Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- [PATCH next 06/84] ipvs: Pass ipvs not net to ip_vs_fill_conn
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 09/84] ipvs: Pass ipvs not net to __ip_vs_svc_fwm_find
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 10/84] ipvs: Pass ipvs not net to ip_vs_svc_hashkey
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 08/84] ipvs: Pass ipvs not net to ip_vs_svc_fwm_hashkey
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 03/84] ipvs: Use state->net in the ipvs forward functions
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 01/84] ipvs: Hoist computation of ipvs earlier in sctp_conn_schedule
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 00/84] ipvs: Stop guessing the network namespace
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [PATCH Resolved UMA issue] netfilter: icmp: Enhance the return value check of nf_nat_icmp(v6)_reply_translation
- From: Feng Gao <gfree.wind@xxxxxxxxxxx>
- Re: [PATCH] netfilter: icmp: Enhance the return value check of nf_nat_icmp(v6)_reply_translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH next 0/15] netfilter: Stop guessing net (take 2)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [GIT-PULL nf-next 00/15] IPVS Updates for v4.4
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH next 11/15] nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 13/15] netfilter: Pass priv instead of nf_hook_ops to netfilter hooks
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 15/15] netfilter: Use nf_ct_net instead of dev_net(out) in nf_nat_masquerade_ipv6
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 14/15] netfilter: Pass net into nf_xfrm_me_harder
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 12/15] ipvs: Read hooknum from state rather than ops->hooknum
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 02/15] inet netfilter: Remove hook from ip6t_do_table, arp_do_table, ipt_do_table
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 07/15] nftables: Pass struct net in nft_pktinfo
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 09/15] net: Pass net to nf_dup_ipv4 and nf_dup_ipv6
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 08/15] nftables: Use pkt->net instead of computing net from the passed net_devices
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 10/15] act_connmark: Remember the struct net instead of guessing it.
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 05/15] x_tables: Pass struct net in xt_action_param
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 06/15] x_tables: Use par->net instead of computing from the passed net devices
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 04/15] nftables: kill nft_pktinfo.ops
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 03/15] inet netfilter: Prefer state->hook to ops->hooknum
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 01/15] ebtables: Simplify the arguments to ebt_do_table
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 0/15] netfilter: Stop guessing net (take 2)
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH next 0/14] netfilter: Stop guessing net
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH next 0/14] netfilter: Stop guessing net
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH next 0/14] netfilter: Stop guessing net
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH next 0/14] netfilter: Stop guessing net
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [PATCH next 14/14] netfilter: Use nf_ct_net instead of dev_net(out) in nf_nat_masquerade_ipv6
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 13/14] netfilter: Pass net into nf_xfrm_me_harder
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 03/14] inet netfilter: Prefer state->hook to ops->hooknum
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 08/14] nftables: Use pkt->net instead of computing net from the passed net_devices
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 12/14] netfilter: Pass priv instead of nf_hook_ops to netfilter hooks
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 07/14] nftables: Pass struct net in nft_pktinfo
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 11/14] ipvs: Read hooknum from state rather than ops->hooknum
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 10/14] nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 09/14] net: Pass net to nf_dup_ipv4 and nf_dup_ipv6
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 06/14] x_tables: Use par->net instead of computing from the passed net devices
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 04/14] nftables: kill nft_pktinfo.ops
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 05/14] x_tables: Pass struct net in xt_action_param
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 02/14] inet netfilter: Remove hook from ip6t_do_table, arp_do_table, ipt_do_table
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 01/14] ebtables: Simplify the arguments to ebt_do_table
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH next 0/14] netfilter: Stop guessing net
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- [PATCH next 0/14] netfilter: Stop guessing net
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [GIT-PULL nf-next 00/15] IPVS Updates for v4.4
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [PATCH 3/4] netfilter: nft_compat: skip family comparison in case of NFPROTO_UNSPEC
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/4] netfilter: nf_log: wait for rcu grace after logger unregistration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/4] netfilter: nf_log: don't zap all loggers on unregister
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/4] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/4] netfilter: bridge: fix routing of bridge frames with call-iptables=1
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH next 0/30] Passing net through the netfilter hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH next 0/30] Passing net through the netfilter hooks
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH next 0/30] Passing net through the netfilter hooks
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH next 0/30] Passing net through the netfilter hooks
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH next 0/30] Passing net through the netfilter hooks
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [PATCH next 31/30] netfilter: Add blank lines in callers of netfilter hooks
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [ANNOUNCE] nftables 0.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [no subject]
- From: Alfred Cheuk Chow <sec249_alejandra@xxxxxxxxxxxxxx>
- Re: [PATCH next 0/30] Passing net through the netfilter hooks
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH next 28/30] netfilter: Pass struct net into the netfilter hooks
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH next 22/30] ipv6: Cache net in ip6_output
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH next 16/30] ipv6: Only compute net once in ip6mr_forward2_finish
- From: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
- Re: [PATCH RFC 0/3] Allow postponed netfilter handling for socket matches
- From: Florian Westphal <fw@xxxxxxxxx>
- [ANNOUNCE] libnftnl 1.0.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_log: wait for rcu grace after logger unregistration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC 0/3] Allow postponed netfilter handling for socket matches
- From: Daniel Mack <daniel@xxxxxxxxxx>
- [PATCH nf-next 02/15] ipvs: Add hdr_flags to iphdr
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [GIT-PULL nf-next 00/15] IPVS Updates for v4.4
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 03/15] ipvs: Handle inverse and icmp headers in ip_vs_leave
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 09/15] ipvs: sh: support scheduling icmp/inverse packets consistently
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 10/15] ipvs: attempt to schedule icmp packets
