Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- [PATCH 06/23] netfilter: x_tables: add compat version of xt_check_entry_offsets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/23] netfilter: arp_tables: simplify translate_compat_table args
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/23] netfilter: ip6_tables: simplify translate_compat_table args
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/23] netfilter: x_tables: do compat validation via translate_table
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/23] netfilter: x_tables: remove obsolete overflow check for compat case too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/23] netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/23] netfilter: ctnetlink: remove unnecessary inlining
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 19/23] netfilter: connlabels: move helpers to xt_connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/23] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 20/23] netfilter: labels: don't emit ct event if labels were not changed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/23] netfilter: x_tables: check standard target size too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/23] netfilter: x_tables: remove obsolete check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 21/23] netfilter: connlabels: change nf_connlabels_get bit arg to 'highest used'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 22/23] netfilter: ctnetlink: restore inlining for netlink message size calculation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 23/23] netfilter: conntrack: don't acquire lock during seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/23] netfilter: x_tables: validate all offsets and sizes in a rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/23] netfilter: x_tables: don't move to non-existent next rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: ip6t_SYNPROXY: unnecessary to check whether ip6_route_output returns NULL
- From: Liping Zhang <zlpnobody@xxxxxxx>
- Re: [PATCHv2 net] openvswitch: Orphan skbs before IPv6 defrag
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH nft 4/4] ct: add conntrack label set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl 3/4] ct: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v6 -next 2/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -next 1/4] netfilter: nft_ct: rename struct nft_ct to nft_ct_reg
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -next v6] nftables: connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH] tests: py: allow to run tests with other nft binaries
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [PATCH] netfilter: IDLETIMER: fix race condition when destroy the target
- From: Liping Zhang <zlpnobody@xxxxxxx>
- [PATCH] nf_nat_packet: Clear skb hash after modifying packet headers.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Minor issue in libnetfilter_queue.c - nfq_set_queue_maxlen
- From: Bogdan Harjoc <harjoc@xxxxxxxxx>
- [nft PATCH] evaluate: better error reporting in too long sets names
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- xtables-addons build failed with linux 4.5 header
- From: Normand <normand@xxxxxxxxxxxxxxxxxx>
- Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/3] ipvs: don't alter conntrack in OPS mode
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 1/3] ipvs: handle connections started by real-servers
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 2/3] ipvs: optimize release of connections in OPS mode
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [GIT PULL nf-next 0/3] IPVS Updates for v4.6
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH] expr: ct: fix typo unknow vs unknown
- From: Florian Westphal <fw@xxxxxxxxx>
- [libnftnl PATCH] expr: ct: fix typo unknow vs unknown
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [PATCHv2 net] openvswitch: Orphan skbs before IPv6 defrag
- From: Joe Stringer <joe@xxxxxxx>
- Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Arnd Bergmann <arnd@xxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Arnd Bergmann <arnd@xxxxxxxx>
- Re: [nft PATCH] tests/shell: delete tempfile failover in testcases
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] payload: only merge if adjacent and combined size fits into a register
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 4/7] segtree: explicit initialization via set_to_intervals()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 7/7] evaluate: bail out on prefix or range to non-interval set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 5/7] rule: support for incremental set interval element updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 6/7] segtree: special handling for the first non-matching segment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/7] segtree: perform stricter expression type validation from expr_value()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/7] segtree: clone full expression from interval_map_decompose()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 0/7] named sets with intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/7] segtree: handle adjacent interval nodes from expr_value_cmp()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: conntrack: use get_random_once for conntrack hash seed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: conntrack: use get_random_once for nat and expectations
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/3] netfilter: conntrack: prepare for hashtable merge, take 1
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: conntrack: move generation seqcnt out of netns_ct
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: ctnetlink: add more #ifdef around unused code
- From: Arnd Bergmann <arnd@xxxxxxxx>
- Re: [PATCH 1/1] payload: only merge if adjacent and combined size fits into a register
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [announce] conntrack-tools-bash_completion 1.0 released
- From: AllKind <AllKind@xxxxxxxxxx>
- Re: [PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 1/1] payload: only merge if adjacent and combined size fits into a register
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH libnftnl] tests: nat-test: Use different values to test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests/shell: add testcases for Netfilter bug #965
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] rule: fix leaks in NFTNL_RULE_USERDATA
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: ctnetlink: restore inlining for netlink message size calculation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] tests: nat-test: Use different values to test
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
- Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
- [nft PATCH] tests/shell: delete tempfile failover in testcases
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/2] extensions: libxt_NFQUEUE: Unstack different versions
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- [PATCH 1/2] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_ct_helper: disable automatic helper assignment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf_tables PATCH] netfilter: nf_tables: invert chain deletion abort path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: David Laight <David.Laight@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Florian Westphal <fw@xxxxxxxxx>
