Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/5] ipset: Implement ip,port,ip,port hash set.
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 3/5] ipset: Implement ip,port,net,port hash set.
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 4/5] ipset: Implement net,port,net,port hash set.
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 5/5] lib/ipset.c: Fix a compilation failure when using --enable-debug
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 1/5] ipset: Support sets with 4 individual elements and an extra port
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- [PATCH 0/5] RFC: Add new ip/net,port,ip/net,port sets
- From: Oliver Smith <oliver@xxxxxxxxxxxxxx>
- Re: Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: William Woodruff <william@xxxxxxxxxxxxx>
- Re: Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Proposal: Reduce void pointer arithmetic in favor of char pointers
- From: William Woodruff <william@xxxxxxxxxxxxx>
- [iptables PATCH] xtables: Catch errors when zeroing rule rounters
- From: Phil Sutter <phil@xxxxxx>
- ebtables & arptables releases
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: general protection fault in watchdog
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: general protection fault in watchdog
- From: Michal Hocko <mhocko@xxxxxxxxxx>
- Re: general protection fault in watchdog
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 0/5] ipset patches for nf-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2 nf-next 8/8] netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 7/8] netfilter: nat: remove l4proto->manip_pkt
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 6/8] netfilter: nat: remove l4proto->nlattr_to_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 5/8] netfilter: nat: remove l4proto->in_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 4/8] netfilter: nat: fold in_range indirection into caller
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 3/8] netfilter: nat: remove l4proto->unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 2/8] netfilter: nat: un-export nf_nat_l4proto_unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 1/8] netfilter: remove NF_NAT_RANGE_PROTO_RANDOM support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next] netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [PATCH 0/5] ipset patches for nf-next
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
- [iptables PATCH v2 03/14] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 13/14] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 01/14] xtables: Review unclear return points
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 10/14] xtables: Optimize nft_rule_list()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 00/14] Separate rule cache per chain et al.
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 05/14] xtables: Drop nft_chain_list_find()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 09/14] xtables: Optimize nft_chain_user_del()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 11/14] xtables: Optimize nft_rule_list_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 08/14] tests: Extend verbose output and return code tests
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 07/14] xtables: Optimize nft_chain_zero_counters()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 02/14] xtables-restore: Review chain handling
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 12/14] xtables: Make use of nftnl_rule_lookup_byindex()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 04/14] nft: Simplify nftnl_rule_list_chain_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 14/14] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 06/14] xtables: Optimize flushing a specific chain
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v2] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH 4/5] netfilter: fix missed NULL check in nf_conntrack_proto_pernet_init()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/5] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/5] netfilter: nat: can't use dst_hold on noref dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/5] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/5] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/5] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v3 0/4] netfilter: ipt_CLUSTERIP: fix bugs in ipt_CLUSTERIP
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nat: can't use dst_hold on noref dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/5] ipset patches for nf-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/8] netfilter: nat: remove l4proto->in_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 8/8] netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 7/8] netfilter: nat: remove l4proto->manip_pkt
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 6/8] netfilter: nat: remove l4proto->nlattr_to_range
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/8] netfilter: nat: fold in_range indirection into caller
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/8] netfilter: nat: remove l4proto->unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/8] netfilter: nat: un-export nf_nat_l4proto_unique_tuple
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/8] netfilter: remove NF_NAT_RANGE_PROTO_RANDOM support
- From: Florian Westphal <fw@xxxxxxxxx>
- netfilter: nat: remove nf_nat_l4proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 4/5] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4/5] netfilter: fix missed NULL check in nf_conntrack_proto_pernet_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] xtables: Speed up chain deletion in large rulesets
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] net: nf_tables: Speed up selective rule dumps
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH] chain: Hash chain list by name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH] chain: Hash chain list by name
- From: Phil Sutter <phil@xxxxxx>
- [ANNOUNCE] ipset 7.1 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [iptables PATCH 12/14] xtables: Make use of nftnl_rule_lookup_byindex()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 05/14] xtables: Drop nft_chain_list_find()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 03/14] xtables: Implement per chain rule cache
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 04/14] nft: Simplify nftnl_rule_list_chain_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 11/14] xtables: Optimize nft_rule_list_save()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 00/14] Separate rule cache per chain et al.
