Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- Re: [PATCH v3] netfilter: nf_tables: Ensure init attributes are within the bounds
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf-next 2/6] netfilter: conntrack: get rid of conntrack timer
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 2/6] netfilter: conntrack: get rid of conntrack timer
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- [PATCH 4/4 V6 nft] parser: Improve syntax errors
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/4 V6 nft] Simplify parser rule_spec tree
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/4 V6 nft] test: shell: Add tests for deleting rule by description
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/4 V6 nft] Implement deleting rule by description
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH iptables 2/3] xtables-compat: check if nft ruleset is compatible
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [PATCH iptables 1/3] xtables-compat: remove useless functions
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH iptables 3/3] xtables-compat: add rule cache
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH iptables 2/3] xtables-compat: check if nft ruleset is compatible
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH nf] netfilter: nft_reject: restrict to INPUT/FORWARD/OUTPUT
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH -next] netfilter: nft_hash: fix non static symbol warning
- From: Wei Yongjun <weiyj.lk@xxxxxxxxx>
- [PATCH iptables] extensions: libxt_CLASSIFY: Add translation to nft
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: [PATCH nf-next 2/6] netfilter: conntrack: get rid of conntrack timer
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 2/6] netfilter: conntrack: get rid of conntrack timer
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH nf-next 4/6] netfilter: conntrack: add gc worker to remove timed-out entries
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/1] netfilter: gre: Use the consitent GRE and PPTP struct instead of the structures defined in netfilter
- From: Feng Gao <gfree.wind@xxxxxxxxx>
- Re: [PATCH nf-next 2/6] netfilter: conntrack: get rid of conntrack timer
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 1/1] netfilter: gre: Use the consitent GRE and PPTP struct instead of the structures defined in netfilter
- From: fgao@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
- Re: [PATCH nf-next 4/6] netfilter: conntrack: add gc worker to remove timed-out entries
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH nf-next 2/6] netfilter: conntrack: get rid of conntrack timer
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- [PATCH nf-next 6/6] netfilter: remove __nf_ct_kill_acct helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 5/6] netfilter: conntrack: resched gc again if eviction rate is high
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/6] netfilter: conntrack: add gc worker to remove timed-out entries
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/6] netfilter: evict stale entries on netlink dumps
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/6] netfilter: conntrack: get rid of conntrack timer
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/6] netfilter: don't rely on DYING bit to detect when destroy event was sent
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/6] conntrack: get rid of per-object timer
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables-translate: add escape_quotes option to comment_xlate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nfacct: setting quotas does not seem to work.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v4] netfilter: nf_tables: Ensure init attributes are within the bounds
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables-translate: add escape_quotes option to comment_xlate
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH] netfilter: fix spelling mistake: "delimitter" -> "delimiter"
- From: Colin King <colin.king@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nft_dynset: allow to invert match criteria
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] rule: Fix comparison between rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/6] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH libnftnl] rule: Fix comparison between rules
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 6/6] netfilter: cttimeout: fix use after free error when delete netns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/6] netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/6] netfilter: conntrack: do not dump other netns's conntrack entries via proc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/6] netfilter: tproxy: properly refcount tcp listeners
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/6] netfilter: nfnetlink_acct: report overquota to the right netns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/6] netfilter: nfnetlink_log: add "nf-logger-3-1" module alias name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_conntrack: restore nf_conntrack_htable_size as exported symbol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: cttimeout: fix use after free error when delete netns
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH v3] netfilter: nf_tables: Ensure init attributes are within the bounds
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroy
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
- [PATCH v5] netfilter: nft_numgen: add number generator expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: nfacct: setting quotas does not seem to work.
- From: Josue Alvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH 3/3 v4 libnftnl] tests: Elimine static variable 'test_ok'
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/3 v4 libnftnl] tests: Use libnftnl comparators in all tests
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/3 v4 libnftnl] tests: Consolidate printing error utilities
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH libnftnl] expr: hash: Add comparator to hash expression
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH libnftnl] expr: hash: Add comparator to hash expression
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [nf-next:master 8/9] ERROR: "nf_conntrack_htable_size" [net/netfilter/nfnetlink_cttimeout.ko] undefined!
- From: kbuild test robot <fengguang.wu@xxxxxxxxx>
- linux-next: build failure after merge of the netfilter-next tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
- Re: Snooping expected connections in a user CT helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: add quota expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4] netfilter: nft_numgen: add number generator expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: tproxy: properly refcount tcp listeners
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nfacct: setting quotas does not seem to work.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 2/2] netfilter: nfnetlink_acct: report overquota to the right netns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: kernel panic TPROXY , vanilla 4.7.1
- From: Denys Fedoryshchenko <nuclearcat@xxxxxxxxxxxxxx>
- [PATCH net] netfilter: tproxy: properly refcount tcp listeners
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: kernel panic TPROXY , vanilla 4.7.1
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- [PATCH v4] netfilter: nft_numgen: add number generator expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- ulogd plugin development question
- From: Tommy Knowlton <tommy.knowlton@xxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_tables: Check for overflow of u8 fields from u32 netlink attributes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: kernel panic TPROXY , vanilla 4.7.1
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nfnetlink_log: add "nf-logger-3-1" module alias name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V3 nf-next] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: conntrack: do not dump other netns's conntrack entries via proc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_tables_netdev: set nft_pktinfo field for non-IP traffic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_tables_netdev: set nft_pktinfo field for non-IP traffic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_conntrack] src: Make the library compile under clang
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/3 v5 nft] Simplify parser rule_spec tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 4/4] evaluate: Avoid undefined behaviour in concat_subtype_id()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/4] proto_find_num: Avoid potential null pointer dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/4] netlink_delinearize: Avoid potential null pointer deref
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 1/4] evaluate: Fix datalen checks in expr_evaluate_string()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 2/2] xtables-translate-restore: do not escape quotes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 1/2] xtables-translate: add escape_quotes option to comment_xlate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/3 v5 libnftnl] Implement rule comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3] netfilter: nft_numgen: add number generator expression
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: [PATCH v2 libnftnl] expr: add hash expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 06/10] scanner: remove range expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 08/10] src: simplify classid printing using %x instead of %04x
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 10/10] parser_bison: redirect to :port for consistency with nat/masq statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 09/10] src: meta priority support using tc classid
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 05/10] scanner: allow strings starting by underscores and dots
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 07/10] src: rename datatype name from tc_handle to classid
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 04/10] parser_bison: missing token string in QUOTED_ASTERISK and ASTERISK_STRING
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 03/10] src: support for RFC2732 IPv6 address format with brackets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 02/10] src: add 'to' for snat and dnat
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 01/10] src: quote user-defined strings when used from rule selectors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 00/10 nft] syntax updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- libipset developer documentation?