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 12/15] ipvs: support scheduling inverse and icmp TCP packets
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 06/15] ipvs: Make ip_vs_schedule aware of inverse iph'es
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 05/15] ipvs: drop inverse argument to conn_{in,out}_get
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 07/15] ipvs: add schedule_icmp sysctl
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 13/15] ipvs: support scheduling inverse and icmp UDP packets
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 14/15] ipvs: support scheduling inverse and icmp SCTP packets
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 15/15] ipvs: add sysctl to ignore tunneled packets
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 08/15] ipvs: Use outer header in ip_vs_bypass_xmit_v6
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 11/15] ipvs: ensure that ICMP cannot be sent in reply to ICMP
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 01/15] ipvs: replace ip_vs_fill_ip4hdr with ip_vs_fill_iph_skb_off
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next 04/15] ipvs: pull out ip_vs_try_to_schedule function
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH RFC 0/3] Allow postponed netfilter handling for socket matches
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] src: fix LIBVERSION, should be 3:0:0 instead of 3:0:3
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] build: bump library versioning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] build: bump library versioning
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH RFC 1/3] netfilter: add socket to struct nft_pktinfo
- From: Daniel Mack <daniel@xxxxxxxxxx>
- [PATCH RFC 0/3] Allow postponed netfilter handling for socket matches
- From: Daniel Mack <daniel@xxxxxxxxxx>
- [PATCH RFC 3/3] net: tcp_ipv4: re-run netfilter chains for marked skbs
- From: Daniel Mack <daniel@xxxxxxxxxx>
- [PATCH RFC 2/3] netfilter: nft_meta: mark skbs for postponed filter processing
- From: Daniel Mack <daniel@xxxxxxxxxx>
- Re: [PATCH nf v2] netfilter: bridge: fix routing of bridge frames with call-iptables=1
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 2/2] src: move new nftnl symbols to new group
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 0/2] map fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 1/2] src: move new set and set_elem symbols to new group
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ANNOUNCE] libnftnl 1.0.4 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [ANNOUNCE] libnftnl 1.0.4 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH next 21/30] ipv6: Only compute net once in ip6_finish_output2
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 11/30] ipv4: Only compute net once in ip_do_fragment
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 19/30] net: Remove dev_queue_xmit_sk
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 16/30] ipv6: Only compute net once in ip6mr_forward2_finish
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 24/30] bridge: Pass net into br_nf_ip_fragment
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 25/30] bridge: Pass net into br_nf_push_frag_xmit
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 20/30] ipv6: Don't recompute net in ip6_rcv
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 23/30] ipv6: Compute net once in raw6_send_hdrinc
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 22/30] ipv6: Cache net in ip6_output
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 28/30] netfilter: Pass struct net into the netfilter hooks
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 26/30] bridge: Cache net in br_nf_pre_routing_finish
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 30/30] netfilter: Pass net into okfn
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 27/30] bridge: Add br_netif_receive_skb remove netif_receive_skb_sk
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 18/30] bridge: Introduce br_send_bpdu_finish
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 15/30] ipv4: Only compute net once in ipmr_forward_finish
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 17/30] arp: Introduce arp_xmit_finish
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 14/30] ipv4: Only compute net once in ip_rcv_finish
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 29/30] netfilter: Use nf_hook_state.net
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 13/30] ipv4: Only compute net once in ip_finish_output2
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 12/30] ipv4: Explicitly compute net in ip_fragment
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 02/30] netfilter: Store net in nf_hook_state
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 03/30] netfilter: Pass net to nf_hook_thresh
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 07/30] ipv4: Compute net once in ip_forward_finish
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 06/30] ipv4: Compute net once in ip_forward
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 10/30] ipv4: Don't recompute net in ipmr_queue_xmit
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 09/30] ipv4: Remember the net in ip_output and ip_mc_output
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 08/30] ipv4: Compute net once in ip_rcv
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 05/30] net: Merge dst_output and dst_output_sk
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 04/30] xfrm: Remove unused afinfo method init_dst
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 01/30] netfilter: Remove !CONFIG_NETFITLER definition of nf_hook_thresh
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH next 0/30] Passing net through the netfilter hooks
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- SNAT and contrack helpers
- From: johan <johan.peeters111@xxxxxxxxx>
- Re: [PATCH libnftnl 0/3] use nftnl_ prefix
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] extensions: fix several test errors
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: bridge: fix routing of bridge frames with call-iptables=1
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf v2] netfilter: bridge: fix routing of bridge frames with call-iptables=1
- From: Sander Eikelenboom <linux@xxxxxxxxxxxxxx>
- Re: [PATCH 1/1] added missing icmpv6 dest-unreach codes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nft_compat: skip family comparison in case of NFPROTO_UNSPEC
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf v2] netfilter: bridge: fix routing of bridge frames with call-iptables=1
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/2 -stable-3.12 ] netfilter: nf_conntrack: don't release a conntrack with non-zero refcnt
- From: Jiri Slaby <jslaby@xxxxxxx>
- Re: [PATCH nf] netfilter: bridge: fix routing of bridge frames with call-iptables=1
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nf_log: don't zap all loggers on unregister
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: bridge: fix routing of bridge frames with call-iptables=1
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union initg
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union initg
- From: Akemi Yagi <amyagi@xxxxxxxxx>
- Re: [PATCH] ipvs:Fix locking requirements in the function ip_vs_unlink_service
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH] ipvs:Fix locking requirements in the function ip_vs_unlink_service
- From: Julian Anastasov <ja@xxxxxx>
- [PATCH -stable-4.1,-stable-4.2] netfilter: nfnetlink: work around wrong endianess in res_id field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable-4.2] netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable-4.2] netfilter: ipset: Out of bound access in hash:net* types fixed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable-4.2] netfilter: ipset: Fixing unnamed union init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable-4.2] netfilter: bridge: fix IPv6 packets not being bridged with CONFIG_IPV6=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable-4.2] netfilter: nf_tables: Use 32 bit addressing register from nft_type_to_reg()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: add concatenations and maps; combine them too