- [nft PATCH] tests/shell: add testcases for Netfilter bug #965
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH] net: force inlining of netif_tx_start/stop_queue, sock_hold, __sock_put
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH 0/3] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH 4/4 v6] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/4 v6] libnftnl: test: Update test to check new nftnl_udata features of nftnl_rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4 v6] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4 v6] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/3] netfilter: arp_tables: register table in initns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/3] netfilter: ebtables: Fix extension lookup with identical name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/3] netfilter: nf_conntrack_tcp: Fix stack out of bounds when parsing TCP options
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/3] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: ipv6: Orphan skbs in nf_ct_frag6_gather()
- From: Joe Stringer <joe@xxxxxxx>
- Re: [PATCH 0/8] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/3] tests/shell: add testcases for Netfilter bug #965
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] test/shell/run-tests.sh: also unload NAT modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ebtables: Fix extension lookup with identical name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH v3] src/evaluate.c: improve rule management checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/8] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/8] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/8] netfilter: ip6t_SYNPROXY: remove magic number for hop_limit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/8] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/8] netfilter: conntrack: de-inline nf_conntrack_eventmask_report
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 8/8] netfilter: conntrack: move expectation event helper to ecache.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/8] netfilter: ipv6: unnecessary to check whether ip6_route_output() returns NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/8] netfilter: nf_conntrack: Uses pr_fmt() for logging.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/8] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Not printing "nft" in iptables-restore-translate command
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/2] netfilter: conntrack: de-inline two helpers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/4] netfilter: nft_rbtree: allow adjacent intervals with dynamic updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/4] netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/4] nf_tables: basic dynamic support for set intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/4] netfilter: nf_tables: parse element flags from nft_del_setelem()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/4] netfilter: nf_tables: introduce nft_setelem_parse_flags() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: ctnetlink: remove unnecessary inlining
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] NFQUEUE: Fix bug with order of fanout and bypass
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- [PATCH v5 nf-next 4/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v5 nf-next 3/4] netfilter: connlabels: change nf_connlabels_get bit arg to 'highest used'
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v5 nf-next 1/4] netfilter: connlabels: move helpers to xt_connlabel
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v5 nf-next 2/4] netfilter: labels: don't emit ct event if labels were not changed
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v5 nf-next 0/4] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Seeking help for implementing CT HELPER in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Seeking help for implementing CT HELPER in nftables
- From: Christophe Leroy <christophe.leroy@xxxxxx>
- [nft PATCH v3] src/evaluate.c: improve rule management checks
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH] netfilter: ebtables: Fix extension lookup with identical name
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: ebtables: Fix extension lookup with identical name
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next 2/2] netfilter: conntrack: move expectation event helper to ecache.c
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: conntrack: de-inline nf_conntrack_eventmask_report
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/2] netfilter: conntrack: de-inline two helpers
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: don't acquire lock during seq_printf
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Andreas Schultz <aschultz@xxxxxxxx>
- [PATCH] Not printing "nft" in iptables-restore-translate command
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
- Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Giuseppe Longo <giuseppelng@xxxxxxxxx>
- Re: [PATCH 0/4] nfct: documentation updates and corrections.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH] net: force inlining of netif_tx_start/stop_queue, sock_hold, __sock_put
- From: Denys Vlasenko <dvlasenk@xxxxxxxxxx>
- Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Possible segfault in nft utility
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft v2] src: evaluate: Show error for fanout without balance
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Possible segfault in nft utility
- From: Meyer Raffaele <raffaele.meyer@xxxxxxx>
- [nf_tables PATCH] netfilter: nf_tables: invert chain deletion abort path
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH 0/4] nfct: documentation updates and corrections.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Printing the table name before chain name.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4/5] conntrack: man: add options --src and --dst.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/5] conntrack: show --src and --dst options in usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/5] conntrack: add --proto to usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] test/shell/run-tests.sh: also unload NAT modules
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 2/4] nfct: correct command list in timeout usage error message.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 3/4] nfct: helper: correct error messages.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 0/4] nfct: documentation updates and corrections.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 4/4] nfct: man: add missing comands
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 1/4] nfct: add missing commands to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH iptables] xtables: use exponential delay when waiting for xtables lock
- From: Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>
- Re: [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] Printing the table name before chain name.
