Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH 13/31] netfilter: nat: remove unnecessary rcu_read_lock in nf_nat_redirect_ipv{4/6}
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/31] netfilter: nf_tables: avoid BUG_ON usage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/31] netfilter: nf_tables: asynchronous release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/31] netfilter: conntrack: remove the l4proto->new() function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/31] netfilter: nf_nat_ipv4: remove obsolete EXPORT_SYMBOL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 18/31] netfilter: conntrack: remove error callback and handle icmp from core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 17/31] netfilter: conntrack: avoid using ->error callback if possible
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/31] netfilter: conntrack: pass nf_hook_state to packet and error handlers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 22/31] netfilter: nat: remove duplicate skb_is_nonlinear() in __nf_nat_mangle_tcp_packet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 23/31] netfilter: nf_tables: use rhashtable_walk_enter instead of rhashtable_walk_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 21/31] netfilter: conntrack: clamp l4proto array size at largers supported protocol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 19/31] netfilter: conntrack: remove unused proto arg from netns init functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 24/31] netfilter: ctnetlink: must check mark attributes vs NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 20/31] netfilter: conntrack: remove l3->l4 mapping information
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 29/31] netfilter: nf_tables: use rhashtable_lookup() instead of rhashtable_lookup_fast()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 27/31] netfilter: nf_tables: add requirements for connsecmark support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 31/31] netfilter: xt_quota: Don't use aligned attribute in sizeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 30/31] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 28/31] netfilter: nf_flow_table: remove unnecessary nat flag check code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 25/31] netfilter: masquerade: don't flush all conntracks if only one address deleted on device
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 26/31] netfilter: nf_tables: add SECMARK support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 16/31] netfilter: conntrack: deconstify packet callback skb pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/31] netfilter: nf_tables: add xfrm expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/31] netfilter: nf_tables: split set destruction in deactivate and destroy phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/31] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: xt_quota: Don't use aligned attribute in sizeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] nftables: add support for setting secmark
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v3] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_flow_table: do not remove offload when other netns's interface is down
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH] netfilter: xt_quota: Don't use aligned attribute in sizeof
- From: Nathan Chancellor <natechancellor@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_nat_snmp_basic: add missing helper alias name
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 1/2] netfilter: xt_TEE: fix wrong interface selection
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 0/2] netfilter: xt_TEE: fix bugs in xt_TEE
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 2/2] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 1/2] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf 0/2] netfilter: ipt_CLUSTERIP: fix bugs in ipt_CLUSTERIP
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH] openvswitch: load NAT helper
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Jakub Kicinski <jakub.kicinski@xxxxxxxxxxxxx>
Re: [PATCH nf-next v3] nft_osf: Add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH nf-next v3] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH RFC,net-next 1/3] ip_tunnel: add type field to struct ip_tunnel_info
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
[PATCH nf-next v3] nft_osf: Add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH RFC,net-next 1/3] ip_tunnel: add type field to struct ip_tunnel_info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v2] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v2] nft_osf: Add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH RFC,net-next 1/3] ip_tunnel: add type field to struct ip_tunnel_info
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Re: [nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC,net-next 3/3] netfilter: nft_tunnel: support for tunnel type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC,net-next 2/3] net: act_tunnel_key: support for tunnel type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC,net-next 1/3] ip_tunnel: add type field to struct ip_tunnel_info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft 4/4] mnl: remove alloc_nftnl_chain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/4] src: get rid of netlink_genid_get()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/4] netlink: remove markup json parsing code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/4] assorted updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/4] mnl: remove alloc_nftnl_table()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v2] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] segtree: stop iteration on existing elements in case closing range is found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] rule: fix memleak in do_get_setelems()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests: shell: Test 'get element' command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] segtree: memleak in get_set_decompose()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] segtree: disantangle get_set_interval_end()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 14/16] netfilter: Replace spin_is_locked() with lockdep
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 14/16] netfilter: Replace spin_is_locked() with lockdep
- From: Lance Roy <ldr709@xxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Chenbo Feng <fengc@xxxxxxxxxx>
Re: [PATCH nft] doc: Document ct timeout support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Chenbo Feng <fengc@xxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Maciej Żenczykowski <maze@xxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Revert "openvswitch: Fix template leak in error cases."
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH net-next] netfilter: xt_quota: fix the behavior of xt_quota module
- From: Chenbo Feng <chenbofeng.kernel@xxxxxxxxx>
[PATCH iptables] extensions: libxt_quota: Allow setting the remaining quota
- From: Chenbo Feng <chenbofeng.kernel@xxxxxxxxx>
[PATCH net-next iptables] Rework the xt_quota module
- From: Chenbo Feng <chenbofeng.kernel@xxxxxxxxx>
Re: [PATCH] Revert "openvswitch: Fix template leak in error cases."
