & INT_MAX in userspace
- From: Jiri Slaby <jslaby@xxxxxxx>
[PATCH iptables] old patch from Debian for iptables-apply
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: [nft PATCH 0/3] Fix JSON API after recent other changes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] evaluate: Convert ranges of N-N to N
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/3] Fix JSON API after recent other changes
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/3] include: Fix comment for struct eval_ctx
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 3/3] json: Fix for recent changes to context structs
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/3] json: Fix osf ttl support
- From: Phil Sutter <phil@xxxxxx>
stable regression: revert request for netfilter ipv6 defrag bug
- From: Florian Westphal <fw@xxxxxxxxx>
Re: iptables-1.8.1: cannot build without libnftnl
- From: Florian Westphal <fw@xxxxxxxxx>
iptables-1.8.1: cannot build without libnftnl
- From: Lars Wendler <polynomial-c@xxxxxxxxxx>
[PATCH nf-next] netfilter: remove unused headers.
- From: Weongyo Jeong <weongyo.linux@xxxxxxxxx>
Re: [PATCH nf] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
[PATCH nft 2/3] mnl: remove alloc_nftnl_obj()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] mnl: use either name or handle to refer to objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3] src: move socket open and reopen to mnl.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/2 nft v3] doc: osf: add ttl option to man page
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v3] src: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] xtables: Fix for spurious errors from iptables-translate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests: shell: Extend get element test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft v3] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[iptables PATCH] xtables: Fix for spurious errors from iptables-translate
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
[PATCH nf] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] tests: shell: Extend get element test
- From: Phil Sutter <phil@xxxxxx>
[ANNOUNCE] iptables 1.8.1 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] tests: shell: Extend get element test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2 nft v3 preview] src: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: [PATCH 0/8] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [nft PATCH] tests: shell: Extend get element test
- From: Phil Sutter <phil@xxxxxx>
[PATCH 2/2 nft v3] doc: osf: add ttl option to man page
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 1/2 nft v3 preview] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH iptables] configure: bump versions for 1.8.1 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2 nft v2] src: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/8] netfilter: nft_set_rbtree: allow loose matching of closing element in interval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/8] netfilter: xt_TEE: fix wrong interface selection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/8] netfilter: nft_compat: do not dump private area
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/8] netfilter: xt_TEE: add missing code to get interface index in checkentry.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 8/8] netfilter: nf_flow_table: do not remove offload when other netns's interface is down
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/8] netfilter: xt_nat: fix DNAT target for shifted portmap ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/8] netfilter: nf_flow_table: remove flowtable hook flush routine in netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/8] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/8] netfilter: nft_osf: usage from output path is not valid
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nft_osf: check if attribute is present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests: shell: Extend get element test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2 nft v2] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH nft 2/3] src: pass struct nft_ctx through struct netlink_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3] src: pass struct nft_ctx through struct eval_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] netlink: reset mnl_socket field in struct nft_ctx on EINTR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2 nft v2] src: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables] configure: bump versions for 1.8.1 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/2 nft v2] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[nft PATCH] tests: shell: Extend get element test
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 00/10] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH nf] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [nft PATCH] make cache persistent if local entries were added
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] make cache persistent if local entries were added
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] make cache persistent if local entries were added
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables] iptables-test: add -N option to exercise netns removal path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/10] netfilter: nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/10] netfilter: cttimeout: remove set but not used variable 'l3num'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/10] netfilter: xt_osf: simplify xt_osf_match_packet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/10] netfilter: nf_flow_table: remove unnecessary parameter of nf_flow_table_cleanup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/10] netfilter: remove two unused variables.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/10] Revert "netfilter: xt_quota: fix the behavior of xt_quota module"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/10] netfilter: nfnetlink_log: remove empty nfnetlink_log.h header file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/10] netfilter: nf_nat_snmp_basic: add missing helper alias name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/10] netfilter: nft_xfrm: use state family, not hook one
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/10] netfilter: Replace spin_is_locked() with lockdep
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/10] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] iptables-test: add -N option to exercise netns removal path
