Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

Re: RFC: Ideas about possible solutions for nfbz#949
- From: Phil Sutter <phil@xxxxxx>
[PATCH 2/2] tests: shell: Test input descriptors for included files
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
[PATCH 1/2] tests: shell: Add test for incomplete set add set command
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCH] bump version to 1.0.3
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] bump version to 1.0.3
- From: Richard Weinberger <richard@xxxxxx>
[PATCH] bump version to 1.0.3
- From: Richard Weinberger <richard@xxxxxx>
Re: [PATCH lnf-queue] src: prepare for new release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] nft: make raw payloads work
- From: Laurent Fasnacht <l@xxxxxxxxx>
Re: [PATCHv3] tests: py: Add test for ambiguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
[PATCH] tests: py: Fail test forcefully when bug is not fixed
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCHv3] tests: py: Add test for ambiguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCHv3] tests: py: Add test for ambiguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
[4.11.y netfilter] 4.11 iptables regression fix
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH lnf-queue] src: prepare for new release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH V2] netfilter: Remove duplicated rcu_read_lock.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: crash on >= 4.9.0 kernel seems nf related
- From: Bjørnar Ness <bjornar.ness@xxxxxxxxx>
Re: [PATCH V2] netfilter: Remove duplicated rcu_read_lock.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH V2] netfilter: Remove duplicated rcu_read_lock.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nfnetlink: extended ACK reporting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] iptables-xml: Fix segfault on jump without a target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3] extensions: libxt_hashlimit: fix uint64_t printf formats
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: use NFPROTO_MAX to size array
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] nf_tables: reduce chain type table size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next RFC 1/5] netfilter: use nf_conntrack_helpers_register when possible
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter, kbuild: use canonical method to specify objs.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nf-next] netfilter: ebt: Use new helper ebt_invalid_target to check target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: move table iteration out of netns exit paths
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: do not hold dev in ipt_CLUSTERIP
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_ct_dccp/sctp: fix memory leak after netns cleanup
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: Better error reporting for bad set references
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: merge nested set flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 4/4] evaluate: reject meta nfproto outside of inet family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv3] tests: py: Add test for ambiguity while setting the value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 0/4] restrict meta nfproto to inet family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv3] tests: py: Add test for ambiguity while setting the value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv3] tests: py: Add test for ambiguity while setting the value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v3] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: ebt_nflog: fix unexpected truncated packet
- From: Liping Zhang <zlpnobody@xxxxxxx>
Re: [NFQUEUE] lack of UID/GID fields in fragmented packets
- From: Florian Westphal <fw@xxxxxxxxx>
[NFQUEUE] lack of UID/GID fields in fragmented packets
- From: Piotr Sawicki <piotr.sawicki@xxxxxxxxx>
[PATCH 4/4] evaluate: reject meta nfproto outside of inet family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 3/4] tests: restrict meta nfproto test cases to inet family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 2/4] tests: remove two non-sensical rules
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 1/4] tests: restrict ct saddr test to inet family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 0/4] restrict meta nfproto to inet family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCHv3] tests: py: Add test for ambiguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
[PATCH nft] src: error reporting for nested ruleset representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft v3] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Varsha Rao <rvarsha016@xxxxxxxxx>
Re: [PATCH nft v2] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft v2] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Varsha Rao <rvarsha016@xxxxxxxxx>
Re: [PATCH nft] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Varsha Rao <rvarsha016@xxxxxxxxx>
Re: [PATCHv2] tests: shell: Add test for ambguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCH xtables-addons] build: support for Linux 4.12
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCHv2] tests: shell: Add test for ambguity while setting the value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [4.9.y,netfilter] please, cherry-pick da2f27e9e615
- From: Greg KH <greg@xxxxxxxxx>
[PATCH nft] src: Pass stateless, numeric, ip2name and handle variables as structure members.
- From: Varsha Rao <rvarsha016@xxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Florian Westphal <fw@xxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
Re: using nft & iptables nat in parallel
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Florian Westphal <fw@xxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Florian Westphal <fw@xxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: conntrack: use NFPROTO_MAX to size array
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] nf_tables: reduce chain type table size
- From: Florian Westphal <fw@xxxxxxxxx>
Re: using nft & iptables nat in parallel
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
using nft & iptables nat in parallel
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: conntrack: fix clash resolution in nat
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
[4.9.y,netfilter] please, cherry-pick da2f27e9e615
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2] tests: shell: Add test for ambguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCHv2] tests: shell: Add test for ambguity while setting the value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] meta: permit meta nfproto ip in ip family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2] tests: shell: Add test for ambguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [conntrack-tools PATCH v2] conntrackd: make the daemon run in RT mode by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2] tests: shell: Add test for ambguity while setting the value
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[conntrack-tools PATCH v2] conntrackd: make the daemon run in RT mode by default
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [conntrack-tools PATCH 2/4] conntrackd: make the daemon run in RT mode by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/3] scanner: add files in include dirs in alphabetical order.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH v2] In order to prevent netlink buffer overrun, conntrackd is recommended to run
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
[PATCHv2] tests: shell: Add test for ambguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCH] tests: shell: Add test for ambguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
[conntrack-tools PATCH v2] In order to prevent netlink buffer overrun, conntrackd is recommended to run
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [PATCH] tests: shell: Add test for ambguity while setting the value
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
[PATCH] tests: shell: Add test for ambguity while setting the value
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
[PATCH] netfilter: ctnetlink: move CTA_TIMEOUT case to outside
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
nfqueue accepted packet is disappeared
- From: Oleg <lego12239@xxxxxxxxx>
Re: [PATCH 1/3] scanner: add files in include dirs in alphabetical order.