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH 0/6] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 4/6] netfilter: nft_set_rbtree: add missing rb_erase() in GC routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/6] netfilter: avoid erronous array bounds warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/6] netfilter: xt_socket: check sk before checking for netns.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/6] netfilter: conntrack: get rid of double sizeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/6] netfilter: nft_osf: use enum nft_data_types for nft_validate_register_store
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/6] netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: __nf_register_net_hook jump label splat
- From: Borislav Petkov <bp@xxxxxxxxx>
Re: [PATCH] netfilter: ipset: export indexes via netlink
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_flow_table: remove flowtable hook flush routine in netns exit routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf] netfilter: nft_set_rbtree: allow loose matching of closing intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] segtree: bogus range via get set element on existing elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipset: export indexes via netlink
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
Re: __nf_register_net_hook jump label splat
- From: Borislav Petkov <bp@xxxxxxxxx>
Re: __nf_register_net_hook jump label splat
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] include: add missing xfrm.h to Makefile.am
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] include: add missing xfrm.h to Makefile.am
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH 2/2 nft] doc: osf: add ttl option to man page
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
__nf_register_net_hook jump label splat
- From: Borislav Petkov <bp@xxxxxxxxx>
[PATCH nf-next v2] nft_osf: Add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH libnftnl] expr: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 2/2 nft] doc: osf: add ttl option to man page
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 1/2 nft v2] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH] Revert "openvswitch: Fix template leak in error cases."
- From: Flavio Leitner <fbl@xxxxxxxxxx>
[PATCH] openvswitch: load NAT helper
- From: Flavio Leitner <fbl@xxxxxxxxxx>
[nft PATCH] tests: shell: Test 'get element' command
- From: Phil Sutter <phil@xxxxxx>
Re: [netfilter-core] [PATCH 07/11] UAPI: netfilter: Fix symbol collision issues [ver #2]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nft_set_rbtree: add missing rb_erase() in GC routine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: avoid erronous array bounds warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: masquerade: don't flush all conntracks if only one address deleted on device
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: use rhashtable_lookup() instead of rhashtable_lookup_fast()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_flow_table: remove unnecessary nat flag check code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 2/2] netfilter: nf_tables: add requirements for connsecmark support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 1/2] netfilter: nf_tables: add SECMARK support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Conntrack l4 protocol helper for GRE has no GRE/IPv6 support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: check if the socket netns is correct.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: check if the socket netns is correct.
- From: Guenter Roeck <linux@xxxxxxxxxxxx>
Re: [PATCH] netfilter: check if the socket netns is correct.
- From: Flavio Leitner <fbl@xxxxxxxxxx>
Re: [PATCH] netfilter: check if the socket netns is correct.
- From: Guenter Roeck <linux@xxxxxxxxxxxx>
Re: [PATCH nft] src: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH nft] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: nft: Dubious code in get_set_decompose() of src/segtree.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nft: Dubious code in get_set_decompose() of src/segtree.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Contribution of a GRE Module
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH 0/5] Fix and improve for 0021prio_0 in tests/shell
- From: Florian Westphal <fw@xxxxxxxxx>
Re: bpfilter breaks IPT_SO_GET_INFO
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Re: [libnftnl PATCH] expr: xfrm: Fix for unused variable warning
- From: Máté Eckl <ecklm94@xxxxxxxxx>
Re: [libnftnl PATCH] expr: xfrm: Fix for unused variable warning
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [libnftnl PATCH] expr: xfrm: Fix for unused variable warning
- From: Phil Sutter <phil@xxxxxx>
nft: Dubious code in get_set_decompose() of src/segtree.c
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/5] tests: shell: Fix indenting in 0021prio_0
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/5] parser_bison: Fix for chain prio name 'out'
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 5/5] tests: shell: Improve performance of 0021prio_0
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 4/5] tests: shell: Improve gen_chains() in 0021prio_0
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 3/5] tests: shell: Drop one-time use variables in 0021prio_0
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/5] Fix and improve for 0021prio_0 in tests/shell
- From: Phil Sutter <phil@xxxxxx>
Contribution of a GRE Module
- From: Alexandre Connat <alc@xxxxxxx>
Re: [libnftnl PATCH] expr: xfrm: Fix for unused variable warning
- From: Florian Westphal <fw@xxxxxxxxx>
[libnftnl PATCH] expr: xfrm: Fix for unused variable warning
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/6] libxtables: Check extension real_name length
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 6/6] nft-shared: Use xtables_calloc()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/6] libiptc: NULL-terminate errorname
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/6] Follow-up to covscan fixes
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 5/6] arptables: Use the shared nft_ipv46_parse_target()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/6] Combine parse_target() and command_jump() implementations
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/6] Combine command_match() implementations
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: avoid erronous array bounds warning
- From: David Ahern <dsahern@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: use rhashtable_lookup() instead of rhashtable_lookup_fast()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_flow_table: remove unnecessary nat flag check code
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf] netfilter: avoid erronous array bounds warning
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 20/28] Sanitize calls to strcpy()
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 20/28] Sanitize calls to strcpy()
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 20/28] Sanitize calls to strcpy()
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 2/2] netfilter: nf_tables: add requirements for connsecmark support
- From: kbuild test robot <lkp@xxxxxxxxx>
[PATCH v3 2/2] netfilter: nf_tables: add requirements for connsecmark support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 1/2] netfilter: nf_tables: add SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH 2/2] netfilter: nf_tables: add requirements for connsecmark support
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 2/2] netfilter: nf_tables: add requirements for connsecmark support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 1/2] netfilter: nf_tables: add SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 2/2] netfilter: nf_tables: add requirements for connsecmark support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: ctnetlink: must check mark attributes vs NULL
- From: Kristian Evensen <kristian.evensen@xxxxxxxxx>
Re: change netfilter packet flow
- From: Máté Eckl <ecklm94@xxxxxxxxx>
change netfilter packet flow
- From: "morteza1131@xxxxxxxxx" <morteza1131@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: ctnetlink: must check mark attributes vs NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: Re-work RULES:add/insert/replace to read better.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: Re-work RULES:add/insert/replace to read better.