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables] iptables-test: add -N option to exercise netns removal path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 09/10] audit: NETFILTER_PKT: record each container ID associated with a netNS
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 08/10] audit: add support for containerid to network namespaces
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 06/10] audit: add containerid support for tty_audit
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 05/10] audit: add support for non-syscall auxiliary records
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 04/10] audit: add containerid support for ptrace and signals
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 01/10] audit: collect audit task parameters
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 02/10] audit: add container id
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 02/10] audit: add container id
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 02/10] audit: add container id
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Matt Turner <mattst88@xxxxxxxxx>
Re: [PATCH iptables] libxtables: expose new etherdb lookup function through libxtables API
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables] libxtables: prefix exported new functions for etherdb lookups
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH iptables] iptables-test: add -N option to exercise netns removal path
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: remove unused udp.h header.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: remove two unused variables.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nfnetlink_log: remove empty nfnetlink_log.h header file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] netfilter: nf_flow_table: do not remove offload when other netns's interface is down
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_flow_table: remove unnecessary parameter of nf_flow_table_cleanup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables] libxtables: expose new etherdb lookup function through libxtables API
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables] libxtables: prefix exported new functions for etherdb lookups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_flow_table: remove flowtable hook flush routine in netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] Revert "netfilter: xt_quota: fix the behavior of xt_quota module"
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH nf-next] Revert "netfilter: xt_quota: fix the behavior of xt_quota module"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables,v2] iptables-test: add -N option to exercise netns removal path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] iptables-test: add -N option to exercise netns removal path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] iptables-test: add -N option to exercise netns removal path
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Matt Turner <mattst88@xxxxxxxxx>
[PATCH iptables] iptables-test: add -N option to exercise netns removal path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v2] doc: Document ct timeout support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft v2] doc: Document ct timeout support
- From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 3/4] tests: Remove test-script.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 2/4] tests: Run regression tests from make check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 1/4] tests: Execute nft-flowtable-test in test-script.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
[PATCH nf-next] netfilter: nfnetlink_log: remove empty nfnetlink_log.h header file
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: netfilter request for -stable 4.9.x inclusion
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: fix cloned skb __nf_conntrack_confirm race
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: [PATCH] netfilter: add grev6 conntrack support
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH] netfilter: add grev6 conntrack support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: conntrack: fix cloned skb __nf_conntrack_confirm race
- From: chiehminw <chiehmin18@xxxxxxxxx>
[PATCH] netfilter: add grev6 conntrack support
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
Re: iptables (nf_tables) error when negating an interface and using protocol port - works fine with classic iptables
- From: Pedretti Fabio <pedretti.fabio@xxxxxxxxx>
[PATCH] netfilter: conntrack: fix cloned skb __nf_conntrack_confirm race
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
[PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Matt Turner <mattst88@xxxxxxxxx>
[PATCH libnftnl 3/4] tests: Remove test-script.sh
- From: Matt Turner <mattst88@xxxxxxxxx>
[PATCH libnftnl 2/4] tests: Run regression tests from make check
- From: Matt Turner <mattst88@xxxxxxxxx>
[PATCH libnftnl 1/4] tests: Execute nft-flowtable-test in test-script.sh
- From: Matt Turner <mattst88@xxxxxxxxx>
netfilter request for -stable 4.9.x inclusion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: remove unused udp.h header.
- From: Weongyo Jeong <weongyo.linux@xxxxxxxxx>
[PATCH nf-next] netfilter: remove two unused variables.
- From: Weongyo Jeong <weongyo.linux@xxxxxxxxx>
[PATCH nf-next] netfilter: x_tables: add missing comments
- From: Hyejeong Jang <hyejeong831@xxxxxxxxx>
[PATCH nft,v2] evaluate: bogus bail out with raw expression from dynamic sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: bogus bail out with raw expression from dynamic sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nft_flow_offload: remove secpath check
- From: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
Re: [PATCH 1/2 nft v2] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH nft] src: remove opts field from struct xt_stmt
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] src: remove opts field from struct xt_stmt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: xt_quota: simplify quota logic, account for consumed bytes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: fix DNAT target for shifted portmap ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net] netfilter: fix DNAT target for shifted portmap ranges
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
Re: [PATCH net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: linux-next: build failure after merge of the netfilter-next tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nf-next:master 1/7] net/ipv4/netfilter/ipt_ECN.c:58:28: error: 'IPT_ECN_OP_SET_ECE' undeclared; did you mean 'IPT_ECN_OP_MATCH_ECE'?
