Linux TCP/IP Netfilter Devel

• Thread Index

• Re: [PATCH net v2] netfilter: drop outermost socket lock in getsockopt()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] parser_bison: restore nft {import,export} ruleset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] parser_bison: restore nft {import,export} ruleset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libnftnl] set_elem: nftnl_set_elems_parse() returns 0 if set is empty
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libnftnl] examples: nft-set-del: fix set deletion
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] parser_bison: restore nft {import,export} ruleset
  • From: Shyam Saini <mayhs11saini@xxxxxxxxx>
• Re: [PATCH] configure: Make missing docbook2man an error if man build requested
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] parser_bison: restore nft {import,export} ruleset
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: Overlapping IP networks no longer allowed?
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] tests: add test case for sets updated from packet path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Overlapping IP networks no longer allowed?
  • From: Mantas Mikulėnas <grawity@xxxxxxxxx>
• [PATCH nft] tests: add test case for sets updated from packet path
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net v3] netfilter: nat: cope with negative port range
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net v2] netfilter: nat: cope with negative port range
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net v2] netfilter: nat: cope with negative port range
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• [PATCH nft 3/6] src: add payload_dependency_exists()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 2/6] payload: add payload_dependency_release() helper function
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 6/6] netlink_delinearize: add meta_may_dependency_kill()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 4/6] src: get rid of __payload_dependency_kill()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 5/6] payload: add payload_may_dependency_kill()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 1/6] src: pass family to payload_dependency_kill()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 0/6] rework dependency removal (v2)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net v2] netfilter: nat: cope with negative port range
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [bisected] Forwarded packets occasionally has loopback output interface in Netfilter
  • From: "Anders K. Pedersen | Cohaesio" <akp@xxxxxxxxxxxx>
• Re: [PATCH net v2] netfilter: nat: cope with negative port range
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• Re: [PATCH net v2] netfilter: nat: cope with negative port range
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net v2] netfilter: nat: cope with negative port range
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• [PATCH net v2] netfilter: nat: cope with negative port range
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net] netfilter: nat: cope with negative port range
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net] netfilter: nat: cope with negative port range
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net] netfilter: nat: cope with negative port range
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• short question for you
  • From: "Peter Williams" <peter@xxxxxxxxxxxxx>
• Re: Apply "netfilter: nf_queue: Make the queue_handler pernet" to 4.4-stable
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• [PATCH] netfilter: ipt_ah: return boolean instead of integer
  • From: "Gustavo A. R. Silva" <garsilva@xxxxxxxxxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: David Fabian <david.fabian@xxxxxxx>
• divide error in nf_nat_l4proto_unique_tuple
  • From: syzbot <syzbot+8012e198bd037f4871e5@xxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH nf] netfilter: nf_nat: range size must be at least 1
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net v2] netfilter: x_tables: fix missing timer initialization in xt_LED
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• divide error in nf_nat_l4proto_unique_tuple
  • From: syzbot <syzbot+8012e198bd037f4871e5@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: x_tables: fix missing timer initialization in xt_LED
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• [PATCH net] netfilter: x_tables: fix missing timer initialization in xt_LED
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• kernel BUG at kernel/time/timer.c:LINE!
  • From: syzbot <syzbot+10c98dc5725c6c8fc7fb@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: How to retrieve original source address with FTP/NAT/TPROXY
  • From: Gregory Vander Schueren <gregory.vanderschueren@xxxxxxxxxxxx>
• Re: general protection fault in ipt_do_table
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• Re: general protection fault in ipt_do_table
  • From: Florian Westphal <fw@xxxxxxxxx>
• general protection fault in ipt_do_table
  • From: syzbot <syzbot+c914fd8c6a751c4fddbd@xxxxxxxxxxxxxxxxxxxxxxxxx>
• kernel BUG at kernel/time/timer.c:LINE!
  • From: syzbot <syzbot+10c98dc5725c6c8fc7fb@xxxxxxxxxxxxxxxxxxxxxxxxx>
• RE: [kbuild-all] [nf:master 1/9] arch/x86/tools/insn_decoder_test: warning: ffffffff817c07c3: 0f ff e9 ud0 %ecx, %ebp
  • From: "Li, Philip" <philip.li@xxxxxxxxx>
• [PATCH v2] .gitignore: ignore ASN.1 auto generated files
  • From: Zhu Lingshan <lszhu@xxxxxxxx>
• Re: [nf:master 1/9] arch/x86/tools/insn_decoder_test: warning: ffffffff817c07c3: 0f ff e9 ud0 %ecx,%ebp
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• Re: [PATCH] .gitignore: ignore ANS.1 auto generated files
  • From: Zhu Lingshan <lszhu@xxxxxxxx>
• [PATCH] netfilter: nf_conntrack_broadcast: remove useless parameter
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH] netfilter: xt_cluster: get rid of xt_cluster_ipv6_is_multicast
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH] netfilter: nfnetlink_acct: remove useless parameter
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH] .gitignore: ignore ANS.1 auto generated files
  • From: Zhu Lingshan <lszhu@xxxxxxxx>
• Apply "netfilter: nf_queue: Make the queue_handler pernet" to 4.4-stable
  • From: Eric Biggers <ebiggers3@xxxxxxxxx>
• [PATCH v2 nf 9/9] netfilter: x_tables: use pr ratelimiting in all remaining spots
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 8/9] netfilter: x_tables: use pr ratelimiting in matches/targets
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 7/9] netfilter: x_tables: rate-limit table mismatch warnings
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 6/9] netfilter: bridge: use pr ratelimiting
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 5/9] netfilter: xt_set: use pr ratelimiting
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 4/9] netfilter: xt_NFQUEUE: use pr ratelimiting
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 3/9] netfilter: xt_CT: use pr ratelimiting
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 2/9] netfilter: x_tables: use pr ratelimiting in xt core
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 1/9] netfilter: x_tables: remove pr_info where possible
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2 nf 0/9] netfilter: x_tables: use printk ratelimiting
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH] src: fix build with older glibc
  • From: Baruch Siach <baruch@xxxxxxxxxx>
• Re: [Patch net v2] ipt_CLUSTERIP: fix a refcount bug in clusterip_config_find_get()
  • From: Florian Westphal <fw@xxxxxxxxx>
• [Patch net v2] ipt_CLUSTERIP: fix a refcount bug in clusterip_config_find_get()
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• Re: [Patch net] ipt_CLUSTERIP: fix a refcount bug in clusterip_config_find_get()
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• Re: [Patch net] ipt_CLUSTERIP: fix a race condition of proc file creation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: How to retrieve original source address with FTP/NAT/TPROXY
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC 2/4] netlink: add generic object description infrastructure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: linux-next: Signed-off-by missing for commit in the netfilter tree
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net v2] netfilter: drop outermost socket lock in getsockopt()
  • From: Xin Long <lucien.xin@xxxxxxxxx>
• Re: [Patch net] ipt_CLUSTERIP: fix a race condition of proc file creation
  • From: Xin Long <lucien.xin@xxxxxxxxx>
• [PATCH net v2] netfilter: drop outermost socket lock in getsockopt()
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [PATCH net] netfilter: on setsockopt() acquire sock lock only in the required scope
  • From: Xin Long <lucien.xin@xxxxxxxxx>
• [PATCH net] netfilter: on setsockopt() acquire sock lock only in the required scope