- From: Peter Wu <peter@xxxxxxxxxxxxx>
- Re: [PATCH 2/2 nft] ct: release ct_label table on exit
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/2 nft] ct: add missing slash to connlabel path
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 2/2 nft] ct: release ct_label table on exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2 nft] ct: add missing slash to connlabel path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/3 v5 nft] Implement deleting rule by description
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/3 v5 nft] Simplify parser rule_spec tree
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/3 v5 libnftnl] Implement rule comparison
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Snooping expected connections in a user CT helper
- From: Kevin Cernekee <cernekee@xxxxxxxxxxxx>
- [PATCH iptables 2/2] xtables-translate-restore: do not escape quotes
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH iptables 1/2] xtables-translate: add escape_quotes option to comment_xlate
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- Re: [PATCH 2/3 v3 nft] tests: Use libnftnl comparators in all tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/3 v4 libnftnl] Implement rule comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: allow logging from non-init namespaces
- From: Michal Kubecek <mkubecek@xxxxxxx>
- [PATCH 3/3 v3 nft] tests: Elimine static variable 'test_ok'
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/3 v3 nft] tests: Use libnftnl comparators in all tests
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/3 v3 nft] tests: Consolidate printing error utilities
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/3 v4 nft] Implement deleting rule by description
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/3 v4 nft] Simplify parser rule_spec tree
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/3 v4 libnftnl] Implement rule comparison
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [ANNOUNCE] Netdev 1.2 updates (16th August, 2016)
- From: Hajime Tazaki <thehajime@xxxxxxxxx>
- Re: [PATCH nf] netfilter: conntrack: do not dump other netns's conntrack entries via proc
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: conntrack: do not dump other netns's conntrack entries via proc
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: [PATCH 2/2 v2 libnftnl] test: Use libnftnl comparators in all tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2 v2 libnftnl] test: Use libnftnl comparators in all tests
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/2 v2 libnftnl] tests: Consolidate printing error utilities
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 2/2 libnfntl] expr: cmp: Use cmp2str() instead of directly access to array
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2 libnftnl] utils: Fix out of bound access in nftnl_family2str
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2 libnftnl] utils: Fix out of bound access in nftnl_family2str
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 1/2 libnftnl] utils: Fix out of bound access in nftnl_family2str
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2 libnfntl] expr: cmp: Use cmp2str() instead of directly access to array
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/2 libnftnl] utils: Fix out of bound access in nftnl_family2str
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 2/2 libnftnl] expr: cmp: Use cmp2str() instead of directly access to array
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2 libnftnl] expr: Improve bound checking in stringification functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2 libnftnl] expr: cmp: Use cmp2str() instead of directly access to array
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/2 libnftnl] expr: Improve bound checking in stringification functions
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_conntrack] src: Make the library compile under clang
- From: Kevin Cernekee <cernekee@xxxxxxxxxxxx>
- Re: [PATCH v3] netfilter: nft_numgen: add number generator expression
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH v2] netfilter: nf_tables: Check for overflow of u8 fields from u32 netlink attributes
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH v2 libnftnl] expr: add number generation expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH v3] netfilter: nft_numgen: add number generator expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH nf 1/2] netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroy
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf 2/2] netfilter: nfnetlink_acct: report overquota to the right netns
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next] netfilter: nfnetlink_log: add "nf-logger-3-1" module alias name
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH V3 nf-next] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next,v2] netfilter: remove ip_conntrack* sysctl compat code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/4, V2, libnftnl] tests: Fix wrong expression creation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: remove ip_conntrack* sysctl compat code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: remove ip_conntrack* sysctl compat code
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
- [PATCH v2 libnftnl] expr: add hash expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH 4/4, V2, libnftnl] tests: Use libnftnl comparators in all tests
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/4, V2, libnftnl] tests: Consolidate printing error utilities
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/4, V2, libnftnl] tests: Fix wrong expression creation
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 2/2, libnftnl] Use libnftnl comparators in all tests
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 1/2, libnftnl] tests: Consolidate printing error utilities
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [nft PATCH 4/4] evaluate: Avoid undefined behaviour in concat_subtype_id()
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/4] evaluate: Fix datalen checks in expr_evaluate_string()
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/4] netlink_delinearize: Avoid potential null pointer deref
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 3/4] proto_find_num: Avoid potential null pointer dereference
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 0/4] A round of covscan indicated fixes
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next V2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
- Re: [libnftnl PATCH] utils: Don't return directly from SNPRINTF_BUFFER_SIZE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH] utils: Don't return directly from SNPRINTF_BUFFER_SIZE
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 3/4, V3, nft] Simplify parser rule_spec tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next V2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: remove ip_conntrack* sysctl compat code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] ipvs: use nf_ct_kill helper
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH nf-next V2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
- Re: [PATCH netfilter] extensions/libxt_bpf.man: clarify BPF code generation with tcpdump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5] netfilter: nf_tables: add hash expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next V2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: use_nf_conn_expires helper in more places
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] ipvs: use nf_ct_kill helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_dup4: remove redundant checksum recalculation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: physdev: add missed blank
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: Only need first 4 bytes to get l4proto ports
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 0/7] A bunch of covscan detected fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 2/7] ruleset: Prevent memleak in nftnl_ruleset_snprintf_*() functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nf-next: x_tables: Replace kmalloc(s*n) with kmalloc_array(n,s)