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
- [PATCH 1/5] conntrack: add --proto to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 2/5] conntrack: man: add --protonum option.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 3/5] conntrack: show --src and --dst options in usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 4/5] conntrack: man: add options --src and --dst.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 0/5] conntrack: documentation updates
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] doc: Complete the documentation of statements
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH nft v2] src: evaluate: Show error for fanout without balance
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH] conntrack: Rename option --protonum to --proto.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [nft PATCH v2] tests/shell: add new testcases for commit/rollback
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests/shell: add some tests for network namespaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: evaluate: Show error for fanout without balance
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH nft] src: evaluate: Show error for fanout without balance
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nfct parameters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [netfilter-core] [PATCH] netfilter: unnecessary to check whether ip6_route_output() returns NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack-tools: Fix build for old automake.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] net: netfilter: Fix stack out of bounds when parsing TCP options
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [RESEND PATCH -stable,4.1.y] netfilter: nf_nat_redirect: add missing NULL pointer check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: arp_tables: register table in initns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables-translate: Moving of printing nft back to xtables_xlate_main
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables-translate: Printing the table name before chain name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] extensions/libxt_tcp: fix nftables translate flags value, 'none' vs '0x0'
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/2] conntrackd: remove unnecessary separator character from usage output.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] conntrackd: man: remove bogus characters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack: Rename option --protonum to --proto.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] src: evaluate: Show error for fanout without balance
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- nfct parameters
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 1/2] conntrackd: man: remove bogus characters
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 2/2] conntrackd: remove unnecessary separator character from usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 0/2] conntrackd: Fix bogus characters in help
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH RFC nf-next 2/3] netfilter: nf_tables: support for named expression reference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC nf-next 0/3] named expressions for nf_tables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC nf-next 3/3] netfilter: nf_tables: support dump and reset for named expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC nf-next 1/3] netfilter: nf_tables: add stateful named expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] extensions/libxt_tcp: fix nftables translate flags value, 'none' vs '0x0'
- From: "Vadim A. Misbakh-Soloviov" <mva@xxxxxxxx>
- [iptables PATCH] extensions/libxt_tcp: fix nftables translate flags value, 'none' vs '0x0'
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [nft PATCH] tests/shell: add some tests for network namespaces
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [PATCH] doc: Complete the documentation of statements
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- [PATCH] conntrack: Rename option --protonum to --proto.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [PATCH xtables-addons v2] build: fix configure compatiblity with POSIX shells
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH] iptables-translate: Printing the table name before chain name
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
- [PATCH] conntrack: Replace remaining occurances of --src, --dst options with --orig-src, --orig-dst
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH] conntrack: Add missing tables dying and unconfirmed to usage output.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH] conntrack: Fix wrong --src, or --dst option shown.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH v2] conntrack-tools: Fix build for old automake
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH] conntrack-tools: Fix build for old automake.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH] conntrack-tools: Fix build for old automake. autoreconf fails with automake version smaller than 1.12, because of undefined macro AM_PROG_AR. So only expand it if it's actually defined.
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH] conntrack-tools: Fix build for old automake
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH] netfilter: unnecessary to check whether ip6_route_output() returns NULL
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH xtables-addons v2] build: fix configure compatiblity with POSIX shells
- From: Matthias Schiffer <mschiffer@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Matthias Schiffer <mschiffer@xxxxxxxxxxxxxxxxxxxx>
- Inquiry for interest: bash compspec for nfacct
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: [PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Conntrack timestamp
- From: ravin goyal <ravirocks1021@xxxxxxxxx>
- [PATCH xtables-addons] build: fix configure compatiblity with POSIX shells
- From: Matthias Schiffer <mschiffer@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v2 nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf 02/17] netfilter: x_tables: validate targets of jumps
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH nf 17/17] netfilter: x_tables: introduce and use xt_copy_counters_from_user
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 16/17] netfilter: x_tables: remove obsolete check
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 15/17] netfilter: x_tables: remove obsolete overflow check for compat case too
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 14/17] netfilter: x_tables: do compat validation via translate_table
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 13/17] netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 12/17] netfilter: arp_tables: simplify translate_compat_table args
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 11/17] netfilter: ip6_tables: simplify translate_compat_table args
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 10/17] netfilter: ip_tables: simplify translate_compat_table args
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 09/17] netfilter: x_tables: validate all offsets and sizes in a rule
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 08/17] netfilter: x_tables: check for bogus target offset
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 07/17] netfilter: x_tables: check standard target size too
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 06/17] netfilter: x_tables: add compat version of xt_check_entry_offsets
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 05/17] netfilter: x_tables: assert minimum target size
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 04/17] netfilter: x_tables: kill check_entry helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 03/17] netfilter: x_tables: add and use xt_check_entry_offsets
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 02/17] netfilter: x_tables: validate targets of jumps
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 01/17] netfilter: x_tables: don't move to non-existent next rule
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 00/17] netfilter: xtables: stricter ruleset validation
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] iptables-translate: Moving of printing nft back to xtables_xlate_main
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
- Re: [PATCH] iptables-translate: Moving printing of nft to individual commands.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] iptables-translate: Moving printing of nft to individual commands.