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [PATCH v2] decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 1/3] scanner: add files in include dirs in alphabetical order.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 2/4] conntrackd: make the daemon run in RT mode by default
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [PATCH 1/3] scanner: add files in include dirs in alphabetical order.
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [PATCH nft 2/2] src: rename ct eventmask to event
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] netlink_delinearize: prefer ct event set foo,bar over 'set foo|bar'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] netlink_delinearize: prefer ct event set foo,bar over 'set foo|bar'
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2] decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb
- From: Mateusz Jurczyk <mjurczyk@xxxxxxxxxx>
Re: [PATCH v2] decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2] decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb
- From: Mateusz Jurczyk <mjurczyk@xxxxxxxxxx>
[PATCH v2] netfilter: nfnetlink: Improve input length sanitization in nfnetlink_rcv
- From: Mateusz Jurczyk <mjurczyk@xxxxxxxxxx>
Re: [PATCH] netfilter: nfnetlink: Improve input length sanitization in nfnetlink_rcv
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH] decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb
- From: Mateusz Jurczyk <mjurczyk@xxxxxxxxxx>
[PATCH] netfilter: nfnetlink: Improve input length sanitization in nfnetlink_rcv
- From: Mateusz Jurczyk <mjurczyk@xxxxxxxxxx>
Re: [PATCH nft 2/2] src: rename ct eventmask to event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 2/2] src: rename ct eventmask to event
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 2/2] src: rename ct eventmask to event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 2/2] src: rename ct eventmask to event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/2] parser: allow ct eventmask set new,related
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] src: display default directory for file inclusion in -h/--help
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] doc: nft: describe -I override behaviour when path starts by ./ and /
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/2] src: rename ct eventmask to event
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/2] parser: allow ct eventmask set new,related
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 2/3] man: add include directory documentation.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/3] scanner: add files in include dirs in alphabetical order.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/3] man: add include directory documentation.
- From: Ismo Puustinen <ismo.puustinen@xxxxxxxxx>
[PATCH 3/3] tests: added tests for ordering files in include dirs.
- From: Ismo Puustinen <ismo.puustinen@xxxxxxxxx>
[PATCH 1/3] scanner: add files in include dirs in alphabetical order.
- From: Ismo Puustinen <ismo.puustinen@xxxxxxxxx>
Re: [PATCH nft] meta: permit meta nfproto ip in ip family
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [conntrack-tools PATCH 4/4] conntrackd: deprecate unix backlog configuration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 3/4] conntrackd: cleanup if failed forking
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 1/4] conntrackd: evaluate configuration earlier
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] ct: fix inet/bridge/netdev family handling for saddr/daddr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] meta: permit meta nfproto ip in ip family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] src: Remove expire information from list stateless ruleset.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 1/2] scanner: add support for include directories
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 2/2] tests: test include directories
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3 1/2] scanner: add support for include directories
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 3/3] xtables-translate: fix double space before comment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 2/3] libip6t_icmp6: xlate: remove leftover space
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables 1/3] tests: xlate: generalize owner
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH conntrack-tools v2] ipv6: remove use of HAVE_INET_PTON_IPV6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v3 2/2] tests: test include directories
- From: Ismo Puustinen <ismo.puustinen@xxxxxxxxx>
[PATCH v3 1/2] scanner: add support for include directories
- From: Ismo Puustinen <ismo.puustinen@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 4/4] conntrackd: deprecate unix backlog configuration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 4/4] conntrackd: deprecate unix backlog configuration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 2/4] conntrackd: make the daemon run in RT mode by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[conntrack-tools PATCH 4/4] conntrackd: deprecate unix backlog configuration
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
[conntrack-tools PATCH 3/4] conntrackd: cleanup if failed forking
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
[conntrack-tools PATCH 2/4] conntrackd: make the daemon run in RT mode by default
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
[conntrack-tools PATCH 1/4] conntrackd: evaluate configuration earlier
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
[PATCH] src: Remove expire information from list stateless ruleset.
- From: Varsha Rao <rvarsha016@xxxxxxxxx>
Re: [PATCH nf-next RFC 0/5] netfilter: add net namespace support for cthelper
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [PATCH nf-next RFC 0/5] netfilter: add net namespace support for cthelper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 2/2] tests: test include directories
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 1/2] scanner: add support for include directories
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH iptables 2/3] libip6t_icmp6: xlate: remove leftover space
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
[PATCH iptables 1/3] tests: xlate: generalize owner
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
[PATCH iptables 3/3] xtables-translate: fix double space before comment
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
Re: [PATCH V2] netfilter: Remove duplicated rcu_read_lock.