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 14/14] xtables: Do not change ruleset while listing
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 10/14] xtables: Optimize nft_rule_list()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 02/14] xtables-restore: Review chain handling
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 07/14] xtables: Optimize nft_chain_zero_counters()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 06/14] xtables: Optimize flushing a specific chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 09/14] xtables: Optimize nft_chain_user_del()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 13/14] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 01/14] xtables: Review unclear return points
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 08/14] tests: Extend verbose output and return code tests
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- [PATCH nf] netfilter: nat: can't use dst_hold on noref dst
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH v3 nf-next] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 5/5] netfilter: ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 3/5] netfilter: ipset: Introduction of new commands and protocol version 7
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 4/5] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 1/5] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 2/5] netfilter: ipset: Make invalid MAC address checks consistent
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 0/5] ipset patches for nf-next
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH net-next v2] netfilter: ebtables: avoid resetting limit rule state
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2] netfilter: nat: limit port clash resolution attempts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next v2] netfilter: ebtables: avoid resetting limit rule state
- From: Linus Lüssing <linus.luessing@xxxxxxxxx>
- [PATCH nf v2] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Another compilation error
- From: Ansuel Smith <ansuelsmth@xxxxxxxxx>
- Another compilation error
- From: Ansuel Smith <ansuelsmth@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nat: limit port clash resolution attempts
- From: Xiaozhou Liu <lxz1983@xxxxxxxxx>
- [PATCH nf] netfilter: nat: limit port clash resolution attempts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH RFC] src: support for arp ether and IP source and destination fields
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC] src: support for arp ether and IP source and destination fields
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH RFC] src: support for arp ether and IP source and destination fields
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 0/2] chain: Support per chain rules list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH 2/2] chain: Add lookup functions for chain list and rules in chain
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/2] chain: Support per chain rules list
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 0/2] chain: Support per chain rules list
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v2 nf-next] netfilter: conntrack: udp: only extend timeout to stream mode after 2s
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: udp: only extend timeout after 2s
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: udp: reduce default timeouts
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: nat: remove unnecessary 'else if' branch
- From: Xiaozhou Liu <liuxiaozhou@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: seqadj: re-load tcp header pointer after possible head reallocation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 2/5] netfilter: register sysctl table for gre
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 3/5] procfs: fix double drop_sysctl_table()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 4/5] netfilter: fix missed NULL check in nf_conntrack_proto_pernet_init()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 5/5] netfilter: fix error return value of nf_ct_l4proto_pernet_register_one()
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH 1/5] netfilter: fix general protection fault when unregister sysctl table
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.19 018/123] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 017/123] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 019/123] netfilter: nf_conncount: fix unexpected permanent node of list.
