Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH 32/36] netfilter: conntrack: make netns address part of expect hash
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 33/36] netfilter: conntrack: use a single expectation table for all namespaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 34/36] netfilter: conntrack: make netns address part of nat bysrc hash
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 35/36] netfilter: conntrack: use a single nat bysource table for all namespaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 36/36] netfilter: conntrack: use single slab cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 31/36] netfilter: conntrack: check netns when walking expect hash
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/36] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/3] netfilter: remove per-netns conntrack tables, part 3
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/3] netfilter: conntrack: use single slab cache
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/3] netfilter: conntrack: use a single nat bysource table for all namespaces
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/3] netfilter: conntrack: make netns address part of nat bysrc hash
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/3] netfilter: remove per-netns conntrack tables, part 3
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2] uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
- From: Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx>
Re: [GIT PULL nf-next 0/1] Second Round of IPVS Updates for v4.7
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/3] netfilter: remove per-netns conntrack tables, part 2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: nf_conntrack: Use net_mutex for helper unregistration.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net] netfilter: nf_conntrack: Use net_mutex for helper unregistration.
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH net] netfilter: nf_conntrack: Use net_mutex for helper unregistration.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/1] ipvs: make drop_entry protection effective for SIP-pe
- From: Simon Horman <horms@xxxxxxxxxxxx>
[GIT PULL nf-next 0/1] Second Round of IPVS Updates for v4.7
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH v2] xtables: Add a smaller delay option when waiting for xtables lock
- From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
Re: [PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Brian Haley <brian.haley@xxxxxxx>
[PATCH net] netfilter: nf_conntrack: Use net_mutex for helper unregistration.
- From: Joe Stringer <joe@xxxxxxx>
[PATCH nf-next 1/3] netfilter: conntrack: check netns when walking expect hash
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 3/3] netfilter: conntrack: use a single expectation table for all namespaces
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/3] netfilter: conntrack: make netns address part of expect hash
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/3] netfilter: remove per-netns conntrack tables, part 2
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Brian Haley <brian.haley@xxxxxxx>
Re: [PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Brian Haley <brian.haley@xxxxxxx>
Re: [PATCH] iptables: update pf.os
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -nf v7] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -nf v7] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH -nf v7] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -nf v7] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nfnetlink_acct: validate NFACCT_QUOTA parameter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] libnftnl: allow any set name length
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -nf v7] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Kernel crash on helper module unload
- From: Florian Westphal <fw@xxxxxxxxx>
Kernel crash on helper module unload
- From: Joe Stringer <joe@xxxxxxx>
[PATCH nf-next] netfilter: nf_tables: allow set names up to 32 bytes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 5/9] netfilter: conntrack: small refactoring of conntrack seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 5/9] netfilter: conntrack: small refactoring of conntrack seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] evaluate: better error reporting in too long sets names
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: avoid integer overflow when resizing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 5/9] netfilter: conntrack: small refactoring of conntrack seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 3/9] netfilter: conntrack: don't attempt to iterate over empty table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_ct_helper: disable automatic helper assignment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_ct_helper: disable automatic helper assignment
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH nf-next 4/4] openvswitch: __nf_ct_l{3,4}proto_find() always return a valid pointer
- From: Joe Stringer <joe@xxxxxxx>
[PATCH nf-next] netfilter: x_tables: get rid of old and inconsistent debugging
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nfnetlink_acct: validate NFACCT_QUOTA parameter
- From: Phil Turnbull <phil.turnbull@xxxxxxxxxx>
Re: [PATCH nf-next 5/9] netfilter: conntrack: small refactoring of conntrack seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 3/9] netfilter: conntrack: don't attempt to iterate over empty table
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 3/9] netfilter: conntrack: don't attempt to iterate over empty table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v5] netfilter: conntrack: introduce clash resolution on insertion race
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 3/9] netfilter: conntrack: don't attempt to iterate over empty table
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 3/9] netfilter: conntrack: don't attempt to iterate over empty table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 4/4] openvswitch: __nf_ct_l{3,4}proto_find() always return a valid pointer
- From: Jarno Rajahalme <jarno@xxxxxxx>
Re: [PATCH nf-next,v4] netfilter: conntrack: introduce clash resolution on insertion race
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH RFC nf-next] netfilter: ip_tables: get rid of old debugging instrumentation
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 3/4,v2] netfilter: conntrack: introduce clash resolution on insertion race
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next,v4] netfilter: conntrack: introduce clash resolution on insertion race
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next,v3] netfilter: conntrack: introduce clash resolution on insertion race
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 3/4,v2] netfilter: conntrack: introduce clash resolution on insertion race
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC nf-next] netfilter: ip_tables: get rid of old debugging instrumentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 3/4,v2] netfilter: conntrack: introduce clash resolution on insertion race
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 3/4,v2] netfilter: conntrack: introduce clash resolution on insertion race
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 4/4] openvswitch: __nf_ct_l{3,4}proto_find() always return a valid pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/4] netfilter: conntrack: introduce nf_ct_acct_update()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/4] netfilter: conntrack: introduce clash resolution on insertion race
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/4] netfilter: conntrack: __nf_ct_l4proto_find() always returns valid pointer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: off-by-one in DecodeQ931
- From: Toby DiPasquale <toby@xxxxxxxx>
[PATCH v3 nf-next 7/9] netfilter: conntrack: make netns address part of hash
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nf-next 7/9] netfilter: conntrack: make netns address part of hash
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nf-next 7/9] netfilter: conntrack: make netns address part of hash
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH v2 nf-next 9/9] netfilter: conntrack: consider ct netns in early_drop logic
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 nf-next 8/9] netfilter: conntrack: use a single hashtable for all namespaces
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 nf-next 7/9] netfilter: conntrack: make netns address part of hash
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: avoid integer overflow when resizing
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] nf_nat_packet: Clear skb hash after modifying packet headers.