- From: Loganaden Velvindron <logan@xxxxxxxxxx>
- Re: [PATCH] nf-next: x_tables: Replace kmalloc(s*n) with kmalloc_array(n,s)
- From: Loganaden Velvindron <logan@xxxxxxxxxx>
- Re: [libnftnl PATCH 0/7] A bunch of covscan detected fixes
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 2/7] ruleset: Prevent memleak in nftnl_ruleset_snprintf_*() functions
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 2/4, libnfntl] Implement rule comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 0/7] A bunch of covscan detected fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 0/7] A bunch of covscan detected fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/3, libnftnl] expr: Fix lookup builder
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/3, libnftnl] tests: Add missing tests to test-script.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 5/7] common: Avoid integer overflow in nftnl_batch_is_supported()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 2/7] ruleset: Prevent memleak in nftnl_ruleset_snprintf_*() functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/5] Check u32 load in u8 attributes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH 0/7] A bunch of covscan detected fixes
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 3/7] expr/ct: prevent array index overrun in ctkey2str()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 7/7] ruleset: Initialize ctx.flags before calling nftnl_ruleset_ctx_set()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 5/7] common: Avoid integer overflow in nftnl_batch_is_supported()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 6/7] Avoid returning uninitialized data
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/7] set: prevent memleak in nftnl_jansson_parse_set_info()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 4/7] expr/limit: Drop unreachable code in limit_to_type()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 2/7] ruleset: Prevent memleak in nftnl_ruleset_snprintf_*() functions
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 2/2, libnftnl] Use libnftnl comparators in all tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2, libnftnl] tests: Consolidate printing error utilities
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nf-next: x_tables: Replace kmalloc(s*n) with kmalloc_array(n,s)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] expr: hash: Jenkins hash expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v5] netfilter: nf_tables: add hash expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- nfacct: setting quotas does not seem to work.
- From: Josue Alvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH 2/2, libnftnl] Use libnftnl comparators in all tests
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/2, libnftnl] tests: Consolidate printing error utilities
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH v4] netfilter: nf_tables: add hash expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v4] netfilter: nf_tables: add hash expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH 0/9] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nfnetlink_queue: fix memory leak when attach expectation successfully
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4, V3, libnftnl] rule: Implement internal expression iterator
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/3, libnftnl] expr: Fix lookup builder
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/3, libnftnl] tests: Add missing tests to test-script.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nfnetlink_queue: reject verdict request from different portid
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4, V3, libnftnl] rule: Implement internal expression iterator
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/3, libnftnl] expr: Fix lookup builder
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/3, libnftnl] tests: Add missing tests to test-script.sh
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/3, libnftnl] tests: Fix tests for immediate and lookup expressions
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add size check on u8 nft_exthdr attributes
- From: Laura Garcia <nevola@xxxxxxxxx>
- [PATCH] nf-next: x_tables: Replace kmalloc(s*n) with kmalloc_array(n,s)
- From: Loganaden Velvindron <logan@xxxxxxxxxx>
- Re: [PATCH 1/4, V3, libnftnl] rule: Implement internal expression iterator
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/5] netfilter: nf_tables: Check u32 load in u8 nft_cmp attribute
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH 2/5] netfilter: nf_tables: Check u32 load in u8 nft_byteorder attribute
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH] x_tables: Replace kmalloc(s*n) with kmalloc_array(n,s)
- From: Loganaden Velvindron <logan@xxxxxxxxxx>
- [PATCH 4/5] netfilter: nf_tables: Check u32 load in u8 nft_immediate attribute
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH netfilter] extensions/libxt_bpf.man: clarify BPF code generation with tcpdump
- From: Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx>
- [PATCH 1/5] netfilter: nf_tables: Check u32 load in u8 nft_bitwise attribute
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [ANNOUNCE] Netdev 1.2 updates
- From: Hajime Tazaki <thehajime@xxxxxxxxx>
- [PATCH 1/9] netfilter: nf_ct_h323: do not re-activate already expired timer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/9] netfilter: nft_rbtree: ignore inactive matching element with no descendants
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/9] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/9] netfilter: nf_ct_expect: remove the redundant slash when policy name is empty
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/9] netfilter: nfnetlink_queue: reject verdict request from different portid
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/9] netfilter: nfnetlink_queue: fix memory leak when attach expectation successfully
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 8/9] netfilter: ctnetlink: reject new conntrack request with different l4proto
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/9] netfilter: nf_tables: s/MFT_REG32_01/NFT_REG32_01
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/9] netfilter: nf_conntrack_sip: CSeq 0 is a valid CSeq
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 9/9] netfilter: nft_exthdr: Add size check on u8 nft_exthdr attributes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_tables: add hash expression
- From: Laura Garcia <nevola@xxxxxxxxx>
- [PATCH 4/4, V3, nft] Implement deleting rule by description
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/4, V3, libnftnl] Implement rule comparison
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/4, V3, libnftnl] rule: Implement internal expression iterator
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/4, V3, nft] Simplify parser rule_spec tree
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 5/5] netfilter: nf_tables: Check u32 load in u8 nft_nat attribute
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH, v2] Constify iterators
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/5] Check u32 load in u8 attributes
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH 2/4, V3, libnftnl] Implement rule comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/9] netfilter: nfnetlink_queue: fix memory leak when attach expectation successfully
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/9] netfilter: nfnetlink_queue: reject verdict request from different portid
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/9] netfilter: nft_rbtree: ignore inactive matching element with no descendants
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/9] netfilter: nf_ct_expect: remove the redundant slash when policy name is empty
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 8/9] netfilter: ctnetlink: reject new conntrack request with different l4proto