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/2 -stable-3.12 ] netfilter: nf_conntrack: don't release a conntrack with non-zero refcnt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/2 -stable-3.12] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] evaluate: use existing table object from evaluation context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2 -stable-3.12] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/2 -stable-3.12 ] netfilter: nf_conntrack: don't release a conntrack with non-zero refcnt
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH lnf-log 3/3] utils: nf-log: attaching a conntrack information
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH lnf-log 2/3] nlmsg: Add NFULA_CT and NFULA_CT_INFO attributes support
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH lnf-log 1/3] include: Sync with kernel headers
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nfnetlink_log: allow to attach conntrack
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nf_conntrack_netlink: add const qualifier to nfnl_hook
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nfnetlink_queue: rename related to nfqueue attaching conntrack info
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH RFC 0/3] Rework nfnetlink_queue conntrack support
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-queue PATCH] nlmsg: add lacking attributes validation
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [ANNOUNCE] Netdev 1.1 conference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/1] netfilter: nfnetlink_queue: return -EOPNOTSUPP if QUEUE_CT is disabled
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf-next 0/1] netfilter: nfnetlink_queue: return -EOPNOTSUPP if QUEUE_CT is disabled
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH lnf-queue] examples: attaching a conntrack information
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- nfqueue batch verdict with conntrack (was [PATCH RFC 3/3] netfilter: rename nfnetlink_queue_core.c to nfnetlink_queue.c)
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH nft] evaluate: use existing table object from evaluation context
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [PATCHv2 lnf-queue] examples: attaching a conntrack information
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH RFC 1/3] netfilter: ctnetlink: remove ctnetlink_nfqueue_build_size()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC 3/3] netfilter: rename nfnetlink_queue_core.c to nfnetlink_queue.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC 0/3] Rework nfnetlink_queue conntrack support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH lnf-queue] examples: attaching a conntrack information
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] evaluate: use existing table object from evaluation context
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH lnf-queue] examples: attaching a conntrack information
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH lnf-queue] examples: attaching a conntrack information
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH lnf-queue] examples: attaching a conntrack information
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft] segfault bug in simple ruleset, regression?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] conntrack-tools 1.4.3 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] libnetfilter_conntrack 1.0.5
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft] segfault bug in simple ruleset, regression?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft] segfault bug in simple ruleset, regression?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft] segfault bug in simple ruleset, regression?
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: Mixed IPv4+IPv6 sets
- From: Wilmer van der Gaast <wilmer@xxxxxxxxx>
- Re: Mixed IPv4+IPv6 sets
- From: Wilmer van der Gaast <wilmer@xxxxxxxxx>
- Re: Bug report: Segfault on nested sets with prefixes
- From: Wilmer van der Gaast <wilmer@xxxxxxxxx>
- [PATCH lnf-queue] examples: attaching a conntrack information
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH RFC 3/3] netfilter: rename nfnetlink_queue_core.c to nfnetlink_queue.c
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH RFC 1/3] netfilter: ctnetlink: remove ctnetlink_nfqueue_build_size()
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH RFC 0/3] Rework nfnetlink_queue conntrack support
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf] netfilter: nf_log: don't zap all loggers on unregister
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH RFC 0/3] Rework nfnetlink_queue conntrack support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC 2/3] netfilter: nfnetlink_queue: get rid of nfnetlink_queue_ct.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC 1/3] netfilter: ctnetlink: remove ctnetlink_nfqueue_build_size()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH RFC 3/3] netfilter: rename nfnetlink_queue_core.c to nfnetlink_queue.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: linux-next: Tree for Sep 8 (netfilter build error)
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
- Re: [nft] deleting chains and verdict map entries in the same transaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: Jan Engelhardt <jengelh@xxxxxxx>
- RE: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: "Zaman, Imran" <imran.zaman@xxxxxxxxx>
- RE: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: Mixed IPv4+IPv6 sets
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- RE: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: "Zaman, Imran" <imran.zaman@xxxxxxxxx>
- Re: [PATCH libnftnl 0/3] use nftnl_ prefix
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: Mixed IPv4+IPv6 sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Bug report: Segfault on nested sets with prefixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: Spelling fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl 0/3] use nftnl_ prefix
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: Jan Engelhardt <jengelh@xxxxxxx>
- RE: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: "Zaman, Imran" <imran.zaman@xxxxxxxxx>
- Re: [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH v1 1/1] fix: resource leakage when loading library using dlopen
- From: Imran Zaman <imran.zaman@xxxxxxxxx>
- Re: [PATCH] iptables: Spelling fixes
- From: Ville Skyttä <ville.skytta@xxxxxx>
- [nft] deleting chains and verdict map entries in the same transaction
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCHv2 nf-next 3/5] netfilter: nfnetlink_queue_ct: export functions
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH net] openvswitch: Remove conntrack Kconfig option.
- From: David Miller <davem@xxxxxxxxxxxxx>
- Bug report: Segfault on nested sets with prefixes
- From: Wilmer van der Gaast <wilmer@xxxxxxxxx>
- Mixed IPv4+IPv6 sets
- From: Wilmer van der Gaast <wilmer@xxxxxxxxx>
- Re: [PATCH] iptables: Spelling fixes
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH] iptables: Spelling fixes
- From: Ville Skyttä <ville.skytta@xxxxxx>
- Re: [PATCH] iptables: Spelling fixes
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH] iptables: Spelling fixes
- From: Ville Skyttä <ville.skytta@xxxxxx>
- Re: [PATCH 0/6] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH] iptables: Spelling fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] iptables: Spelling fixes
- From: Ville Skyttä <ville.skytta@xxxxxx>
- Re: [PATCH net] openvswitch: Remove conntrack Kconfig option.
- From: Pravin Shelar <pshelar@xxxxxxxxxx>
- [PATCH net] openvswitch: Remove conntrack Kconfig option.