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
- [nft PATCH v2] tests/shell: add new testcases for commit/rollback
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH] ulogd: fix cross compilation errors with mysql_config
- From: Eric Leblond <eric@xxxxxxxxx>
- Writing nftables extension / modifying packets via nftables and netfilter
- From: Stephan Arndt <arndt.stephan@xxxxxxxxx>
- [PATCH 0/1] netfilter TCP conntrack option parser fix
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 1/1] net: netfilter: Fix stack out of bounds when parsing TCP options
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [nft PATCH 1/3] src/rule.c: don't print trailing statement whitespace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests/shell: add chain validations tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V2] netfilter: ip6t_SYNPROXY: remove magic number
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: Uses pr_fmt() for logging.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v6 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v6 2/3] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v6 1/3] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables-translate: Initializing comment member in xt_xlate structure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: arp_tables: register table in initns
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH 0/9] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH] iptables-translate: Initializing comment member in xt_xlate structure
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
- NFQ breaks conntrack creation to confirmation path for a fast UDP stream causing dropped packets
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
- [PATCH 1/9] netfilter: ipset: fix race condition in ipset save, swap and delete
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/9] openvswitch: call only into reachable nf-nat code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/9] openvswitch: Fix checking for new expected connections.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/9] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/9] netfilter: x_tables: validate e->target_offset early
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/9] netfilter: x_tables: make sure e->next_offset covers remaining blob size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 9/9] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 8/9] netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_ENTRIES
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/9] netfilter: nfnetlink_queue: honor NFQA_CFG_F_FAIL_OPEN when netlink unicast fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/9] netfilter: x_tables: fix unconditional helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH V2] netfilter: ip6t_SYNPROXY: remove magic number
- From: Liping Zhang <zlpwmdx@xxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Baozeng Ding <sploving1@xxxxxxxxx>
- Re: [nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH] netfilter: ip6t_SYNPROXY: remove magic number
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: extensions: libxt_TEE: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V2] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [iptables PATCH] configure: exit if libnftnl is not found
- From: Jan Engelhardt <jengelh@xxxxxxx>
- BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet
- From: Baozeng Ding <sploving1@xxxxxxxxx>
- [iptables PATCH] configure: exit if libnftnl is not found
- From: Giuseppe Longo <giuseppelng@xxxxxxxxx>
- [PATCH V2] netfilter: ipv4: fix NULL dereference
- From: Liping Zhang <zlpwmdx@xxxxxxx>
- [PATCH nf-next v6 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH nf-next v6 2/3] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH nf-next v6 1/3] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- rebasing nf tree
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: "Liping Zhang" <zlpwmdx@xxxxxxx>
- Re:Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: "Liping Zhang" <zlpwmdx@xxxxxxx>
- [ANNOUNCE] Linux Security Summit 2016 - CFP
- From: James Morris <jmorris@xxxxxxxxx>
- [PATCH nf] netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_ENTRIES
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4/5] netfilter: x_tables: fix unconditional helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/5] netfilter: x_tables: make sure e->next_offset covers remaining blob size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/5] netfilter: x_tables: validate e->target_offset early
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Nikolay Borisov <kernel@xxxxxxxx>
- Re: [PATCH] netfilter: ipv4: fix NULL dereference
- From: Nikolay Borisov <kernel@xxxxxxxx>
- Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Baozeng <sploving1@xxxxxxxxx>
- Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Baozeng <sploving1@xxxxxxxxx>
- Re: [nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: store parser location for handle and position IDs
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [PATCH nft] src: store parser location for handle and position IDs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: ipv4: fix NULL dereference
- From: Liping Zhang <zlpwmdx@xxxxxxx>
- [PATCH] netfilter: ip6t_SYNPROXY: remove magic number
- From: Liping Zhang <zlpwmdx@xxxxxxx>
- [nft PATCH 3/3] tests/shell: add testcases for Netfilter bug #965
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [nft PATCH 2/3] src/evaluate.c: improve rule management checks
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [nft PATCH 1/3] src/rule.c: don't print trailing statement whitespace
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- enhancing nfnetlink stats [was Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
- Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nfnetlink_queue: honor NFQA_CFG_F_FAIL_OPEN when netlink unicast fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] iptables: extensions: libxt_TEE: Add translation to nft
- From: Roberto García <rodanber@xxxxxxxxx>
- RE: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
- Re: [nft PATCH] tests/shell: add chain validations tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [nft PATCH] tests/shell: add chain validations tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [nft PATCH] tests/shell: add chain validations tests
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- [PATCH 4/4 v6] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/4 v6] libnftnl: test: Update test to check new nftnl_udata features of nftnl_rule
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/4 v6] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/4 v6] libnftnl: Implement new buffer of TLV objects
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [nft PATCH] tests/shell: add chain validations tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests/shell: unload modules between tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Test case example for conntrack expectation doesn't work?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v5 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Test case example for conntrack expectation doesn't work?