- From: Phil Sutter <phil@xxxxxx>
How to contribute to netfilter.org/documentation?
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH net-next 0/3] net: wean netfilter from fib_nh
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH] doc: Re-work RULES:add/insert/replace to read better.
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nf-next] netfilter: ctnetlink: must check mark attributes vs NULL
- From: Florian Westphal <fw@xxxxxxxxx>
general protection fault in ctnetlink_alloc_filter
- From: syzbot <syzbot+e45eda8eda6e93a03959@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH net-next 0/3] net: wean netfilter from fib_nh
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 0/3] net: wean netfilter from fib_nh
- From: dsahern@xxxxxxxxxx
[PATCH net-next 2/3] netfilter: rpfilter: Convert rpfilter_lookup_reverse to new dev helper
- From: dsahern@xxxxxxxxxx
[PATCH net-next 3/3] netfilter: nft_fib: Convert nft_fib4_eval to new dev helper
- From: dsahern@xxxxxxxxxx
[PATCH net-next 1/3] net/ipv4: Move device validation to helper
- From: dsahern@xxxxxxxxxx
Re: [PATCH nf-next] netfilter: nat: remove duplicate skb_is_nonlinear() in __nf_nat_mangle_tcp_packet()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: use rhashtable_walk_enter instead of rhashtable_walk_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_osf: use enum nft_data_types for nft_validate_register_store
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: get rid of double sizeof
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl v2] obj: ct_timeout: fix error in building tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: netfilter: conntrack: remove indirect err call from l4proto trackers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: add SECMARK support
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: add SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: add SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: add SECMARK support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: add SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] nftables: add support for setting secmark
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] libnftnl: add support for new secmark object
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: add SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_tables: add SECMARK support
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH] netfilter: nf_tables: add SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH 0/3] Merge legacy save and restore implementations
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/3] ip6tables-restore: Merge into iptables-restore.c
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/3] libiptc: Extend struct xtc_ops
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/3] ip6tables-save: Merge into iptables-save.c
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 27/28] xtables: Drop pointless check
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 08/28] libxt_conntrack: Version 0 does not support XT_CONNTRACK_DIRECTION
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 12/28] libiptc: Simplify alloc_handle() function signature
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 05/28] ip{,6}tables-restore: Fix for uninitialized array 'curtable'
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 25/28] xtables: Don't read garbage in nft_ipv4_parse_payload()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 09/28] libxt_conntrack: Avoid potential buffer overrun
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 26/28] arptables: Fix incorrect strcmp() in nft_arp_rule_find()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 20/28] Sanitize calls to strcpy()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 00/28] Another round of covscan fixes
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 07/28] libxt_LED: Avoid string overrun while parsing led-trigger-id
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 21/28] nft-arp: Drop ineffective conditional
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 01/28] nfnl_osf: Drop pointless check in xt_osf_strchr()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 18/28] Share print_ipv{4,6}_addr() from xtables
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 16/28] iptables-apply: Quote strings passed to echo
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 03/28] libxtables: Integrate getethertype.c from xtables core
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 13/28] libxtables: Avoid calling memcpy() with NULL source
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 06/28] xtables: Remove unused variable in nft_is_table_compatible()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 23/28] Fix a few cases of pointless assignments
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 10/28] libxt_ipvs: Avoid potential buffer overrun
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 04/28] Mark fall through cases in switch() statements
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 15/28] nfnl_osf: Replace deprecated nfnl_talk() by nfnl_query()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 24/28] libxtables: Use posix_spawn() instead of vfork()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 17/28] iptables-apply: Replace signal numbers by names
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 28/28] iptables: Gitignore xtables-{legacy,nft}-multi scripts
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 14/28] libxtables: Don't read garbage in xtables_strtoui()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 02/28] xtables: Fix for wrong assert() in __nft_table_flush()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 22/28] extensions: libebt_ip{,6}: Drop pointless error checking
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 11/28] libxt_time: Drop initialization of variable 'year'
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 19/28] iptables: Use print_ifaces() from xtables
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] netfilter: conntrack: get rid of double sizeof
- From: Florian Westphal <fw@xxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] netfilter: conntrack: get rid of double sizeof
- From: zhong jiang <zhongjiang@xxxxxxxxxx>
Re: bpfilter breaks IPT_SO_GET_INFO
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Re: bpfilter breaks IPT_SO_GET_INFO
- From: Michal Kubecek <mkubecek@xxxxxxx>
[PATCH libnftnl v2] obj: ct_timeout: fix error in building tests
- From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
Re: SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Announcing Netdev 0x13 conference
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: SECMARK support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: SECMARK support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH nf-next] nft_osf: Add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH] netfilter: nft_osf: use enum nft_data_types for nft_validate_register_store
- From: Stefan Agner <stefan@xxxxxxxx>
Re: SECMARK support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 4.14 095/126] inet: frags: Convert timers to use timer_setup()
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [iptables PATCH] libxt_string: Fix array out of bounds check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: osf: add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] nft_osf: Add ttl option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH nft 4/5] src: rename meta secpath to meta ipsec