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/9] netfilter: nf_conntrack_sip: CSeq 0 is a valid CSeq
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 9/9] netfilter: nft_exthdr: Add size check on u8 nft_exthdr attributes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/9] netfilter: nf_tables: s/MFT_REG32_01/NFT_REG32_01
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/9] netfilter: nf_ct_h323: do not re-activate already expired timer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/9] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3] netfilter: nf_tables: add hash expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v3] netfilter: nf_tables: add hash expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH nft] tests: tests to include files
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/3, libnftnl] tests: Fix tests for immediate and lookup expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add size check on u8 nft_exthdr attributes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Add size check on u8 nft_exthdr attributes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: ctnetlink: reject new conntrack request with different l4proto
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_tables: add hash expression
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
- [PATCH] netfilter: nf_tables: Add size check on u8 nft_exthdr attributes
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH v2] netfilter: nf_tables: add hash expression
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- 4.7.0: RCU stall in nf_conntrack
- From: Johannes Stezenbach <js@xxxxxxxxx>
- Drop pings to other VLAN interfaces
- From: vDev <vijaypas@xxxxxxxxx>
- Re: [PATCH v2] netfilter: nft_nth: match every n packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nft_hash: generate Jenkins Hash per source register
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: nft_nth: match every n packets
- From: Laura Garcia <nevola@xxxxxxxxx>
- [PATCH] netfilter: nf_tables: rename set implementations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] expr: hash: Jenkins hash expression support
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH] netfilter: nft_hash: generate Jenkins Hash per source register
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH, v2] Constify iterators
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH v2] netfilter: nft_nth: match every n packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/3] scanner: don't fall back on current directory if include is not found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/3] scanner: don't break line on include error message
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/3] scanner: honor absolute and relative paths via include file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] xtables-compat: fix comments listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] rule: Constify rule iterators
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- net-next is OPEN
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH] rule: Constify rule iterators
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 4/5, V2, nft] Simplify parser rule_spec tree
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 4/5, V2, nft] Simplify parser rule_spec tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/5, V2, libnftnl] Implement rule comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/5, V2, libnftnl] rule: Add const modifier to rule field of expression iterator
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 5/5, V2, nft] Implement deleting rule by description
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nfnetlink_queue: reject verdict request from different portid
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: ctnetlink: reject new conntrack request with different l4proto
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf] netfilter: nfnetlink_queue: reject verdict request from different portid
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: [PATCH nf] netfilter: nf_expect_proc: remove the redundant slash when policy name is empty
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nfnetlink_queue: fix memory leak when attach expectation successfully
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf] netfilter: nf_expect_proc: remove the redundant slash when policy name is empty
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH 5/5, V2, nft] Implement deleting rule by description
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 4/5, V2, nft] Simplify parser rule_spec tree
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/5, V2, libnftnl] rule: Implement internal expression iterator
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/5, V2, libnftnl] Implement rule comparison
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/5, V2, libnftnl] rule: Add const modifier to rule field of expression iterator
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 2/4, libnfntl] Implement rule comparison
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 1/4, libnftnl] rule: Implement internal expression iterator
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 2/4, libnfntl] Implement rule comparison
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4, libnftnl] rule: Implement internal expression iterator
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/4, nft] Implement deleting rule by description
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/4, nft] Simplify parser rule_spec tree
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/4, libnfntl] Implement rule comparison
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/4, libnftnl] rule: Implement internal expression iterator
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH libmnl] callback: mark cb_ctl_array 'const' in mnl_cb_run2()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_conntrack_sip: CSeq 0 is a valid CSeq
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_ct_h323: do not re-activate already expired timer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] ipvs: use nf_ct_kill helper
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH -stable 4.1.y] netfilter: x_tables: speed up jump target validation
- From: "Levin, Alexander" <alexander.levin@xxxxxxxxxxx>
- [PATCH nf-next v2] ipvs: use nf_ct_kill helper
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [kbuild-all] [PATCH nf-next] netfilter: use_nf_conn_expires helper in more places
- From: Fengguang Wu <lkp@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: use_nf_conn_expires helper in more places
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libmnl] callback: mark cb_ctl_array 'const' in mnl_cb_run2()
- From: Guillaume Nault <g.nault@xxxxxxxxxxxx>
- [PATCH v2] netfilter: nf_conntrack_sip: CSeq 0 is a valid CSeq
- From: Christophe Leroy <christophe.leroy@xxxxxx>
- Re: [PATCH nf-next] ipvs: use nf_ct_kill helper
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH nf-next] netfilter: use_nf_conn_expires helper in more places
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: use_nf_conn_expires helper in more places
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH nf-next] netfilter: use_nf_conn_expires helper in more places
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] ipvs: use nf_ct_kill helper
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH -stable 4.1.y] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1116/1285] Replace numeric parameter like 0444 with macro
- From: Jarod Wilson <jarod@xxxxxxxxxx>
- Re: [PATCH 1115/1285] Replace numeric parameter like 0444 with macro
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH -stable 4.1.y] netfilter: x_tables: speed up jump target validation
- From: "Levin, Alexander" <alexander.levin@xxxxxxxxxxx>
- Re: [PATCH 1116/1285] Replace numeric parameter like 0444 with macro
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH 1115/1285] Replace numeric parameter like 0444 with macro
- From: Pavel Machek <pavel@xxxxxx>
- [PATCH iptables] xtables-compat: fix comments listing