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCH nft 2/2] mnl: rework netlink socket event receive path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] netlink: flush stdout after each event in monitor mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: display error when trying to run tests out of the root directory
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] solve musl build problem
- From: Brendan Heading <brendanheading@xxxxxxxxx>
- Re: [PATCH 1/1] solve musl build problem
- From: Brendan Heading <brendanheading@xxxxxxxxx>
- Re: [PATCH 1/1] solve musl build problem
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 1/1] solve musl build problem
- From: Brendan Heading <brendanheading@xxxxxxxxx>
- Re: [PATCH 1/1] solve musl build problem
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/1] solve musl build problem
- From: Brendan Heading <brendanheading@xxxxxxxxx>
- broken packet passed into raw table by nf_defrag_ipv6
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: [PATCHv2 nf-next 3/5] netfilter: nfnetlink_queue_ct: export functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/6] netfilter: ipset: Out of bound access in hash:net* types fixed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/6] netfilter: bridge: fix IPv6 packets not being bridged with CONFIG_IPV6=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/6] netfilter: nf_tables: Use 32 bit addressing register from nft_type_to_reg()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/6] netfilter: nfnetlink: work around wrong endianess in res_id field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/6] netfilter: ipset: Fixing unnamed union init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/6] netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_conntrack: make nf_ct_zone_dflt built-in
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_dup{4,6}: fix build error when nf_conntrack disabled
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_conntrack: make nf_ct_zone_dflt built-in
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_dup{4,6}: fix build error when nf_conntrack disabled
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl 0/3] use nftnl_ prefix
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 3/3] src: add compat header file definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 1/3] src: introduce nftnl_* aliases for all existing functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 0/3] use nftnl_ prefix
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrackd] allowing DisableExternalCache in alarm mode
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH nf 1/1] nft: Fix nlmsg_type in GET operation callbacks
- From: Vijay Subramanian <subramanian.vijay@xxxxxxxxx>
- Re: [PATCH nf 1/1] nft: Fix nlmsg_type in GET operation callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrackd] allowing DisableExternalCache in alarm mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCHv2 nf-next 5/5] netfilter: nfnetlink_log: allow to attach conntrack
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCHv2 nf-next 4/5] netfilter: nfnetlink_queue: rename nfnetlink_queue_core.c
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCHv2 nf-next 3/5] netfilter: nfnetlink_queue_ct: export functions
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCHv2 nf-next 2/5] netfilter: nf_conntrack_netlink: rename to link ct attachment with
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCHv2 nf-next 1/5] netfilter: nfnetlink_queue: enable to specify nla type
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: nfnetlink_log: allow to attach conntrack
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf] netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_ct_tcp: Remove the duplicated word in comment
- From: Feng Gao <gfree.wind@xxxxxxxxx>
- Re: [conntrackd] allowing DisableExternalCache in alarm mode
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union initg
- From: Vinson Lee <vlee@xxxxxxxxxxxxxxxx>
- [PATCH nf 1/1] nft: Fix nlmsg_type in GET operation callbacks
- From: Vijay Subramanian <subramanian.vijay@xxxxxxxxx>
- Re: [PATCHv6 net-next 00/10] OVS conntrack support
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- Re: [PATCHv6 net-next 00/10] OVS conntrack support
- From: Simon Horman <simon.horman@xxxxxxxxxxxxx>
- Re: [PATCH 0/9] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union initg
- From: Akemi Yagi <amyagi@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_ct_tcp: Remove the duplicated word in comment
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrack-tools PATCH] tcp: use MSG_NOSIGNAL in sendto() to avoid SIGPIPE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/1] ipset patch for nf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union initg
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/9] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/9] ipvs: call rtnl_lock early
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/9] ipvs: Add ovf scheduler
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 8/9] Revert "netfilter: xtables: compute exact size needed for jumpstack"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/9] netfilter: nf_dup: fix sparse warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 7/9] netfilter: ip6t_REJECT: added missing icmpv6 codes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 9/9] netfilter: reduce sparse warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/9] ipvs: add more mcast parameters for the sync daemon
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/9] ipvs: add sync_maxlen parameter for the sync daemon
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/9] netfilter: xt_TEE: use IS_ENABLED(CONFIG_NF_DUP_IPV6)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -next] netfilter: reduce sparse warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -next] Revert "netfilter: xtables: compute exact size needed for jumpstack"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -next] netfilter: nfnetlink: work around wrong endianess with old nft userspace
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH -next] netfilter: nfnetlink: work around wrong endianess with old nft userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] ipset 6.26 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 0/1] ipset patch for nf
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH 1/1] netfilter: ipset: Out of bound access in hash:net* types fixed
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [conntrackd] allowing DisableExternalCache in alarm mode
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: nfnetlink_log: allow to attach conntrack
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH -next] netfilter: nfnetlink: work around wrong endianess with old nft userspace
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH -next] netfilter: reduce sparse warnings
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCHv6 net-next 00/10] OVS conntrack support
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: nftables batch abi broken ...
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- nftables batch abi broken ...
- From: Florian Westphal <fw@xxxxxxxxx>
- [conntrackd] allowing DisableExternalCache in alarm mode
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [GIT PULL nf-next] Second Round of IPVS Updates for v4.3
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH -next] Revert "netfilter: xtables: compute exact size needed for jumpstack"
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCHv6 net-next 05/10] openvswitch: Add conntrack action
- From: Pravin Shelar <pshelar@xxxxxxxxxx>
- Re: [PATCH v2] iptables: update gitignore list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] libiptc: fix fortify errors in debug code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] build: add finer module blacklisting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: nfnetlink_log: allow to attach conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv6 net-next 05/10] openvswitch: Add conntrack action
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- Re: [lnf-log PATCHv2 3/3] nlmsg: add printf function in conjunction with libmnl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [lnf-log PATCHv2 2/3] utils: take a example from libmnl and use new functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [lnf-log PATCHv2 1/3] introduce new functions independent from libnfnetlink
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrack-tools PATCH] doc/debian.conntrackd.init.d: drop file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrack-tools PATCH] nfct: don't link against libnetfilter_conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrack-tools PATCH] list: fix prefetch dummy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCHv6 net-next 00/10] OVS conntrack support
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 01/10] openvswitch: Serialize acts with original netlink len
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 02/10] openvswitch: Move MASKED* macros to datapath.h
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 05/10] openvswitch: Add conntrack action
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 04/10] dst: Add __skb_dst_copy() variation
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- Re: [GIT PULL nf-next] Second Round of IPVS Updates for v4.3
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCHv6 net-next 07/10] netfilter: Always export nf_connlabels_replace()
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 06/10] openvswitch: Allow matching on conntrack mark
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 03/10] ipv6: Export nf_ct_frag6_gather()
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 09/10] openvswitch: Allow matching on conntrack label
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 08/10] netfilter: connlabels: Export setting connlabel length
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv6 net-next 10/10] openvswitch: Allow attaching helpers to ct action
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- Re: [PATCH v2 nf-next] added missing icmpv6 codes in REJECT
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [conntrack-tools PATCH] tcp: use MSG_NOSIGNAL in sendto() to avoid SIGPIPE
- From: Arturo Borrero Gonzalez <aborrero@xxxxxxx>
- Re: How to set connmark on a socket descriptor from userspace?
