Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

[PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[syzbot] Monthly netfilter report (Jan 2024)
- From: syzbot <syzbot+listc06dd9c5e64ea358a383@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH libnftnl] object: define nftnl_obj_unset()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: nf_nat: fix action not being set for all ct states
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: feature request: list elements of table for scripting
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] datatype: rt_symbol_table_init() to search for iproute2 configs
- From: Phil Sutter <phil@xxxxxx>
Re: feature request: list elements of table for scripting
- From: Han Boetes <hboetes@xxxxxxxxx>
Re: [PATCH libnftnl] object: define nftnl_obj_unset()
- From: Nicholas Vinson <nvinson234@xxxxxxxxx>
Re: feature request: list elements of table for scripting
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH net] netfilter: nf_nat: fix action not being set for all ct states
- From: Aaron Conole <aconole@xxxxxxxxxx>
Re: [libnftnl] chain: Removed non-defined functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 01/14] netfilter: cleanup enum nft_set_class
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl] object: define nftnl_obj_unset()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nft_immediate: drop chain reference counter on error
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: feature request: list elements of table for scripting
- From: Han Boetes <hboetes@xxxxxxxxx>
[RFC nf-next v5 2/2] selftests/bpf: Add netfilter link prog update test
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v5 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v5 0/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: GUI Frontend for iptables and nftables Linux firewalls
- From: Phil Sutter <phil@xxxxxx>
Re: feature request: list elements of table for scripting
- From: Phil Sutter <phil@xxxxxx>
[PATCH RFC libnetfilter_queue 1/1] utils/nfqnl_test runs without libnfnetlink
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH RFC libnetfilter_queue 0/1] libnfnetlink dependency elimination
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
feature request: list elements of table for scripting
- From: Han Boetes <hboetes@xxxxxxxxx>
Re: [RFC nf-next v4 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [PATCH net 1/2] netfilter: nf_tables: set transport offset from mac header for netdev/egress
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[RFC nf-next v4 2/2] selftests/bpf: Add netfilter link prog update test
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v4 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v4 0/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: Kprobe for nf_nat is broken in Latest Debian 6.1.66-1
- From: P K <pkopensrc@xxxxxxxxx>
Re: [PATCH net] netfilter: nf_nat: fix action not being set for all ct states
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [RFC nf-next v3 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [RFC nf-next v3 1/2] netfilter: bpf: support prog update
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [RFC nf-next v3 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[libnftnl] chain: Removed non-defined functions
- From: Nicholas Vinson <nvinson234@xxxxxxxxx>
[PATCH 14/14] netfilter: cleanup struct nft_flowtable
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 13/14] netfilter: cleanup struct nft_object_ops
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 12/14] netfilter: cleanup struct nft_object
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 11/14] netfilter: cleanup struct nft_base_chain
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 10/14] netfilter: cleanup struct nft_chain
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 09/14] netfilter: cleanup struct nft_expr_ops
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 08/14] netfilter: cleanup struct nft_expr_type
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 07/14] netfilter: cleanup struct nft_set_ext_tmpl
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 06/14] netfilter: cleanup struct nft_set
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 05/14] netfilter: cleanup struct nft_set_ops
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 04/14] netfilter: cleanup struct nft_set_iter
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 03/14] netfilter: cleanup struct nft_ctx
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 02/14] netfilter: cleanup struct nft_set_elem
- From: George Guo <dongtai.guo@xxxxxxxxx>
[PATCH 01/14] netfilter: cleanup enum nft_set_class
- From: George Guo <dongtai.guo@xxxxxxxxx>
Kprobe for nf_nat is broken in Latest Debian 6.1.66-1
- From: P K <pkopensrc@xxxxxxxxx>
Re: [PATCH net] netfilter: nf_nat: fix action not being set for all ct states
- From: Brad Cowie <brad@xxxxxxxxx>
Re: [PATCH net] netfilter: nf_nat: fix action not being set for all ct states
- From: Simon Horman <horms@xxxxxxxxxx>
Re: [RFC nf-next v3 1/2] netfilter: bpf: support prog update
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
[nft PATCH 2/2] datatype: Describe rt symbol tables
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/2] datatype: Initialize rt_symbol_tables' base field
- From: Phil Sutter <phil@xxxxxx>
[PATCH v2 nft] datatype: do not assert when value exceeds expected width
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH] datatype: rt_symbol_table_init() to search for iproute2 configs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] datatype: rt_symbol_table_init() to search for iproute2 configs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: ctnetlink: support filtering by zone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 7/8] netfilter: ctnetlink: support filtering by zone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 8/8] netfilter: nf_tables: validate chain type update if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 6/8] netfilter: nf_tables: mark newset as dead on transaction abort
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 5/8] netfilter: flowtable: reorder nf_flowtable struct members