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [Patch net] ipt_CLUSTERIP: fix a refcount bug in clusterip_config_find_get()
  • From: Florian Westphal <fw@xxxxxxxxx>
• [Patch net] ipt_CLUSTERIP: fix a refcount bug in clusterip_config_find_get()
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• [Patch net] ipt_CLUSTERIP: fix a race condition of proc file creation
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• Re: [PATCH RFC 2/4] netlink: add generic object description infrastructure
  • From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
• linux-next: Signed-off-by missing for commit in the netfilter tree
  • From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
• Re: [PATCH nf 7/7] netfilter: x_tables: use pr ratelimiting in all remaining spots
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf 7/7] netfilter: x_tables: use pr ratelimiting in all remaining spots
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf 2/7] netfilter: x_tables: prefer pr_debug where possible
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf 1/7] netfilter: x_tables: remove pr_info where possible
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 00/11] Netfilter fixes for net
  • From: David Miller <davem@xxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 06/11] netfilter: nft_flow_offload: no need to flush entries on module removal
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 07/11] netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 00/11] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 05/11] netfilter: nft_flow_offload: wait for garbage collector to run after cleanup
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 04/11] netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 01/11] netfilter: x_tables: make allocation less aggressive
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 08/11] netfilter: nft_flow_offload: move flowtable cleanup routines to nf_flow_table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 09/11] netfilter: nf_tables: fix flowtable free
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 02/11] netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 10/11] netfilter: remove useless prototype
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 11/11] netfilter: nf_flow_offload: fix use-after-free and a resource leak
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 03/11] netfilter: flowtable infrastructure depends on NETFILTER_INGRESS
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf 1/7] netfilter: x_tables: remove pr_info where possible
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf 2/7] netfilter: x_tables: prefer pr_debug where possible
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf 7/7] netfilter: x_tables: use pr ratelimiting in all remaining spots
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: CPU load on queued_spin_lock_slowpath
  • From: Tugrul Erdogan <h.tugrul.erdogan@xxxxxxxxx>
• Re: WARNING: proc registration bug in clusterip_tg_check
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• [PATCH nf 7/7] netfilter: x_tables: use pr ratelimiting in all remaining spots
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf 6/7] netfilter: x_tables: use pr ratelimiting
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf 5/7] netfilter: x_tables: rate-limit table mismatch warnings
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf 4/7] netfilter: x_tables: rate limit pr_err warnings
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf 3/7] netfilter: xt_CT: use pr ratelimiting
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf 2/7] netfilter: x_tables: prefer pr_debug where possible
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf 1/7] netfilter: x_tables: remove pr_info where possible
  • From: Florian Westphal <fw@xxxxxxxxx>
• netfilter: x_tables: ratelimit most printks
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf RFC] netfilter: x_tables: only allow jumps to user-defined chains
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf] netfilter: add back stackpointer size checks
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: WARNING: proc registration bug in clusterip_tg_check
  • From: Florian Westphal <fw@xxxxxxxxx>
• WARNING: proc registration bug in clusterip_tg_check
  • From: syzbot <syzbot+03218bcdba6aa76441a3@xxxxxxxxxxxxxxxxxxxxxxxxx>
• WARNING: proc registration bug in clusterip_tg_check
  • From: syzbot <syzbot+03218bcdba6aa76441a3@xxxxxxxxxxxxxxxxxxxxxxxxx>
• WARNING: proc registration bug in clusterip_tg_check
  • From: syzbot <syzbot+03218bcdba6aa76441a3@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH] netfilter: remove useless prototype
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_flow_offload: fix use-after-free and a resource leak
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: WARNING: proc registration bug in clusterip_tg_check
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• Re: WARNING: proc registration bug in clusterip_tg_check
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: WARNING: proc registration bug in clusterip_tg_check
  • From: syzbot <syzbot+@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [nft PATCH] Enable automerge feature for anonymous sets
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nft PATCH] Enable automerge feature for anonymous sets
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• [PATCH] configure: Make missing docbook2man an error if man build requested
  • From: Ville Skyttä <ville.skytta@xxxxxx>
• [PATCH] Spelling fixes
  • From: Ville Skyttä <ville.skytta@xxxxxx>
• [PATCH] netfilter: nf_flow_offload: fix use-after-free and a resource leak
  • From: Felix Fietkau <nbd@xxxxxxxx>
• Re: WARNING: proc registration bug in clusterip_tg_check
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: WARNING: proc registration bug in clusterip_tg_check
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• [PATCH] netfilter: remove useless prototype
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [nf:master 1/9] arch/x86/tools/insn_decoder_test: warning: ffffffff817c07c3: 0f ff e9 ud0 %ecx,%ebp
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• [PATCH RFC 3/4] netfilter: nfnetlink: add support for netlink descriptions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH RFC 2/4] netlink: add generic object description infrastructure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH RFC 1/4] netlink: add NLA_PAD definition
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH RFC 4/4] netfilter: nf_tables: add netlink description
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH RFC 0/4] Netlink bus descriptions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: shift by n bits while performing '--restore-mark'
  • From: Florian Westphal <fw@xxxxxxxxx>
• shift by n bits while performing '--restore-mark'
  • From: Jack Ma <Jack.Ma@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH] extensions: add tests for comp match options
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] extensions: add tests for comp match options
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH] Enable automerge feature for anonymous sets
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nft PATCH] Enable automerge feature for anonymous sets
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH] extensions: add tests for comp match options
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• How to retrieve original source address with FTP/NAT/TPROXY
  • From: Gregory Vander Schueren <gregory.vanderschueren@xxxxxxxxxxxx>
• WARNING: proc registration bug in clusterip_tg_check
  • From: syzbot <syzbot+03218bcdba6aa76441a3@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [Bug 1224] nft export json fails with successful return code
  • From: Phil Sutter <phil@xxxxxx>
• Re: [Bug 1224] nft export json fails with successful return code
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [Bug 1224] nft export json fails with successful return code
  • From: Phil Sutter <phil@xxxxxx>
• Re: [Patch net v2] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: CPU load on queued_spin_lock_slowpath
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• CPU load on queued_spin_lock_slowpath
  • From: Tugrul Erdogan <h.tugrul.erdogan@xxxxxxxxx>
• [nf:flow-offload-hw-v2 6/6] net/netfilter/nf_flow_table_inet.o:undefined reference to `nf_flow_table_init'
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• [nf:flow-offload-hw-v2 6/6] net/netfilter/nf_flow_table_inet.o:undefined reference to `nf_flow_table_init'
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• [PATCH nf 3/3] netfilter: nf_tables: fix flowtable free
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 2/3] netfilter: nft_flow_offload: move flowtable cleanup routines to nf_flow_table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 1/3] netfilter: nft_flow_offload: no need to flush entries on module removal
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: IPv6 Parameter problem with no ICMPv6 response ?