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- Re: [PATCHv5 net-next 10/10] openvswitch: Allow attaching helpers to ct action
- From: Pravin Shelar <pshelar@xxxxxxxxxx>
- Re: [PATCHv5 net-next 09/10] openvswitch: Allow matching on conntrack label
- From: Pravin Shelar <pshelar@xxxxxxxxxx>
- Re: [PATCHv5 net-next 06/10] openvswitch: Allow matching on conntrack mark
- From: Pravin Shelar <pshelar@xxxxxxxxxx>
- Re: [PATCHv5 net-next 10/10] openvswitch: Allow attaching helpers to ct action
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- Re: [PATCHv5 net-next 05/10] openvswitch: Add conntrack action
- From: Pravin Shelar <pshelar@xxxxxxxxxx>
- Re: [PATCHv5 net-next 03/10] ipv6: Export nf_ct_frag6_gather()
- From: Pravin Shelar <pshelar@xxxxxxxxxx>
- How to set connmark on a socket descriptor from userspace?
- From: David Hinkle <hinkle@xxxxxxxxxxxxxx>
- Re: [PATCHv5 net-next 10/10] openvswitch: Allow attaching helpers to ct action
- From: Thomas Graf <tgraf@xxxxxxx>
- Re: WARNING at net/ipv4/netfilter/ip_tables.c:530
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCHv5 net-next 09/10] openvswitch: Allow matching on conntrack label
- From: Thomas Graf <tgraf@xxxxxxx>
- Re: [PATCHv5 net-next 06/10] openvswitch: Allow matching on conntrack mark
- From: Thomas Graf <tgraf@xxxxxxx>
- Re: [PATCHv5 net-next 05/10] openvswitch: Add conntrack action
- From: Thomas Graf <tgraf@xxxxxxx>
- Re: [PATCHv5 net-next 04/10] dst: Add __skb_dst_copy() variation
- From: Thomas Graf <tgraf@xxxxxxx>
- Re: [PATCHv5 net-next 01/10] openvswitch: Serialize acts with original netlink len
- From: Thomas Graf <tgraf@xxxxxxx>
- WARNING at net/ipv4/netfilter/ip_tables.c:530
- From: Cong Wang <cwang@xxxxxxxxxxxxxxxx>
- [PATCH conntrack-tools] conntrack: add zone direction support
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH libnetfilter_conntrack] conntrack: add zone attribute to tuple
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCHv5 net-next 00/10] OVS conntrack support
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 01/10] openvswitch: Serialize acts with original netlink len
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 04/10] dst: Add __skb_dst_copy() variation
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 02/10] openvswitch: Move MASKED* macros to datapath.h
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 03/10] ipv6: Export nf_ct_frag6_gather()
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 09/10] openvswitch: Allow matching on conntrack label
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 06/10] openvswitch: Allow matching on conntrack mark
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 05/10] openvswitch: Add conntrack action
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 10/10] openvswitch: Allow attaching helpers to ct action
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 07/10] netfilter: Always export nf_connlabels_replace()
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCHv5 net-next 08/10] netfilter: connlabels: Export setting connlabel length
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: nfnetlink_log: allow to attach conntrack
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: nfnetlink_queue: enable to specify nla type
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH nf-next 0/2] netfilter: nfnetlink_log attach conntrack
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [PATCH iptables v2] libxt_CT: add support for recently introduced zone options
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH nft 0/12] add support for VLAN header filtering in bridge family
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 2/2 nf-next] netfilter: xt_TEE: use IS_ENABLED(CONFIG_NF_DUP_IPV6)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2 nf-next] netfilter: nf_dup: fix sparse warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union init
- From: Akemi Yagi <amyagi@xxxxxxxxx>
- Re: [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union init
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH v2 net-next] netfilter: ipset: Fixing unnamed union init
- From: Elad Raz <eladr@xxxxxxxxxxxx>
- [PATCH] netfilter: nf_ct_tcp: Remove the duplicated word in comment
- From: Feng Gao <gfree.wind@xxxxxxxxx>
- [PATCH conntrack-tools] nfct: Update syntax to specify command before subsystem
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [GIT PULL nf-next] Second Round of IPVS Updates for v4.3
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 1/4 nf-next] ipvs: Add ovf scheduler
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 2/4 nf-next] ipvs: call rtnl_lock early
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 4/4 nf-next] ipvs: add more mcast parameters for the sync daemon
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 3/4 nf-next] ipvs: add sync_maxlen parameter for the sync daemon
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH net-next] netfilter: ipset: Fixing unnamed union init
- From: Elad Raz <eladr@xxxxxxxxxxxx>
- [PATCH v2 iptables] added missing icmpv6 codes in REJECT
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- [PATCH v2 nf-next] added missing icmpv6 codes in REJECT
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] add missing icmpv6 codes (rfc4443) in REJECT
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] add missing icmpv6 codes (rfc4443) in REJECT
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- [PATCH iptables] add missing icmpv6 codes (rfc4443) in REJECT
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: [conntrack-tools PATCH] nfct: don't link against libnetfilter_conntrack
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: [PATCH 00/15] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 02/15] netfilter: xt_TEE: get rid of WITH_CONNTRACK definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/15] netfilter: nf_tables: add nft_dup expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/15] netfilter: nft_limit: convert to token-based limiting at nanosecond granularity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/15] netfilter: nft_limit: rename to nft_limit_pkts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/15] netfilter: nft_limit: factor out shared code with per-byte limiting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- =?y?q?=5BPATCH=2003/15=5D=20netfilter=3A=20factor=20out=20packet=20duplication=20for=20IPv4/IPv6?=
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/15] netfilter: nft_limit: add burst parameter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/15] netfilter: nft_limit: constant token cost per packet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/15] netfilter: nft_limit: add per-byte limiting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/15] netfilter: nfacct: per network namespace support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/15] netfilter: nf_conntrack: push zone object into functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/15] netfilter: nf_conntrack: add efficient mark to zone mapping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/15] netfilter: nf_conntrack: add direction support for zones
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/15] netfilter: nft_payload: work around vlan header stripping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/15] netfilter: nft_counter: convert it to use per-cpu counters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/15] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [lnf-log PATCHv2 3/3] nlmsg: add printf function in conjunction with libmnl
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-log PATCHv2 2/3] utils: take a example from libmnl and use new functions
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-log PATCHv2 1/3] introduce new functions independent from libnfnetlink
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [lnf-log RFC PATCH 2/2] utils: take a example from libmnl and use nflog_nlmsg_parse
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH 00/15] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: Linux 4.2 build error in net/netfilter/ipset/ip_set_hash_netnet.c
- From: Alan Bartlett <ajb@xxxxxxxxxx>
- Re: Linux 4.2 build error in net/netfilter/ipset/ip_set_hash_netnet.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrack-tools PATCH] nfct: don't link against libnetfilter_conntrack