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 4/8] netfilter: nft_set_pipapo: prefer gfp_kernel allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 3/8] netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 2/8] netfilter: nf_tables: Introduce nft_set_dump_ctx_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 1/8] netfilter: nf_tables: Pass const set to nft_get_set_elem
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next 0/8] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/2] netfilter: nf_tables: set transport offset from mac header for netdev/egress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/2] netfilter: nf_tables: skip set commit for deleted/destroyed sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC nf-next v3 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[PATCH net] netfilter: nf_nat: fix action not being set for all ct states
- From: Brad Cowie <brad@xxxxxxxxx>
[iptables PATCH v2] ebtables: Default to extrapositioned negations
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] tests: iptables-test: Use difflib if dumps differ
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] iptables-legacy: Fix for mandatory lock waiting
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v2 1/3] netfilter: uapi: Document NFT_TABLE_F_OWNER flag
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v2 3/3] netfilter: nf_tables: Implement table adoption support
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v2 2/3] netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH v2 0/3] netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] ebtables: Default to extrapositioned negations
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft v2] src: do not allow to chain more than 16 binops
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 07/23] extensions: libebt_stp: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 04/23] libxtables: xtoptions: Treat NFPROTO_BRIDGE as IPv4
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 02/23] libxtables: xtoptions: Support XTOPT_NBO with XTTYPE_UINT*
- From: Phil Sutter <phil@xxxxxx>
Re: [RFC nf-next v3 1/2] netfilter: bpf: support prog update
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [iptables PATCH 07/23] extensions: libebt_stp: Use guided option parser
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [iptables PATCH 04/23] libxtables: xtoptions: Treat NFPROTO_BRIDGE as IPv4
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [iptables PATCH 02/23] libxtables: xtoptions: Support XTOPT_NBO with XTTYPE_UINT*
- From: Jan Engelhardt <jengelh@xxxxxxx>
[iptables PATCH 17/23] extensions: libebt_802_3: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 06/23] extensions: libebt_*: Drop some needless init callbacks
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 00/23] Guided option parser for ebtables
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 19/23] extensions: libebt_arp: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 07/23] extensions: libebt_stp: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 09/23] extensions: libebt_dnat: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 18/23] extensions: libebt_vlan: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 02/23] libxtables: xtoptions: Support XTOPT_NBO with XTTYPE_UINT*
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 03/23] libxtables: xtoptions: Implement XTTYPE_ETHERMACMASK
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 21/23] extensions: libebt_pkttype: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 16/23] extensions: libebt_redirect: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 20/23] extensions: libxt_limit: Use guided option parser for NFPROTO_BRIDGE, too
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 15/23] extensions: libebt_snat: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 22/23] extensions: libebt_mark_m: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 01/23] libxtables: xtoptions: Prevent XTOPT_PUT with XTTYPE_HOSTMASK
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 08/23] extensions: libebt_arpreply: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 14/23] extensions: libebt_nflog: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 11/23] extensions: libebt_ip: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 13/23] extensions: libebt_mark: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 23/23] extensions: libxt_HMARK: Review HMARK_parse()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 10/23] extensions: libebt_ip6: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 05/23] ebtables: Support for guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 12/23] extensions: libebt_log: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 04/23] libxtables: xtoptions: Treat NFPROTO_BRIDGE as IPv4
- From: Phil Sutter <phil@xxxxxx>
[PATCH net 1/2] netfilter: nf_tables: set transport offset from mac header for netdev/egress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/2] netfilter: nf_tables: skip set commit for deleted/destroyed sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] tests: iptables-test: Use difflib if dumps differ
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] netlink: fix stack overflow due to erroneous rounding
- From: Florian Westphal <fw@xxxxxxxxx>
[RFC nf-next v3 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v3 0/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v3 2/2] selftests/bpf: Add netfilter link prog update test
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [RFC nf-next v2 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[PATCH nft] src: do not allow to chain more than 16 binops
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v14 10/12] selftests/landlock: Add network tests
- From: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
[PATCH nft] evaluate: don't crash if object map does not refer to a value
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v14 10/12] selftests/landlock: Add network tests
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
netfilter ipv6 flow offloading seemingly causing hangs - how to debug?