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] iptables: update pf.os
- From: Xose Vazquez Perez <xose.vazquez@xxxxxxxxx>
Re: [PATCH nf-next 8/9] netfilter: conntrack: use a single hashtable for all namespaces
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] examples: load modules when adding chains or tables
- From: Daniel Wagner <daniel.wagner@xxxxxxxxxxxx>
Re: [PATCH] examples: load modules when adding chains or tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] examples: load modules when adding chains or tables
- From: Daniel Wagner <wagi@xxxxxxxxx>
Re: [PATCH] netfilter: IDLETIMER: fix race condition when destroy the target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: avoid integer overflow when resizing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: init all_locks to avoid debug warning
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: fix IS_ERR_VALUE usage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: init all_locks to avoid debug warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: conntrack: init all_locks to avoid debug warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] dist: include tests/ directory and files in tarball
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] dist: include tests/ directory and files in tarball
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: fix IS_ERR_VALUE usage
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] extensions: libxt_NFQUEUE: Add missing tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] extensions: libxt_NFQUEUE: Add missing tests
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] nf_nat_packet: Clear skb hash after modifying packet headers.
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] nf_nat_packet: Clear skb hash after modifying packet headers.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] extensions: libxt_NFQUEUE: Add missing tests
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
[PATCH nf-next] netfilter: fix IS_ERR_VALUE usage
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] xtables: use exponential delay when waiting for xtables lock
- From: subashab@xxxxxxxxxxxxxx
[PATCH nf-next 1/9] netfilter: conntrack: keep BH enabled during lookup
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/9] netfilter: conntrack: fix lookup race during hash resize
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 3/9] netfilter: conntrack: don't attempt to iterate over empty table
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 6/9] netfilter: conntrack: check netns when comparing conntrack objects
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 8/9] netfilter: conntrack: use a single hashtable for all namespaces
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 9/9] netfilter: conntrack: consider ct netns in early_drop logic
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 7/9] netfilter: conntrack: make netns address part of hash
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 5/9] netfilter: conntrack: small refactoring of conntrack seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 4/9] netfilter: conntrack: use nf_ct_key_equal() in more places
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/9] netfilter: remove per-netns conntrack tables, part 1
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] dist: include tests/ directory and files in tarball
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [nft PATCH] dist: include tests/ directory and files in tarball
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] dist: include tests/ directory and files in tarball
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [nft PATCH] dist: include tests/ directory and files in tarball
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH iptables] xtables: use exponential delay when waiting for xtables lock
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] dist: include tests/ directory and files in tarball
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[conntrack-tools PATCH] dist: include tests/ directory and files in tarball
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [nf_tables PATCH] netfilter: nf_tables: invert chain deletion abort path
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [nf-next, 1/2] netfilter: conntrack: cache route for forwarded connections
- From: Charlemagne Lasse <charlemagnelasse@xxxxxxxxx>
[PATCH nf-next] netfilter: allow logging from non-init namespaces
- From: Michal Kubecek <mkubecek@xxxxxxx>
Re: [nft PATCH] evaluate: better error reporting in too long sets names
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH iptables] xtables: use exponential delay when waiting for xtables lock
- From: Liping Zhang <zlpnobody@xxxxxxxxx>
Re: [nft PATCH] evaluate: better error reporting in too long sets names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] evaluate: better error reporting in too long sets names
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [nft PATCH] tests: py: allow to run tests with other nft binaries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] evaluate: better error reporting in too long sets names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] configure: make libmnl and libnftnl hard requirements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/2] extensions: libxt_NFQUEUE: Unstack different versions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v2] taskstats: fix nl parsing in accounting/getdelays.c
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH net-next 9/9] taskstats: use the libnl API to align nlattr on 64-bit
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nft 7/7] nft: add flow statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next v2] taskstats: fix nl parsing in accounting/getdelays.c
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH net-next] taskstats: fix nl parsing in accounting/getdelays.c
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next] taskstats: fix nl parsing in accounting/getdelays.c
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH net-next 9/9] taskstats: use the libnl API to align nlattr on 64-bit
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [nft PATCH] tests: shell: add testcases for named sets with intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/3 nft] tests/py: explicitly indication of set type and flags from test definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/3 nft] tests/py: add more interval tests for anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/3 nft] tests/py: add interval tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 9/9] taskstats: use the libnl API to align nlattr on 64-bit
- From: Balbir Singh <bsingharora@xxxxxxxxx>