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [lnf-log RFC PATCH 2/2] utils: take a example from libmnl and use nflog_nlmsg_parse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [conntrack-tools PATCH] nfct: don't link against libnetfilter_conntrack
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [conntrack-tools PATCH] nfct.8: reword some sentences
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [PATCH v2] iptables: update gitignore list
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- Re: [PATCH] iptables: update gitignore list
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- [conntrack-tools PATCH] doc/debian.conntrackd.init.d: drop file
- From: Arturo Borrero Gonzalez <aborrero@xxxxxxx>
- Re: [PATCH] iptables: update gitignore list
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- [conntrack-tools PATCH] list: fix prefetch dummy
- From: Arturo Borrero Gonzalez <aborrero@xxxxxxx>
- [PATCH] iptables: update gitignore list
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- [PATCH] libiptc: fix fortify errors in debug code
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- Re: [PATCH] build: use _DEFAULT_SOURCE for newer glibc
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- [PATCH 1/1] added missing icmpv6 dest-unreach codes
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: ICMPv6 Type 1 Code 5 and 6 missing in iptables REJECT target and icmpv6 match
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: ICMPv6 Type 1 Code 5 and 6 missing in iptables REJECT target and icmpv6 match
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: ICMPv6 Type 1 Code 5 and 6 missing in iptables REJECT target and icmpv6 match
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: ICMPv6 Type 1 Code 5 and 6 missing in iptables REJECT target and icmpv6 match
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] build: use _DEFAULT_SOURCE for newer glibc
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [lnf-log PATCH 2/2] utils: take a example from libmnl and use new functions
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-log PATCH 1/2] introduce new functions independent from libnfnetlink
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [lnf-log RFC PATCH 2/2] utils: take a example from libmnl and use nflog_nlmsg_parse
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH] netfilter: Remove the duplicated word "see" in the comment when set the IPS_ASSURED_BIT in tcp_packet
- From: Feng Gao <gfree.wind@xxxxxxxxx>
- Re: [PATCH] netfilter: Remove the duplicated word "see" in the comment when set the IPS_ASSURED_BIT in tcp_packet
- From: Feng Gao <gfree.wind@xxxxxxxxx>
- Re: [PATCH iptables] libxt_CT: add support for recently introduced zone options
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [lnf-log RFC PATCH 2/2] utils: take a example from libmnl and use nflog_nlmsg_parse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: Remove the duplicated word "see" in the comment when set the IPS_ASSURED_BIT in tcp_packet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv4 nf-next] netfilter: bridge: fix IPv6 packets not being bridged with CONFIG_IPV6=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/15] netfilter: nft_counter: convert it to use per-cpu counters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/15] netfilter: xt_TEE: get rid of WITH_CONNTRACK definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/15] netfilter: nf_tables: add nft_dup expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- =?y?q?=5BPATCH=2003/15=5D=20netfilter=3A=20factor=20out=20packet=20duplication=20for=20IPv4/IPv6?=
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/15] netfilter: nft_limit: add burst parameter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/15] netfilter: nft_limit: rename to nft_limit_pkts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/15] netfilter: nft_limit: add per-byte limiting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/15] netfilter: nf_conntrack: add direction support for zones
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/15] netfilter: nf_conntrack: push zone object into functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/15] netfilter: nf_conntrack: add efficient mark to zone mapping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/15] netfilter: nft_payload: work around vlan header stripping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/15] netfilter: nfacct: per network namespace support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/15] netfilter: nft_limit: constant token cost per packet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/15] netfilter: nft_limit: factor out shared code with per-byte limiting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/15] netfilter: nft_limit: convert to token-based limiting at nanosecond granularity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/15] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -next] nftables: nft_payload: work around vlan header stripping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v5 2/2] netfilter: nf_conntrack: add efficient mark to zone mapping
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- ICMPv6 Type 1 Code 5 and 6 missing in iptables REJECT target and icmpv6 match
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: [PATCH] build: use _DEFAULT_SOURCE for newer glibc
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- [lnf-log RFC PATCH v2 2/2] utils: take a example from libmnl and use new functions
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-log RFC PATCH v2 1/2] introduce new functions independent from libnfnetlink
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [lnf-log RFC PATCH 2/2] utils: take a example from libmnl and use nflog_nlmsg_parse
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH] build: use _DEFAULT_SOURCE for newer glibc
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v5 2/2] netfilter: nf_conntrack: add efficient mark to zone mapping
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] build: add finer module blacklisting
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- Re: [PATCH nf-next v5 1/2] netfilter: nf_conntrack: add direction support for zones
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] build: use _DEFAULT_SOURCE for newer glibc
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- [PATCH conntrackd 8/8] conntrackd: missing break in expectation message parser function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 7/8] conntrackd: use strncpy to set up the cache name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 6/8] conntrackd: simplify branch in tcp_accept()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 5/8] conntrackd: fix error handling in nfq_queue_cb()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 4/8] conntrackd: fix descriptor leak in do_local_request()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 3/8] conntrackd: fix leak in fork_process_new()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 2/8] conntrackd: NTA_MAX is also an invalid attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 1/8] conntrackd: fix sanitization of expection attribute in the wire format
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH conntrackd 0/8] unsorted fixes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2] tests: redirect: fix payload display
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] configure: fix 3rd arg w/AC_ARG_ENABLE
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [lnf-log RFC PATCH 2/2] utils: take a example from libmnl and use nflog_nlmsg_parse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [lnf-log RFC PATCH 1/2] introduce new functions to use without nflog_handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [lnf-log PATCH] build: fix typo
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] tests: redirect: fix payload display
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] tests: sets: don't include listing in payload tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] expr: immediate: fix leak in expression destroy path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnftnl] src: fix memory leaks at nft_[object]_nlmsg_parse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft] merged next-4.2 and lastest cache consolidation patches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -next] nftables: nft_payload: work around vlan header stripping