- From: Pierre Bourdon <delroth@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: skip set commit for deleted/destroyed sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] datatype: do not assert when value exceeds 255
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] parser_bison: error out on duplicated type/typeof/element keywords
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH] iptables-legacy: Fix for mandatory lock waiting
- From: Phil Sutter <phil@xxxxxx>
Re: [RFC nf-next v2 1/2] netfilter: bpf: support prog update
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [RFC nf-next v2 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[PATCH nft] intervals: BUG on prefix expressions without value
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nft] support for afl++ (american fuzzy lop++) fuzzer
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v14 10/12] selftests/landlock: Add network tests
- From: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
[iptables PATCH] iptables-legacy: Fix for mandatory lock waiting
- From: Phil Sutter <phil@xxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] tests: shell: add test to cover payload transport match and mangle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [RFC nf-next v2 1/2] netfilter: bpf: support prog update
- From: Simon Horman <horms@xxxxxxxxxx>
Re: PATCH [netfilter] Remove old case sensitive variants of lowercase .c and .h files
- From: Tomasz Pala <gotar@xxxxxxxxxx>
Can netfilter-ebpf modify packets ？
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v2 0/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v2 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v2 2/2] selftests/bpf: Add netfilter link prog update test
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [RFC nf-next v1 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [netfilter-core] PATCH [netfilter] Remove old case sensitive variants of lowercase .c and .h files
- From: Phil Sutter <phil@xxxxxx>
Re: PATCH [netfilter] Remove old case sensitive variants of lowercase .c and .h files
- From: Jan Engelhardt <jengelh@xxxxxxx>
PATCH [netfilter] Remove old case sensitive variants of lowercase .c and .h files
- From: Samuel Marks <samuelmarks@xxxxxxxxx>
Re: [PATCH nft 0/3] src: make set-merging less zealous
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v39 18/42] LSM: Use lsmcontext in security_lsmblob_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v39 17/42] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v39 16/42] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[libnftnl PATCH 3/6] expr: Call expr_ops::set with legal types only
- From: Phil Sutter <phil@xxxxxx>
[libnftnl PATCH 5/6] expr: Introduce struct expr_ops::attr_policy
- From: Phil Sutter <phil@xxxxxx>
[libnftnl PATCH 2/6] expr: Repurpose struct expr_ops::max_attr field
- From: Phil Sutter <phil@xxxxxx>
[libnftnl PATCH 4/6] include: Sync nf_log.h with kernel headers
- From: Phil Sutter <phil@xxxxxx>
[libnftnl PATCH 1/6] tests: Fix objref test case
- From: Phil Sutter <phil@xxxxxx>
[libnftnl PATCH 0/6] Attribute policies for expressions
- From: Phil Sutter <phil@xxxxxx>
[libnftnl PATCH 6/6] expr: Enforce attr_policy compliance in nftnl_expr_set()
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] datatype: rt_symbol_table_init() to search for iproute2 configs
- From: Phil Sutter <phil@xxxxxx>
Re: ulogd / JSON output / enhancement proposal
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH net-next 07/24] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
Re: [RFC nf-next v1 1/2] netfilter: bpf: support prog update
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables v2 0/6] Autoools silent-rules fixes
- From: Phil Sutter <phil@xxxxxx>
[nf-next PATCH] netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] tcpopt: don't create exthdr expression without datatype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: fix stack overflow with huge priority string
- From: Florian Westphal <fw@xxxxxxxxx>
[RFC nf-next v1 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v1 2/2] selftests/bpf: Add netfilter link prog update test
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next v1 0/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: validate chain type update if available
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: set transport offset from mac header for netdev/egress
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
ulogd / JSON output / enhancement proposal
- From: Gérald Colangelo <gerald.colangelo@xxxxxxxxx>
Bug in ulogd2 when destroying a stack that failed to start (with fix attached)
- From: Gérald Colangelo <gerald.colangelo@xxxxxxxxx>
[PATCH nft] evaluate: exthdr: statement arg must be not be a range
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH iptables v2 2/6] build: remove obsolete `AM_LIBTOOL_SILENT` variable
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables v2 5/6] build: add an automake verbosity variable for `ln`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables v2 6/6] build: replace `echo -e` with `printf`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables v2 1/6] build: format `AM_CPPFLAGS` variables
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables v2 4/6] build: use standard automake verbosity variables
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables v2 3/6] build: remove unused `AM_VERBOSE_CXX*` variables
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables v2 0/6] Autoools silent-rules fixes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [PATCH iptables 7/7] build: suppress man-page listing in silent rules
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
Re: [PATCH iptables 6/7] build: replace `echo -e` with `printf`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH nft] netlink: don't crash if prefix for < byte is requested
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables 7/7] build: suppress man-page listing in silent rules
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH v2 nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH iptables 3/7] build: remove unused `AM_VERBOSE_CXX*` variables
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables 4/7] build: use standard automake verbosity variables
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables 6/7] build: replace `echo -e` with `printf`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables 5/7] build: add an automake verbosity variable for `ln`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables 7/7] build: suppress man-page listing in silent rules
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables 0/7] Autoools silent-rules fixes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables 1/7] build: format `AM_CPPFLAGS` variables
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH iptables 2/7] build: remove obsolete `AM_LIBTOOL_SILENT` variable
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH v2 nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[PATCH nft] evaluate: fix gmp assertion with too-large reject code
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
Re: [RFC nf-next 1/2] netfilter: bpf: support prog update
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [libnftnl RFC 2/2] expr: Introduce struct expr_ops::attr_policy
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [libnftnl RFC 2/2] expr: Introduce struct expr_ops::attr_policy
- From: Phil Sutter <phil@xxxxxx>
Re: [libnftnl RFC 2/2] expr: Introduce struct expr_ops::attr_policy
- From: Florian Westphal <fw@xxxxxxxxx>
[libnftnl RFC 1/2] expr: Repurpose struct expr_ops::max_attr field
- From: Phil Sutter <phil@xxxxxx>
[libnftnl RFC 2/2] expr: Introduce struct expr_ops::attr_policy
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft 3/3] evaluate: don't assert if set->data is NULL
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/3] src: do not merge a set with a erroneous one
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/3] intervals: BUG on prefix expressions without value
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 0/3] src: make set-merging less zealous
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] netlink: fix stack buffer overflow with sub-reg sized prefixes
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] meta: fix tc classid parsing out-of-bounds access
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft] evaluate: error out when existing set has incompatible key
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: stmt_nat: set reference must point to a map
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Phil Sutter <phil@xxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Eric Garver <eric@xxxxxxxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