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 3/5] src: rt: add support to check if route will perform ipsec transformation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 2/5] expr: add xfrm support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 1/5] expr: rt: ipsec match support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] nft.8: Update meta pkt_type value description
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] doc: Review man page building in Makefile.am
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] xtables-save: Ignore uninteresting tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net] netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev
- From: dsahern@xxxxxxxxxx
[iptables PATCH] libxt_string: Fix array out of bounds check
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next] netfilter: nf_nat_ipv4: remove obsolete EXPORT_SYMBOL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nat: remove unnecessary rcu_read_lock in nf_nat_redirect_ipv{4/6}
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: remove obsolete need_conntrack stub
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: xtables: avoid BUG_ON
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: avoid BUG_ON usage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next v2 7/8] netfilter: conntrack: remove l3->l4 mapping information
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] conntrack: Support L3 protocol-filter on flush
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add xfrm expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: remove obsolete need_conntrack stub
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/3] netfilter: nf_tables: remove last synchronize_rcu from config path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: rt: allow checking if dst has xfrm attached
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH nft] src: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH libnftnl] expr: osf: add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH nf-next] nft_osf: Add ttl option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
SECMARK support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
KMSAN: uninit-value in strlcpy (2)
- From: syzbot <syzbot+c86cf7903306a6c201ba@xxxxxxxxxxxxxxxxxxxxxxxxx>
KMSAN: uninit-value in do_ip_vs_set_ctl
- From: syzbot <syzbot+23b5f9e7caf61d9a3898@xxxxxxxxxxxxxxxxxxxxxxxxx>
[nft PATCH] Review numeric/literal options and related docs
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] doc: Review man page building in Makefile.am
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] nft.8: Update meta pkt_type value description
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next 7/8] netfilter: conntrack: remove l3->l4 mapping information
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf-next 7/8] netfilter: conntrack: remove l3->l4 mapping information
- From: kbuild test robot <lkp@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: use rhashtable_walk_enter instead of rhashtable_walk_init
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH v3 04/30] inet: frags: Convert timers to use timer_setup()
- From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
Re: [iptables PATCH 0/5] Fix for bugs indicated by covscan
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH 0/4] Apply some recent changes to JSON output
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] Conntrack l4 protocol helper for GRE has no GRE/IPv6 support
- From: Ignatius Cheng <ignatich1212@xxxxxxxxx>
[PATCH v2 04/30] inet: frags: Convert timers to use timer_setup()
- From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nat: remove duplicate skb_is_nonlinear() in __nf_nat_mangle_tcp_packet()
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf-next 8/8] netfilter: conntrack: clamp l4proto array size at largers supported protocol
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 7/8] netfilter: conntrack: remove l3->l4 mapping information
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 6/8] netfilter: conntrack: remove unused proto arg from netns init functions
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 5/8] netfilter: conntrack: remove error callback and handle icmp from core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 4/8] netfilter: conntrack: avoid using ->error callback if possible
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 3/8] netfilter: conntrack: deconstify packet callback skb pointer
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/8] netfilter: conntrack: remove the l4proto->new() function
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/8] netfilter: conntrack: pass nf_hook_state to packet and error handlers
- From: Florian Westphal <fw@xxxxxxxxx>
netfilter: conntrack: remove indirect err call from l4proto trackers
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 00/12] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 04/29] inet: frags: Convert timers to use timer_setup()
- From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
[nft PATCH 4/4] tests/py: Fix JSON for icmp*.t
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/4] json: Make inet_service_type_json() respect literal level
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/4] json: Fix datatype_json() for literal level
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/4] Apply some recent changes to JSON output
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 3/4] json: Print range expressions numerically
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: nat: remove unnecessary rcu_read_lock in nf_nat_redirect_ipv{4/6}
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [nft PATCH 1/2] tests/py: Check differing rule output for sanity
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH 1/2] tests/py: Check differing rule output for sanity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/12] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/12] netfilter: xt_checksum: ignore gso skbs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/12] netfilter: nf_tables: rework ct timeout set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/12] netfilter: cttimeout: ctnl_timeout_find_get() returns incorrect pointer to type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/12] netfilter: xt_hashlimit: use s->file instead of s->private
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/12] netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/12] netfilter: nfnetlink_queue: Solve the NFQUEUE/conntrack clash for NF_REPEAT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/12] netfilter: conntrack: reset tcp maxwin on re-register
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/12] netfilter: kconfig: nat related expression depend on nftables core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/12] netfilter: nf_tables: release chain in flushing set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/12] netfilter: conntrack: place 'new' timeout in first location too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/12] netfilter: xt_cluster: add dependency on conntrack module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/12] netfilter: conntrack: remove duplicated include from nf_conntrack_proto_udp.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [Patch nf] xt_hashlimit: use s->file instead of s->private
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH 3/5] ebtables: Fix for potential array boundary overstep
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/5] libxt_string: Avoid potential array out of bounds access
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/5] Fix for bugs indicated by covscan
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/5] libiptc: Avoid side-effect in memset() calls