- From: Julian Anastasov <ja@xxxxxx>
[PATCH V2] netfilter: Remove duplicated rcu_read_lock.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH v2 2/2] tests: test include directories
- From: Ismo Puustinen <ismo.puustinen@xxxxxxxxx>
[PATCH v2 1/2] scanner: add support for include directories
- From: Ismo Puustinen <ismo.puustinen@xxxxxxxxx>
Re: [PATCH nf-next RFC 1/5] netfilter: use nf_conntrack_helpers_register when possible
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_ct_dccp/sctp: fix memory leak after netns cleanup
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
Re: [PATCH nf-next RFC 0/5] netfilter: add net namespace support for cthelper
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [PATCH nf-next RFC 0/5] netfilter: add net namespace support for cthelper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next RFC 0/5] netfilter: add net namespace support for cthelper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next RFC 5/5] netfilter: complete the netns support for the kernel built-in cthelpers
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next RFC 4/5] netfilter: complete the netns support for the user cthelpers
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next RFC 3/5] netfilter: make each ct helper belong to a specific netns
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next RFC 2/5] netfilter: make nf_conntrack_helper_register become per-net
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next RFC 1/5] netfilter: use nf_conntrack_helpers_register when possible
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next RFC 0/5] netfilter: add net namespace support for cthelper
- From: Liping Zhang <zlpnobody@xxxxxxx>
Re: [PATCH] ipset: Fix ipset command replacement in runtest.sh
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_ct_dccp/sctp: fix memory leak after netns cleanup
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH 1/1] iptables-xml: Fix segfault on jump without a target
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [PATCH 6/6 RFC] netfilter: add audit netns ID
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 5/6 RFC] netfilter: add audit operation field
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 4/6 RFC] netfilter: ebtables: audit table registration
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 3/6 RFC] netfilter: audit only on xtables and ebtables syscall rule or standalone
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Florian Westphal <fw@xxxxxxxxx>
RE: [PATCH nf-next] netns: add and use net_ns_barrier
- From: David Laight <David.Laight@xxxxxxxxxx>
[PATCH] netfilter, kbuild: use canonical method to specify objs.
- From: Jike Song <jike.song@xxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
Re: [PATCH nf-next] netns: add and use net_ns_barrier
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH v2 nf-next] netfilter: ebt: Use new helper ebt_invalid_target to check target
- From: gfree.wind@xxxxxxxxxxx
Re: [PATCH nf-next] netfilter: ebt: Use ebt_invalid_target instead of INVALID_TARGET
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: ebt: Use ebt_invalid_target instead of INVALID_TARGET
- From: gfree.wind@xxxxxxxxxxx
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2] extensions: libxt_cluster: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCHv2] extensions: libxt_cluster: Add translation to nft
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: RFC: Ideas about possible solutions for nfbz#949
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: RFC: Ideas about possible solutions for nfbz#949
- From: Phil Sutter <phil@xxxxxx>
[PATCH] ipset: Fix ipset command replacement in runtest.sh
- From: Neutron Soutmun <neo.neutron@xxxxxxxxx>
Re: [PATCHv2] extensions: libxt_cluster: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCHv2] extensions: libxt_cluster: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netns: add and use net_ns_barrier
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: move table iteration out of netns exit paths
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCHv2] extensions: libxt_cluster: Add translation to nft
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
[PATCH conntrack-tools v2] ipv6: remove use of HAVE_INET_PTON_IPV6
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH conntrack-tools] ipv6: remove use of HAVE_INET_PTON_IPV6
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH 0/4] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: RFC: Ideas about possible solutions for nfbz#949
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] src: remove global nftnl_batch structure in mnl layer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] ct: fix inet/bridge/netdev family handling for saddr/daddr
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] meta: permit meta nfproto ip in ip family
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH conntrack-tools] ipv6: remove use of HAVE_INET_PTON_IPV6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH conntrack-tools] ipv6: remove use of HAVE_INET_PTON_IPV6
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH] netfilter: Remove duplicated rcu_read_lock.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
Re: [PATCH v3] extensions: libxt_hashlimit: fix uint64_t printf formats
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH v3] extensions: libxt_hashlimit: fix uint64_t printf formats
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3] extensions: libxt_hashlimit: fix uint64_t printf formats
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH v5 1/1] iptables: Fix crash on malformed iptables-restore
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] iptables: Add file output option to iptables-save
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] iptables: insist that the lock is held.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v3] extensions: libxt_hashlimit: fix uint64_t printf formats
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/4] netfilter: nat: use atomic bit op to clear the _SRC_NAT_DONE_BIT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/4] netfilter: nft_set_rbtree: handle element re-addition after deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/4] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/4] netfilter: conntrack: fix false CRC32c mismatch using paged skb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: Remove duplicated rcu_read_lock.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[4.9.y,netfilter] please, cherry-pick da2f27e9e615
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Fix typo in documentation of nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v2] evaluate: avoid reference to multiple src data in statements which set values
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next V2] netfilter: cttimeout: use nf_ct_iterate_cleanup_net to unlink timeout objs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next V2] netfilter: nf_ct_helper: use nf_ct_iterate_destroy to unlink helper objs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/5] netfilter: conntrack: rework nf_ct_iterate, part 1.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 2/2] netfilter: nf_tables: make local functions static
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 1/2] netfilter: resolve warnings about missing prototypes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: clusterip: switch to nf_register_net_hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] net: netfilter: netlink: delete extra spaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next V2] netfilter: cttimeout: use nf_ct_iterate_cleanup_net to unlink timeout objs
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [PATCH nf-next V2] netfilter: nf_ct_helper: use nf_ct_iterate_destroy to unlink helper objs
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf-next V2] netfilter: cttimeout: use nf_ct_iterate_cleanup_net to unlink timeout objs
- From: kbuild test robot <lkp@xxxxxxxxx>
[PATCH nf-next V2] netfilter: cttimeout: use nf_ct_iterate_cleanup_net to unlink timeout objs
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next V2] netfilter: nf_ct_helper: use nf_ct_iterate_destroy to unlink helper objs
- From: Liping Zhang <zlpnobody@xxxxxxx>