  • From: David McCullough <david.mccullough@xxxxxxxxxxxxxxx>
• Re: [Patch net v2] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• Re: [Patch net v2] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Florian Westphal <fw@xxxxxxxxx>
• [Patch net v2] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• proc_dir_entry 'ipt_CLUSTERIP/172.20.0.170' already registered (was syzkallzer)
  • From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
• [PATCH 1/2] netfilter: nf_tables: fix flowtable free
  • From: Felix Fietkau <nbd@xxxxxxxx>
• [PATCH 2/2] netfilter: nf_tables: fix flowtable resource leak
  • From: Felix Fietkau <nbd@xxxxxxxx>
• Re: KASAN: slab-out-of-bounds Read in clusterip_tg_check
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: IPv6 Parameter problem with no ICMPv6 response ?
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: IPv6 Parameter problem with no ICMPv6 response ?
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• IPv6 Parameter problem with no ICMPv6 response ?
  • From: David McCullough <david.mccullough@xxxxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [ANNOUNCE] nftables 0.8.2 release
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• [ANNOUNCE] iptables 1.6.2 release
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] netlink_delinearize: add assertion to prevent infinite loop
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Jan Engelhardt <jengelh@xxxxxxx>
• Re: [Patch net] xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Resurrecting "does nftables support string match?"
  • From: Rob Thomas <xrobau@xxxxxxxxx>
• Re: [Patch net] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [Patch net] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• Re: [PATCH 0/6] Netfilter fixes for net
  • From: David Miller <davem@xxxxxxxxxxxxx>
• [PATCH libnftnl] examples: do not call nftnl_batch_is_supported()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: possible deadlock in xt_find_target
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• Re: possible deadlock in xt_find_target
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH 1/6] netfilter: x_tables: fix int overflow in xt_alloc_table_info()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 4/6] netfilter: x_tables: fix pointer leaks to userspace
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 3/6] netfilter: ipset: Fix wraparound in hash:*net* types
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 2/6] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 5/6] netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 6/6] netfilter: on sockopt() acquire sock lock only in the required scope
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 0/6] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 2/2] netfilter: nft_flow_offload: no need to flush entries on module removal
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf 1/2] netfilter: nft_flow_offload: wait for garbage collector to run after cleanup
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• BUG: unable to handle kernel paging request in cgroup_mt_destroy_v1
  • From: syzbot <syzbot+eeed2602160e4cc17410@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [Patch net] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• [Patch net] xt_RATEEST: acquire xt_rateest_mutex for hash insert
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• [Patch net] xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
  • From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
• [PATCH nf] netfilter: flowtable infrastructure depends on NETFILTER_INGRESS
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: on sockopt() acquire sock lock only in the required scope
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: fix out-of-bounds accesses in clusterip_tg_check()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: fix pointer leaks to userspace
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH 1/1] Fix wraparound bug introduced in commit 48596a8ddc46
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• Re: [patch 1/1] net/netfilter/x_tables.c: make allocation less aggressive
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• Re: [patch 1/1] net/netfilter/x_tables.c: make allocation less aggressive
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• [patch 1/1] net/netfilter/x_tables.c: make allocation less aggressive
  • From: akpm@xxxxxxxxxxxxxxxxxxxx
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
• [PATCH net] netfilter: on sockopt() acquire sock lock only in the required scope
  • From: Paolo Abeni <pabeni@xxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• [PATCH] netfilter: fix out-of-bounds accesses in clusterip_tg_check()
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• [PATCH v2] extensions: libipt_DNAT: support shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• [PATCH v4] netfilter : add NAT support for shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: David Fabian <david.fabian@xxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: David Fabian <david.fabian@xxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• Re: possible deadlock in xt_find_revision
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: possible deadlock in xt_find_table_lock
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: "Kirill A. Shutemov" <kirill@xxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH v2] src: parse new handle attribute for tables
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: "Kirill A. Shutemov" <kirill@xxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Michal Hocko <mhocko@xxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Jan Engelhardt <jengelh@xxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Florian Westphal <fw@xxxxxxxxx>
• KASAN: use-after-free Write in xt_rateest_tg_checkentry
  • From: syzbot <syzbot+5cb189720978275e4c75@xxxxxxxxxxxxxxxxxxxxxxxxx>
• KASAN: use-after-free Write in xt_rateest_put
  • From: syzbot <syzbot+551ff4604e832588433e@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [Iptables PATCH] extensions: Rename 'flow table' keyword to meter
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] netfilter: fix pointer leaks to userspace
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• Re: [PATCH nf-next,RFC v4] netfilter: nf_flow_table: add hardware offload support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: "Kirill A. Shutemov" <kirill@xxxxxxxxxxxxx>
• Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: kernel panic: Out of memory and no killable processes... (2)
  • From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
• Re: general protection fault in ip6t_do_table
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: possible deadlock in do_ip_getsockopt
  • From: Florian Westphal <fw@xxxxxxxxx>
• INFO: trying to register non-static key in del_timer_sync
  • From: syzbot <syzbot+3659f05802671eb8af9c@xxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH net] netfilter: xt_recent: do not accept / in table name
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• KASAN: slab-out-of-bounds Read in clusterip_tg_check
  • From: syzbot <syzbot+7afeeb8e62e4716de370@xxxxxxxxxxxxxxxxxxxxxxxxx>
• general protection fault in cgroup_mt_destroy_v1
  • From: syzbot <syzbot+4fbcfcc0d2e6592bd641@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• [PATCH net] netfilter: xt_hashlimit: do not allow empty names
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• general protection fault in ip6t_do_table
  • From: syzbot <syzbot+e783f671527912cd9403@xxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH iptables] policy: add nft translation for simple policy none/strict use case
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH iptables] tests: xlate-test: no need to require superuser privileges
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf-next] netfilter: Add support for inner IPv6 packet match
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
• [Iptables PATCH] extensions: Rename 'flow table' keyword to meter
  • From: shyam saini <mayhs11saini@xxxxxxxxx>
• Re: [PATCH nft] doc: dup and fwd statements
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] doc: dup and fwd statements
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nf-next,RFC v4] netfilter: nf_flow_table: add hardware offload support
  • From: Jakub Kicinski <kubakici@xxxxx>
• Re: conntrack enhancement
  • From: Jack Ma <Jack.Ma@xxxxxxxxxxxxxxxxxxx>
• Re: [nf-next] netfilter: Add support for inner IPv6 packet match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH] tests/shell: Add back named_interval_automerging_0
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2] tests: shell: fetch rule handle with '-a' option and then delete rule
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] configure: Remove macro AC_CHECK_FUNCS
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] tests: build: Add enable man page option.