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/5] libxtables: Fix potential array overrun in xtables_option_parse()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 5/5] extensions: REJECT: Merge reject tables
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] xtables-save: Ignore uninteresting tables
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 07/11] UAPI: netfilter: Fix symbol collision issues [ver #2]
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [nft PATCH] src: Fix literal check for inet_service type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] src: Fix literal check for inet_service type
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] xtables: Accept --wait in iptables-nft-restore
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH] xtables-restore: Fix flushing referenced custom chains
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH] xtables: Don't check all rules for being compatible
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] json: Fix compile error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] json: Fix compile error
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] xtables: Don't check all rules for being compatible
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: nf_nat_ipv4: remove obsolete EXPORT_SYMBOL
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: masquerade: don't flush all conntracks if only one address deleted on device
- From: Tan Hu <tan.hu@xxxxxxxxxx>
[iptables PATCH v2] xtables-restore: Fix flushing referenced custom chains
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] xtables-restore: Fix flushing referenced custom chains
- From: Phil Sutter <phil@xxxxxx>
[PATCH 07/11] UAPI: netfilter: Fix symbol collision issues [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
[RFC] UAPI: Check headers by compiling all together as C++
- From: David Howells <dhowells@xxxxxxxxxx>
Re: [RFC] UAPI: Check headers by compiling all together as C++
- From: Yann Droneaud <ydroneaud@xxxxxxxxxx>
Re: [Patch nf] xt_hashlimit: use s->file instead of s->private
- From: Sami Farin <hvtaifwkbgefbaei@xxxxxxxxx>
Re: [RFC] UAPI: Check headers by compiling all together as C++
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [Patch nf] xt_hashlimit: use s->file instead of s->private
- From: Christoph Hellwig <hch@xxxxxx>
[Patch nf] xt_hashlimit: use s->file instead of s->private
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
Re: [RFC] UAPI: Check headers by compiling all together as C++
- From: Yann Droneaud <ydroneaud@xxxxxxxxxx>
Re: [RFC] UAPI: Check headers by compiling all together as C++
- From: David Howells <dhowells@xxxxxxxxxx>
Re: [RFC] UAPI: Check headers by compiling all together as C++
- From: "Michael S. Tsirkin" <mst@xxxxxxxxxx>
[iptables PATCH] xtables: Accept --wait in iptables-nft-restore
- From: Phil Sutter <phil@xxxxxx>
Re: [RFC] UAPI: Check headers by compiling all together as C++
- From: Greg KH <greg@xxxxxxxxx>
[PATCH 06/11] UAPI: netfilter: Fix symbol collision issues
- From: David Howells <dhowells@xxxxxxxxxx>
[RFC] UAPI: Check headers by compiling all together as C++
- From: David Howells <dhowells@xxxxxxxxxx>
[PATCH nft 5/5] src: add ipsec (xfrm) expression
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 4/5] src: rename meta secpath to meta ipsec
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnftnl 1/5] expr: rt: ipsec match support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 3/5] src: rt: add support to check if route will perform ipsec transformation
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnftnl 2/5] expr: add xfrm support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnftnl,nft] ipsec matching support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 3/4] src: tproxy: relax family restrictions
- From: Máté Eckl <ecklm94@xxxxxxxxx>
[PATCH nft] doc: Document ct timeout support
- From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
[PATCH] obj: ct_timeout: fix error in building tests
- From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
[PATCH iptables] extensions: add cgroup revision 2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: xt_cgroup: shrink size of v2 path
- From: Tejun Heo <tj@xxxxxxxxxx>
[PATCH nf-next] netfilter: xtables: avoid BUG_ON
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: avoid BUG_ON usage
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] proto: fix icmp/icmpv6 code datatype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nfnetlink_queue: Solve the NFQUEUE/conntrack clash for NF_REPEAT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: xt_cgroup: shrink size of v2 path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 1/2] tests/py: Check differing rule output for sanity
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH ipset v3] Validate string type attributes in attr2data()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH] conntrack: Support L3 protocol-filter on flush
- From: Kristian Evensen <kristian.evensen@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: add xfrm expression
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] tests: fix json output for osf, socket and tproxy expressions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH 1/2] tests/py: Check differing rule output for sanity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 2/2] tests/py: Make nft-test.py a little more robust
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v2] netfilter: cttimeout: ctnl_timeout_find_get() returns incorrect pointer to type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: cttimeout: ctnl_timeout_find_get() returns incorrect pointer to type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] doc: Improve layout of u32 instructions
- From: "Joseph C. Sible" <josephcsible@xxxxxxxxx>
Re: netfilter mailing list abandoned
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: [iptables PATCH] xtables: Align return codes with legacy iptables
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH] xtables: Drop use of IP6T_F_PROTO
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] src: osf: load pf.os from expr_evaluate_osf()
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[iptables PATCH] xtables: Drop use of IP6T_F_PROTO
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: remove obsolete need_conntrack stub
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] src: osf: load pf.os from expr_evaluate_osf()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: release chain in flushing set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: kconfig: nat related expression depend on nftables core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl 2/2] obj: ct_timeout: don't skip zero value timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl 1/2] obj: ct_timeout: use fixed size array
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] xtables: Align return codes with legacy iptables
- From: Phil Sutter <phil@xxxxxx>
[PATCH ipset v3] Validate string type attributes in attr2data()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH ipset v2] Check setname length in session code before copying it
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft v5 1/3] src: add ct timeout support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH ipset v2] Check setname length in session code before copying it
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH nft] src: osf: load pf.os from expr_evaluate_osf()
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH ipset v2] Check setname length in session code before copying it