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- Re: [PATCH 1115/1285] Replace numeric parameter like 0444 with macro
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [PATCH 1100/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1120/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1129/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1118/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1123/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1119/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1121/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1128/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1122/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1125/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1117/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1116/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1127/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1124/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1130/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1126/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1115/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [PATCH 1099/1285] Replace numeric parameter like 0444 with macro
- From: Baole Ni <baolex.ni@xxxxxxxxx>
- [stable, xtables] fix validation of jumps
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -stable 3.12.y] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -stable 4.4.y] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -stable 3.14.y] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -stable 3.18.y] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -stable 4.1.y] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH 0/7] add payload set support for sub-byte sizes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_rbtree: ignore inactive matching element with no descendants
- From: "Anders K. Pedersen" <akp@xxxxxx>
- Re: [nft PATCH 3/7] evaluate: add support to set IPv6 non-byte header fields
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] parser: compact list of rhs keyword expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC nft] meta: deprecate unqualified meta statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RESEND nf] netfilter: avoid a race between nf_register_hook() and cleanup_net()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] manpages: do not adjust reject-with type footnote indentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] iptables-translate: add in/out ifname wildcard match translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] src: don't set data_len to zero when returning pointers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_rbtree: ignore inactive matching element with no descendants
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 0/7] add payload set support for sub-byte sizes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 4/7] netlink: decode payload statment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/7] evaluate: add support to set IPv6 non-byte header fields
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/3] netfilter: nat: don't assign a null snat rule to bridged traffic if no matching
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/3] netfilter: nat: snat created in route process just apply to routed traffic
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/3] netfilter: nat: update hash bucket if nat changed after ct confirmed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 3/3] netfilter: nat: don't assign a null snat rule to bridged traffic if no matching
- From: fxp2001640163@xxxxxxxxx
- [PATCH 2/3] netfilter: nat: snat created in route process just apply to routed traffic
- From: fxp2001640163@xxxxxxxxx
- [PATCH 1/3] netfilter: nat: update hash bucket if nat changed after ct confirmed
- From: fxp2001640163@xxxxxxxxx
- Re: [PATCH RESEND nf] netfilter: avoid a race between nf_register_hook() and cleanup_net()
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH nf-next] netfilter: nf_dup4: remove redundant checksum recalculation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_dup4: remove redundant checksum recalculation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_dup4: remove redundant checksum recalculation
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next V2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH iptables] iptables-translate: add in/out ifname wildcard match translation to nft
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH RESEND nf] netfilter: avoid a race between nf_register_hook() and cleanup_net()
- From: Michal Kubecek <mkubecek@xxxxxxx>
- Re: NFQUEUE panic bug
- From: Florian Westphal <fw@xxxxxxxxx>
- NFQUEUE panic bug
- From: Daniel Collins <daniel.collins@xxxxxxxxxxxxxx>
- [PATCH v4] doc: Complete documentation of statements
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH v2] netfilter: nft_nth: match every n packets
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] netfilter: nft_nth: match every n packets
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: [PATCH v2] netfilter: nft_nth: match every n packets
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl v2] expr: nth: match every n packets
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH v2] netfilter: nft_nth: match every n packets
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: PROBLEM: TPROXY and DNAT broken (bisected to 079096f103fa)
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- [PATCH nft] parser: compact list of rhs keyword expressions
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables v2 2/2] xtables-translate: fix issue with quotes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 1/2] include: xtables: fix struct definitions grepability
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] parser_bison: keep map flag around when flags are specified
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC nft] meta: deprecate unqualified meta statements
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [RFC nft] meta: deprecate unqualified meta statements
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 2/7] payload: print base and raw values for unknown payloads
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 7/7] tests: ip payload set support for ecn and dscp
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 0/7] add payload set support for sub-byte sizes
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 6/7] netlink: make checksum fixup work with odd-sized header fields
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 4/7] netlink: decode payload statment
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 1/7] netlink: add __binop_adjust helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 5/7] tests: ip6 dscp, flowlabel and ecn test cases
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH 3/7] evaluate: add support to set IPv6 non-byte header fields
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft_rbtree_lookup: BUG: unable to handle kernel NULL pointer dereference
- From: "Anders K. Pedersen" <akp@xxxxxx>
- [PATCH iptables v2 2/2] xtables-translate: fix issue with quotes
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH iptables 1/2] include: xtables: fix struct definitions grepability
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- Re: [PATCH iptables 2/2] xtables-translate: fix issue with quotes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 2/2] xtables-translate: fix issue with quotes
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- Re: [PATCH] netfilter: nft_nth: match every n packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft_rbtree_lookup: BUG: unable to handle kernel NULL pointer dereference
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl] expr: nth: match every n packets
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH] netfilter: nft_nth: match every n packets
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH] manpages: do not adjust reject-with type footnote indentation
- From: Sami Kerola <kerolasa@xxxxxx>
- [PATCH] manpages: do not adjust reject-with type footnote indentation