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] update gitignore
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [conntrack-tools PATCH v2] conntrackd.conf.5: fix sentence about systemd
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] configure: Remove macro AC_CHECK_FUNCS
  • From: Varsha Rao <rvarsha016@xxxxxxxxx>
• [PATCH nft] tests: build: Add enable man page option.
  • From: Varsha Rao <rvarsha016@xxxxxxxxx>
• Re: [PATCH v2 net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next,RFC v4] netfilter: nf_flow_table: add hardware offload support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2 net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
  • From: Florian Westphal <fw@xxxxxxxxx>
• [conntrack-tools PATCH v2] conntrackd.conf.5: fix sentence about systemd
  • From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
• [conntrack-tools PATCH] conntrackd.conf.5: fix typo, duplicated systemd word in the sentence
  • From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
• Re: conntrack enhancement
  • From: Jack Ma <Jack.Ma@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH nf-next,RFC v4] netfilter: nf_flow_table: add hardware offload support
  • From: Jakub Kicinski <kubakici@xxxxx>
• [PATCH v2 net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next,RFC v4] netfilter: nf_flow_table: add hardware offload support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()
  • From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: Add extra bits for object handles
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] update gitignore
  • From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
• Re: [PATCH] build: do install libipset/args.h
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• [PATCH] doc/nft.xml: Add deletion for objects via handles
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH v2] tests: shell: fetch rule handle with '-a' option and then delete rule
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH] netfilter: nf_tables: Add extra bits for object handles
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [PATCH] tests: shell: fetch rule handle with '-a' option and then delete
  • From: "Dmitry V. Levin" <ldv@xxxxxxxxxxxx>
• [PATCH] tests: shell: fetch rule handle with '-a' option and then delete
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: David Fabian <david.fabian@xxxxxxx>
• [PATCH nft 4/6] src: flow offload support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 6/6] doc: nft: document flowtable
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 2/6] src: add support to add flowtables
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 5/6] tests: shell: add flowtable tests
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 3/6] src: delete flowtable
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft 1/6] src: support for flowtable listing
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• iptables-save - suggest patch to add functionality
  • From: Alban Vidal <alban.vidal@xxxxxxxxxx>
• [PATCH libnftnl 1/2] src: add flowtable support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH libnftnl 2/2] expr: add flow offload expression
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: question about UNDEFINE/REDEFINE
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: conntrack enhancement
  • From: Jack Ma <Jack.Ma@xxxxxxxxxxxxxxxxxxx>
• [PATCH] build: do install libipset/args.h
  • From: Jan Engelhardt <jengelh@xxxxxxx>
• Re: [bisected] Forwarded packets occasionally has loopback output interface in Netfilter
  • From: "Anders K. Pedersen | Cohaesio" <akp@xxxxxxxxxxxx>
• question about UNDEFINE/REDEFINE
  • From: David Fabian <david.fabian@xxxxxxx>
• [PATCH nft,RFC] src: add 'auto-merge' option to sets
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2] extensions: libxt_hashlimit: Do not print default timeout and burst
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [PATCH v2] extensions: libxt_hashlimit: Do not print default timeout and burst
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Re: [PATCH 00/32] Netfilter/IPVS updates for net-next
  • From: David Miller <davem@xxxxxxxxxxxxx>
• Re: Error: interval overlaps with previous one (with previously valid configuration)
  • From: Jeff <jmk@xxxxxxxxxx>
• Re: Error: interval overlaps with previous one (with previously valid configuration)
  • From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
• [nft PATCH] tests/shell: Add back named_interval_automerging_0
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH v2] extensions: libxt_hashlimit: Do not print default timeout and burst
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] Revert ("src: Remove xt_stmt_() functions").
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2] extensions: libxt_hashlimit: Do not print default timeout and burst
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: Error: interval overlaps with previous one (with previously valid configuration)
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2] extensions: libxt_hashlimit: Do not print default timeout and burst
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• Error: interval overlaps with previous one (with previously valid configuration)
  • From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
• [nf-next:master 27/32] net/netfilter/nf_tables_api.c:4331:19: sparse: symbol 'nf_tables_obj_lookup_byhandle' was not declared. Should it be static?