[PATCH nft 4/7] tests: update for changed set name
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 7/7] nft: add flow statement
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 6/7] stmt: support generating stateful statements outside of rule context
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 5/7] netlink_delinearize: support parsing statements not contained within a rule
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 3/7] set: explicitly supply name to implicit set declarations
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 2/7] set: allow non-constant implicit set declarations
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 1/7] netlink: make dump functions object argument constant
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 0/7] flow statement
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH net-next 9/9] taskstats: use the libnl API to align nlattr on 64-bit
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH net-next 9/9] taskstats: use the libnl API to align nlattr on 64-bit
- From: Balbir Singh <bsingharora@xxxxxxxxx>
Re: [iptables PATCH] configure: make libmnl and libnftnl hard requirements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] configure: make libmnl and libnftnl hard requirements
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: iptables audit target causes kernel panic with iptables-persistent (kernel 3.2.78)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: iptables audit target causes kernel panic with iptables-persistent (kernel 3.2.78)
- From: Lev Stipakov <lstipakov@xxxxxxxxx>
[iptables PATCH] configure: make libmnl and libnftnl hard requirements
- From: Giuseppe Longo <giuseppelng@xxxxxxxxx>
Re: iptables audit target causes kernel panic with iptables-persistent (kernel 3.2.78)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [Documentation] SNAT in INPUT chain
- From: Lion Yang <lion@xxxxxxx>
Re: [Documentation] SNAT in INPUT chain
- From: Florian Westphal <fw@xxxxxxxxx>
[Documentation] SNAT in INPUT chain
- From: Lion Yang <lion@xxxxxxx>
[PATCH libnftnl] libnftnl: constify object arguments to various functions
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: iptables audit target causes kernel panic with iptables-persistent (kernel 3.2.78)
- From: Lev Stipakov <lstipakov@xxxxxxxxx>
Re: [PATCH -nf v7] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH -nf v7] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
iptables audit target causes kernel panic with iptables-persistent (kernel 3.2.78)
- From: Lev Stipakov <lstipakov@xxxxxxxxx>
iptables audit target causes kernel panic with iptables-persistent (kernel 3.2.78)
- From: Lev Stipakov <lstipakov@xxxxxxxxx>
Re: [PATCH net-next 9/9] wireless: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH net-next 9/9] wireless: use nla_put_u64_64bit()
- From: Johannes Berg <johannes@xxxxxxxxxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 0/4] Interval overlap detection for named sets
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 0/4] Interval overlap detection for named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net-next 0/9] netlink: align attributes when needed (patchset #2)
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH nft 0/4] Interval overlap detection for named sets
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: off-by-one in DecodeQ931
- From: Florian Westphal <fw@xxxxxxxxx>
Re: new ipset set type - hash:ip,mac
- From: Tomasz Chiliński <tomasz.chilinski@xxxxxxxxxx>
Re: [GIT PULL nf-next 0/3] IPVS Updates for v4.6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/4] nf_tables: basic dynamic support for set intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ip6t_SYNPROXY: unnecessary to check whether ip6_route_output returns NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 0/3] netfilter: conntrack: prepare for hashtable merge, take 1
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
- From: Mikko Rapeli <mikko.rapeli@xxxxxx>
Re: [PATCH nft 0/4] Interval overlap detection for named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2] uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
- From: Szabolcs Nagy <szabolcs.nagy@xxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 0/4] Interval overlap detection for named sets
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH nft 0/6] ruleset tracing
- From: Patrick McHardy <kaber@xxxxxxxxx>
[nft PATCH] tests: shell: add testcases for named sets with intervals
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH nft 0/6] ruleset tracing
- From: Florian Westphal <fw@xxxxxxxxx>
Re: new ipset set type - hash:ip,mac
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH net-next 1/9] rtnl: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 3/9] ipv6: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 2/9] sched: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 6/9] l2tp: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 7/9] ieee802154: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 4/9] ovs: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 8/9] netfilter/ipvs: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 5/9] bridge: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 9/9] wireless: use nla_put_u64_64bit()
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 0/9] netlink: align attributes when needed (patchset #2)
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH net-next 2/9] libnl: nla_put_le64(): align on a 64-bit area
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
Re: [PATCH nft 0/6] ruleset tracing
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH nft 0/6] ruleset tracing
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH nft 0/6] ruleset tracing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/6] nft: resync kernel header files
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 6/6] nft monitor [ trace ]
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 3/6] payload: move payload depedency tracking to payload.c
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 1/6] payload: fix stacked headers protocol context tracking
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 4/6] payload: add payload_is_stacked()
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 0/6] ruleset tracing
- From: Patrick McHardy <kaber@xxxxxxxxx>
[PATCH nft 5/6] proto: add protocol header fields filter and ordering for packet decoding
- From: Patrick McHardy <kaber@xxxxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: conntrack: use get_random_once for nat and expectations
- From: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: conntrack: use get_random_once for nat and expectations