[RFC nf-next 2/2] selftests/bpf: Add netfilter link prog update test
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next 1/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
[RFC nf-next 0/2] netfilter: bpf: support prog update
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
[PATCH nft] parser_bison: fix memory leaks on hookspec error processing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] parser_bison: close chain scope before chain release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Eric Garver <eric@xxxxxxxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
[PATCH v2 nft] src: reject large raw payload and concat expressions
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCHv2 RFC net-next 09/14] ipvs: switch to per-net connection table
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 08/14] ipvs: use resizable hash table for services
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 12/14] ipvs: use more keys for connection hashing
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 02/14] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 07/14] ipvs: add resizable hash tables
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 04/14] ipvs: use single svc table
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 06/14] ipvs: use more counters to avoid service lookups
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 11/14] ipvs: no_cport and dropentry counters can be per-net
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 03/14] ipvs: some service readers can use RCU
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 13/14] ipvs: add ip_vs_status info
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 05/14] ipvs: do not keep dest_dst after dest is removed
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 14/14] ipvs: add conn_lfactor and svc_lfactor sysctl vars
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 01/14] rculist_bl: add hlist_bl_for_each_entry_continue_rcu
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 10/14] ipvs: show the current conn_tab size to users
- From: Julian Anastasov <ja@xxxxxx>
[PATCHv2 RFC net-next 00/14] ipvs: per-net tables and optimizations
- From: Julian Anastasov <ja@xxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] evaluate: error out if concat expression becomes too large
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnftnl] expr: fix buffer overflows in data value setters
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] parser_bison: reject large raw payload expressions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH ulogd] log NAT events using IPFIX
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl] object: getters take const struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] parser_bison: ensure all timeout policy names are released
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables] Fix spelling mistakes
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] parser_bison: make sure obj_free releases timeout policies
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] parser_bison: fix ct scope underflow if ct helper section is duplicated
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Should we keep the advice to increase queue max length?
- From: Florian Westphal <fw@xxxxxxxxx>
Should we keep the advice to increase queue max length?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH iptables] Fix spelling mistakes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
[PATCH libnetfilter_queue 1/1] src: add nfq_socket_sendto() - send config request and check response
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] src: add nfq_socket_sendto() - send config request and check response
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH ulogd] log NAT events using IPFIX
- From: Tomasz Pala <gotar@xxxxxxxxxx>
Sorry for previous message - please ignore
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
This didn't make it into patchwork
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnftnl] object: getters take const struct
- From: corubba <corubba@xxxxxx>
Re: [PATCH libnetfilter_queue 1/1] whitespace: replace spaces with tab in indent
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnetfilter_queue 1/1] whitespace: replace spaces with tab in indent
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] whitespace: replace spaces with tab in indent
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nft] evaluate: validate chain max length
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 nft] parser_bison: fix objref statement corruption
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v2 nft] evaluate: fix bogus assertion failure with boolean datatype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] parser_bison: fix objref statement corruption
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] netlink: add and use nft_data_memcpy helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 03/13] evaluate: fix bogus assertion failure with boolean datatype
- From: Florian Westphal <fw@xxxxxxxxx>
[nf-next PATCH] netfilter: nf_tables: Support updating table's owner flag
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] parser_bison: fix memleak in meta set error handling
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH net 1/6] netfilter: bpf: fix bad registration on nf_defrag
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
[PATCH nft 2/2 v2] tests/shell: have .json-nft dumps prettified to wrap lines
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH] ipvs: add a stateless type of service and a stateless Maglev hashing scheduler
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Jann Horn <jannh@xxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Phil Sutter <phil@xxxxxx>
[PATCH net 4/6] netfilter: nf_tables: bail out on mismatching dynset and set expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 6/6] netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 5/6] netfilter: nf_tables: validate family when identifying table via handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 3/6] netfilter: nf_tables: fix 'exist' matching on bigendian arches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 2/6] netfilter: nft_set_pipapo: skip inactive elements during set walk
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 1/6] netfilter: bpf: fix bad registration on nf_defrag
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: reset statement length context before evaluating statement
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v2 0/5] add infrastructure for unit tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Christian Brauner <brauner@xxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Christian Brauner <brauner@xxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] evaluate: reset statement length context for relational expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Jann Horn <jannh@xxxxxxxxxx>
Re: [PATCH nft v3] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v5 1/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Jann Horn <jannh@xxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Phil Sutter <phil@xxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Christian Brauner <brauner@xxxxxxxxxx>
Re: [PATCH nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft] evaluate: reset statement length context for relational expressions
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft,v2] evaluate: reject set definition with no key
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] evaluate: reject set definition with no key
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft] evaluate: reject set definition with no key
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] ipvs: add a stateless type of service and a stateless Maglev hashing scheduler
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft v3] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] ipvs: add a stateless type of service and a stateless Maglev hashing scheduler
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nft v2 0/5] add infrastructure for unit tests
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Phil Sutter <phil@xxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] ipvs: add a stateless type of service and a stateless Maglev hashing scheduler
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] monitor: add support for concatenated set ranges
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] evaluate: fix double free on dtype release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Jann Horn <jannh@xxxxxxxxxx>
Re: [PATCH nft] evaluate: fix double free on dtype release
- From: Thomas Haller <thaller@xxxxxxxxxx>
Is xt_owner's owner_mt() racy with sock_orphan()? [worse with new TYPESAFE_BY_RCU file lifetime?]