Re: [PATCH 1/1] iptables: Add file output option to iptables-save
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] iptables: Add file output option to iptables-save
- From: Oliver Ford <ojford@xxxxxxxxx>
[PATCH nft 2/2] tests: py: flush stdout on each test run
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/2] expression: don't trim off unary expression on delinearization
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] iptables: Add file output option to iptables-save
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/1] iptables: Add file output option to iptables-save
- From: Oliver Ford <ojford@xxxxxxxxx>
[nft PATCH v2] evaluate: avoid reference to multiple src data in statements which set values
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [PATCH nf-next 7/9] netfilter: nf_tables: allow large allocations for new sets
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [PATCH nf-next 7/9] netfilter: nf_tables: allow large allocations for new sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 7/9] netfilter: nf_tables: allow large allocations for new sets
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
NFQUEUE and TRPOXY
- From: Pavel Vajarov <pavel@xxxxxxxx>
[PATCH] Fix typo in documentation of nft
- From: Bertrand Bonnefoy-Claudet <bertrandbc@xxxxxxxxx>
Re: [PATCH 1/1] extensions: libxt_cluster: Add translation to nft
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCH 1/1] extensions: libxt_cluster: Add translation to nft
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCH 1/6 RFC] netfilter: normalize x_table function declarations
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH 6/6 RFC] netfilter: add audit netns ID
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
Re: [PATCH 3/6 RFC] netfilter: audit only on xtables and ebtables syscall rule or standalone
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH 6/6 RFC] netfilter: add audit netns ID
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH 1/6 RFC] netfilter: normalize x_table function declarations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/6 RFC] netfilter: audit only on xtables and ebtables syscall rule or standalone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 6/6 RFC] netfilter: add audit netns ID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 8/9,v2] netfilter: nft_set_hash: add non-resizable hashtable implementation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 9/9,v2] netfilter: nft_set_hash: add lookup variant for fixed size hashtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] extensions: libxt_cluster: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] evaluate: prevent using sets in payload statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] evaluate: prevent using sets in payload statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] extensions: libxt_cluster: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/1] extensions: libxt_cluster: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] extensions: libxt_cluster: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCHv2 net] netfilter: do not hold dev in ipt_CLUSTERIP
- From: Xin Long <lucien.xin@xxxxxxxxx>
[nft PATCH] evaluate: prevent using sets in payload statements
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
[PATCH 1/1] extensions: libxt_cluster: Add translation to nft
- From: Shyam Saini <mayhs11saini@xxxxxxxxx>
Re: [PATCH] netfilter: Remove duplicated rcu_read_lock.
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 0/4 RFC] Support IPv6 AH header matches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 8/9] netfilter: nft_set_hash: add non-resizable hashtable implementation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3] netlink: add size description for constant sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/3] segtree: reset element size counter before adding intervals to set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3] rule: adjust set expression size accordingly with intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 9/9] netfilter: nft_set_hash: add lookup variant for fixed size hashtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 7/9] netfilter: nf_tables: allow large allocations for new sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 5/9] netfilter: nf_tables: pass set description to ->privsize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 8/9] netfilter: nft_set_hash: add non-resizable hashtable implementation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 4/9] netfilter: nf_tables: select set backend flavour depending on description
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 0/9] nf_tables set updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/9] netfilter: nft_set_hash: unnecessary forward declaration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/9] netfilter: nf_tables: no size estimation if number of set elements is unknown
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/9] netfilter: nft_set_hash: use nft_rhash prefix for resizable set backend
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 6/9] netfilter: nft_set_hash: add nft_hash_buckets()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: do not hold dev in ipt_CLUSTERIP
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCH v3] extensions: libxt_hashlimit: fix uint64_t printf formats
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
Re: [PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: fix false CRC32c mismatch using paged skb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: do not hold dev in ipt_CLUSTERIP
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nat: use atomic bit op to clear the _SRC_NAT_DONE_BIT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v3 0/7] switch l4 dependency to meta l4proto
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] extensions: libxt_hashlimit: fix 64-bit printf formats
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v3] List handles of added rules if requested
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v3] List handles of added rules if requested
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: fix false CRC32c mismatch using paged skb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: fix false CRC32c mismatch using paged skb
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
Re: [PATCH 00/12] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 00/12] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
[nft PATCH 3/4 RFC] exthdr: Define AH header description
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 4/4 RFC] payload: Convert AH header expression to exthdr for IPv6
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/4 RFC] payload: Carry template number around for internal use
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/4 RFC] exthdr: Align max templates count with payload expr
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/4 RFC] Support IPv6 AH header matches
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: nft_set_rbtree: handle re-addition element after deletion
- From: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx>
Re: [PATCH 00/12] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_set_rbtree: handle re-addition element after deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 00/12] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nat: use atomic bit op to clear the _SRC_NAT_DONE_BIT
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nat: use atomic bit op to clear the _SRC_NAT_DONE_BIT
- From: Liping Zhang <zlpnobody@xxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: nf_ct_helper: use nf_ct_iterate_cleanup to unlink helper objs
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: nf_ct_helper: use nf_ct_iterate_cleanup to unlink helper objs
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
[PATCH nf-next 5/5] netfilter: nat: destroy nat mappings on module exit path only
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 4/5] netfilter: conntrack: restart iteration on resize
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 3/5] netfilter: conntrack: add nf_ct_iterate_destroy
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/5] netfilter: conntrack: don't call iter for non-confirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/5] netfilter: conntrack: rename nf_ct_iterate_cleanup