- From: Bill <boober95@xxxxxxxxxx>
- Re: [nft PATCH] tests/shell: add new testcases for commit/rollback
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables-translate: translate iptables --flush
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 1/2] src/parser_bison: fix ruleid_spec ambiguity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4] configure: Show support for connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 5/5] netfilter: x_tables: don't move to non-existant next rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/5] netfilter: x_tables: don't move to non-existant next rule
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 4/5] netfilter: x_tables: fix unconditional helper
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 3/5] netfilter: x_tables: add and use xt_check_entry_target
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 1/5] netfilter: x_tables: validate e->target_offset early
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 2/5] netfilter: x_tables: make sure e->next_offset covers remaining blob size
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf v3] netfilter: x_tables: perform more sanity tests on rule set
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/4 v5] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: net/sctp: stack-out-of-bounds in sctp_getsockopt
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- [nft PATCH] tests/shell: add chain validations tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH 4/4 v5] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 1/4 v5] libnftnl: Implement new buffer of TLV objects
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH] openvswitch: Fix checking for new expected connections.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v4] configure: Show support for connlabel
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH 4/4 v5] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4 v5] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/1] ipset patch for nf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] openvswitch: Fix checking for new expected connections.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
- Re: [PATCH] Add systemd files
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: conntrack-tool question for contribution.
- From: Miguel Angel Ajo Pelayo <majopela@xxxxxxxxxx>
- [PATCH] Add systemd files
- From: Sébastien Luttringer <seblu@xxxxxxxxx>
- Re: [PATCH] netfilter: x_tables: ensure e->next_offset consistency with table size
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/4] netfilter: x_tables: don't move to non-existent next rule
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] change nfqueue fail-open mechanism to apply also to receive message
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH nf-next v5 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH nf-next v5 2/3] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH nf-next v5 1/3] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH] change nfqueue fail-open mechanism to apply also to receive message
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
- [PATCH 4/4] netfilter: xtables: don't attempt to alloc more than 4g
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 3/4] netfilter: xtables: validate targets of jumps
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 2/4] netfilter: x_tables: don't move to non-existent next rule
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 1/4] netfilter: x_tables: validate e->target_offset early
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH 2/2] tests/shell: add testcases for Netfilter bug #965
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [nft PATCH 1/2] src/parser_bison: fix ruleid_spec ambiguity
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [nft PATCH 2/2] tests/shell: add testcases for Netfilter bug #965
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH] netfilter: x_tables: ensure e->next_offset consistency with table size
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: deal with bogus nextoffset values
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: x_tables: ensure e->next_offset consistency with table size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] iptables-translate: translate iptables --flush
- From: Guruswamy Basavaiah <guru2018@xxxxxxxxx>
- [nft PATCH 2/2] tests/shell: add testcases for Netfilter bug #965
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [nft PATCH 1/2] src/parser_bison: fix ruleid_spec ambiguity
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH nf-next v4 2/3] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v4 2/3] netfilter: bridge: pass L2 header and VLAN as netlink attributes in queues to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH nf-next v4 1/3] netfilter: bridge: add nf_afinfo to enable queuing to userspace
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH nf-next v4 3/3] netfilter: bridge: nf queue verdict to use NFQA_VLAN and NFQA_L2HDR
- From: Stephane Bryant <stephane.ml.bryant@xxxxxxxxx>
- [PATCH] ulogd: fix cross compilation errors with mysql_config
- From: Helmut Schaa <helmut.schaa@xxxxxxxxxxxxxx>
- [nft PATCH] tests/shell: add new testcases for commit/rollback
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: deal with bogus nextoffset values
- From: Michal Kubecek <mkubecek@xxxxxxx>
- Re: conntrack-tool question for contribution.