- From: Jann Horn <jannh@xxxxxxxxxx>
Re: [iptables PATCH 00/13] ebtables: Use the shared commandline parser
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] tests: shell: flush ruleset with -U after feature probing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] evaluate: fix double free on dtype release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] intervals: don't assert when symbolic expression is to be split into a range
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: validate family when identifying table via handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: validate family when identifying table via handle
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] intervals: don't assert when symbolic expression is to be split into a range
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: fix double free on dtype release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v2 nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] evaluate: turn assert into real error check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: ctnetlink: support filtering by zone
- From: Felix Huettner <felix.huettner@mail.schwarz>
[PATCH libnetfilter_conntrack 2/2] flush: support filtering
- From: Felix Huettner <felix.huettner@mail.schwarz>
[PATCH libnetfilter_conntrack 1/2] dump: support filtering by zone
- From: Felix Huettner <felix.huettner@mail.schwarz>
[PATCH libnetfilter_conntrack 0/2] dump/flush support filtering by zone
- From: Felix Huettner <felix.huettner@mail.schwarz>
Re: [PATCH net] net/netfilter: bpf: fix bad registration on nf_defrag
- From: Simon Horman <horms@xxxxxxxxxx>
[PATCH nft] parser: tcpopt: fix tcp option parsing with NUM + length field
- From: Florian Westphal <fw@xxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH nft] evaluate: catch implicit map expressions without known datatype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: reject attempt to update a set
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: disable meta set with ranges
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: error out if basetypes are different
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: guard against NULL basetype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: handle invalid mapping expressions gracefully
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: turn assert into real error check
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] ipvs: add a stateless type of service and a stateless Maglev hashing scheduler
- From: Lev Pantiukhin <kndrvt@xxxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: fix 'exist' matching on bigendian arches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: validate family when identifying table via handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: validate family when identifying table via handle
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: nf_tables: fix 'exist' matching on bigendian arches
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] netfilter: nf_tables: validate family when identifying table via handle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: bail out on mismatching dynset and set expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: fix 'exist' matching on bigendian arches
- From: Florian Westphal <fw@xxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: does nft 'tcp option ... exists' work?
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
does nft 'tcp option ... exists' work?
- From: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
[nft PATCH 2/2] main: Refer to nft_options in nft_options_check()
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/2] main: Reduce indenting in nft_options_check()
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/2] Review nft_options_check()
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Phil Sutter <phil@xxxxxx>
[PATCH nft] initial support for the afl++ (american fuzzy lop++) fuzzer
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nft_set_pipapo: skip inactive elements during set walk
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: prevent assert when evaluating very large shift values
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] evaluate: reject sets with no key
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net] net/netfilter: bpf: fix bad registration on nf_defrag
- From: Daniel Xu <dxu@xxxxxxxxx>
Re: [PATCH nf-next 7/8] netfilter: nf_tables: add flowtable map for xdp offload
- From: Toke Høiland-Jørgensen <toke@xxxxxxx>
Re: [PATCH nf-next 7/8] netfilter: nf_tables: add flowtable map for xdp offload
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net] net/netfilter: bpf: fix bad registration on nf_defrag
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [PATCH nft 0/2] tests/shell: workaround for bash
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] net/netfilter: bpf: avoid leakage of skb
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [PATCH net] net/netfilter: bpf: avoid leakage of skb
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH net] net/netfilter: bpf: avoid leakage of skb
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [PATCH net] net/netfilter: bpf: avoid leakage of skb
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH 13/13] ebtables: Use do_parse() from xshared
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 01/13] xshared: do_parse: Skip option checking for CMD_DELETE_NUM
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 08/13] ebtables: Change option values to avoid clashes
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 03/13] xshared: Turn command_default() into a callback
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 11/13] ebtables: Use struct xt_cmd_parse
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 05/13] xshared: Support rule range deletion in do_parse()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 12/13] xshared: Introduce option_test_and_reject()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 04/13] xshared: Introduce print_help callback (again)
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 06/13] xshared: Support for ebtables' --change-counters command
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 09/13] ebtables: Pass struct iptables_command_state to print_help()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 00/13] ebtables: Use the shared commandline parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 10/13] ebtables: Make 'h' case just a call to print_help()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 02/13] xshared: Perform protocol value parsing in callback
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 07/13] ebtables{,-translate}: Convert if-clause to switch()
- From: Phil Sutter <phil@xxxxxx>
[PATCH net] net/netfilter: bpf: avoid leakage of skb
- From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
Re: [iptables PATCH 0/2] libxtables: Fix two xtoptions bugs
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] man: Do not escape exclamation marks
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 0/3] Review interface parsing and printing
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 0/3] xshared: Review option parsing
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/2] libxtables: xtoptions: Fix for garbage access in xtables_options_xfrm()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/2] libxtables: Fix two xtoptions bugs
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] libxtables: xtoptions: Fix for non-CIDR-compatible hostmasks
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH] man: Do not escape exclamation marks
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] man: proper roff encoding for ~ and ^