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH nft 3/4] src: tproxy: relax family restrictions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH ipset v2] Check setname length in session code before copying it
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [nft PATCH] parser_json: Fix crash in error reporting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] py: trivial: Fix typo in comment string
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 8/9] JSON: Make match op mandatory, introduce 'in' operator
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 0/9] JSON schema review
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft,libnftnl 0/2] rt ipsec support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_set_rbtree: add missing rb_erase() in GC routine
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH ipset] manpage: Add comment about matching on destination MAC address
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH nft 2/2] test: shell: Test cases for standard prios for flowtables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] test: shell: Test cases for standard chain prios
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] src: rt: add support to check if route will perform ipsec transformation
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnftnl 1/2] expr: rt: ipsec match support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft,libnftnl 0/2] rt ipsec support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] doc: Document implicit dependency creation for icmp/icmpv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests: py: Fix coloring of differences
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/2] ipset: Destination MAC match, consistent zero MAC checks
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH nf-next v2 2/3] netfilter: nf_tables: warn when expr implements only one of activate/deactivate
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH 8/9] JSON: Make match op mandatory, introduce 'in' operator
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH ipset] manpage: Add comment about matching on destination MAC address
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH ipset v2] Check setname length in session code before copying it
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nft 2/2] tests: build: run make on each ./configure option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] tests: build: run make distcheck from fresh clone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nft: Cache maintenance woes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH 0/2] tests/py: One enhancement and a fix
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/2] tests/py: Make nft-test.py a little more robust
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/2] tests/py: Check differing rule output for sanity
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] parser_json: Fix crash in error reporting
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] py: trivial: Fix typo in comment string
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 7/9] JSON: Rename mangle statement properties
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 8/9] JSON: Make match op mandatory, introduce 'in' operator
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 5/9] JSON: Review payload expression
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 3/9] JSON: Make meta statement/expression extensible
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/9] JSON schema review
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 9/9] JSON: Add metainfo object to all output
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 6/9] JSON: Rename (v)map expression properties
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/9] doc: Review libnftables-json.adoc
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/9] doc: Improve example in libnftables-json(5)
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 4/9] JSON: Review verdict statement and expression
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v2 0/4] Added support for per-file variable scopes and global variables
- From: David Fabian <david.fabian@xxxxxxxxx>
[PATCH nf-next 3/3] netfilter: nf_tables: asynchronous release
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/3] netfilter: nf_tables: warn when expr implements only one of activate/deactivate
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/3] netfilter: nf_tables: split set destruction in deactivate and destroy phase
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/3] netfilter: nf_tables: remove last synchronize_rcu from config path
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nft: Cache maintenance woes
- From: Phil Sutter <phil@xxxxxx>
Re: nft: Cache maintenance woes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nft: Cache maintenance woes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] tests: build: no need for root to run build tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2 2/2] netfilter: nf_tables: rework ct timeout set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: conntrack: place 'new' timeout in first location too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
nft: Cache maintenance woes
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft 4/4] src: tproxy: add json support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 3/4] src: tproxy: relax family restrictions
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/4] src: osf: add json support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/4] parser: avoid nf_key_proto redefinitions
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 0/4] add json support for tproxy and osf expressions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] json: Fix compile error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: rt: allow checking if dst has xfrm attached
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- From: Eric Westbrook <eric@xxxxxxxxxxxx>
[nft PATCH] json: Fix compile error
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v3] xtables: Fix for deleting rules with comment
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v2 0/4] Added support for per-file variable scopes and global variables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH v2] xtables: Fix for deleting rules with comment
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] xtables: Fix for deleting rules with comment
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] xtables: Fix for deleting rules with comment
- From: Jan Engelhardt <jengelh@xxxxxxx>
[iptables PATCH] xtables: Fix for deleting rules with comment
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v2 0/4] Added support for per-file variable scopes and global variables
- From: David Fabian <david.fabian@xxxxxxxxx>
Re: [PATCH ipset 1/4] Fix use-after-free in ipset_parse_name_compat()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH ipset 1/4] Fix use-after-free in ipset_parse_name_compat()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH ipset 1/4] Fix use-after-free in ipset_parse_name_compat()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: release chain in flushing set
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH ipset 1/4] Fix use-after-free in ipset_parse_name_compat()
- From: Sven-Haegar Koch <haegar@xxxxxxxxx>
Re: [PATCH nf] netfilter: kconfig: nat related expression depend on nftables core
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
[PATCH nf] netfilter: kconfig: nat related expression depend on nftables core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/2] ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH ipset 3/4] Check setname length in session code before copying it