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• [RFC PATCH nf-next] netfilter: nf_tables: nf_tables_obj_lookup_byhandle() can be static
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• [PATCH 11/32] netfilter: remove duplicated include
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 31/32] netfilter: nf_tables: set flowtable priority and hooknum field
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 26/32] netfilter: nf_nat_snmp_basic: use asn1 decoder library
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 15/32] netfilter: clusterip: make sure arp hooks are available
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 12/32] netfilter: core: return EBUSY in case NAT hook is already in use
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 14/32] netfilter: improve flow table Kconfig dependencies
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 13/32] netfilter: add IPv6 segment routing header 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 29/32] netfilter: nf_tables: Fix trailing semicolon
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 30/32] netfilter: delete /proc THIS_MODULE references
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 32/32] netfilter: remove messages print and boot/module load time
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 23/32] netfilter: nf_nat_snmp_basic: remove debug parameter
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 22/32] netfilter: nf_nat_snmp_basic: remove useless comment
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 28/32] netfilter: return booleans instead of integers
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 16/32] netfilter: nf_defrag: Skip defrag if NOTRACK is set
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 27/32] netfilter: nf_tables: allocate handle and delete objects via handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 25/32] netfilter: nf_nat_snmp_basic: use nf_ct_helper_log
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 18/32] netfilter: x_tables: don't return garbage pointer on modprobe failure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 20/32] netfilter: nf_defrag: mark xt_table structures 'const' again
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 17/32] netfilter: nf_tables: flow_offload depends on flow_table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 24/32] netfilter: nf_nat_snmp_basic: replace ctinfo with dir.
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 21/32] netfilter: nf_defrag: move NF_CONNTRACK bits into #ifdef
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 19/32] netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 09/32] netfilter: nf_tables: fix a typo in nf_tables_getflowtable()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 10/32] netfilter: core: make local function __nf_unregister_net_hook static
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 07/32] netfilter: nf_tables: get rid of struct nft_af_info abstraction
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 06/32] netfilter: nf_tables: get rid of pernet families
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 08/32] netfilter: x_tables: unbreak module auto loading
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 05/32] netfilter: nf_tables: add single table list for all families
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 01/32] netfilter: nf_tables: remove nhooks field from struct nft_af_info
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 04/32] netfilter: nf_tables: remove struct nft_af_info parameter in nf_tables_chain_type_lookup()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 03/32] netfilter: nf_tables: no need for struct nft_af_info to enable/disable table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 02/32] netfilter: nf_tables: remove flag field from struct nft_af_info
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 00/32] Netfilter/IPVS updates for net-next
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: remove messages print and boot/module load time
  • From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: remove messages print and boot/module load time
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• Re: [PATCH v2] netfilter: delete /proc THIS_MODULE references
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: Fix trailing semicolon
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: remove messages print and boot/module load time
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] netfilter: return booleans instead of integers
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH V5 0/5] netfilter: nf_nat_snmp_basic: use ASN.1 decoder
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH] doc/nft.xml: mention nftables earlier
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: remove messages print and boot/module load time
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: nf_tables: allocate handle and delete objects via handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nft PATCH] doc/nft.xml: mention nftables earlier
  • From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
• Re: [Iptables PATCH] extensions: Add test for cluster nft translation
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] tests: build: Add README.
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH] Eliminate forgotten traces of libnftables exporting
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft] configure: Remove AC_HEADER_STDBOOL, AC_C_ and AC_TYPE_ macros
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: nf_tables: set flowtable priority and hooknum field
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: nf_tables: allocate flowtable handle and delete flowtable via handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] configure: Remove AC_HEADER_STDBOOL, AC_C_ and AC_TYPE_ macros
  • From: Varsha Rao <rvarsha016@xxxxxxxxx>
• [PATCH] netfilter: return booleans instead of integers
  • From: "Gustavo A. R. Silva" <garsilva@xxxxxxxxxxxxxx>
• [PATCH] tests/shell: add tests for deletion of objects via object handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH v2] src: print 'handle' attribute in tables
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH] netfilter: nf_tables: allocate obj handle and delete obj via obj handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH] src: extend nft to list object handle and delete objects via handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH] src: parse new handle attribute for objects
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [nf-next] netfilter: Add support for inner IPv6 packet match
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [iptables] extensions: add support for inner IPv6 packet 'inner6' match
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• Re: [RFC PATCH nft V6 1/2] src: Add import command for low level json
  • From: Shyam Saini <mayhs11saini@xxxxxxxxx>
• Re: [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] tests: build: Add README.
  • From: Varsha Rao <rvarsha016@xxxxxxxxx>
• Re: [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH v3] netfilter : add NAT support for shifted portmap ranges
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v3] netfilter : add NAT support for shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• Re: [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH nft V5 2/2] tests: shell: Add tests for low level json import
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [RFC PATCH nft V6 1/2] src: Add import command for low level json
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nft PATCH RFC] libnftables: Implement JSON output support
  • From: Phil Sutter <phil@xxxxxx>
• Re: [ebtables PATCH] Fix locking if LOCKDIR does not exist
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v3] netfilter : add NAT support for shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• [nft PATCH 0/2] Allow to disable man page output
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 2/2] configure: Allow to disable man page building
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH 1/2] configure: Fix help text regarding --enable-debug
  • From: Phil Sutter <phil@xxxxxx>
• [Iptables PATCH] extensions: Add test for cluster nft translation
  • From: Shyam Saini <mayhs11saini@xxxxxxxxx>
• [nft PATCH] Eliminate forgotten traces of libnftables exporting
  • From: Phil Sutter <phil@xxxxxx>
• Re: [ANNOUNCE] nftables 0.8.1 release
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nft v2] tests: Add test for compile options.
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• Re: [ANNOUNCE] nftables 0.8.1 release
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] netfilter: nf_tables: Fix trailing semicolon
  • From: Luis de Bethencourt <luisbg@xxxxxxxxxx>
• Re: [ANNOUNCE] nftables 0.8.1 release
  • From: Jan Engelhardt <jengelh@xxxxxxx>
• Re: [PATCH v3] netfilter : add NAT support for shifted portmap ranges
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: conntrack enhancement
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [ANNOUNCE] nftables 0.8.1 release
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] extensions : multiple to-dst/to-src arguments for ip6t_DNAT/SNAT not reported
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• Re: [PATCH v2] netfilter: delete /proc THIS_MODULE references
  • From: Simon Horman <horms@xxxxxxxxxxxx>
• Re: [Iptables Patch V3] extensions: libxt_cluster: Add translation to nft
  • From: Shyam Saini <mayhs11saini@xxxxxxxxx>
• [PATCH nft v2] tests: Add test for compile options.