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 023/123] netfilter: xt_RATEEST: remove netns exit routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 024/123] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 042/123] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 075/123] netfilter: ipv6: Preserve link scope traffic original oif
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 067/123] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 078/123] netfilter: nat: fix double register in masquerade modules
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 079/123] netfilter: nf_conncount: remove wrong condition check routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 077/123] netfilter: add missing error handling code for register functions
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 089/123] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 09/69] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 17/69] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 33/69] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 40/69] netfilter: ipv6: Preserve link scope traffic original oif
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 46/69] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 21/45] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: stable nftables kernel changes for port to 3.12 kernel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 4.19 020/123] netfilter: nf_tables: don't skip inactive chains during update
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: stable nftables kernel changes for port to 3.12 kernel
- From: Pavel Melnik <p.melnyk@xxxxxxxxxxxxxxxxxx>
- Re: stable nftables kernel changes for port to 3.12 kernel
- From: Florian Westphal <fw@xxxxxxxxx>
- stable nftables kernel changes for port to 3.12 kernel
- From: Pavel Melnik <p.melnyk@xxxxxxxxxxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [PATCH v3] netfilter/ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] parser: bail out on incorrect burst unit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RESEND iptables] include: extend the headers conflict workaround to in6.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] extensions: libipt_realm: Document allowed realm values
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] extensions: libipt_realm: Document allowed realm values
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v3] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- [PATCH RESEND iptables] include: extend the headers conflict workaround to in6.h
- From: Baruch Siach <baruch@xxxxxxxxxx>
- [PATCH v3] netfilter/ipset: replace a strncpy() with strscpy()
- From: Qian Cai <cai@xxxxxx>
- [PATCH nft] doc: nft: document ct count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipset: fix ip_set_byindex function
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nat: remove l4 protocol port rovers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH tip/core/rcu 30/41] netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] src: introduce simple hints on incorrect identifier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] src: introduce simple hints on incorrect object
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/3] misspell: add distance threshold for suggestions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/3] src: allow for misspellings in object names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/3] utils: remove type checks in min() and max()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH v2] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH nftables] src: xt: fix build when libxtables is not installed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [PATCH] netfilter: update comment about get_unique_tuple()
- From: Xiaozhou Liu <liuxiaozhou@xxxxxxxxxxxxx>
- Re: [PATCH 00/16] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- Re: 4.19.4 nf_conntrack_count kernel panic
- From: Sami Farin <hvtaifwkbgefbaei@xxxxxxxxx>
- Re: [PATCH 09/16] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Sergei Shtylyov <sergei.shtylyov@xxxxxxxxxxxxxxxxxx>
- Re: 4.19.x kernels oops in nf_conncount_destroy
- From: "Todd Eigenschink" <todd@xxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] tests: fix return codes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: fix return codes
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Proposal: rename of arptables.git and ebtables.git
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- [PATCH 00/16] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/16] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/16] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/16] netfilter: nf_tables: don't use position attribute on rule replacement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/16] selftests: add script to stress-test nft packet path vs. control plane
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/16] netfilter: ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/16] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/16] netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/16] netfilter: add missing error handling code for register functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/16] netfilter: nf_conncount: remove wrong condition check routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/16] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/16] netfilter: nat: fix double register in masquerade modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/16] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/16] netfilter: nf_conncount: fix unexpected permanent node of list.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/16] netfilter: nf_tables: don't skip inactive chains during update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/16] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/16] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- 4.19.x kernels oops in nf_conncount_destroy