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [nft PATCH] tests/shell: unload modules between tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [nft PATCH] tests/shell: unload modules between tests
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- Re: [PATCH] iptables: Replace gethostbyname() with getaddrinfo()
- From: Arpan Kapoor <rpnkpr@xxxxxxxxx>
- Re: [PATCHv2] extensions: libipt_REJECT: Avoid to print the default reject with value in the translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv2] extensions: libip6t_REJECT: Avoid to print the default reject with value in the translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv7] extensions: libipt_icmp: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests/shell: unload modules between tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft: include/mini-gmp.h is not included at "make dist"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: Replace gethostbyname() with getaddrinfo()
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [ANNOUNCE] ipset 6.29 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH] iptables: Replace gethostbyname() with getaddrinfo()
- From: Arpan Kapoor <rpnkpr@xxxxxxxxx>
- [PATCH] nft: include/mini-gmp.h is not included at "make dist"
- From: Magnus Öberg <magnus.oberg@xxxxxxxxxxx>
- [nft PATCH] tests/shell: unload modules between tests
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: Re: [PATCH V7] netfilter: h323: avoid potential attack
- From: "Zhouyi Zhou" <yizhouzhou@xxxxxxxxx>
- Re: [ANNOUNCE] ipset 6.29 released
- From: AllKind <AllKind@xxxxxxxxxx>
- [PATCHv2] extensions: libipt_REJECT: Avoid to print the default reject with value in the translation
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCHv2] extensions: libip6t_REJECT: Avoid to print the default reject with value in the translation
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCHv7] extensions: libipt_icmp: Add translation to nft
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH 1/1] netfilter: ipset: fix race condition in ipset save, swap and delete
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 0/1] ipset patch for nf
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [ANNOUNCE] ipset 6.29 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v2] netfilter: fix race condition in ipset save, swap and delete
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v3] configure: Show support for connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- conntrack-tool question for contribution.
- From: Miguel Angel Ajo Pelayo <majopela@xxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 3/3] ct: add conntrack label set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 4/4 v5] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/4 v5] libnftnl: test: Update test to check new nftnl_udata features of nftnl_rule
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/4 v5] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/4 v5] libnftnl: Implement new buffer of TLV objects
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 4/4 v4] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 1/4 v4] libnftnl: Implement new buffer of TLV objects
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH v3] configure: Show support for connlabel
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Memory-leak in nft
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- Re: [PATCH] Shows proper function name for pr_debug() messages.
- From: Weongyo Jeong <weongyo.linux@xxxxxxxxx>
- [PATCH] netfilter: nf_conntrack: Uses pr_fmt() for logging.
- From: Weongyo Jeong <weongyo.linux@xxxxxxxxx>
- Re: [PATCH nft 3/3] ct: add conntrack label set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft 3/3] parser_bison: release parsed type and hook name strings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft 1/3] parser_bison: simplify hook_spec rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft 2/3] parser_bison: duplicate string returned by chain_type_name_lookup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 3/3] ct: add conntrack label set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftl 2/3] ct: add label set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC PATCH 0/3] connlabel set support using extra setter attr
- From: Florian Westphal <fw@xxxxxxxxx>
- [ANNOUNCE] NetDev 1.1 videos now available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2] nft: Remove memory-leak
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2 nft] src: revisit cache population logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: libnetfilter_conntrack's NFCT_OF_TIMESTAMP is not working
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: libnetfilter_conntrack's NFCT_OF_TIMESTAMP is not working
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft: Removed ^L characters
- From: Jan Engelhardt <jengelh@xxxxxxx>
- libnetfilter_conntrack's NFCT_OF_TIMESTAMP is not working
- From: ravin goyal <ravirocks1021@xxxxxxxxx>
- Re: [PATCH v5] extensions: libxt_multiport: Add translation to nft
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- [PATCH] nft: Removed ^L characters
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- [PATCH v2] nft: Remove memory-leak
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- Re: [PATCH 00/18] Netfilter/IPVS/OVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v4 3/3] netfilter: nftables: add connlabel set support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/18] Netfilter/IPVS/OVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/18] netfilter: ipset: Check IPSET_ATTR_ETHER netlink attribute length
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/18] netfilter: Remove IP_CT_NEW_REPLY definition.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/18] ipvs: drop first packet to redirect conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/18] openvswitch: Add commentary to conntrack.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/18] netfilter: nft_compat: check match/targetinfo attr size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/18] openvswitch: Find existing conntrack entry after upcall.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/18] openvswitch: Update the CT state key only after nf_conntrack_in().