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH] man: proper roff encoding for ~ and ^
- From: Phil Sutter <phil@xxxxxx>
Re: ipset hash:net,iface - can not add more than 64 interfaces
- From: Марк Коренберг <socketpair@xxxxxxxxx>
Re: ipset hash:net,iface - can not add more than 64 interfaces
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: ipset hash:net,iface - can not add more than 64 interfaces
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: ipset hash:net,iface - can not add more than 64 interfaces
- From: Марк Коренберг <socketpair@xxxxxxxxx>
Re: ipset hash:net,iface - can not add more than 64 interfaces
- From: Марк Коренберг <socketpair@xxxxxxxxx>
Re: ipset hash:net,iface - can not add more than 64 interfaces
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
ipset hash:net,iface - can not add more than 64 interfaces
- From: Марк Коренберг <socketpair@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: mark newset as dead on transaction abort
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: mark newset as dead on transaction abort
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH libnetfilter_queue v3 0/1] New example program nfq6
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nft 2/2] tests/shell: workaround lack of $SRANDOM before bash 5.1
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft 0/2] tests/shell: workaround for bash
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft 1/2] tests/shell: workaround lack of `wait -p` before bash 5.1
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH libnetfilter_queue v3 0/1] New example program nfq6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next v2] net: ctnetlink: support filtering by zone
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] net: make config lines follow common pattern
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: mark newset as dead on transaction abort
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnetfilter_queue v3 1/1] examples: add an example which uses more functions
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue v3 0/1] New example program nfq6
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue v3 1/1] examples: add an example which uses more functions
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue v3 0/1] New example program nfq6
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue v5 1/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue v5 0/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH] man: proper roff encoding for ~ and ^
- From: Jan Engelhardt <jengelh@xxxxxxx>
[PATCH] man: proper roff encoding for ^
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [PATCH nf-next 1/8] netfilter: flowtable: move nf_flowtable out of container structures
- From: Simon Horman <horms@xxxxxxxxxx>
Re: [PATCH nf-next 1/8] netfilter: flowtable: move nf_flowtable out of container structures
- From: Simon Horman <horms@xxxxxxxxxx>
[PATCH 5.4 154/159] netfilter: nf_tables: unregister flowtable hooks on netns exit
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 145/159] netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 153/159] netfilter: nf_tables: fix memleak when more than 255 elements expired
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 152/159] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 151/159] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 150/159] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 149/159] netfilter: nf_tables: defer gc run if previous batch is still pending
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 148/159] netfilter: nf_tables: use correct lock to protect gc_list
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 147/159] netfilter: nf_tables: GC transaction race with abort path
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 159/159] netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 5.4)
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 158/159] netfilter: nf_tables: disable toggling dormant table state more than once
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 157/159] netfilter: nf_tables: fix table flag updates
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 156/159] netfilter: nftables: update table flags from the commit phase
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 155/159] netfilter: nf_tables: double hook unregistration in netns path
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 146/159] netfilter: nf_tables: GC transaction race with netns dismantle
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 144/159] netfilter: nf_tables: remove busy mark and gc batch API
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 143/159] netfilter: nft_set_hash: mark set element as dead when deleting from packet path
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 141/159] netfilter: nf_tables: GC transaction API to avoid race with control plane
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 142/159] netfilter: nf_tables: adapt set backend to use GC transaction API
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 139/159] netfilter: nft_set_rbtree: fix overlap expiration walk
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 140/159] netfilter: nf_tables: dont skip expired elements during walk
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 138/159] netfilter: nft_set_rbtree: fix null deref on element insertion
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 137/159] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 136/159] netfilter: nf_tables: drop map element references from preparation phase
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 135/159] netfilter: nftables: rename set element data activation/deactivation functions
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.4 134/159] netfilter: nf_tables: pass context to nft_set_destroy()
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 193/193] netfilter: nf_tables: disable toggling dormant table state more than once
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 192/193] netfilter: nf_tables: fix table flag updates
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 5.10 191/193] netfilter: nftables: update table flags from the commit phase
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH -stable,5.4 23/26] netfilter: nftables: update table flags from the commit phase
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH nft 2/2] tests/shell: have .json-nft dumps prettified to wrap lines
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft 1/2] tests/shell: use generated ruleset for `nft --check`
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft 0/2] pretty print .json-nft files
- From: Thomas Haller <thaller@xxxxxxxxxx>
[iptables PATCH 1/3] xshared: Entirely ignore interface masks when saving rules
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/3] nft: Leave interface masks alone when parsing from kernel
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/3] xshared: Do not populate interface masks per default
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/3] Review interface parsing and printing
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/3] xshared: Introduce xt_cmd_parse_ops::option_name
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/3] xshared: Introduce xt_cmd_parse_ops::option_invert
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/3] xshared: Simplify generic_opt_check()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/3] xshared: Review option parsing
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next 7/8] netfilter: nf_tables: add flowtable map for xdp offload
- From: Toke Høiland-Jørgensen <toke@xxxxxxx>
Re: [PATCH nf-next 0/8] netfilter: make nf_flowtable lifetime differ from container struct