- From: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] netfilter: resolve compilation error in userspace when using ip_tables.h
- From: Mikko Rapeli <mikko.rapeli@xxxxxx>
[PATCH v2] uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
- From: Mikko Rapeli <mikko.rapeli@xxxxxx>
Re: [PATCH nf-next 2/3] netfilter: conntrack: use get_random_once for nat and expectations
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 2/3] netfilter: conntrack: use get_random_once for nat and expectations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 00/23] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH net-next 0/9] netlink: align attributes when needed (patchset #1)
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH nf] netfilter: conntrack: avoid integer overflow when resizing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: conntrack: init all_locks to avoid debug warning
- From: Florian Westphal <fw@xxxxxxxxx>
new ipset set type - hash:ip,mac
- From: Tomasz Chiliński <tomasz.chilinski@xxxxxxxxxx>
Re: [PATCH net-next 2/9] libnl: nla_put_le64(): align on a 64-bit area
- From: Alexander Aring <aar@xxxxxxxxxxxxxx>
[PATCH] off-by-one in DecodeQ931
- From: Toby DiPasquale <toby@xxxxxxxx>
Re: [PATCH net-next 2/9] libnl: nla_put_le64(): align on a 64-bit area
- From: Alexander Aring <aar@xxxxxxxxxxxxxx>
[PATCH nft 4/4] segtree: add interval overlap detection for dynamic updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/4] segtree: rename set expression set_to_segtree()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/4] segtree: add expr_to_intervals()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/4] segtree: set expr->len for prefix expression from interval_map_decompose()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/4] Interval overlap detection for named sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next 2/9] libnl: nla_put_le64(): align on a 64-bit area
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH net-next 2/9] libnl: nla_put_le64(): align on a 64-bit area
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 4/9] libnl: nla_put_net64(): align on a 64-bit area
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 7/9] libnl: add nla_put_u64_64bit() helper
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 8/9] xfrm: align nlattr properly when needed
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 3/9] libnl: nla_put_be64(): align on a 64-bit area
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 5/9] libnl: nla_put_s64(): align on a 64-bit area
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 1/9] libnl: fix help of _64bit functions
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 6/9] libnl: nla_put_msecs(): align on a 64-bit area
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 9/9] taskstats: use the libnl API to align nlattr on 64-bit
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH net-next 0/9] netlink: align attributes when needed (patchset #1)
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
[PATCH] netfilter: resolve compilation error in userspace when using ip_tables.h
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: xtables-addons build failed with linux 4.5 header
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH 03/23] netfilter: x_tables: add and use xt_check_entry_offsets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/23] netfilter: x_tables: validate targets of jumps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/23] netfilter: x_tables: kill check_entry helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/23] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/23] netfilter: x_tables: assert minimum target size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/23] netfilter: x_tables: check for bogus target offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/23] netfilter: ip_tables: simplify translate_compat_table args
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/23] netfilter: x_tables: add compat version of xt_check_entry_offsets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/23] netfilter: arp_tables: simplify translate_compat_table args
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/23] netfilter: ip6_tables: simplify translate_compat_table args
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/23] netfilter: x_tables: do compat validation via translate_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/23] netfilter: x_tables: remove obsolete overflow check for compat case too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/23] netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 18/23] netfilter: ctnetlink: remove unnecessary inlining
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 19/23] netfilter: connlabels: move helpers to xt_connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 17/23] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 20/23] netfilter: labels: don't emit ct event if labels were not changed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/23] netfilter: x_tables: check standard target size too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 16/23] netfilter: x_tables: remove obsolete check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 21/23] netfilter: connlabels: change nf_connlabels_get bit arg to 'highest used'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 22/23] netfilter: ctnetlink: restore inlining for netlink message size calculation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 23/23] netfilter: conntrack: don't acquire lock during seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/23] netfilter: x_tables: validate all offsets and sizes in a rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/23] netfilter: x_tables: don't move to non-existent next rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: ip6t_SYNPROXY: unnecessary to check whether ip6_route_output returns NULL
- From: Liping Zhang <zlpnobody@xxxxxxx>
Re: [PATCHv2 net] openvswitch: Orphan skbs before IPv6 defrag
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH nft 4/4] ct: add conntrack label set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnftnl 3/4] ct: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH -next 1/4] netfilter: nft_ct: rename struct nft_ct to nft_ct_reg
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH -next v6] nftables: connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
[nft PATCH] tests: py: allow to run tests with other nft binaries
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[PATCH] netfilter: IDLETIMER: fix race condition when destroy the target
- From: Liping Zhang <zlpnobody@xxxxxxx>
[PATCH] nf_nat_packet: Clear skb hash after modifying packet headers.