  • From: Varsha Rao <rvarsha016@xxxxxxxxx>
• conntrack enhancement
  • From: Jack Ma <Jack.Ma@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2] extensions: libxt_hashlimit: Do not print default timeout and burst
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [Iptables Patch V3] extensions: libxt_cluster: Add translation to nft
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: don't return garbage pointer on modprobe failure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: flow_offload depends on flow_table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next 1/2] netfilter: nf_defrag: mark xt_table structures 'const' again
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next 2/2] netfilter: nf_defrag: move NF_CONNTRACK bits into #ifdef
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next v2] netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v2] netfilter: delete /proc THIS_MODULE references
  • From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
• Re: [PATCH] netfilter: delete /proc THIS_MODULE references
  • From: Julian Anastasov <ja@xxxxxx>
• [PATCH net-next 1/2] netfilter: nf_defrag: mark xt_table structures 'const' again
  • From: Arnd Bergmann <arnd@xxxxxxxx>
• [PATCH net-next 2/2] netfilter: nf_defrag: move NF_CONNTRACK bits into #ifdef
  • From: Arnd Bergmann <arnd@xxxxxxxx>
• [ebtables PATCH] Fix locking if LOCKDIR does not exist
  • From: Phil Sutter <phil@xxxxxx>
• Re: A bug in commit: Use flock() for --concurrent option
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH RFC nft] src: ct: add connection counting support
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v3] netfilter : add NAT support for shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• [PATCH] tests/shell: add tests for deletion of sets via set handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [PATCH RFC nft] src: ct: add connection counting support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC nft] src: ct: add connection counting support
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH nft] netlink_linearize: exthdr op must be u32
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC nft] src: ct: add connection counting support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH RFC nft] src: ct: add connection counting support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nf-next 1/3] netfilter: export SRH processing functions from seg6local
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [nf-next 2/3] netfilter: add an option to control iptables SEG6 target support
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [nf-next 3/3] netfilter: Add support for IPv6 segment routing 'SEG6' target
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [iptables 2/2] extensions: add some test cases for 'SEG6' target
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [iptables 1/2] extensions: add support for 'SEG6' target
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [Iptables Patch V3] extensions: libxt_cluster: Add translation to nft
  • From: Shyam Saini <mayhs11saini@xxxxxxxxx>
• Re: [PATCH v2] extensions: libxt_hashlimit: Do not print default timeout and burst
  • From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
• [PATCH] tests/shell: add tests for deletion of chains via chain handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH] netfilter: nf_tables: allocate set handle and delete sets via set handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [PATCH] src: extend nft to list set handle and delete set via set handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] src: parse new handle attribute for sets
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH] src: extend nft to list set handle and delete set via set handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH nft] tests: Add test for compile options.
  • From: Varsha Rao <rvarsha016@xxxxxxxxx>
• [PATCH nft] tests: shell: Modify ipv6_maps_ipv4_0 file permission.
  • From: Varsha Rao <rvarsha016@xxxxxxxxx>
• [PATCH] netfilter: delete /proc THIS_MODULE references
  • From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
• [PATCH nf-next] netfilter: don't return garbage pointer on modprobe failure
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH net-next v2] netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• general protection fault in get_info
  • From: syzbot <syzbot+980925dbfbc7f93bc2ef@xxxxxxxxxxxxxxxxxxxxxxxxx>
• [ulog2] Plugin ulogd_filter_HTTPSNIFF proposal
  • From: Jean Weisbuch <jean@xxxxxxxxxx>
• [PATCH] netfilter: nf_tables: flow_offload depends on flow_table
  • From: Arnd Bergmann <arnd@xxxxxxxx>
• [PATCH v3] netfilter : add NAT support for shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• [PATCH RFC nft] src: ct: add connection counting support
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v2] netfilter : add NAT support for shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• [PATCH 1/1] Fix wraparound bug introduced in commit 48596a8ddc46
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• [PATCH 0/1] ipset patch for the nf tree
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• A bug in commit: Use flock() for --concurrent option
  • From: "Tangchen (UVP)" <tang.chen@xxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: ipv6: nf_defrag: Always pass on packets to stack
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: ipv6: nf_defrag: Always pass on packets to stack
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [nf-next:master 16/16] net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:68:9: error: 'struct sk_buff' has no member named '_nfct'
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: ipv6: nf_defrag: Always pass on packets to stack
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: nf_defrag: Fix compiler errors
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• [nf-next:master 16/16] net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:68:9: error: 'struct sk_buff' has no member named '_nfct'
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• [nf-next:master 16/16] WARNING: vmlinux.o(.data+0x1911f0): Section mismatch in reference from the variable packet_raw to the function .init.text:iptable_raw_table_init()
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• Re: [iptables v2] extensions: add support for 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2] netfilter : add NAT support for shifted portmap ranges
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v2] netfilter : add NAT support for shifted portmap ranges
  • From: Thierry Du Tre <thierry@xxxxxxxxxxxx>
• Re: [bisected] Forwarded packets occasionally has loopback output interface in Netfilter
  • From: Wei Wang <weiwan@xxxxxxxxxx>
• Re: [bisected] Forwarded packets occasionally has loopback output interface in Netfilter
  • From: "Anders K. Pedersen | Cohaesio" <akp@xxxxxxxxxxxx>
• [iptables v2] extensions: add support for 'srh' match
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [PATCH nft 5/5] tests: add test cases for vmap binop transfer
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 4/5] src: evaluate: add binop transfer support for vmaps
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 3/5] evaluate: handle binop adjustment recursively
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 2/5] src: netlink_delinearize: don't assume element contains a value
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft 1/5] src: segtree: use value expression length
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nft] netlink_linearize: exthdr op must be u32
  • From: Florian Westphal <fw@xxxxxxxxx>
• [nftables] vmap and bit-sized headers