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH net-next 0/3] ip_tunnel: specify tunnel type via template
- From: David Miller <davem@xxxxxxxxxxxxx>
linux-next: build failure after merge of the netfilter-next tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: [PATCH libnftables] src: remove json support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftables] src: remove json support
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH libnftables] src: remove json support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2 nft v2] src: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_nat_snmp_basic: add missing helper alias name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftables] src: remove json support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] nftables: add support for setting secmark
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] json: Fix memleak in dup_stmt_json()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] parser_json: Fix for ineffective family value checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] libnftables: Fix memleak in nft_parse_bison_filename()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] Fix memleak in netlink_parse_fwd() error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 0/8] monitor: Use libnftables for JSON output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftables] src: remove json support
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH libnftnl] expr: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: xfrm: use state family, not hook one
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v4] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: cttimeout: remove set but not used variable 'l3num'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftables] src: remove json support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] xtables: Remove target_maxnamelen field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf v2 3/3] netfilter: ipt_CLUSTERIP: fix sleep-in-atomic bug in clusterip_config_entry_put()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v2 2/3] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v2 1/3] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf v2 0/3] netfilter: ipt_CLUSTERIP: fix bugs in ipt_CLUSTERIP
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Or Gerlitz <gerlitz.or@xxxxxxxxx>
Re: [PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Or Gerlitz <gerlitz.or@xxxxxxxxx>
Re: [PATCH] netfilter: x_tables: fix missing unlock if table init fails
- From: Omar Sandoval <osandov@xxxxxxxxxxx>
[PATCH] netfilter: x_tables: fix missing unlock if table init fails
- From: Omar Sandoval <osandov@xxxxxxxxxxx>
[nft PATCH] xt: Fix for covscan warning in xt_stmt_xlate()
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] json: Fix memleak in dup_stmt_json()
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] parser_json: Fix for ineffective family value checks
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] libnftables: Fix memleak in nft_parse_bison_filename()
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] Fix memleak in netlink_parse_fwd() error path
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: nft_flow_offload: remove secpath check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf v2] netfilter: nf_flow_table: do not remove offload when other netns's interface is down
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_flow_table: remove unnecessary parameter of nf_flow_table_cleanup()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[nft PATCH 7/8] monitor: Use libnftables JSON output
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 4/8] monitor: Drop fake XML support
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/8] monitor: Use libnftables for JSON output
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/8] tests/py: Add missing JSON bits for inet/meta.t
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 6/8] monitor: Fix printing of ct objects
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/8] json: Drop unused symbolic_constant_json() stub
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 8/8] tests: monitor: Test JSON output as well
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 5/8] monitor: Drop 'update table' and 'update chain' cases
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 3/8] json: Add ct timeout support
- From: Phil Sutter <phil@xxxxxx>
Re: spinlock'ing of "struct nf_conn"->custom_buffer_ptr within xt_match.match callback
- From: Florian Westphal <fw@xxxxxxxxx>
spinlock'ing of "struct nf_conn"->custom_buffer_ptr within xt_match.match callback
- From: Oleh Danilovskyi <oleh.danilovskyi@xxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[iptables PATCH] xtables: Remove target_maxnamelen field
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: nf_flow_table: do not remove offload when other netns's interface is down
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH nf-next v4] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: xt_TEE: fix wrong interface selection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v2] netfilter: nft_compat: do not dump private area
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: xt_osf: simplify xt_osf_match_packet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_flow_table: do not remove offload when other netns's interface is down
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] segtree: set proper error cause on existing elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: xfrm: use state family, not hook one
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] segtree: incorrect handling of last element in get_set_decompose()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3] mnl: remove alloc_nftnl_set()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] src: remove netlink_flush_chain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/3] src: remove netlink_flush_table()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 06/31] netfilter: nf_tables: add xfrm expression
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] mnl: remove alloc_nftnl_rule()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 06/31] netfilter: nf_tables: add xfrm expression
- From: Eyal Birger <eyal.birger@xxxxxxxxx>
Re: [iptables] extensions: Add tests and description for xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables] extensions: Add tests and description for xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next v4] nft_osf: Add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH nf] netfilter: nft_osf: output hook is not valid anymore