- From: Jarno Rajahalme <jarno@xxxxxxx>
Minor issue in libnetfilter_queue.c - nfq_set_queue_maxlen
- From: Bogdan Harjoc <harjoc@xxxxxxxxx>
[nft PATCH] evaluate: better error reporting in too long sets names
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
xtables-addons build failed with linux 4.5 header
- From: Normand <normand@xxxxxxxxxxxxxxxxxx>
Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/3] ipvs: don't alter conntrack in OPS mode
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 1/3] ipvs: handle connections started by real-servers
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH 2/3] ipvs: optimize release of connections in OPS mode
- From: Simon Horman <horms@xxxxxxxxxxxx>
[GIT PULL nf-next 0/3] IPVS Updates for v4.6
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [libnftnl PATCH] expr: ct: fix typo unknow vs unknown
- From: Florian Westphal <fw@xxxxxxxxx>
[libnftnl PATCH] expr: ct: fix typo unknow vs unknown
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[PATCHv2 net] openvswitch: Orphan skbs before IPv6 defrag
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Arnd Bergmann <arnd@xxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Arnd Bergmann <arnd@xxxxxxxx>
Re: [nft PATCH] tests/shell: delete tempfile failover in testcases
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] payload: only merge if adjacent and combined size fits into a register
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/7] segtree: explicit initialization via set_to_intervals()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 7/7] evaluate: bail out on prefix or range to non-interval set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 5/7] rule: support for incremental set interval element updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 6/7] segtree: special handling for the first non-matching segment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/7] segtree: perform stricter expression type validation from expr_value()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/7] segtree: clone full expression from interval_map_decompose()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 0/7] named sets with intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/7] segtree: handle adjacent interval nodes from expr_value_cmp()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/3] netfilter: conntrack: use get_random_once for conntrack hash seed
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/3] netfilter: conntrack: use get_random_once for nat and expectations
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/3] netfilter: conntrack: prepare for hashtable merge, take 1
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/3] netfilter: conntrack: move generation seqcnt out of netns_ct
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Arnd Bergmann <arnd@xxxxxxxx>
Re: [PATCH 1/1] payload: only merge if adjacent and combined size fits into a register
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[announce] conntrack-tools-bash_completion 1.0 released
- From: AllKind <AllKind@xxxxxxxxxx>
Re: [PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 1/1] payload: only merge if adjacent and combined size fits into a register
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
Re: [PATCH libnftnl] tests: nat-test: Use different values to test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: add testcases for Netfilter bug #965
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] rule: fix leaks in NFTNL_RULE_USERDATA
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: ctnetlink: restore inlining for netlink message size calculation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] tests: nat-test: Use different values to test
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
[nft PATCH] tests/shell: delete tempfile failover in testcases
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
[PATCH 2/2] extensions: libxt_NFQUEUE: Unstack different versions
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
[PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_ct_helper: disable automatic helper assignment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf_tables PATCH] netfilter: nf_tables: invert chain deletion abort path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
RE: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: David Laight <David.Laight@xxxxxxxxxx>
Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Florian Westphal <fw@xxxxxxxxx>
[nft PATCH] tests/shell: add testcases for Netfilter bug #965
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH] net: force inlining of netif_tx_start/stop_queue, sock_hold, __sock_put
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 0/3] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH 4/4 v6] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/4 v6] libnftnl: test: Update test to check new nftnl_udata features of nftnl_rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/4 v6] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/4 v6] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/3] netfilter: arp_tables: register table in initns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/3] netfilter: ebtables: Fix extension lookup with identical name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/3] netfilter: nf_conntrack_tcp: Fix stack out of bounds when parsing TCP options
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/3] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
Re: [PATCH 0/8] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [nft PATCH 3/3] tests/shell: add testcases for Netfilter bug #965