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH v2] netfilter: nf_tables: delete table via table handle
  • From: kbuild test robot <lkp@xxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: fix odd_ptr_err.cocci warnings
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] netfilter: nf_tables: fix odd_ptr_err.cocci warnings
  • From: Julia Lawall <julia.lawall@xxxxxxx>
• Re: [PATCH v2] netfilter: nf_tables: delete table via table handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2] netfilter: nf_tables: delete table via table handle
  • From: kbuild test robot <lkp@xxxxxxxxx>
• Re: [iptables] extensions: add support for 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next v4] netfilter: nf_defrag: Skip defrag if NOTRACK is set
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: clusterip: make sure arp hooks are available
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH v2] Don't merge adjacent/overlapping ranges
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [iptables] extensions: add support for 'srh' match
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• [PATCH nf-next] netfilter: clusterip: make sure arp hooks are available
  • From: Florian Westphal <fw@xxxxxxxxx>
• [PATCH nf-next v4] netfilter: nf_defrag: Skip defrag if NOTRACK is set
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• [nft PATCH v2] Don't merge adjacent/overlapping ranges
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH net-next] netfilter: improve flow table Kconfig dependencies
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next] netfilter: improve flow table Kconfig dependencies
  • From: Arnd Bergmann <arnd@xxxxxxxx>
• Re: [PATCH 0/2] parser_bison: delete chains via chain handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] parser_bison: delete chains via chain handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [iptables] extensions: add support for 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [net-next v2] netfilter: add segment routing header 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: core: return EBUSY in case NAT hook is already in use
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• RE: [PATCH net-next] netfilter: nf_flow_table: remove duplicated include from nf_flow_table_ipv6.c
  • From: "weiyongjun (A)" <weiyongjun1@xxxxxxxxxx>
• Re: [nft PATCH] src/Makefile: Restore per object CFLAGS
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: copy and paste bug in nf_tables_getflowtable()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next] netfilter: nf_flow_table: remove duplicated include from nf_flow_table_ipv6.c
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next] netfilter: nf_queue: remove duplicated include from nf_queue.c
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH] Don't merge adjacent/overlapping ranges by default
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: x_tables: unbreak module auto loading
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next] netfilter: core: make local function __nf_unregister_net_hook static
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH net-next] netfilter: nf_tables: fix a typo in nf_tables_getflowtable()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH net-next] netfilter: nf_flow_table: remove duplicated include from nf_flow_table_ipv6.c
  • From: Wei Yongjun <weiyongjun1@xxxxxxxxxx>
• [PATCH net-next] netfilter: nf_queue: remove duplicated include from nf_queue.c
  • From: Wei Yongjun <weiyongjun1@xxxxxxxxxx>
• Re: [nft PATCH] Don't merge adjacent/overlapping ranges by default
  • From: Phil Sutter <phil@xxxxxx>
• [nft PATCH] src/Makefile: Restore per object CFLAGS
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nft PATCH] Don't merge adjacent/overlapping ranges by default
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [nft PATCH] Don't merge adjacent/overlapping ranges by default
  • From: Phil Sutter <phil@xxxxxx>
• Re: [nft PATCH] Don't merge adjacent/overlapping ranges by default
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [nft PATCH] Don't merge adjacent/overlapping ranges by default
  • From: Phil Sutter <phil@xxxxxx>
• Re: libnftables extended API proposal
  • From: Phil Sutter <phil@xxxxxx>
• [PATCH] netfilter: nf_tables: copy and paste bug in nf_tables_getflowtable()
  • From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
• [PATCH net-next] netfilter: core: make local function __nf_unregister_net_hook static
  • From: Wei Yongjun <weiyongjun1@xxxxxxxxxx>
• [PATCH net-next] netfilter: nf_tables: fix a typo in nf_tables_getflowtable()
  • From: Wei Yongjun <weiyongjun1@xxxxxxxxxx>
• Re: libnftables extended API proposal
  • From: mark diener <rpzrpzrpz@xxxxxxxxx>
• Re: libnftables extended API proposal
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] netfilter: nf_tables: delete chains via chain handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH 2/2] parser_bison: extend nft to delete chain via chain handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH 1/2] src: Print handle attribute in chains
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH 0/2] parser_bison: delete chains via chain handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH nf-next 7/7] netfilter: nf_tables: get rid of struct nft_af_info abstraction
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 5/7] netfilter: nf_tables: add single table list for all families
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 1/7] netfilter: nf_tables: remove nhooks field from struct nft_af_info
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 6/7] netfilter: nf_tables: get rid of pernet families
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 3/7] netfilter: nf_tables: no need for struct nft_af_info to enable/disable table
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 4/7] netfilter: nf_tables: remove struct nft_af_info parameter in nf_tables_chain_type_lookup()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 2/7] netfilter: nf_tables: remove flag field from struct nft_af_info
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next 0/7] nf_tables: remove struct nft_af_info
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH 00/52] Netfilter/IPVS updates for net-next
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nft] build: Bump version to v0.8.1
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH nf-next] netfilter: x_tables: unbreak module auto loading
  • From: Florian Westphal <fw@xxxxxxxxx>
• compilation warning --with-mini-gmp
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v3] netfilter: nf_tables: delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [PATCH nf-next v3] netfilter: nf_defrag: Skip defrag if NOTRACK is set
  • From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
• Re: [PATCH 00/52] Netfilter/IPVS updates for net-next
  • From: David Miller <davem@xxxxxxxxxxxxx>
• [PATCH 01/52] netfilter: conntrack: remove nlattr_size pointer from l4proto trackers
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 03/52] netfilter: conntrack: l4 protocol trackers can be const
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 00/52] Netfilter/IPVS updates for net-next
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 02/52] netfilter: conntrack: constify list of builtin trackers
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 06/52] netfilter: ipvs: Remove useless ipvsh param of frag_safe_skb_hp
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 04/52] netfilter: mark expected switch fall-throughs
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 05/52] netfilter: conntrack: timeouts can be const
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 09/52] netfilter: nf_conntrack_h323: Remove unwanted comments.