- From: "Todd Eigenschink" <todd@xxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: deactivate expressions in rule replecement routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [iptables PATCH] xtables: Don't use native nftables comments
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] xtables: Don't use native nftables comments
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] netfilter: ipset: fix ip_set_byindex function
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- Re: iptables configure ignore "--disable-silent-rules"
- From: Jan Engelhardt <jengelh@xxxxxxx>
- iptables configure ignore "--disable-silent-rules"
- From: Rolf Eike Beer <eb@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
- [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
- Re: [RFC -next v0 1/3] bpf: modular maps
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_conncount: remove wrong condition check routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 0/2] netfilter: fix notifier registration bugs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: 4.19.4 nf_conntrack_count kernel panic
- From: Denys Fedoryshchenko <nuclearcat@xxxxxxxxxxxxxx>
- 4.19.4 nf_conntrack_count kernel panic
- From: Sami Farin <hvtaifwkbgefbaei@xxxxxxxxx>
- [PATCH v2] netfilter: ipset: replace a strncpy() with strscpy()
- From: Qian Cai <cai@xxxxxx>
- [PATCH] netfilter: update comment about get_unique_tuple()
- From: Xiaozhou Liu <liuxiaozhou@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
- From: Pan Bian <bianpan2016@xxxxxxx>
- Re: [PATCH] netfilter: ipset: replace a strncpy() with strscpy()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nfnetlink_cttimeout: nf_proto_net must be first member of netns_proto_gre
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [RFC -next v0 0/3] netfilter: expose flow offload tables as an ebpf map
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [RFC -next v0 2/3] netfilter: nf_flow_table: support a new 'snoop' mode
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [RFC -next v0 3/3] netfilter: nf_flow_table_bpf_map: introduce new loadable bpf map
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [RFC -next v0 1/3] bpf: modular maps
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH nf] netfilter: nf_conncount: remove wrong condition check routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] include: extend the headers conflict workaround to in6.h
- From: Baruch Siach <baruch@xxxxxxxxxx>
- Re: [iptables PATCH] ebtables: Use xtables_exit_err()
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH] ebtables: Use xtables_exit_err()
- From: Phil Sutter <phil@xxxxxx>
- compilation error glibc
- From: Ansuel Smith <ansuelsmth@xxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: RFC: Designing per chain rule cache support in libnftnl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH] arptables: Support --set-counters option
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH] arptables: Support --set-counters option
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf v2 2/2] netfilter: nat: fix double register in masquerade modules
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v2 1/2] netfilter: add missing error handling code for register functions
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v2 0/2] netfilter: fix notifier registration bugs
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] netfilter: ipset: replace a strncpy() with strscpy()
- From: Qian Cai <cai@xxxxxx>
- [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- [PATCH nf] netfilter: nfnetlink_cttimeout: nf_proto_net must be first member of netns_proto_gre
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2] ipv6: Preserve link scope traffic original oif
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Jason Rippon <Jason.Rippon@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Baruch Siach <baruch@xxxxxxxxxx>
- RFC: Designing per chain rule cache support in libnftnl
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next] netfilter: add missing error handling code for register functions.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: add missing error handling code for register functions.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: add missing error handling code for register functions.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH iptables] extensions: libip6t_mh: fix bogus translation error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v4 1/3] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v4 3/3] src: introduce simple hints on incorrect set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v4 2/3] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 1/3] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 3/3] src: introduce simple hints on incorrect set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3 2/3] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 1/2] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] src: introduce simple hints on incorrect table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] src: introduce simple hints on incorrect chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: xt_TEE: fix build failure
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH xtables] arptables-nft: use generic expression parsing function
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Baruch Siach <baruch@xxxxxxxxxx>
- Re: [PATCH iptables] xtables-monitor: fix build with musl libc
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables] xtables-monitor: fix build with musl libc
- From: Baruch Siach <baruch@xxxxxxxxxx>
- Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2] xtables: Introduce per table chain caches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 4/4] xtables: constify struct builtin_table and struct builtin_chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 3/4] nft: move initialize to struct nft_handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 2/4] nft: move chain_cache back to struct nft_handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 1/4] nft: add type field to builtin_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