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] test/shell/run-tests.sh: also unload NAT modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ebtables: Fix extension lookup with identical name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH v3] src/evaluate.c: improve rule management checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/8] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/8] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/8] netfilter: ip6t_SYNPROXY: remove magic number for hop_limit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/8] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/8] netfilter: conntrack: de-inline nf_conntrack_eventmask_report
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 8/8] netfilter: conntrack: move expectation event helper to ecache.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/8] netfilter: ipv6: unnecessary to check whether ip6_route_output() returns NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/8] netfilter: nf_conntrack: Uses pr_fmt() for logging.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/8] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Not printing "nft" in iptables-restore-translate command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 0/2] netfilter: conntrack: de-inline two helpers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 4/4] netfilter: nft_rbtree: allow adjacent intervals with dynamic updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/4] netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/4] nf_tables: basic dynamic support for set intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 2/4] netfilter: nf_tables: parse element flags from nft_del_setelem()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 1/4] netfilter: nf_tables: introduce nft_setelem_parse_flags() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: ctnetlink: remove unnecessary inlining
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
Re: [PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
[PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v5 nf-next 3/4] netfilter: connlabels: change nf_connlabels_get bit arg to 'highest used'
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v5 nf-next 1/4] netfilter: connlabels: move helpers to xt_connlabel
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v5 nf-next 2/4] netfilter: labels: don't emit ct event if labels were not changed
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Seeking help for implementing CT HELPER in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Seeking help for implementing CT HELPER in nftables
- From: Christophe Leroy <christophe.leroy@xxxxxx>
[nft PATCH v3] src/evaluate.c: improve rule management checks
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH] netfilter: ebtables: Fix extension lookup with identical name
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: ebtables: Fix extension lookup with identical name
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next 2/2] netfilter: conntrack: move expectation event helper to ecache.c
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/2] netfilter: conntrack: de-inline nf_conntrack_eventmask_report
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/2] netfilter: conntrack: de-inline two helpers
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Andreas Schultz <aschultz@xxxxxxxx>
[PATCH] Not printing "nft" in iptables-restore-translate command
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Giuseppe Longo <giuseppelng@xxxxxxxxx>
Re: [PATCH 0/4] nfct: documentation updates and corrections.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH] net: force inlining of netif_tx_start/stop_queue, sock_hold, __sock_put
- From: Denys Vlasenko <dvlasenk@xxxxxxxxxx>
Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Possible segfault in nft utility
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v2] src: evaluate: Show error for fanout without balance
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Possible segfault in nft utility
- From: Meyer Raffaele <raffaele.meyer@xxxxxxx>
[nf_tables PATCH] netfilter: nf_tables: invert chain deletion abort path
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH 0/4] nfct: documentation updates and corrections.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] Printing the table name before chain name.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 4/5] conntrack: man: add options --src and --dst.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/5] conntrack: show --src and --dst options in usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/5] conntrack: add --proto to usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nft PATCH] test/shell/run-tests.sh: also unload NAT modules
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 2/4] nfct: correct command list in timeout usage error message.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 3/4] nfct: helper: correct error messages.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 0/4] nfct: documentation updates and corrections.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 4/4] nfct: man: add missing comands
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 1/4] nfct: add missing commands to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH iptables] xtables: use exponential delay when waiting for xtables lock
- From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] Printing the table name before chain name.