- From: Toke Høiland-Jørgensen <toke@xxxxxxx>
Re: [nft PATCH] tests/shell: Treat json-nft dumps as binary in git
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nf-next 0/8] netfilter: make nf_flowtable lifetime differ from container struct
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 0/8] netfilter: make nf_flowtable lifetime differ from container struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: Treat json-nft dumps as binary in git
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next 0/8] netfilter: make nf_flowtable lifetime differ from container struct
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 0/8] netfilter: make nf_flowtable lifetime differ from container struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: Treat json-nft dumps as binary in git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] tests/shell: Treat json-nft dumps as binary in git
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH libnetfilter_queue v4] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v4 1/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v4 1/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [iptables PATCH 0/6] Extend guided option parser for use by arptables
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 00/12] Misc fixes (more or less)
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH] tests/shell: Treat json-nft dumps as binary in git
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next 1/8] netfilter: flowtable: move nf_flowtable out of container structures
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next 1/8] netfilter: flowtable: move nf_flowtable out of container structures
- From: Simon Horman <horms@xxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: accept name of dump files in place of test names
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH] net: make config lines follow common pattern
- From: Lukas Bulwahn <lukas.bulwahn@xxxxxxxxx>
[PATCH nft] json: deal appropriately with multidevice in chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: accept name of dump files in place of test names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.4 23/26] netfilter: nftables: update table flags from the commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
PSA: this list has moved to new vger infra (no action required)
- From: Konstantin Ryabitsev <konstantin@xxxxxxxxxxxxxxxxxxx>
[iptables PATCH 5/6] extensions: libarpt_mangle: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/6] libxtables: Fix guided option parser for use with arptables
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/6] libxtables: Introduce xtables_strtoul_base()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/6] libxtables: Combine the two extension option mergers
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 6/6] extensions: MARK: arptables: Use guided option parser
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/6] libxtables: Introduce struct xt_option_entry::base
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/6] Extend guided option parser for use by arptables
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 6.6.y 0/2] netfilter: fix catchall element double-free
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH nft] evaluate: clone unary expression datatype to deal with dynamic datatype
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/1] tests: prettify JSON in test output and add helper
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft 1/1] tests/shell: accept name of dump files in place of test names
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [nft PATCH v2] tests: shell: Fix sets/reset_command_0 for current kernels
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH] tests: shell: Fix sets/reset_command_0 for current kernels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/1] tests: prettify JSON in test output and add helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.4 23/26] netfilter: nftables: update table flags from the commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH -stable,5.4 23/26] netfilter: nftables: update table flags from the commit phase
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 2/6] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 5.4 2/6] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 5.10 3/7] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 5.15 3/7] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 6.1 4/9] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 6.5 05/15] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 6.6 06/17] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
- From: Sasha Levin <sashal@xxxxxxxxxx>
Re: [PATCH v6 05/13] x86/bugs: Rename RETPOLINE to MITIGATION_RETPOLINE
- From: Ariel Miculas <amiculas@xxxxxxxxx>
Re: [nft PATCH] tests: shell: Fix sets/reset_command_0 for current kernels
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 1/1] tests: prettify JSON in test output and add helper
- From: Thomas Haller <thaller@xxxxxxxxxx>
[iptables PATCH 12/12] ebtables: Implement --change-counters command
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 11/12] xshared: do_parse: Ignore '-j CONTINUE'
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 02/12] nft-bridge: nft_bridge_add() uses wrong flags
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 04/12] xshared: All variants support -v
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 03/12] xshared: struct xt_cmd_parse::xlate is unused
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 01/12] Makefile: Install arptables-translate link and man page
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 05/12] xshared: Drop needless assignment in --help case
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 07/12] tests: xlate: Print failing command line
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 08/12] ebtables: Drop append_entry() wrapper
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 09/12] ebtables: Make ebt_load_match_extensions() static
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 00/12] Misc fixes (more or less)
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 06/12] xshared: Drop pointless CMD_REPLACE check
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 10/12] ebtables: Align line number formatting with legacy
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 1/1] tests: prettify JSON in test output and add helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v3 1/1] tests/shell: sanitize "handle" in JSON output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v3 1/1] tests/shell: sanitize "handle" in JSON output
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [nft PATCH] tests: shell: Fix sets/reset_command_0 for current kernels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v3 1/1] tests/shell: sanitize "handle" in JSON output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/1] tests: prettify JSON in test output and add helper
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nft v3 1/1] tests/shell: sanitize "handle" in JSON output
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nft v3 1/1] tests/shell: sanitize "handle" in JSON output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 6/8] tests: shell: split nat inet tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 7/8] tests: shell: skip secmark tests if kernel does not support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 8/8] tests: shell: skip if kernel does not allow to restore set element expiration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 5/8] tests: shell: skip nat inet if kernel does not support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 3/8] tests: shell: detach synproxy test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 4/8] tests: shell: skip synproxy test if kernel does not support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 2/8] tests: shell: skip stateful object updates if unsupported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 1/8] tests: shell: connlimit tests requires set expression support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] evaluate: bogus error when adding devices to flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 6.6.y 0/2] netfilter: fix catchall element double-free