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/18] netfilter: nfnetlink_acct: validate NFACCT_FILTER parameters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/18] ipvs: correct initial offset of Call-ID header search in SIP persistence engine
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/18] netfilter: nf_conntrack: consolidate lock/unlock into unlock_wait
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/18] openvswitch: Handle NF_REPEAT in conntrack action.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/18] openvswitch: Interface with NAT.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/18] netfilter: x_tables: check for size overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/18] ipvs: handle ip_vs_fill_iph_skb_off failure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/18] openvswitch: Delay conntrack helper call for new connections.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/18] netfilter: Allow calling into nat helper without skb_dst.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/18] ipvs: allow rescheduling after RST
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/18] netfilter: ipset: Fix set:list type crash when flush/dump set in parallel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5] extensions: libxt_multiport: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3] configure: Show support for connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] nft: Remove memory-leak
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] extensions: libipt_REJECT: Avoid to print the default reject with value in the translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [Outreachy kernel] [PATCHv6] extensions: libipt_icmp: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] Shows proper function name for pr_debug() messages.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: consolidate lock/unlock into unlock_wait
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v10 0/8] openvswitch: NAT support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] Shows proper function name for pr_debug() messages.
- From: Weongyo Jeong <weongyo.linux@xxxxxxxxx>
- [PATCH v2] netfilter: fix race condition in ipset save, swap and delete
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
- [PATCH 2/2 nft] evaluate: use table_lookup_global() from expr_evaluate_symbol()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2 nft] src: revisit cache population logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next v4 3/3] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next v3 3/3] netfilter: nftables: add connlabel set support
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH nf-next v3 3/3] netfilter: nftables: add connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v3 2/3] netfilter: labels: don't emit ct event if labels are unchanged
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v3 1/3] netfilter: connlabels: move helpers to xt_connlabel
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next resend 0/3] netfilter: connlabel set support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter: nf_conntrack: consolidate lock/unlock into unlock_wait
- From: Nicholas Mc Guire <hofrat@xxxxxxxxx>
- Re: [RFC] nft: Remove memory-leak
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- [PATCH] nft: Remove memory-leak
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- libnetfilter_conntrack's NFCT_OF_TIMESTAMP is not working
- From: ravin goyal <ravirocks1021@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [RFC] nft: Remove memory-leak
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: fix race condition in ipset save and delete
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
- [RFC] nft: Remove memory-leak
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- Re: [PATCH] netfilter: fix race condition in ipset save and delete
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH v5] extensions: libxt_multiport: Add translation to nft
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- [PATCH] netfilter: fix race condition in ipset save and delete
- From: Vishwanath Pai <vpai@xxxxxxxxxx>
- Re: [ANNOUNCE] ipset 6.28 released
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH] extensions: libip6t_REJECT: Avoid to print the default reject with value in the translation
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCH] extensions: libipt_REJECT: Avoid to print the default reject with value in the translation
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCHv6] extensions: libipt_icmp: Add translation to nft
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH V7] netfilter: h323: avoid potential attack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v3] configure: Show support for connlabel
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH v2] configure: Show support for connlabel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4] extensions: libxt_multiport: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] extensions: libip6t_LOG: Avoid to print the default log level in the translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: userns, netns, and quick physical memory consumption by unprivileged user
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 4/4 v4] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/4 v4] libnftnl: Implement new buffer of TLV objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: check for size overflow
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH] extensions: libip6t_LOG: Avoid to print the default log level in the translation
- From: Roberto García <rodanber@xxxxxxxxx>
- [PATCH v4] extensions: libxt_multiport: Add translation to nft
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- [PATCH v4] extensions: libxt_multiport: Add translation to nft
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- Re: NFQUEUE "fail-open" only open to queue limit and not receive buffer limit
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next v10 8/8] openvswitch: Interface with NAT.
- From: Joe Stringer <joe@xxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v10 7/8] openvswitch: Delay conntrack helper call for new connections.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Re: [PATCH nf-next v10 7/8] openvswitch: Delay conntrack helper call for new connections.
- From: Joe Stringer <joe@xxxxxxx>
- Re: [PATCH nf-next v10 3/8] openvswitch: Add commentary to conntrack.c
- From: Joe Stringer <joe@xxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- [PATCH 4/4 v4] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 3/4 v4] libnftnl: test: Actualize test to check new nftnl_udata features of nftnl_rule
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 2/4 v4] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- [PATCH 1/4 v4] libnftnl: Implement new buffer of TLV objects
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 4/4 v3] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf MIME-Version: 1.0
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 2/4 v3] libnftnl: rule: Change the "userdata" attribute to use new TLV buffer
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- Re: [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 6/8] openvswitch: Handle NF_REPEAT in conntrack action.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 7/8] openvswitch: Delay conntrack helper call for new connections.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 8/8] openvswitch: Interface with NAT.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 5/8] openvswitch: Find existing conntrack entry after upcall.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 2/8] netfilter: Allow calling into nat helper without skb_dst.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 4/8] openvswitch: Update the CT state key only after nf_conntrack_in().