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH libnftnl 1/3] expr: add dup expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables: precondition validation fails on map construct
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH libnftnl 1/3] expr: add dup expression support
- From: Patrick McHardy <kaber@xxxxxxxxx>
- [PATCH libnftnl 3/3] expr: limit: add per-byte limiting support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 2/3] expr: limit: add burst attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 1/3] expr: add dup expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/12] payload: disable payload merge if offsets are not on byte boundary
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 05/12] src: netlink_linearize: handle sub-byte lengths
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 09/12] tests: add tests for ip version/hdrlength/tcp doff
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 08/12] netlink: cmp: shift rhs constant if lhs offset doesn't start on byte boundary
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 11/12] tests: vlan tests
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 12/13] vlan: make != tests work
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 10/12] nft: support listing expressions that use non-byte header fields
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 07/12] nft: fill in doff and fix ihl/version template entries
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 06/12] src: netlink: don't truncate set key lengths
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 03/12] nft: allow stacking vlan header on top of ethernet
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 01/12] tests: use the src/nft binary instead of $PATH one
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 02/12] tests: add 'awkward' prefix match expression
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft 0/12] add support for VLAN header filtering in bridge family
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Patrick McHardy <kaber@xxxxxxxxx>
- [PATCH] configure: fix 3rd arg w/AC_ARG_ENABLE
- From: Mike Frysinger <vapier@xxxxxxxxxx>
- [PATCH nf-next v5 2/2] netfilter: nf_conntrack: add efficient mark to zone mapping
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH nf-next v5 1/2] netfilter: nf_conntrack: add direction support for zones
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH nf-next v5 0/2] Netfilter zone directions
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: ipset triggering kasan warnings.
- From: Dave Jones <davej@xxxxxxxxxxxxxxxxx>
- Re: ipset triggering kasan warnings.
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- ipset triggering kasan warnings.
- From: Dave Jones <davej@xxxxxxxxxxxxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Florian Westphal <fw@xxxxxxxxx>
- nftables: precondition validation fails on map construct
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCH v4 2/3] netfilter: nf_conntrack: add direction support for zones
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4 2/3] netfilter: nf_conntrack: add direction support for zones
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: Remove the duplicated word "see" in the comment when set the IPS_ASSURED_BIT in tcp_packet
- From: Feng Gao <gfree.wind@xxxxxxxxx>
- [PATCHv4 nf-next] netfilter: bridge: fix IPv6 packets not being bridged with CONFIG_IPV6=n
- From: Bernhard Thaler <bernhard.thaler@xxxxxxxx>
- Re: [PATCH v4 2/3] netfilter: nf_conntrack: add direction support for zones
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCHv3 2/2 nf] netfilter: bridge: fix IPv6 packets not being bridged with CONFIG_IPV6=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v4 2/3] netfilter: nf_conntrack: add direction support for zones
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] tests: validate generated netlink instructions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2] netlink: don't call netlink_dump_*() from listing functions with --debug=netlink
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] evaluate: display error on unexisting chain when listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_tables: Use 32 bit addressing register from nft_type_to_reg()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Linux 4.2 build error in net/netfilter/ipset/ip_set_hash_netnet.c
- From: Akemi Yagi <amyagi@xxxxxxxxx>
- Re: nft: parser problem, can use mark as datatype in sets and maps
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: nft: parser problem, can use mark as datatype in sets and maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft: parser problem, can use mark as datatype in sets and maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft: parser problem, can use mark as datatype in sets and maps
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCH v4 1/3] netfilter: nf_conntrack: push zone object into functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft: parser problem, can use mark as datatype in sets and maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft: parser problem, can use mark as datatype in sets and maps
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/5] netfilter: SYNPROXY: fix sending window update to client
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 4/5] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/5] netfilter: conntrack: Use flags in nf_ct_tmpl_alloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/5] netfilter: nf_conntrack: checking for IS_ERR() instead of NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/5] netfilter: nf_conntrack: silence warning on falling back to vmalloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/5] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: IPv6 and private net with masquerading not working correctly
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
- Re: nft: parser problem, can use mark as datatype in sets and maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- nft: parser problem, can use mark as datatype in sets and maps
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCH 2/2] extensions: restore matching any SPI id by default
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH 2/2] extensions: restore matching any SPI id by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 2/2] netfilter: ip6t_SYNPROXY: fix sending window update to client
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 1/2] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 14/14] src: get rid of EINTR handling for nft_netlink()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 13/14] src: use cache infrastructure for set element objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 11/14] src: add chain declarations to cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 12/14] src: use cache infrastructure for rule objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 08/14] rule: add chain reference counter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 10/14] evaluate: add cmd_evaluate_rename()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 09/14] src: use cache infrastructure for chain objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 07/14] src: early allocation of the set ID
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 06/14] src: add set declaration to cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 05/14] src: use cache infrastructure for set objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 02/14] src: add cmd_evaluate_list()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 04/14] src: add table declaration to cache
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 03/14] rule: add reference counter to the table object
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 01/14] src: add cache infrastructure and use it for table objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v5 00/14] cache consolidation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [IPTABLES] Module ipt_same
- From: Alex william <alex.william21@xxxxxxxxxxx>
- Re: [IPTABLES] Module ipt_same
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [lnf-log RFC PATCH 2/2] utils: take a example from libmnl and use nflog_nlmsg_parse