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 12/52] netfilter: core: free hooks with call_rcu
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 11/52] netfilter: core: remove synchronize_net call if nfqueue is used
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 10/52] netfilter: core: make nf_unregister_net_hooks simple wrapper again
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 13/52] netfilter: reduce size of hook entry point locations
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 08/52] netfilter: ipset: add resched points during set listing
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 14/52] netfilter: add defines for arp/decnet max hooks
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 18/52] netfilter: reduce NF_MAX_HOOKS define
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 16/52] netfilter: don't allocate space for decnet hooks unless needed
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 19/52] netfilter: xtables: add and use xt_request_find_table_lock
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 22/52] netfilter: nf_tables_arp: don't set forward chain
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 21/52] netfilter: nf_tables: reject nat hook registration if prio is before conntrack
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 20/52] netfilter: core: only allow one nat hook per hook point
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 15/52] netfilter: reduce hook array sizes to what is needed
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 25/52] netfilter: core: add nf_remove_net_hook
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 17/52] netfilter: don't allocate space for arp/bridge hooks unless needed
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 23/52] netfilter: nf_tables: explicit nft_set_pktinfo() call from hook path
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 26/52] netfilter: core: pass hook number, family and device to nf_find_hook_list()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 27/52] netfilter: core: pass family as parameter to nf_remove_net_hook()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 28/52] netfilter: core: support for NFPROTO_INET hook registration
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 29/52] netfilter: nf_tables_inet: don't use multihook infrastructure anymore
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 24/52] netfilter: nf_tables: add nft_set_is_anonymous() helper
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 33/52] netfilter: move checksum indirection to struct nf_ipv6_ops
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 30/52] netfilter: nf_tables: remove multihook chains and families
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 34/52] netfilter: move checksum_partial indirection to struct nf_ipv6_ops
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 35/52] netfilter: remove saveroute indirection in struct nf_afinfo
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 31/52] netfilter: nf_tables: remove hooks from family definition
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 36/52] netfilter: move route indirection to struct nf_ipv6_ops
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 32/52] netfilter: connlimit: split xt_connlimit into front and backend
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 41/52] netfilter: remove defensive check on malformed packets from raw sockets
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 42/52] netfilter: nf_tables: remove nft_dereference()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 43/52] netfilter: nf_conntrack: add IPS_OFFLOAD status bit
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 39/52] netfilter: remove struct nf_afinfo and its helper functions
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 40/52] netfilter: meta: secpath support
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 47/52] netfilter: flow table support for IPv6
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 45/52] netfilter: add generic flow table infrastructure
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 37/52] netfilter: move reroute indirection to struct nf_ipv6_ops
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 48/52] netfilter: flow table support for the mixed IPv4/IPv6 family
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 51/52] netfilter: ipset: Fix "don't update counters" mode when counters used at the matching
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 52/52] netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 46/52] netfilter: flow table support for IPv4
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 50/52] netfilter: ipset: use swap macro instead of _manually_ swapping values
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 49/52] netfilter: nf_tables: flow offload expression
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 44/52] netfilter: nf_tables: add flow table netlink frontend
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 38/52] netfilter: remove route_key_size field in struct nf_afinfo
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 07/52] netfilter: ipset: use nfnl_mutex_is_locked
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH v2] netfilter: nf_tables: delete table via table handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH v2] netfilter: nf_tables: delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH v3] parser_bison: extend nft to delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [PATCH 0/3] ipset patches for nf-next
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next] netfilter: avoid arp/bridge WARN_ON if arp/ebtables not supported
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [net-next v2] netfilter: add segment routing header 'srh' match
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [net-next v2] netfilter: add segment routing header 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH nf-next v3] netfilter: nf_defrag: Skip defrag if NOTRACK is set
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [RFC PATCH] netfilter: nf_nat_snmp_basic: snmp_version() can be static
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH V5 5/5] netfilter: nf_nat_snmp_basic: use asn1 decoder library
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH V5 4/5] netfilter: nf_nat_snmp_basic: use nf_ct_helper_log
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH V5 3/5] netfilter: nf_nat_snmp_basic: replace ctinfo with dir.
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH V5 2/5] netfilter: nf_nat_snmp_basic: remove debug parameter
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH V5 1/5] netfilter: nf_nat_snmp_basic: remove useless comment
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [PATCH V5 0/5] netfilter: nf_nat_snmp_basic: use ASN.1 decoder
  • From: Taehee Yoo <ap420073@xxxxxxxxx>
• [RFC PATCH nf-next] netfilter: nf_tables: nft_flow_offload_type can be static
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• [PATCH nf-next] netfilter: avoid arp/bridge WARN_ON if arp/ebtables not supported
  • From: Florian Westphal <fw@xxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Rebasing nf-next
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH V5 5/5] netfilter: nf_nat_snmp_basic: use asn1 decoder library
  • From: kbuild test robot <lkp@xxxxxxxxx>
• [nf-next:master 54/54] net//netfilter/nf_flow_table.c:196:6: error: void value not ignored as it ought to be
  • From: kbuild test robot <fengguang.wu@xxxxxxxxx>
• Re: [net-next v2] netfilter: add segment routing header 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [net-next] netfilter: add segment routing header 'srh' match
  • From: Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH v2] parser_bison: extend nft to delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• Re: [net-next] netfilter: add segment routing header 'srh' match
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] parser_bison: extend nft to delete table via table handle
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• Re: [PATCH] netfilter: fix int overflow in xt_alloc_table_info()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH] netfilter: nf_tables: delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [PATCH] parser_bison: extend nft to delete table via table handle
  • From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
• [ANNOUNCE] ipset 6.35 released
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• [PATCH 3/3] netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit()
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• [PATCH 2/3] netfilter: ipset: Fix "don't update counters" mode when counters used at the matching
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• [PATCH 1/3] netfilter: ipset: use swap macro instead of _manually_ swapping values
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• [PATCH 0/3] ipset patches for nf-next
  • From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
• Re: [PATCH] netfilter: fix int overflow in xt_alloc_table_info()
  • From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
• [PATCH] iptables: add support for rmirror target
  • From: Colin Zeidler <czeidler@xxxxxxxxxxxxxxxxxx>
• [PATCH] netfilter: add encapsulated packet mirroring target
  • From: Colin Zeidler <czeidler@xxxxxxxxxxxxxxxxxx>
• Re: libnftables extended API proposal
  • From: Phil Sutter <phil@xxxxxx>
• Re: [PATCH 0/3] Netfilter fixes for net
  • From: David Miller <davem@xxxxxxxxxxxxx>
• [PATCH 1/3] netfilter: nf_tables: fix chain filter in nf_tables_dump_rules()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 3/3] netfilter: nf_tables: fix potential NULL-ptr deref in nf_tables_dump_obj_done()
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 2/3] netfilter: uapi: correct UNTRACKED conntrack state bit number
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• [PATCH 0/3] Netfilter fixes for net
  • From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
• suspicious RCU usage at net/netfilter/ipset/ip_set_core.c:LINE
  • From: syzbot <syzbot+36b06f219f2439fe62e1@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [xtables-addons][PATCH 0/2] Compatibility fixes for linux 4.14 and 4.15
  • From: Jan Engelhardt <jengelh@xxxxxxx>