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/5] netfilter: conntrack: rework nf_ct_iterate, part 1.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: nf_ct_helper: use nf_ct_iterate_cleanup to unlink helper objs
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: nf_ct_helper: use nf_ct_iterate_cleanup to unlink helper objs
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: nf_ct_helper: use nf_ct_iterate_cleanup to unlink helper objs
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 1/3] netfilter: restart nf ct cleanup if hash resize happen
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 0/3] netfilter: handle hash resize situation in nf_ct_iterate_cleanup
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/3] netfilter: nf_ct_helper: use nf_ct_iterate_cleanup to unlink helper objs
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next 3/3] netfilter: cttimeout: use nf_ct_iterate_cleanup to unlink timeout objs
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next 0/3] netfilter: handle hash resize situation in nf_ct_iterate_cleanup
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf-next 1/3] netfilter: restart nf ct cleanup if hash resize happen
- From: Liping Zhang <zlpnobody@xxxxxxx>
Re: [PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH net] netfilter: do not hold dev in ipt_CLUSTERIP
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCH nft v3 7/7] tests: fix up meta l4proto change for ip family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v3 6/7] src: ip: switch implicit dependencies to meta l4proto too
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v3 5/7] tests: fix up meta l4proto change for ip6 family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 4/7] payload: enforce ip/ip6 protocol depending on icmp or icmpv6
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v3 3/7] src: ipv6: switch implicit dependencies to meta l4proto
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v3 2/7] src: allow update of net base w. meta l4proto icmpv6
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/7] payload: split ll proto dependency into helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v3 0/7] switch l4 dependency to meta l4proto
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next 2/2] netfilter: nf_tables: make local functions static
- From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
[PATCH net-next 1/2] netfilter: resolve warnings about missing prototypes
- From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
Re: [PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
[PATCH v5 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
[nft PATCH v3] List handles of added rules if requested
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf] netfilter: conntrack: fix false CRC32c mismatch using paged skb
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
Re: [PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
[PATCH v4 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
[PATCH v3 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: fix false CRC32c mismatch using paged skb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/12] netfilter: xtables: zero padding in data_to_user
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/12] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/12] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/12] netfilter: introduce nf_conntrack_helper_put helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/12] netfilter: synproxy: fix conntrackd interaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/12] netfilter: nf_tables: can't assume lock is acquired when dumping set elems
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/12] netfilter: nfnl_cthelper: reject del request if helper obj is in use
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/12] netfilter: nf_tables: missing sanitization in data from userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/12] netfilter: don't setup nat info for confirmed ct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/12] ebtables: arpreply: Add the standard target sanity check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/12] netfilter: xtables: fix build failure from COMPAT_XT_ALIGN outside CONFIG_COMPAT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/12] netfilter: nf_tables: revisit chain/object refcounting from elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/12] ipvs: SNAT packet replies only for NATed connections
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] iptables: support insisting that the lock is held
- From: Lorenzo Colitti <lorenzo@xxxxxxxxxx>
[PATCH] iptables: insist that the lock is held.
- From: Lorenzo Colitti <lorenzo@xxxxxxxxxx>
[PATCH 6/6 RFC] netfilter: add audit netns ID
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH 5/6 RFC] netfilter: add audit operation field
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH 4/6 RFC] netfilter: ebtables: audit table registration
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH 3/6 RFC] netfilter: audit only on xtables and ebtables syscall rule or standalone
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH 2/6 RFC] netfilter: normalize ebtables function declarations
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH 1/6 RFC] netfilter: normalize x_table function declarations
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH 0/6 RFC] Address NETFILTER_CFG issues
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH nf] netfilter: conntrack: fix false CRC32c mismatch using paged skb
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
Re: [PATCH v2 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [PATCH v2 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [PATCH v2 1/1] iptables: Fix crash on malformed iptables-restore
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
[PATCH v2] extensions: libxt_hashlimit: fix 64-bit printf formats
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
Re: [PATCH] extensions: libxt_hashlimit: fix 64-bit printf format
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] extensions: libxt_hashlimit: fix 64-bit printf format
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] extensions: libxt_hashlimit: fix 64-bit printf format
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
Re: [PATCH nf] xtables: fix build failure from COMPAT_XT_ALIGN outside CONFIG_COMPAT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [1/1] iptables: Fix crash on malformed iptables-restore
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: crash on >= 4.9.0 kernel seems nf related
- From: Bjørnar Ness <bjornar.ness@xxxxxxxxx>
Re: linux-next: build failure after merge of the netfilter tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: [1/1] iptables: Fix crash on malformed iptables-restore
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 04/10] tests: fix up meta l4proto change for ip6 family
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 04/10] tests: fix up meta l4proto change for ip6 family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 04/10] tests: fix up meta l4proto change for ip6 family
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] src: delete the old cache when dumping is interrupted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 04/10] tests: fix up meta l4proto change for ip6 family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/1] iptables: Fix crash on malformed iptables-restore
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: linux-next: build failure after merge of the netfilter tree
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
[PATCH nf] xtables: fix build failure from COMPAT_XT_ALIGN outside CONFIG_COMPAT
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
[PATCH nf-next] netfilter: clusterip: switch to nf_register_net_hook
- From: Florian Westphal <fw@xxxxxxxxx>
Re: linux-next: build failure after merge of the netfilter tree
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
linux-next: build failure after merge of the netfilter tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Re: [Bug 1145] nft 0.7: expression.c:966: range_expr_value_low: Assertion '0' failed.