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH net-next] netfilter: cttimeout: remove set but not used variable 'l3num'
- From: YueHaibing <yuehaibing@xxxxxxxxxx>
Re: [iptables] extensions: Add tests and description for xt_quota module
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
[iptables] extensions: Add tests and description for xt_quota module
- From: Chenbo Feng <chenbofeng.kernel@xxxxxxxxx>
[PATCH net-next 2/3] net: act_tunnel_key: support for tunnel type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 1/3] ip_tunnel: add type field to struct ip_tunnel_info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 3/3] netfilter: nft_tunnel: support for tunnel type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_compat: do not dump private area
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables] extensions: cgroup: fix option parsing for v2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [netfilter-core] [PATCH 07/11] UAPI: netfilter: Fix symbol collision issues [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
Re: iptables (nf_tables) error when negating an interface and using protocol port - works fine with classic iptables
- From: Florian Westphal <fw@xxxxxxxxx>
iptables (nf_tables) error when negating an interface and using protocol port - works fine with classic iptables
- From: Pedretti Fabio <pedretti.fabio@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_flow_table: remove flowtable hook flush routine in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH 00/31] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_flow_table: remove flowtable hook flush routine in netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] extensions: libxt_quota: Allow setting the remaining quota
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/31] netfilter: nf_tables: rt: allow checking if dst has xfrm attached
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/31] netfilter: remove obsolete need_conntrack stub
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/31] netfilter: ctnetlink: Support L3 protocol-filter on flush
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/31] netfilter: nf_tables: warn when expr implements only one of activate/deactivate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/31] netfilter: xt_cgroup: shrink size of v2 path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/31] netfilter: xtables: avoid BUG_ON
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/31] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/31] netfilter: nat: remove unnecessary rcu_read_lock in nf_nat_redirect_ipv{4/6}
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/31] netfilter: nf_tables: avoid BUG_ON usage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/31] netfilter: nf_tables: asynchronous release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/31] netfilter: conntrack: remove the l4proto->new() function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/31] netfilter: nf_nat_ipv4: remove obsolete EXPORT_SYMBOL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 18/31] netfilter: conntrack: remove error callback and handle icmp from core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 17/31] netfilter: conntrack: avoid using ->error callback if possible
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/31] netfilter: conntrack: pass nf_hook_state to packet and error handlers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 22/31] netfilter: nat: remove duplicate skb_is_nonlinear() in __nf_nat_mangle_tcp_packet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 23/31] netfilter: nf_tables: use rhashtable_walk_enter instead of rhashtable_walk_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 21/31] netfilter: conntrack: clamp l4proto array size at largers supported protocol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 19/31] netfilter: conntrack: remove unused proto arg from netns init functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 24/31] netfilter: ctnetlink: must check mark attributes vs NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 20/31] netfilter: conntrack: remove l3->l4 mapping information
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 29/31] netfilter: nf_tables: use rhashtable_lookup() instead of rhashtable_lookup_fast()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 27/31] netfilter: nf_tables: add requirements for connsecmark support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 31/31] netfilter: xt_quota: Don't use aligned attribute in sizeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 30/31] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 28/31] netfilter: nf_flow_table: remove unnecessary nat flag check code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 25/31] netfilter: masquerade: don't flush all conntracks if only one address deleted on device
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 26/31] netfilter: nf_tables: add SECMARK support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 16/31] netfilter: conntrack: deconstify packet callback skb pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/31] netfilter: nf_tables: add xfrm expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/31] netfilter: nf_tables: split set destruction in deactivate and destroy phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/31] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: xt_quota: Don't use aligned attribute in sizeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] nftables: add support for setting secmark
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v3] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_flow_table: do not remove offload when other netns's interface is down
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH] netfilter: xt_quota: Don't use aligned attribute in sizeof
- From: Nathan Chancellor <natechancellor@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_nat_snmp_basic: add missing helper alias name
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 1/2] netfilter: xt_TEE: fix wrong interface selection
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 0/2] netfilter: xt_TEE: fix bugs in xt_TEE
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 2/2] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 1/2] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]