- From: Florian Westphal <fw@xxxxxxxxx>
- WARNING in cttimeout_default_get
- From: syzbot <syzbot+2fae8fa157dd92618cae@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH iptables] include: fix build with kernel headers before 4.2
- From: Baruch Siach <baruch@xxxxxxxxxx>
- Re: [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH xtables v2] xtables-monitor: fix build with older glibc
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables v2] xtables-monitor: fix build with older glibc
- From: Baruch Siach <baruch@xxxxxxxxxx>
- [ANNOUNCE] nftlb 0.3 release
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: Different namespaces share the same xtables lock
- From: Phil Sutter <phil@xxxxxx>
- Different namespaces share the same xtables lock
- From: wenxian li <wofanli@xxxxxxxxx>
- Re: linux-next: Tree for Nov 15 (netfilter/xt_TEE)
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
- [iptables PATCH v2] xtables: Introduce per table chain caches
- From: Phil Sutter <phil@xxxxxx>
- Re: iptc_delete_entry matchmask parameter
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: iptc_delete_entry matchmask parameter
- From: Tom Cook <tom.k.cook@xxxxxxxxx>
- [iptables PATCH] xtables: Introduce per table chain caches
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next] netfilter: nat: remove l4 protocol port rovers
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH xtables] xtables-monitor: fix build with older glibc
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH xtables] xtables-monitor: fix build with older glibc
- From: Baruch Siach <baruch@xxxxxxxxxx>
- Re: [PATCH xtables] xtables-monitor: fix build with older glibc
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH xtables] xtables-monitor: fix build with older glibc
- From: Baruch Siach <baruch@xxxxxxxxxx>
- [PATCH AUTOSEL 4.18 05/59] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.18 06/59] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.18 07/59] netfilter: ipset: fix ip_set_list allocation failure
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.18 16/59] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.18 18/59] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.18 15/59] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.18 17/59] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 02/27] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 08/27] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 09/27] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 02/13] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 06/13] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 05/13] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.4 2/8] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.4 5/8] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.4 4/8] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 03/27] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Sasha Levin <sashal@xxxxxxxxxx>
- iptc_delete_entry matchmask parameter
- From: Tom Cook <tom.k.cook@xxxxxxxxx>
- Re: [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
- Re: [PATCH iptables] extensions: format-security fixes in libip[6]t_icmp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] extensions: format-security fixes in libip[6]t_icmp
- From: Adam Gołębiowski <adamg@xxxxxxxxxxxxx>
- Re: [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH xtables] ebtables: vlan: fix userspace/kernel headers collision
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: Julian Anastasov <ja@xxxxxx>
- [PATCH xtables] ebtables: vlan: fix userspace/kernel headers collision
- From: Baruch Siach <baruch@xxxxxxxxxx>
- [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [ANNOUNCE] libnftnl 1.1.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] doc: grammar fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] doc: grammar fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] doc: grammar fixes
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] doc: grammar fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] iptables 1.8.2 release
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] doc: grammar fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH nftables] doc: Spelling and grammar fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nftables] doc: Spelling and grammar fixes
- From: Ville Skyttä <ville.skytta@xxxxxx>
- Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: BUG: Fatal in exception in interrupt, at nf_conncount_count [regression in 4.19(.1)]
- From: Bruno Prémont <bonbons@xxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: fix use-after-free when deleting compat expressions
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [ebtables PATCH] extensions: among: Fix bitmask check
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables] libxtables: xlate: init buffer to zero
- From: Florian Westphal <fw@xxxxxxxxx>
- [ebtables PATCH] extensions: among: Fix bitmask check
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next 0/2] netfilter: nf_flow_table: remove duplicate code in nf_flow_table_core.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] nft.8: Clarify 'index' option of add rule command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: remove NFC_* cache bits
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: don't use position attribute on rule replacement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 0/2] netfilter: nf_tables: don't skip inactive chains during update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2 0/3] netfilter: nf_conncount: fix bugs in conn_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 0/2] netfilter: nf_conncount: fix bugs in conn_free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH xtables 13/13] arptables: fix --version info
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 12/13] arptables: ignore --table argument.