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v6 05/13] x86/bugs: Rename RETPOLINE to MITIGATION_RETPOLINE
- From: Breno Leitao <leitao@xxxxxxxxxx>
[PATCH nft] tests: shell: flush connlimit sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nf-next 7/8] netfilter: nf_tables: add flowtable map for xdp offload
- From: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Thomas Haller <thaller@xxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft v2 0/5] add infrastructure for unit tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft v2 0/5] add infrastructure for unit tests
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nf-next 8/8] netfilter: nf_tables: permit duplicate flowtable mappings
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 7/8] netfilter: nf_tables: add flowtable map for xdp offload
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 6/8] netfilter: nf_tables: add xdp offload flag
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 5/8] netfilter: nf_tables: reject flowtable hw offload for same device
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 4/8] netfilter: nf_flowtable: delay flowtable release a second time
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 3/8] netfilter: nf_flowtable: make free a real free function
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/8] netfilter: flowtable: move nf_flowtable out of container structures
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/8] netfilter: make nf_flowtable lifetime differ from container struct
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/8] netfilter: nf_flowtable: replace init callback with a create one
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 6.6.y 2/2] netfilter: nf_tables: split async and sync catchall in two functions
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 6.6.y 1/2] netfilter: nf_tables: remove catchall element in GC sync path
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 6.6.y 0/2] netfilter: fix catchall element double-free
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH -stable,5.4 26/26] netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 5.4)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 07/26] netfilter: nf_tables: don't skip expired elements during walk
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 09/26] netfilter: nf_tables: adapt set backend to use GC transaction API
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 13/26] netfilter: nf_tables: GC transaction race with netns dismantle
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 19/26] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 00/26] Netfilter stable fixes for 5.4
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 20/26] netfilter: nf_tables: fix memleak when more than 255 elements expired
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 21/26] netfilter: nf_tables: unregister flowtable hooks on netns exit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 04/26] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 06/26] netfilter: nft_set_rbtree: fix overlap expiration walk
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 08/26] netfilter: nf_tables: GC transaction API to avoid race with control plane
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 17/26] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 22/26] netfilter: nf_tables: double hook unregistration in netns path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 24/26] netfilter: nf_tables: fix table flag updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 18/26] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 12/26] netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 14/26] netfilter: nf_tables: GC transaction race with abort path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 16/26] netfilter: nf_tables: defer gc run if previous batch is still pending
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 02/26] netfilter: nftables: rename set element data activation/deactivation functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 15/26] netfilter: nf_tables: use correct lock to protect gc_list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 25/26] netfilter: nf_tables: disable toggling dormant table state more than once
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 10/26] netfilter: nft_set_hash: mark set element as dead when deleting from packet path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 05/26] netfilter: nft_set_rbtree: fix null deref on element insertion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 03/26] netfilter: nf_tables: drop map element references from preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 11/26] netfilter: nf_tables: remove busy mark and gc batch API
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 23/26] netfilter: nftables: update table flags from the commit phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH -stable,5.4 01/26] netfilter: nf_tables: pass context to nft_set_destroy()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft v2 1/1] tests/shell: sanitize "handle" in JSON output
- From: Thomas Haller <thaller@xxxxxxxxxx>
[PATCH nft] tests: shell: quote reference to array to iterate over empty string
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v3 1/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nf-next] netfilter: flowtable: reorder nf_flowtable struct members
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next] netfilter: nft_set_pipapo: prefer gfp_kernel allocation
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] tests: shell: adjust add-after-delete flowtable for older kernels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] tests: shell: skip meta time test meta expression lacks support
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] tests: shell: skip maps delete test if dynset lacks delete op
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] tests: shell: skip ct expectation test if feature is missing
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH libnetfilter_queue v4] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] libnfnetlink dependency elimination
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH nft] evaluate: fix rule replacement with anon sets
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH libnetfilter_queue v3 1/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnetfilter_queue v3 1/1] src: Add nfq_nlmsg_put2() - user specifies header flags
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH nft 1/1] tests/shell: sanitize "handle" in JSON output
- From: Phil Sutter <phil@xxxxxx>
[PATCH libnetfilter_queue 1/1] Convert nfq_create_queue(), nfq_bind_pf() & nfq_unbind_pf() to use libmnl
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH libnetfilter_queue 0/1] libnfnetlink dependency elimination
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [PATCH nft v3 2/6] tests/shell: check and generate JSON dump files
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft v3 2/6] tests/shell: check and generate JSON dump files
- From: Thomas Haller <thaller@xxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]