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 04/10] tests: fix up meta l4proto change for ip6 family
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 07/10] tests: add ip reject with tcp and check for mark too
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 09/10] src: ip: switch implicit dependencies to meta l4proto too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 07/10] tests: add ip reject with tcp and check for mark too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 03/10] src: treat ip6 nexthdr as a protocol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 04/10] tests: fix up meta l4proto change for ip6 family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 02/10] src: ipv6: switch implicit dependencies to meta l4proto
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 01/10] src: allow update of net base w. meta l4proto icmpv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re:Re: [PATCH nf v2] ebtables: arpreply: Add the standard target sanity check
- From: "Gao Feng" <gfree.wind@xxxxxxxxxxx>
Re: Re: [PATCH nf v2] ebtables: arpreply: Add the standard target sanity check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] ebtables: arpreply: Add the standard target sanity check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] ebtables: arpreply: Add the standard target sanity check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: crash on >= 4.9.0 kernel seems nf related
- From: Florian Westphal <fw@xxxxxxxxx>
Re: crash on >= 4.9.0 kernel seems nf related
- From: Bjørnar Ness <bjornar.ness@xxxxxxxxx>
[PATCH nf v2] ebtables: arpreply: Add the standard target sanity check
- From: gfree.wind@xxxxxxxxxxx
Re:Re: [PATCH nf] ebtables: arpreply: Add the standard target sanity check
- From: "Gao Feng" <gfree.wind@xxxxxxxxxxx>
Re: [PATCH ulogd2 1/2] ulogd.conf: harmonize log file options with module default values
- From: Eric Leblond <eric@xxxxxxxxx>
Re: [PATCH] netfilter: synproxy: fix conntrackd interaction
- From: Eric Leblond <eric@xxxxxxxxx>
Re: [PATCH] netfilter: synproxy: fix conntrackd interaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v6 2/3] netfilter: nat_helper: Register one nf_ct_nat_helper each proto nat module
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v3] expression: print sets and maps in pretty format
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] netlink_delink_delinearize: don't store dependency unless relop checks is eq check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: can't assume lock is acquired when dumping set elems
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] ebtables: arpreply: Add the standard target sanity check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] ebtables: arpreply: Add the standard target sanity check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: synproxy: fix conntrackd interaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] xtables: zero padding in data_to_user
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: don't setup nat info for confirmed ct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [GIT PULL 0/1] IPVS Fixes for v4.12
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf V2 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf V2 1/2] netfilter: introduce nf_conntrack_helper_put helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: don't setup nat info for confirmed ct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 2/2] netfilter: nf_tables: revisit chain/object refcounting from elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/2] netfilter: nf_tables: missing sanitization in data from userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 2/2] conntrackd: request resync at startup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 1/2] conntrackd: consolidate more code to use resync_send()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH 1/2] include: Add proc_info symbols to nf_tables.h
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/2] monitor: Support printing processes which caused the event
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/2] monitor: Support printing processes which caused the event
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH] netfilter: nf_tables: Report transactions' process info to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [Bug 1145] nft 0.7: expression.c:966: range_expr_value_low: Assertion '0' failed.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH xtables-addons] build: support for Linux 4.12
- From: Ralph Sennhauser <ralph.sennhauser@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: can't assume lock is acquired when dumping set elems
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nft] src: delete the old cache when dumping is interrupted
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH] netfilter: Remove duplicated rcu_read_lock.
- From: Taehee Yoo <ap420073@xxxxxxxxx>
[PATCH nf] ebtables: arpreply: Add the standard target sanity check
- From: gfree.wind@xxxxxxxxxxx
[PATCH] net: netfilter: netlink: delete extra spaces
- From: linzhang <xiaolou4617@xxxxxxxxx>
[PATCH] netfilter: synproxy: fix conntrackd interaction
- From: Eric Leblond <eric@xxxxxxxxx>
Re: [PATCH] netfilter: synproxy: fix conntrackd interaction
- From: Jesper Dangaard Brouer <brouer@xxxxxxxxxx>
[PATCH] netfilter: synproxy: fix conntrackd interaction
- From: Eric Leblond <eric@xxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Florian Westphal <fw@xxxxxxxxx>
RFC: Ideas about possible solutions for nfbz#949
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Florian Westphal <fw@xxxxxxxxx>
[nft PATCH RFC] monitor: Support printing processes which caused the event
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH v2] List handles of added rules if requested
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] xtables: zero padding in data_to_user
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
[PATCH nft 04/10] tests: fix up meta l4proto change for ip6 family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 09/10] src: ip: switch implicit dependencies to meta l4proto too
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 10/10] tests: fix up meta l4proto change for ip family
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 08/10] src: add a comment wrt. reject dependency insertion
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 03/10] src: treat ip6 nexthdr as a protocol
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 07/10] tests: add ip reject with tcp and check for mark too
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 02/10] src: ipv6: switch implicit dependencies to meta l4proto
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 06/10] netlink_delinearize: reject: remove dependency for tcp-resets
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 05/10] tests: meta: add icmpv6 test case
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 01/10] src: allow update of net base w. meta l4proto icmpv6
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 00/10] switch l4 dependency to meta l4proto
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] netlink_delink_delinearize: don't store dependency unless relop checks is eq check
- From: Florian Westphal <fw@xxxxxxxxx>
[conntrack-tools PATCH 2/2] conntrackd: request resync at startup
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
[conntrack-tools PATCH 1/2] conntrackd: consolidate more code to use resync_send()
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: .config for iptables icmp rule delete failure
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