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH ipset 4/4] Fix leak in build_argv() on line parsing error
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH ipset 2/4] Simplify return statement in ipset_mnl_query()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH ipset 1/4] Fix use-after-free in ipset_parse_name_compat()
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
RE: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: "Doug Smythies" <dsmythies@xxxxxxxxx>
RE: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: "Doug Smythies" <dsmythies@xxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 03/10] audit: log container info of syscalls
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
Re: [PATCH ghak90 (was ghak32) V4 02/10] audit: add container id
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
[PATCH nft 2/2] test: shell: Test cases for standard prios for flowtables
- From: Máté Eckl <ecklm94@xxxxxxxxx>
[PATCH nft 1/2] test: shell: Test cases for standard chain prios
- From: Máté Eckl <ecklm94@xxxxxxxxx>
Re: [PATCH 3/3 nft v4] src: osf: import nfnl_osf.c to load osf fingerprints
- From: Fernando Fernández Mancera <ffmancera@xxxxxxxxxx>
Re: mmotm 2018-08-23-17-26 uploaded (netfilter: undefined reference)
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
[nft PATCH] doc: Document implicit dependency creation for icmp/icmpv6
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] tests: py: Fix coloring of differences
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] src: honor /etc/services
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next v2 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
Re: [PATCH v2 nft] Standard prios: Make invalid prio error more specific
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 00/10] Some fixes and enhancements around ebtables-translate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nf] netfilter: xt_checksum: ignore gso skbs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/3 nft v4] files: osf: copy iptables/utils/pf.os into nftables tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf v2 2/2] netfilter: nf_tables: rework ct timeout set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 1/2] netfilter: conntrack: place 'new' timeout in first location too
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: Florian Westphal <fw@xxxxxxxxx>
RE: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: "Doug Smythies" <dsmythies@xxxxxxxxx>
Re: [PATCH] netfilter: xt_cluster: add dependency on conntrack module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: remove duplicated include from nf_conntrack_proto_udp.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next v2 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH 00/10] Some fixes and enhancements around ebtables-translate
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 06/10] extensions: libebt_mark: Drop mark_supplied check
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 03/10] ebtables: trivial: Leverage C99-style initializers a bit more
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 10/10] ip6tables-translate: Fix libip6t_mh.txlate test
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 08/10] xtables: Add missing deinitialization
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 07/10] ebtables: Review match/target lookup once more
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 01/10] extensions: AUDIT: Provide translation
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 02/10] xlate-test: Fix for calling wrong command name
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 05/10] xtables: Add a few missing exit calls
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 04/10] ebtables-translate: Fix segfault while parsing extension options
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 09/10] ebtables-translate: Fix for libebt_limit.txlate
- From: Phil Sutter <phil@xxxxxx>
Re: Helper for RTSP connection tracking/NAT?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Helper for RTSP connection tracking/NAT?
- From: Nicolas Boullis <nboullis@xxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: rework ct timeout set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: rework ct timeout set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v2 nft] Standard prios: Make invalid prio error more specific
- From: Máté Eckl <ecklm94@xxxxxxxxx>
[PATCH nft] Standard prios: Make invalid prio error more specific
- From: Máté Eckl <ecklm94@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: rework ct timeout set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: rework ct timeout set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf v2] netfilter: conntrack: reset tcp maxwin on re-register
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: Florian Westphal <fw@xxxxxxxxx>
RE: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: "Doug Smythies" <dsmythies@xxxxxxxxx>
RE: [PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: "Doug Smythies" <dsmythies@xxxxxxxxx>
Re: Helper for RTSP connection tracking/NAT?
- From: Nicolas Boullis <nboullis@xxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: rework ct timeout set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 3/3 nft v4] src: osf: import nfnl_osf.c to load osf fingerprints
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 2/3 nft v4] src: mnl: make nft_mnl_talk() public
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 1/3 nft v4] files: osf: copy iptables/utils/pf.os into nftables tree
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[nf-next v2 3/3] netfilter: using ip6tables as L2/L3/L4 classifier for SRv6
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
[nf-next v2 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
[nf-next v2 1/3] netfilter: export SRH processing functions from seg6local
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
Re: [PATCH v2 nf] netfilter: xt_checksum: ignore gso skbs
- From: Michal Kubecek <mkubecek@xxxxxxx>
Re: Helper for RTSP connection tracking/NAT?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Helper for RTSP connection tracking/NAT?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: xt_cluster: add dependency on conntrack module
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 nf] netfilter: xt_checksum: ignore gso skbs
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH ipset 4/4] Fix leak in build_argv() on line parsing error
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH ipset 3/4] Check setname length in session code before copying it
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH ipset 2/4] Simplify return statement in ipset_mnl_query()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH ipset 1/4] Fix use-after-free in ipset_parse_name_compat()
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH ipset 0/4] Fix issues reported by Covscan
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH] netfilter: xt_cluster: add dependency on conntrack module
- From: Martin Willi <martin@xxxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: xt_checksum: ignore gso skbs
- From: Michal Kubecek <mkubecek@xxxxxxx>
Re: [nf-next 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
[PATCH 3/3 nft v3] src: osf: import nfnl_osf.c to load osf fingerprints
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 2/3 nft v3] src: mnl: make nft_mnl_talk() public
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH 1/3 nft v3] files: osf: copy iptables/utils/pf.os into nftables tree
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Helper for RTSP connection tracking/NAT?