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 11/13] arptables: make uni/multicast mac masks static
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 10/13] arptables: add test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 09/13] arptables: pre-init hlen and ethertype
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 08/13] arptables: fix src/dst mac handling
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 07/13] arptables: fix target ip offset
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 06/13] arptables: fix -s/-d handling for negation and mask
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 05/13] arptables: add basic test infra for arptables-nft
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 04/13] arptables: fix rule deletion/compare
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 03/13] arptables: remove code that is also commented-out in original arptables
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 02/13] arptables-save: add -c option, like xtables-save
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 01/13] arptables: use ->save for arptables-save, like xtables
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 00/13] arptables: make it work
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: BUG: Fatal in exception in interrupt, at nf_conncount_count [regression in 4.19(.1)]
- From: Florian Westphal <fw@xxxxxxxxx>
- BUG: Fatal in exception in interrupt, at nf_conncount_count [regression in 4.19(.1)]
- From: Bruno Prémont <bonbons@xxxxxxxxxx>
- [nft PATCH] nft.8: Clarify 'index' option of add rule command
- From: Phil Sutter <phil@xxxxxx>
- [PATCH xtables] xtables: add 'printf' attribute to xlate_add
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH 0/3] A few minor fixes
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH 2/3] xtables: Clarify error message when deleting by index
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/3] xtables: Fix error return code in nft_chain_user_rename()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/3] A few minor fixes
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 1/3] xtables: Fix typo in do_command() error message
- From: Phil Sutter <phil@xxxxxx>
- [PATCH iptables] nft: add NFT_TABLE_* enumeration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH xtables 2/2] ebtables: use extrapositioned negation consistently
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables 1/2] ebtables-save: add -c option, using xtables-style counters
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables] nft: replace nft_chain_dump() by nft_chain_get_list()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: always honor CTA_MARK_MASK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: always honor CTA_MARK_MASK
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/3] ipset patches for nf-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Matt Turner <mattst88@xxxxxxxxx>
- [PATCH tip/core/rcu 30/41] netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh()
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxxxxx>
- Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: "mirq-linux@xxxxxxxxxxxx" <mirq-linux@xxxxxxxxxxxx>
- Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: "mirq-linux@xxxxxxxxxxxx" <mirq-linux@xxxxxxxxxxxx>
- Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: Tariq Toukan <tariqt@xxxxxxxxxxxx>
- [PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH net-next 8/9] mlx4: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 7/9] benet: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 1/9] cxgb4: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 2/9] nfnetlink/queue: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 5/9] bridge: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 9/9] sky2: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 4/9] 8021q: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 3/9] net/core: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- [PATCH net-next 6/9] ipv4/tunnel: use __vlan_hwaccel helpers
- From: Michał Mirosław <mirq-linux@xxxxxxxxxxxx>
- Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Jason Rippon <Jason.Rippon@xxxxxxxxxxxxxxxxxxx>
- [PATCH net-next 2/2] br_netfilter: namespace bridge netfilter sysctls
- From: Christian Brauner <christian@xxxxxxxxxx>
- [PATCH net-next 1/2] br_netfilter: add struct netns_brnf
- From: Christian Brauner <christian@xxxxxxxxxx>
- [PATCH net-next 0/2] br_netfilter: enable in non-initial netns
- From: Christian Brauner <christian@xxxxxxxxxx>
- Re: [PATCH] netfilter: Only call ftp alg when needed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: Only call ftp alg when needed
- From: Felix Jia <felix.jia@xxxxxxxxxxxxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: nf_flow_table: simplify nf_flow_offload_gc_step()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: nf_flow_table: make nf_flow_table_iterate() static
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf-next 0/2] netfilter: nf_flow_table: remove duplicate code in nf_flow_table_core.c
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nftables 2/2] xt: always build with a minimal support for xt match/target decode
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nftables 1/2] xt: pass octx to translate function
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nftables 0/2] add minimal x_tables output support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 00/14] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 06/14] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/14] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/14] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/14] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/14] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/14] netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/14] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/14] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/14] netfilter: ipset: fix ip_set_list allocation failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/14] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/14] netfilter: nft_osf: check if attribute is present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/14] netfilter: bridge: define INT_MIN & INT_MAX in userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/14] Revert "netfilter: nft_numgen: add map lookups for numgen random operations"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/14] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/14] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- CFS for Netdev 0x13 open!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- Re: [PATCH] doc: libnftables.adoc misc cleanups
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH] netfilter: nf_nat_sip: fix RTP/RTCP source port translations
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH nft] documentation: try to clarify iif vs. iifname.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH xtables] extensions: libebt_ip: fix tos negation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables] extensions: libebt_ip6: fix ip6-dport negation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH xtables] xtables-nft: make -Z option work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH xtables] xtables-nft: make -Z option work
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] doc: libnftables.adoc misc cleanups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf v3 4/4] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v3 3/4] netfilter: ipt_CLUSTERIP: fix sleep-in-atomic bug in clusterip_config_entry_put()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v3 2/4] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v3 1/4] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v3 0/4] netfilter: ipt_CLUSTERIP: fix bugs in ipt_CLUSTERIP
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nft] documentation: try to clarify iif vs. iifname.