- From: Sami Kerola <kerolasa@xxxxxx>
- nft_rbtree_lookup: BUG: unable to handle kernel NULL pointer dereference
- From: "Anders K. Pedersen" <akp@xxxxxx>
- [NetDev] [ANNOUNCE] Netdev 1.2 updates (Tokyo, Japan, October 5-7)
- From: Hajime Tazaki <thehajime@xxxxxxxxx>
- Re: [PATCH iptables 2/2] xtables-translate: fix issue with quotes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: physdev: add missed blank
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- Re: [PATCH 00/25] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_tables: s/MFT_REG32_01/NFT_REG32_01
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC] l2tp for nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [RFC] l2tp for nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ISSUE] nftables: !=range doesn't really work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] xt: use struct xt_xlate_{mt,tg}_params
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] src: introduce struct xt_xlate_{mt,tg}_params
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ISSUE] nftables: !=range doesn't really work
- From: Xin Long <lucien.xin@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_ct_h323: do not re-activate already expired timer
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH 1/1] netfilter: Only need first 4 bytes to get l4proto ports
- From: fgao@xxxxxxxxxxxxxxxxx
- Re: [PATCH iptables 1/2] xtables-translate: add new field to identify the caller
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] extensions: libxt_connlabel: add unit test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/25] netfilter: conntrack: protect early_drop by rcu read lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/25] netfilter: nf_conntrack_h323: fix off-by-one in DecodeQ931
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/25] netfilter: x_tables: speed up jump target validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/25] netfilter: conntrack: simplify early_drop
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/25] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/25] netfilter: move nat hlist_head to nf_conn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 19/25] netfilter: nft_log: fix snaplen does not truncate packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 20/25] netfilter: nf_tables: allow to filter out rules by table and chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/25] netfilter: nft_ct: make byte/packet expr more friendly
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 21/25] netfilter: conntrack: support a fixed size of 128 distinct labels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/25] netfilter: constify arg to is_dying/confirmed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 22/25] netfilter: connlabels: move set helper to xt_connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 23/25] netfilter: h323: Use mod_timer instead of set_expect_timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/25] netfilter: nft_log: fix possible memory leak if log expr init fail
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 25/25] netfilter: nft_compat: fix crash when related match/target module is removed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 24/25] netfilter: nft_compat: put back match/target module if init fail
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/25] netfilter: nft_log: check the validity of log level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/25] netfilter: Add helper array register/unregister functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/25] netfilter: nf_tables: get rid of possible_net_t from set and basechain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/25] netfilter: physdev: physdev-is-out should not work with OUTPUT chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/25] netfilter: nat: convert nat bysrc hash to rhashtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/25] netfilter: nf_ct_helper: unlink helper again when hash resize happen
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/25] netfilter: cttimeout: unlink timeout obj again when hash resize happen
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/25] ipvs: count pre-established TCP states as active
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/25] netfilter: conntrack: fix race between nf_conntrack proc read and hash resize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/25] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 25/25] netfilter: nft_compat: fix crash when related match/target module is removed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 24/25] netfilter: nft_compat: put back match/target module if init fail
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 22/25] netfilter: connlabels: move set helper to xt_connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 23/25] netfilter: h323: Use mod_timer instead of set_expect_timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 20/25] netfilter: nf_tables: allow to filter out rules by table and chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 21/25] netfilter: conntrack: support a fixed size of 128 distinct labels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/25] netfilter: nft_log: check the validity of log level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 19/25] netfilter: nft_log: fix snaplen does not truncate packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/25] netfilter: Add helper array register/unregister functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/25] netfilter: nft_log: fix possible memory leak if log expr init fail
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/25] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/25] netfilter: x_tables: speed up jump target validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/25] netfilter: nf_conntrack_h323: fix off-by-one in DecodeQ931
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/25] netfilter: conntrack: protect early_drop by rcu read lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/25] netfilter: nf_tables: get rid of possible_net_t from set and basechain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/25] netfilter: constify arg to is_dying/confirmed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/25] netfilter: nft_ct: make byte/packet expr more friendly
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/25] netfilter: physdev: physdev-is-out should not work with OUTPUT chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/25] netfilter: nat: convert nat bysrc hash to rhashtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/25] netfilter: move nat hlist_head to nf_conn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/25] netfilter: conntrack: simplify early_drop
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/25] netfilter: nf_ct_helper: unlink helper again when hash resize happen
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/25] netfilter: cttimeout: unlink timeout obj again when hash resize happen
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/25] netfilter: conntrack: fix race between nf_conntrack proc read and hash resize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/25] ipvs: count pre-established TCP states as active
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/25] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: nft_compat: fix crash when related match/target module is removed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/2] netfilter: nft_compat: put back match/target module if init fail
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: tcp/udp: Only get 4 bytes to get tcp/udp ports
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: h323: Use mod_timer instead of set_expect_timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/2] netfilter: connlabels: move set helper to xt_connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] netfilter: conntrack: support a fixed size of 128 distinct labels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 2/2] xtables-translate: fix issue with quotes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: nft_compat: fix crash when related match/target module is removed