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
[PATCH 1/5] conntrack: add --proto to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 2/5] conntrack: man: add --protonum option.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 3/5] conntrack: show --src and --dst options in usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 4/5] conntrack: man: add options --src and --dst.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 0/5] conntrack: documentation updates
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] doc: Complete the documentation of statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH nft v2] src: evaluate: Show error for fanout without balance
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
Re: [PATCH] conntrack: Rename option --protonum to --proto.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [nft PATCH v2] tests/shell: add new testcases for commit/rollback
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: add some tests for network namespaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: evaluate: Show error for fanout without balance
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
Re: [PATCH nft] src: evaluate: Show error for fanout without balance
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nfct parameters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [netfilter-core] [PATCH] netfilter: unnecessary to check whether ip6_route_output() returns NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/1] net: netfilter: Fix stack out of bounds when parsing TCP options
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[RESEND PATCH -stable,4.1.y] netfilter: nf_nat_redirect: add missing NULL pointer check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: arp_tables: register table in initns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] iptables-translate: Moving of printing nft back to xtables_xlate_main
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] iptables-translate: Printing the table name before chain name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] extensions/libxt_tcp: fix nftables translate flags value, 'none' vs '0x0'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/2] conntrackd: remove unnecessary separator character from usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/2] conntrackd: man: remove bogus characters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack: Rename option --protonum to --proto.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] src: evaluate: Show error for fanout without balance
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
nfct parameters
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 1/2] conntrackd: man: remove bogus characters
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 2/2] conntrackd: remove unnecessary separator character from usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 0/2] conntrackd: Fix bogus characters in help
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH RFC nf-next 2/3] netfilter: nf_tables: support for named expression reference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC nf-next 3/3] netfilter: nf_tables: support dump and reset for named expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH RFC nf-next 1/3] netfilter: nf_tables: add stateful named expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] extensions/libxt_tcp: fix nftables translate flags value, 'none' vs '0x0'
- From: "Vadim A. Misbakh-Soloviov" <mva@xxxxxxxx>
[iptables PATCH] extensions/libxt_tcp: fix nftables translate flags value, 'none' vs '0x0'
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[nft PATCH] tests/shell: add some tests for network namespaces
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[PATCH] doc: Complete the documentation of statements
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
[PATCH] conntrack: Rename option --protonum to --proto.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [PATCH xtables-addons v2] build: fix configure compatiblity with POSIX shells
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH] iptables-translate: Printing the table name before chain name
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
[PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH] conntrack: Fix wrong --src, or --dst option shown.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH v2] conntrack-tools: Fix build for old automake
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH] conntrack-tools: Fix build for old automake. autoreconf fails with automake version smaller than 1.12, because of undefined macro AM_PROG_AR. So only expand it if it's actually defined.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH] conntrack-tools: Fix build for old automake
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH] netfilter: unnecessary to check whether ip6_route_output() returns NULL
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
[PATCH xtables-addons v2] build: fix configure compatiblity with POSIX shells
- From: Matthias Schiffer <mschiffer@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Matthias Schiffer <mschiffer@xxxxxxxxxxxxxxxxxxxx>
Inquiry for interest: bash compspec for nfacct
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
Re: [PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Jan Engelhardt <jengelh@xxxxxxx>
Conntrack timestamp
- From: ravin goyal <ravirocks1021@xxxxxxxxx>
[PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Matthias Schiffer <mschiffer@xxxxxxxxxxxxxxxxxxxx>
[PATCH v2 nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf 02/17] netfilter: x_tables: validate targets of jumps
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 16/17] netfilter: x_tables: remove obsolete check
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 15/17] netfilter: x_tables: remove obsolete overflow check for compat case too
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 14/17] netfilter: x_tables: do compat validation via translate_table
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 13/17] netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 12/17] netfilter: arp_tables: simplify translate_compat_table args
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 11/17] netfilter: ip6_tables: simplify translate_compat_table args
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 10/17] netfilter: ip_tables: simplify translate_compat_table args
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 09/17] netfilter: x_tables: validate all offsets and sizes in a rule
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 08/17] netfilter: x_tables: check for bogus target offset
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 07/17] netfilter: x_tables: check standard target size too
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 06/17] netfilter: x_tables: add compat version of xt_check_entry_offsets
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 05/17] netfilter: x_tables: assert minimum target size
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 04/17] netfilter: x_tables: kill check_entry helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 03/17] netfilter: x_tables: add and use xt_check_entry_offsets
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 02/17] netfilter: x_tables: validate targets of jumps
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 01/17] netfilter: x_tables: don't move to non-existent next rule
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] iptables-translate: Moving of printing nft back to xtables_xlate_main
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
Re: [PATCH] iptables-translate: Moving printing of nft to individual commands.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] iptables-translate: Moving printing of nft to individual commands.