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf v2 3/3] netfilter: nf_conncount: fix unexpected permanent node of list.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v2 2/3] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v2 1/3] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf v2 0/3] netfilter: nf_conncount: fix bugs in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: don't use position attribute on rule replacement
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] doc: libnftables.adoc misc cleanups
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH xtables] libxtables: add and use mac print helpers
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] iptables-tests: add % to run iptables commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] iptables-tests: do not append xtables-multi to external commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] iptables-tests: do not append xtables-multi to external commands
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] evaluate: Convert ranges of N-N to N
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 0/6] misc. ebtables-nft improvements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Rebasing nf.git ahead
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH xtables] iptables-nft: fix bogus handling of zero saddr/daddr
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables 6/6] ebtables-nft: add arpreply target
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables 5/6] ebtables: add redirect test case
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables 4/6] ebtables: add test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables 3/6] ebtables: relax -t table restriction, add snat/dnat test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables 2/6] ebtables: fix -j CONTINUE handling for add/delete
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables 1/6] tests: add basic ebtables test support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables 0/6] misc. ebtables-nft improvements
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf,v2 1/2] netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_compat: ebtables 'nat' table is normal chain type
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH xtables] iptables-nft: fix bogus handling of zero saddr/daddr
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 12/31] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 2/2] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf 1/2] netfilter: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] iptables: iptables-test: fix netns test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 05/10] audit: add support for non-syscall auxiliary records
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH 12/31] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- [PATCH iptables] iptables: iptables-test: fix netns test
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH] netfilter: ctnetlink: always honor CTA_MARK_MASK
- From: Andreas Jaggi <andreas.jaggi@xxxxxxxxxxxx>
- Re: [PATCH libnftnl 4/4] src: Use memcpy() to handle potentially unaligned data
- From: Matt Turner <mattst88@xxxxxxxxx>
- Re: [nft PATCH] doc: Fix for make distcheck
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2] xtables: Fix for matching rules with wildcard interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] doc: Fix for make distcheck
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 09/10] audit: NETFILTER_PKT: record each container ID associated with a netNS
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [iptables PATCH v2] xtables: Fix for matching rules with wildcard interfaces
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] json: fix json_events_cb() declaration when libjansson is not present
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf 2/2] selftests: add script to stress-test nft packet path vs. control plane
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_tables: don't skip inactive chains during update
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 0/2] netfilter: nf_tables: don't skip inactive chains during update
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: stable regression: revert request for netfilter ipv6 defrag bug
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [nft PATCH] py: Adjust Nftables class to output flags changes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] json: fix json_events_cb() declaration when libjansson is not present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] py: Adjust Nftables class to output flags changes
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] json: fix json_events_cb() declaration when libjansson is not present
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Segmentation fault when using ebtables
- From: Dmitry Vinokurov <gim6626@xxxxxxxxx>
- [PATCH] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
- [PATCH v2] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH 5/5] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH] xtables: Fix for matching rules with wildcard interfaces
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] ulogd2: fix build with musl libc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/3 nft,v2] expression: always print range expression numerically
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 2/3 nft,v3] src: add -p to print layer 4 protocol numerically
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 1/3 nft,v3] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] ulogd2: fix build with musl libc
- From: Cameron Norman <camerontnorman@xxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_IDLETIMER: add sysfs filename checking routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: xt_RATEEST: remove netns exit routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 2/2] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Yi-Hung Wei <yihung.wei@xxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Yi-Hung Wei <yihung.wei@xxxxxxxxx>