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 3/8] openvswitch: Add commentary to conntrack.c
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v10 0/8] openvswitch: NAT support
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [PATCH] libip6t_hbh: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Re: [PATCH nf-next v8 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Re: [PATCHv5] extensions: libipt_icmp: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] extensions: libipt_LOG: Avoid to print the default log level in the translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] extensions: libipt_LOG: Avoid to print the default log level in the translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] extensions: libipt_LOG: Avoid to print the default log level in the translation
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH v3] libxt_multiport: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/1] ipset patch for nf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] netfilter: ipset: Fix set:list type crash when flush/dump set in parallel
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] extensions: libipt_LOG: Avoid to print the default log level in the translation
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nft_compat: check match/targetinfo attr size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2] configure: Show support for connlabel
- From: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
- Re: [PATCH] netfilter: nft_compat: check match/targetinfo attr size
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nft_compat: check match/targetinfo attr size
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [GIT PULL v2 0/4] IPVS Fixes for v4.5
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf v2] netfilter: x_tables: don't rely on well-behaving userspace
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: deal with bogus nextoffset values
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCHv5] extensions: libipt_icmp: Add translation to nft
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [PATCHv4] extensions: libipt_icmp: Add translation to nft
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: deal with bogus nextoffset values
- From: Ben Hawkes <hawkes@xxxxxxxxxx>
- Re: [PATCH nf] netfilter: x_tables: deal with bogus nextoffset values
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 1/2] extensions/libxt_rpfilter.man: fix typo, specifiy vs specify
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v3] libxt_multiport: Add translation to nft
- From: Piyush Pangtey <gokuvsvegita@xxxxxxxxx>
- [PATCH libnftnl] trace: fix missing NFTNL_TRACE_JUMP_TARGET in nftnl_trace_get_str()
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.
- From: Thomas Graf <tgraf@xxxxxxx>
- [iptables PATCH 2/2] iptables/xtables-arp.c: fix typo, wierd vs weird
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [iptables PATCH 1/2] extensions/libxt_rpfilter.man: fix typo, specifiy vs specify
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH nft] proto: Add router advertisement and solicitation icmp types
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/4] tests: frag: enable more tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [PATCH nf-next v8 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.
- From: Or Gerlitz <gerlitz.or@xxxxxxxxx>
- Re: [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.
- From: Joe Stringer <joe@xxxxxxx>
- Re: [PATCH nf-next v9 7/8] openvswitch: Delay conntrack helper call for new connections.
- From: Joe Stringer <joe@xxxxxxx>
- Re: [PATCH nf-next v9 5/8] openvswitch: Find existing conntrack entry after upcall.
- From: Joe Stringer <joe@xxxxxxx>
- Re: [ovs-dev] [PATCH nf-next v9 4/8] openvswitch: Update the CT state key only after nf_conntrack_in().
- From: Joe Stringer <joe@xxxxxxx>
- [PATCH nf] netfilter: x_tables: check for size overflow
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf] netfilter: x_tables: deal with bogus nextoffset values
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next v8 3/8] openvswitch: Add commentary to conntrack.c
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Re: [PATCH nf-next v8 8/8] openvswitch: Interface with NAT.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 4/8] openvswitch: Update the CT state key only after nf_conntrack_in().
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 6/8] openvswitch: Handle NF_REPEAT in conntrack action.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 7/8] openvswitch: Delay conntrack helper call for new connections.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 3/8] openvswitch: Add commentary to conntrack.c
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 5/8] openvswitch: Find existing conntrack entry after upcall.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 2/8] netfilter: Allow calling into nat helper without skb_dst.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- [PATCH nf-next v9 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.
- From: Jarno Rajahalme <jarno@xxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
- Re: [RFC] net: ipv4 -- Introduce ifa limit per net
- From: David Miller <davem@xxxxxxxxxxxxx>
- NFQUEUE "fail-open" only open to queue limit and not receive buffer limit
- From: "Yigal Reiss (yreiss)" <yreiss@xxxxxxxxx>
- Re: [PATCH] extensions: libip6t_hbh: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] proto: Add router advertisement and solicitation icmp types
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- Re: [PATCH v2] libxt_multiport: Add translation to nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