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
[nft PATCH v2] tests/shell: add new testcases for commit/rollback
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH] ulogd: fix cross compilation errors with mysql_config
- From: Eric Leblond <eric@xxxxxxxxx>
Writing nftables extension / modifying packets via nftables and netfilter
- From: Stephan Arndt <arndt.stephan@xxxxxxxxx>
[PATCH 0/1] netfilter TCP conntrack option parser fix
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH 1/1] net: netfilter: Fix stack out of bounds when parsing TCP options
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [nft PATCH 1/3] src/rule.c: don't print trailing statement whitespace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: add chain validations tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH V2] netfilter: ip6t_SYNPROXY: remove magic number
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack: Uses pr_fmt() for logging.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v6 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v6 2/3] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v6 1/3] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] iptables-translate: Initializing comment member in xt_xlate structure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: arp_tables: register table in initns
- From: Florian Westphal <fw@xxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH 0/9] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH] iptables-translate: Initializing comment member in xt_xlate structure
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
NFQ breaks conntrack creation to confirmation path for a fast UDP stream causing dropped packets
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
[PATCH 1/9] netfilter: ipset: fix race condition in ipset save, swap and delete
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/9] openvswitch: call only into reachable nf-nat code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/9] openvswitch: Fix checking for new expected connections.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/9] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/9] netfilter: x_tables: validate e->target_offset early
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/9] netfilter: x_tables: make sure e->next_offset covers remaining blob size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 9/9] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 8/9] netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_ENTRIES
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/9] netfilter: nfnetlink_queue: honor NFQA_CFG_F_FAIL_OPEN when netlink unicast fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/9] netfilter: x_tables: fix unconditional helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH V2] netfilter: ip6t_SYNPROXY: remove magic number
- From: Liping Zhang <zlpwmdx@xxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Baozeng Ding <sploving1@xxxxxxxxx>
Re: [nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH] netfilter: ip6t_SYNPROXY: remove magic number
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] iptables: extensions: libxt_TEE: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH V2] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Jan Engelhardt <jengelh@xxxxxxx>
BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Baozeng Ding <sploving1@xxxxxxxxx>
[iptables PATCH] configure: exit if libnftnl is not found
- From: Giuseppe Longo <giuseppelng@xxxxxxxxx>
[PATCH V2] netfilter: ipv4: fix NULL dereference
- From: Liping Zhang <zlpwmdx@xxxxxxx>
[PATCH nf-next v6 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
[PATCH nf-next v6 2/3] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
[PATCH nf-next v6 1/3] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
rebasing nf tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: "Liping Zhang" <zlpwmdx@xxxxxxx>
Re:Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: "Liping Zhang" <zlpwmdx@xxxxxxx>
[ANNOUNCE] Linux Security Summit 2016 - CFP
- From: James Morris <jmorris@xxxxxxxxx>
[PATCH nf] netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_ENTRIES
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 4/5] netfilter: x_tables: fix unconditional helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 2/5] netfilter: x_tables: make sure e->next_offset covers remaining blob size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/5] netfilter: x_tables: validate e->target_offset early
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Nikolay Borisov <kernel@xxxxxxxx>
Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Nikolay Borisov <kernel@xxxxxxxx>
Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Baozeng <sploving1@xxxxxxxxx>
Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Baozeng <sploving1@xxxxxxxxx>
Re: [nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] src: store parser location for handle and position IDs
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[PATCH nft] src: store parser location for handle and position IDs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: ipv4: fix NULL dereference
- From: Liping Zhang <zlpwmdx@xxxxxxx>
[PATCH] netfilter: ip6t_SYNPROXY: remove magic number
- From: Liping Zhang <zlpwmdx@xxxxxxx>
[nft PATCH 3/3] tests/shell: add testcases for Netfilter bug #965
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
[nft PATCH 1/3] src/rule.c: don't print trailing statement whitespace
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
enhancing nfnetlink stats [was Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
RE: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: nfnetlink_queue: honor NFQA_CFG_F_FAIL_OPEN when netlink unicast fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] iptables: extensions: libxt_TEE: Add translation to nft
- From: Roberto García <rodanber@xxxxxxxxx>
RE: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
Re: [nft PATCH] tests/shell: add chain validations tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [nft PATCH] tests/shell: add chain validations tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [nft PATCH] tests/shell: add chain validations tests
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
[PATCH 4/4 v6] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
[PATCH 3/4 v6] libnftnl: test: Update test to check new nftnl_udata features of nftnl_rule
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
[PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
[PATCH 1/4 v6] libnftnl: Implement new buffer of TLV objects
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
Re: [nft PATCH] tests/shell: add chain validations tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: unload modules between tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Test case example for conntrack expectation doesn't work?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next v5 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Test case example for conntrack expectation doesn't work?
- From: Bill <boober95@xxxxxxxxxx>
Re: [nft PATCH] tests/shell: add new testcases for commit/rollback
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] iptables-translate: translate iptables --flush
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 1/2] src/parser_bison: fix ruleid_spec ambiguity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v4] configure: Show support for connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 5/5] netfilter: x_tables: don't move to non-existant next rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/5] netfilter: x_tables: don't move to non-existant next rule
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 4/5] netfilter: x_tables: fix unconditional helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 1/5] netfilter: x_tables: validate e->target_offset early
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 2/5] netfilter: x_tables: make sure e->next_offset covers remaining blob size
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf v3] netfilter: x_tables: perform more sanity tests on rule set
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 1/4 v5] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[nft PATCH] tests/shell: add chain validations tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
Re: [PATCH 4/4 v5] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
Re: [PATCH 1/4 v5] libnftnl: Implement new buffer of TLV objects
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
Re: [PATCH] openvswitch: Fix checking for new expected connections.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v4] configure: Show support for connlabel
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
Re: [PATCH 4/4 v5] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 1/4 v5] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/1] ipset patch for nf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] openvswitch: Fix checking for new expected connections.
- From: Jarno Rajahalme <jarno@xxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]