Re: .config for iptables icmp rule delete failure
- From: Willem de Bruijn <willemb@xxxxxxxxxx>
Re: .config for iptables icmp rule delete failure
- From: Florian Westphal <fw@xxxxxxxxx>
Re: .config for iptables icmp rule delete failure
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
Re: Changing destination ip and port of TEE'ed udp
- From: Sergey Yermakov <sergey@xxxxxxxxxx>
Re: Changing destination ip and port of TEE'ed udp
- From: Jan Engelhardt <jengelh@xxxxxxx>
Changing destination ip and port of TEE'ed udp
- From: Sergey Yermakov <sergey@xxxxxxxxxx>
Re: .config for iptables icmp rule delete failure
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] netlink_delinearize: don't kill dependencies accross statements
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/1] libxtables: Display weird character warning for wildcards
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] netlink_delinearize: don't kill dependencies accross statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] conntrackd: request resync at startup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 3/4] conntrackd: factorize resync operations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 1/4] conntrackd: factorice tx_queue functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v2] List handles of added rules if requested
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable 0/3] ipvs: patches for stable
- From: Simon Horman <horms@xxxxxxxxxxxx>
[GIT PULL 0/1] IPVS Fixes for v4.12
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH] ipvs: SNAT packet replies only for NATed connections
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH nft] netlink_delinearize: don't kill dependencies accross statements
- From: Florian Westphal <fw@xxxxxxxxx>
Re: How to reinject a packet (skb) at some later point in time
- From: Pavel Vajarov <pavel@xxxxxxxx>
.config for iptables icmp rule delete failure
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH nf V2 0/2] netfilter: reject cthelper del request if it is in use
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf V2 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH nf V2 1/2] netfilter: introduce nf_conntrack_helper_put helper function
- From: Liping Zhang <zlpnobody@xxxxxxx>
Re: How to reinject a packet (skb) at some later point in time
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: don't setup nat info for confirmed ct
- From: Florian Westphal <fw@xxxxxxxxx>
How to reinject a packet (skb) at some later point in time
- From: Pavel Vajarov <pavel@xxxxxxxx>
[PATCH nf] netfilter: don't setup nat info for confirmed ct
- From: Liping Zhang <zlpnobody@xxxxxxx>
[nft PATCH v2] List handles of added rules if requested
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: "Puustinen, Ismo" <ismo.puustinen@xxxxxxxxx>
[PATCH 1/1] libxtables: Display weird character warning for wildcards
- From: Oliver Ford <ojford@xxxxxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re:Re: [PATCH nf v6 3/3] netfilter: nat_helper: Remove the expectations when its module is unloaded
- From: "Gao Feng" <gfree.wind@xxxxxxxxxxx>
Re: [PATCH nf v6 3/3] netfilter: nat_helper: Remove the expectations when its module is unloaded
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
[PATCH nf v6 1/3] netfilter: helper: Rename struct nf_ct_helper_expectfn to nf_ct_nat_helper
- From: gfree.wind@xxxxxxxxxxx
[PATCH nf v6 3/3] netfilter: nat_helper: Remove the expectations when its module is unloaded
- From: gfree.wind@xxxxxxxxxxx
[PATCH nf v6 2/3] netfilter: nat_helper: Register one nf_ct_nat_helper each proto nat module
- From: gfree.wind@xxxxxxxxxxx
Re: [nft PATCH] List handles of added rules if requested
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH -stable 0/3] ipvs: patches for stable
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH nft] parser: allow listing sets in one table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] parser: allow listing sets in one table
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Thomas Woerner <twoerner@xxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Return info of added rules back to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH -stable 0/3] ipvs: patches for stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: net: possible deadlock in skb_queue_tail
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: net: possible deadlock in skb_queue_tail
- From: Andrey Konovalov <andreyknvl@xxxxxxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] List handles of added rules if requested
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Return info of added rules back to user space
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] List handles of added rules if requested
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH] netfilter: nf_tables: Return info of added rules back to user space
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] nft.8: Enhance NAT documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] nft.8: Enhance NAT documentation
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [PATCH iptables] iptables: support insisting that the lock is held
- From: Lorenzo Colitti <lorenzo@xxxxxxxxxx>
Re: [PATCH iptables] iptables: support insisting that the lock is held
- From: Lorenzo Colitti <lorenzo@xxxxxxxxxx>
Re: [PATCH iptables] iptables: support insisting that the lock is held
- From: Lorenzo Colitti <lorenzo@xxxxxxxxxx>
Re: [PATCH iptables] iptables: support insisting that the lock is held
- From: Aaron Conole <aconole@xxxxxxxxxx>
Re: [PATCH iptables] iptables: support insisting that the lock is held
- From: Aaron Conole <aconole@xxxxxxxxxx>
Re: [PATCH 00/16] Netfilter/IPVS/OVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure
- From: Arnd Bergmann <arnd@xxxxxxxx>
Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure
- From: Arnd Bergmann <arnd@xxxxxxxx>
[PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
crash on >= 4.9.0 kernel seems nf related
- From: Bjørnar Ness <bjornar.ness@xxxxxxxxx>
Re: .nf_ct_iterate_cleanup panic
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables] iptables: support insisting that the lock is held
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
.nf_ct_iterate_cleanup panic
- From: dalin liu <kendodada@xxxxxxxxx>
[PATCH 09/16] netfilter: xt_socket: Fix broken IPv6 handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/16] Netfilter/IPVS/OVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/16] netfilter: nft_set_bitmap: free dummy elements when destroy the set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/16] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/16] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/16] netfilter: update MAINTAINERS file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/16] netfilter: x_tables: unlock on error in xt_find_table_lock()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 16/16] netfilter: nf_tables: check if same extensions are set when adding elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/16] netfilter: ctnetlink: make it safer when updating ct->status
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/16] netfilter: ctnetlink: acquire ct->lock before operating nf_ct_seqadj
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/16] netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/16] bridge: ebtables: fix reception of frames DNAT-ed to bridge device/port
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/16] netfilter: ctnetlink: drop the incorrect cthelper module request
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/16] netfilter: nft_dynset: continue to next expr if _OP_ADD succeeded