- From: Nicolas Boullis <nboullis@xxxxxxxxxx>
Re: [nf-next 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH] xtables: Use meta l4proto for -p match
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: conntrack: remove duplicated include from nf_conntrack_proto_udp.c
- From: Yue Haibing <yuehaibing@xxxxxxxxxx>
Re: [PATCH] xtables: Fix for segfault when registering hashlimit extension
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] xtables: Fix for segfault when registering hashlimit extension
- From: Heena Sirwani <heenasirwani@xxxxxxxxx>
Re: url filtering with netfiler
- From: Oleg <lego12239@xxxxxxxxx>
Re: url filtering with netfiler
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: url filtering with netfiler
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: ipset: export indexes via netlink
- From: Florent Fourcot <florent.fourcot@xxxxxxxxxx>
[iptables PATCH] xtables: Use meta l4proto for -p match
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] netfilter: xt_checksum: ignore gso skbs
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/2] ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: [PATCH v2] nft: Fix build failure in rule.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 00/15] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] nft: Fix build failure in rule.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH v2] nft: Fix build failure in rule.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH 1/2] ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 14/15] netfilter: nft_tproxy: Fix missing-braces warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/15] netfilter: nft_dynset: allow dynamic updates of non-anonymous set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/15] netfilter: uapi: fix linux/netfilter/nf_osf.h userspace compilation errors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/15] netfilter: nft_ct: make l3 protocol field optional for timeout object
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/15] netfilter: doc: Add nf_tables part in tproxy.txt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/15] netfilter: x_tables: do not fail xt_alloc_table_info too easilly
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/15] ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/15] netfilter: nf_tables: don't prevent event handler from device cleanup on netns exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/15] netfilter: conntrack: fix removal of conntrack entries when l4tracker is removed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/15] netfilter: nf_tables: fix register ordering
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/15] netfilter: fix memory leaks on netlink_dump_start error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/15] netfilter: nft_set: fix allocation size overflow in privsize callback.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/15] netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/15] ipvs: don't show negative times in ip_vs_conn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/15] jiffies: add utility function to calculate delta in ms
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/15] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/2] ipset: Make invalid MAC address checks consistent
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH 1/2] ipset: Allow matching on destination MAC address for mac and ipmac sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[PATCH 0/2] ipset: Destination MAC match, consistent zero MAC checks
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
[iptables PATCH] xtables: Fix for segfault in iptables-nft
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] nft: Fix build failure in rule.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH] nft: Fix build failure in rule.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: Add script to build PDF files
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] doc: Add script to build PDF files
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH] nft: Fix build failure in rule.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH nft] build: remove PDF documentation generation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
linux-next: manual merge of the ipvs tree with the netfilter tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: [iptables] extensions: add support for 'SEG6' target
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
Re: [nf-next 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
Re: [nf-next 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] build: remove PDF documentation generation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] ebtables: Fix entries count in chain listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] xtables: Make 'iptables -S nonexisting' return non-zero
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] ebtables: Fix for listing of non-existent chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] xtables: Fix for no output in iptables-nft -S
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 0/3] libxt vs libebt fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] doc: net: Add nf_tables part in tproxy.txt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nft_ct: make l3 protocol field optional for timeout object
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nft_tproxy: Fix missing-braces warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/3 nft v2] src: osf: import nfnl_osf.c to load osf fingerprints
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/3 nft v2] src: osf: import nfnl_osf.c to load osf fingerprints
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: fix memory leaks on netlink_dump_start error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nft_set: fix allocation size overflow in privsize callback.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nf] netfilter: conntrack: fix removal of conntrack entries when l4tracker is removed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 0/2] netfilter: nf_tables: fix register ordering
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter/x_tables: do not fail xt_alloc_table_info too easilly
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] ebtables: Fix entries count in chain listing
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] xtables: Make 'iptables -S nonexisting' return non-zero
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables] extensions: add support for 'SEG6' target
- From: Jan Engelhardt <jengelh@xxxxxxx>
[iptables] extensions: add support for 'SEG6' target
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
[nf-next 2/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
[nf-next 3/3] netfilter: using ip6tables as L2/L3/L4 classifier for SRv6
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
[nf-next 1/3] netfilter: export SRH processing functions from seg6local
- From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
Re: ebtables-nft: user-defined chain policies
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: ebtables-nft: user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
Re: linux-next: manual merge of the net-next tree with the netfilter tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/4] src: integrate stateful expressions into sets and maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/4] src: simplify map statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/4] rule: do not print elements in dynamically populated sets with `-s'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/4] statement: incorrect spacing in set reference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_dynset: allow dynamic updates of non-anonymous set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: linux-next: manual merge of the net-next tree with the netfilter tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: ebtables-nft: user-defined chain policies
- From: Florian Westphal <fw@xxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]