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next 1/2] netfilter: nft_compat: put back match/target module if init fail
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH iptables] extensions: libxt_connlabel: add unit test
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH 1/1] netfilter: tcp/udp: Only get 4 bytes to get tcp/udp ports
- From: fgao@xxxxxxxxxxxxxxxxx
- [PATCH iptables 2/2] xtables-translate: fix issue with quotes
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH iptables 1/2] xtables-translate: add new field to identify the caller
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- Re: [PATCH 2/2] netfilter: connlabels: move set helper to xt_connlabel
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/1] netfilter: udp: Remove a bit misleading comment in udp_pkt_to_tuple
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/2] netfilter: connlabels: move set helper to xt_connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] examples: selective rule dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] examples: selective rule dumping
- From: jalvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH 1/1] netfilter: h323: Use mod_timer instead of set_expect_timeout
- From: fgao@xxxxxxxxxxxxxxxxx
- [PATCH libnftnl] expr: lookup: print flags only if they are available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 iptables] connlabel: clarify default config path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH lnf_conntrack] conntrack: labels: add function to fetch default config file location
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Fix test building on musl libc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] examples: selective rule dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] examples: selective rule dumping
- From: Josue Alvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct
- From: fgao@xxxxxxxxxxxxxxxxx
- Re: [PATCH libnftnl] examples: selective rule dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2] netfilter: connlabels: move set helper to xt_connlabel
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 1/2] netfilter: conntrack: support a fixed size of 128 distinct labels
- From: Florian Westphal <fw@xxxxxxxxx>
- netfilter: connlabels: get rid of variable-size support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 1/1] netfilter: udp: Remove a bit misleading comment in udp_pkt_to_tuple
- From: fgao@xxxxxxxxxxxxxxxxx
- Re: [PATCH 1/1] netfilter: udp: Only get 8 bytes header in udp_pkt_to_tuple to keep consistent with tcp_pkt_to_tuple and comments
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 1/1] netfilter: udp: Only get 8 bytes header in udp_pkt_to_tuple to keep consistent with tcp_pkt_to_tuple and comments
- From: fgao@xxxxxxxxxxxxxxxxx
- Re: [PATCH libnftnl] examples: selective rule dumping
- From: jalvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH] Fix test building on musl libc
- From: Kylie McClain <somasissounds@xxxxxxxxx>
- [PATCH limnl] Fix test building on musl libc
- From: Kylie McClain <somasissounds@xxxxxxxxx>
- [PATCH] Fix test building on musl libc
- From: Kylie McClain <somasissounds@xxxxxxxxx>
- Re: [PATCH nft] ct: use nftables sysconf location for connlabel configuration
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 iptables] connlabel: clarify default config path
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH lnf_conntrack] conntrack: labels: add function to fetch default config file location
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH libnftnl] examples: selective rule dumping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] extensions: libxt_NFLOG: add unit test to cover nflog-size with zero
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2] netfilter: nf_tables: allow to filter out rules by table and chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] connlabel: clarify default config path
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] connlabel: clarify default config path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] ct: use nftables sysconf location for connlabel configuration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: allow to filter out rules by table and chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: allow to filter out rules by table and chain
- From: jalvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH libnftnl] examples: selective rule dumping
- From: jalvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH iptables] extensions: libxt_NFLOG: add unit test to cover nflog-size with zero
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nft] ct: use nftables sysconf location for connlabel configuration
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: allow to filter out rules by table and chain
- From: jalvarez <jalvarez@xxxxxxxxxxxxxxxxxxxx>
- [PATCH iptables] connlabel: clarify default config path
- From: Florian Westphal <fw@xxxxxxxxx>
- 答复: 答复: [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: 高峰 <fgao@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nft_log: fix snaplen does not truncate packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nft_log: fix snaplen does not truncate packets
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
- Re: 答复: [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: 答复: [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nft_log: fix snaplen does not truncate packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- 答复: [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: 高峰 <fgao@xxxxxxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nft_log: fix snaplen does not truncate packets
- From: "Liping Zhang" <zlpnobody@xxxxxxx>
- Re: [PATCH iptables 1/2] extensions: libxt_NFLOG: display nflog-size even if it is zero
- From: "Liping Zhang" <zlpnobody@xxxxxxx>
- Re: nft synproxy integration
- From: Alexander Meinhardt <alexander.meinhardt@xxxxxxxxx>
- Re: [PATCH iptables 2/2] extensions: libxt_NFLOG: translate to nft log snaplen if nflog-size is specified
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables 1/2] extensions: libxt_NFLOG: display nflog-size even if it is zero
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nft_log: fix snaplen does not truncate packets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/3] netfilter: nft_log: check the validity of log level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nft_log: fix possible memory leak if log expr init fail
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3 nf] netfilter: x_tables: speed up jump target validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH stable-4.1 v2] netfilter: x_tables: fix stable backport
- From: Michal Kubecek <mkubecek@xxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: allow to filter out rules by table and chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH stable-4.1] netfilter: x_tables: fix stable backport
- From: Michal Kubecek <mkubecek@xxxxxxx>
- Re: [PATCH nft 1/3] meta: add random expression key
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
- [ANNOUNCE] Suspending Patrick McHardy as coreteam member
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/3] meta: add random expression key
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables 2/2] extensions: libxt_NFLOG: translate to nft log snaplen if nflog-size is specified
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH iptables 1/2] extensions: libxt_NFLOG: display nflog-size even if it is zero
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next 3/3] netfilter: nft_log: fix snaplen does not truncate packets
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next 0/3] netfilter: fix some small bugs related to nft_log
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next 2/3] netfilter: nft_log: check the validity of log level
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next 1/3] netfilter: nft_log: fix possible memory leak if log expr init fail