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-log RFC PATCH 1/2] introduce new functions to use without nflog_handle
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-log RFC PATCH 0/2] introduce new functions to use without nflog_handle
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- [lnf-log PATCH] build: fix typo
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: [PATCH v2 2/2] netfilter: ip6t_SYNPROXY: fix sending window update to client
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH v2 1/2] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCHv3 2/2 nf] netfilter: bridge: fix IPv6 packets not being bridged with CONFIG_IPV6=n
- From: Bernhard Thaler <bernhard.thaler@xxxxxxxx>
- [PATCH v2 1/2] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference
- From: Phil Sutter <phil@xxxxxx>
- [PATCH v2 2/2] netfilter: ip6t_SYNPROXY: fix sending window update to client
- From: Phil Sutter <phil@xxxxxx>
- [PATCH iptables] libxt_CT: add support for recently introduced zone options
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH v4 2/3] netfilter: nf_conntrack: add direction support for zones
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH v4 1/3] netfilter: nf_conntrack: push zone object into functions
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH v4 3/3] netfilter: nf_conntrack: add efficient mark to zone mapping
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- [PATCH nf-next v4 0/3] Netfilter zone directions
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH 1/2] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH 2/2] extensions: restore matching any SPI id by default
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH 2/2] extensions: restore matching any SPI id by default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: per network namespace nfacct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: IP sets: Suggestion: additional value match
- From: Rudolf_AT <Rudolf_AT.nf@xxxxxx>
- Re: [PATCH] netfilter: per network namespace nfacct
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCH] netfilter: per network namespace nfacct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference
- From: Phil Sutter <phil@xxxxxx>
- [PATCH 2/2] netfilter: ip6t_SYNPROXY: fix sending window update to client
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] netfilter: per network namespace nfacct
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCHv3 2/2 nf] netfilter: bridge: fix IPv6 packets not being bridged with CONFIG_IPV6=n
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: per network namespace nfacct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v3 1/3] netfilter: nf_conntrack: push zone object into functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 6/6] netfilter: nft_limit: add per-byte limiting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: per network namespace nfacct
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCH nf-next v3 1/3] netfilter: nf_conntrack: push zone object into functions
- From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v3 1/3] netfilter: nf_conntrack: push zone object into functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 6/6] netfilter: nft_limit: add per-byte limiting
- From: Patrick McHardy <kaber@xxxxxxxxx>
- [PATCH nf-next 6/6] netfilter: nft_limit: add per-byte limiting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/6] netfilter: nft_limit: constant token cost per packet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/6] netfilter: nft_limit: add burst parameter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/6] netfilter: nft_limit: convert to token-based limiting at nanosecond granularity
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/6] netfilter: nft_limit: factor out shared code with per-byte limiting
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/6] netfilter: nft_limit: rename to nft_limit_pkts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl] src: fix memory leaks at nft_[object]_nlmsg_parse
- From: Carlos Falgueras García <carlosfg@xxxxxxxxxx>
- Re: [PATCH 00/18] Netfilter updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH net] netfilter: conntrack: Use flags in nf_ct_tmpl_alloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH net] netfilter: conntrack: Use flags in nf_ct_tmpl_alloc()
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- [PATCH net] netfilter: conntrack: Use flags in nf_ct_tmpl_alloc()
- From: Joe Stringer <joestringer@xxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: ipt_SYNPROXY: fix sending window update to client
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/3] netfilter: factor out packet duplication for IPv4/IPv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: IPv6 support for GRE helper(nf_conntrack_proto_gre)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nf_tables: add generation mask to set objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- IPv6 support for GRE helper(nf_conntrack_proto_gre)
- From: Aju L Francis <aju@xxxxxxxx>
- Re: nfacct is not namespace aware
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- nfacct is not namespace aware
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: [PATCH nf-next 2/3] netfilter: factor out packet duplication for IPv4/IPv6
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nf_tables: add generation mask to set objects
- From: Patrick McHardy <kaber@xxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Patrick McHardy <kaber@xxxxxxxxx>
- =?y?q?=5BPATCH=20nf-next=202/3=5D=20netfilter=3A=20factor=20out=20packet=20duplication=20for=20IPv4/IPv6?=
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nf_tables: add nft_dup expression
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: xt_TEE: get rid of WITH_CONNTRACK definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/18] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/18] netfilter: Per network namespace netfilter hooks.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/18] netfilter: move tee_active to core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/18] netfilter: xtables: compute exact size needed for jumpstack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/18] netfilter: nftables: Only run the nftables chains in the proper netns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/18] netfilter: xtables: don't save/restore jumpstack offset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/18] netfilter: add and use jump label for xt_tee
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/18] netfilter: xtables: remove __pure annotation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/18] netfilter: fix possible removal of wrong hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/18] netfilter: rename local nf_hook_list to hook_list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/18] netfilter: nf_queue: fix nf_queue_nf_hook_drop()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/18] netfilter: bridge: reduce nf_bridge_info to 32 bytes again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/18] netfilter: nf_ct_sctp: minimal multihoming support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/18] netfilter: ip6t_REJECT: Remove debug messages from reject_tg6()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/18] netfilter: bridge: do not initialize statics to 0 or NULL
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/18] netfilter: Fix memory leak in nf_register_net_hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/18] netfilter: Factor out the hook list selection from nf_register_hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/18] netfilter: Simply the tests for enabling and disabling the ingress queue hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/18] netfilter: kill nf_hooks_active
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: New multiple DSCP match by "-m dscp --dscp-multi value,value,..."
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: New multiple DSCP match by "-m dscp --dscp-multi value,value,..."
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 3/3] netfilter: nf_tables: add generation mask to set objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_tables: add generation mask to table objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