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/16] netfilter: ctnetlink: fix deadlock due to acquire _expect_lock twice
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/16] netfilter: xt_CT: fix refcnt leak on error path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/16] openvswitch: Delete conntrack entry clashing with an expectation.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] nft.8: Enhance NAT documentation
- From: Phil Sutter <phil@xxxxxx>
Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH v3] expression: print sets and maps in pretty format
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
migrating from iptables to nftables
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: [PATCH nf-next 0/3] netfilter: speed up netns cleanup
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
- From: Matthias Kaehlcke <mka@xxxxxxxxxxxx>
Re: [PATCH 00/53] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 00/53] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH -stable 0/3] ipvs: patches for stable
- From: Julian Anastasov <ja@xxxxxx>
[PATCH 4.4.65 -stable 3/3] ipvs: SNAT packet replies only for NATed connections
- From: Julian Anastasov <ja@xxxxxx>
[PATCH 3.10.105,3.12.73,3.16.43,4.1.39 -stable 2/3] ipvs: SNAT packet replies only for NATed connections
- From: Julian Anastasov <ja@xxxxxx>
[PATCH 3.2.88,3.4.113 -stable 1/3] ipvs: SNAT packet replies only for NATed connections
- From: Julian Anastasov <ja@xxxxxx>
[PATCH nf] netfilter: nf_tables: check if same extensions are set when adding elements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v2 1/4] netfilter: nf_tables: get rid of jump label to return
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 00/53] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/53] netfilter: nat: nf_nat_mangle_{udp,tcp}_packet returns boolean
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/53] netfilter: nat: avoid use of nf_conn_nat extension
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/53] netfilter: ctnetlink: Expectations must have a conntrack helper area
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 27/53] netfilter: helper: add build-time asserts for helper data size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 22/53] netfilter: ecache: Refine the nf_ct_deliver_cached_events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 19/53] netfilter: nf_conntrack: remove double assignment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 16/53] netfilter: udplite: Remove duplicated udplite4/6 declaration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/53] netfilter: ip6_tables: Remove unneccessary comments
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/53] netfilter: Remove exceptional & on function name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 18/53] netfilter: nf_tables: remove double return statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 17/53] netfilter: nat: remove rcu_read_lock in __nf_nat_decode_session.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 25/53] netfilter: nft_ct: allow to set ctnetlink event types of a connection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 24/53] netfilter: remove nf_ct_is_untracked
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 31/53] netfilter: conntrack: use u8 for extension sizes again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 30/53] netfilter: remove last traces of variable-sized extensions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 29/53] netfilter: helpers: remove data_len usage for inkernel helpers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 26/53] netfilter: conntrack: move helper struct to nf_conntrack_helper.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 28/53] netfilter: nfnetlink_cthelper: reject too large userspace allocation requests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 34/53] netfilter: ipvs: fix incorrect conflict resolution
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 32/53] netfilter: allow early drop of assured conntracks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 36/53] netfilter: synproxy: only register hooks when needed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 21/53] netfilter: nf_nat: Fix return NF_DROP in nfnetlink_parse_nat_setup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 33/53] nefilter: eache: reduce struct size from 32 to 24 byte
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 35/53] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 37/53] ipvs: convert to use pernet nf_hook api
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 38/53] netfilter: decnet: only register hooks in init namespace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 39/53] ebtables: remove nf_hook_register usage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 40/53] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 44/53] netfilter: masquerade: attach nat extension if not present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 23/53] netfilter: kill the fake untracked conntrack objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 41/53] netfilter: conntrack: remove prealloc support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 43/53] netfilter: conntrack: handle initial extension alloc via krealloc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 42/53] netfilter: conntrack: mark extension structs as const
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 45/53] netfilter: pptp: attach nat extension when needed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 46/53] netfilter: don't attach a nat extension by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 47/53] ipvs: remove unused function ip_vs_set_state_timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 48/53] ipvs: change comparison on sync_refresh_period
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 53/53] netfilter: nf_ct_ext: invoke destroy even when ext is not attached
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 51/53] netfilter: nf_queue: only call synchronize_net twice if nf_queue is active
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 52/53] netfilter: snmp: avoid stack size warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 49/53] netfilter: batch synchronize_net calls during hook unregister
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 50/53] netfilter: nf_log: don't call synchronize_rcu in nf_log_unset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 20/53] ipset: remove unused function __ip_set_get_netlink
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/53] netfilter: Remove unnecessary cast on void pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/53] netfilter: Add nfnl_msg_type() helper function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/53] net: netfilter: Use list_{next/prev}_entry instead of list_entry
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/53] netfilter: Use seq_puts()/seq_putc() where possible
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/53] netfilter: nf_ct_expect: Add nf_ct_remove_expect()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/53] ipvs: remove unused variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/53] netfilter: nf_tables: add nft_is_base_chain() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/53] netfilter: expect: Make sure the max_expected limit is effective
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/53] netfilter: ipvs: Replace kzalloc with kcalloc.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]