- Re: [PATCH 5/5] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/5] ipset patches for nf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] ulogd2: fix build with musl libc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/3 nft,v3] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/3 nft,v2] expression: always print range expression numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/3 nft,v3] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft 1/2,v2] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] expression: always print range expression numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] JSON: Add support for echo option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/2,v2] src: add NFT_CTX_OUTPUT_NUMERIC_PROTO
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/2,v2] src: add -y to priority base chain nummerically
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] expression: always print range expression numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] JSON: Add support for echo option
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests/shell: Add testcase for cache update problems
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH] tests/shell: Add testcase for cache update problems
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] nft.8: Document log level audit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] JSON: Add support for echo option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] src: get rid of nft_ctx_output_{get,set}_numeric()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2,v2] src: add -y to priority base chain nummerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2,v2] src: add NFT_CTX_OUTPUT_NUMERIC_PROTO
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2 nft,v2] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2 nft,v2] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft,v3 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2] src: add -y to priority base chain nummerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2 nft,v2] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 4/5,v3] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,v3 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] src: add -p to print layer 4 protocol numerically
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/5,v3] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] src: default to numeric UID and GID listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 3/5,v2] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] src: default to numeric UID and GID listing
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 5/5,v2] src: add nft_ctx_output_{get,set}_echo() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft,v3 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 3/5,v2] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/5,v2] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/5,v2] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Phil Sutter <phil@xxxxxx>
- [PATCH] src: default to numeric UID and GID listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/5,v4] src: Revert --literal, add -S/--service
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft 4/5,v2] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 5/5,v2] src: add nft_ctx_output_{get,set}_echo() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/5,v2] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/5,v2] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/5,v4] src: Revert --literal, add -S/--service
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] ulogd2: fix build with musl libc
- From: Cameron Norman <camerontnorman@xxxxxxxxx>
- [ANNOUNCE] ipset 7.0 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 3/3] netfilter: ipset: Introduction of new commands and protocol version 7
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 1/3] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 2/3] netfilter: ipset: Make invalid MAC address checks consistent
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 0/3] ipset patches for nf-next
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 2/5] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 5/5] netfilter: ipset: Fix calling ip_set() macro at dumping
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 1/5] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 3/5] netfilter: ipset: fix ip_set_list allocation failure
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 4/5] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 0/5] ipset patches for nf
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH nft 2/5] src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/5] src: add nft_ctx_output_{get,set}_json() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 5/5] src: add nft_ctx_output_{get,set}_echo() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/5,v3] src: Revert --literal, add -S/--services
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/5] src: add nft_ctx_output_{get,set}_handle() to nft_ctx_output_{get,set}_flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] nft.8: Document log level audit
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] JSON: Add support for echo option
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] tests/shell: Add testcase for cache update problems
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] Revert "netfilter: nft_numgen: add map lookups for numgen random operations"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH v2] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Vasily Khoruzhick <vasilykh@xxxxxxxxxx>
- [PATCH nft 2/2] evaluate: stmt_evaluate_map() needs right hand side evaluation too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] evaluate: do not pass EXPR_SET_ELEM to stmt_evaluate_arg() for set/map evaluation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- [PATCH nf 2/2] netfilter: nf_conncount: fix list_del corruption in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- [PATCH nf 0/2] netfilter: nf_conncount: fix bugs in conn_free
- From: Taehee Yoo <ap420073@xxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: bridge: define INT_MIN & INT_MAX in userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: ipv6: fix oops when defragmenting locally generated fragments
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Vasiliy Khoruzhick <vasilykh@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- Re: [PATCH] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Dmitry Safonov <dima@xxxxxxxxxx>
- [PATCH] netfilter: conntrack: fix calculation of next bucket number in early_drop
- From: Vasily Khoruzhick <vasilykh@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