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH 1/1] netfilter: Add helper array register/unregister functions
- From: fgao@xxxxxxxxxxxxxxxxx
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] extensions: libxt_connlabel: fix crash when connlabel.conf is empty
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH iptables] extensions: libxt_connlabel: fix crash when connlabel.conf is empty
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: [PATCH iptables] extensions: libxt_connlabel: Add translation to nft
- From: "Liping Zhang" <zlpnobody@xxxxxxx>
- Re: [PATCH nf] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH iptables] extensions: libxt_connlabel: Add translation to nft
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH iptables] extensions: libxt_connlabel: Add translation to nft
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: [PATCH v3 nf] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 3/3] netfilter: replace list_head with single linked list
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v3 nf] netfilter: x_tables: speed up jump target validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 1/3] netfilter: bridge: add and use br_nf_hook_thresh
- From: Aaron Conole <aconole@xxxxxxxxxx>
- Re: [PATCH v2 3/3] netfilter: replace list_head with single linked list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 2/3] netfilter: call nf_hook_state_init with rcu_read_lock held
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next v2 2/3] netfilter: call nf_hook_state_init with rcu_read_lock held
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 1/3] netfilter: bridge: add and use br_nf_hook_thresh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v3 nf] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 nf] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 2/3] meta: add short-hand mnemonic for probalistic matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/3] meta: add short-hand mnemonic for probalistic matching
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 2/3] meta: add short-hand mnemonic for probalistic matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/3] meta: add short-hand mnemonic for probalistic matching
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 2/3] meta: add short-hand mnemonic for probalistic matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2 nft] tests: shell: make sure split table definition works via nft -f
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2 nft] parser_bison: fix typo in symbol redefinition error reporting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft v5 3/3] src: add xt compat support
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH nft v5 3/3] src: add xt compat support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft v5 1/3] include: cache ip_tables.h, ip6_tables.h, arp_tables.h and ebtables.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft v5 2/3] src: expose delinearize/linearize structures and stmt_error()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2 nf] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: "Liping Zhang" <zlpnobody@xxxxxxx>
- Re: nftables: Dynamically updating sets gives syntax error
- From: "Anders K. Pedersen" <akp@xxxxxx>
- Re: [PATCH nf] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: speed up jump target validation
- From: Jeff Wu <wujiafu@xxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: speed up jump target validation
- From: Jeff Wu <wujiafu@xxxxxxxxx>
- [PATCH nft v5 1/3] include: cache ip_tables.h, ip6_tables.h, arp_tables.h and ebtables.h
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH nft v5 2/3] src: expose delinearize/linearize structures and stmt_error()
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- [PATCH nft v5 3/3] src: add xt compat support
- From: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
- Re: [PATCH iptables 3/3] libxt_hashlimit: iptables-restore does not work as expected with xt_hashlimit
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
- Re: [PATCH 0/6] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: x_tables: speed up jump target validation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 4/6] ipvs: fix bind to link-local mcast IPv6 address in backup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/6] netfilter: nft_meta: set skb->nf_trace appropriately
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/6] netfilter: nft_ct: fix expiration getter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/6] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/6] netfilter: conntrack: skip clash resolution if nat is in place
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/6] netfilter: conntrack: avoid integer overflow when resizing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/6] netfilter: nf_tables: fix memory leak if expr init fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v2 2/3] netfilter: call nf_hook_state_init with rcu_read_lock held
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH v2 3/3] netfilter: replace list_head with single linked list
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH nf-next v2 1/3] netfilter: bridge: add and use br_nf_hook_thresh
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH nf-next v2 0/3] Compact netfilter hooks list
- From: Aaron Conole <aconole@xxxxxxxxxx>
- Re: nftables: Dynamically updating sets gives syntax error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] netlink_linearize: skip NFTNL_EXPR_DYNSET_TIMEOUT attribute if timeout is unset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] parser_bison: restore parsing of dynamic set element updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/2] netfilter: conntrack: protect early_drop by rcu read lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Multi-thread udp 4.7 regression, bisected to 71d8c47fc653
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 1/2] netfilter: conntrack: protect early_drop by rcu read lock
- From: Florian Westphal <fw@xxxxxxxxx>
- iptables bypass via raw ethernet frames and other networking protocols
- From: ivan.vettese@xxxxxxxxxxxxxxx
- [PATCH nf-next 1/2] netfilter: conntrack: protect early_drop by rcu read lock
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH nf-next 2/2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: Multi-thread udp 4.7 regression, bisected to 71d8c47fc653
- From: Marc Dionne <marc.c.dionne@xxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: replace list_head with single linked list
- From: Aaron Conole <aconole@xxxxxxxxxx>
- Re: [PATCH v3, libnftnl] Fix nftnl_*_get to set data_len
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Multi-thread udp 4.7 regression, bisected to 71d8c47fc653
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v3, libnftnl] Fix nftnl_*_get to set data_len
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH v2, libnftnl] Fix nftnl_*_get to set data_len
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2, libnftnl] Fix nftnl_*_get to set data_len
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 2/2] netfilter: add missing macro
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] fix off-by-one in DecodeQ931
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: replace list_head with single linked list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/2 libnfntl] Fix nftnl_*_get to set data_len
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/2 libnfntl] Fix nftnl_*_get to set data_len
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -next] netfilter: conntrack: simplify early_drop
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/2] netfilter: move nat hlist_head to nf_conn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nft_ct: make byte/packet expr more friendly
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V2,nf 0/3] netfilter: conntrack: fix race condition associated with hash resize
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/6] netfilter: nat: convert nat bysrc hash to rhashtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
