Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH 0/2] rework of userspace expectation support, (continued)
Netfilter Hook and Multiqueue?, Justin Yaple
- Re: Netfilter Hook and Multiqueue?, Eric Dumazet
guided option parser, run 2, Jan Engelhardt
- [PATCH 01/28] libxtables: XTTYPE_UINT8 support, Jan Engelhardt
- [PATCH 02/28] libip[6]t_HL: use guided option parser, Jan Engelhardt
- [PATCH 03/28] libip[6]t_hl: use guided option parser, Jan Engelhardt
- [PATCH 04/28] libxtables: XTTYPE_UINT32RC support, Jan Engelhardt
- [PATCH 05/28] libip[6]t_ah: use guided option parser, Jan Engelhardt
- [PATCH 06/28] libip6t_frag: use guided option parser, Jan Engelhardt
- [PATCH 07/28] libxt_esp: use guided option parser, Jan Engelhardt
- [PATCH 08/28] libxtables: XTTYPE_STRING support, Jan Engelhardt
- [PATCH 09/28] libip[6]t_REJECT: use guided option parser, Jan Engelhardt
- [PATCH 10/28] libip6t_dst: use guided option parser, Jan Engelhardt
- [PATCH 11/28] libip6t_hbh: use guided option parser, Jan Engelhardt
- [PATCH 12/28] libip[6]t_icmp: use guided option parser, Jan Engelhardt
- [PATCH 13/28] libip6t_ipv6header: use guided option parser, Jan Engelhardt
- [PATCH 14/28] libipt_ECN: use guided option parser, Jan Engelhardt
- [PATCH 15/28] libipt_addrtype: use guided option parser, Jan Engelhardt
- [PATCH 16/28] libxt_AUDIT: use guided option parser, Jan Engelhardt
- [PATCH 17/28] libxt_CLASSIFY: use guided option parser, Jan Engelhardt
- [PATCH 19/28] libxt_LED: use guided option parser, Jan Engelhardt
- [PATCH 18/28] libxt_DSCP: use guided option parser, Jan Engelhardt
- [PATCH 20/28] libxt_SECMARK: use guided option parser, Jan Engelhardt
- [PATCH 21/28] libxt_TCPOPTSTRIP: use guided option parser, Jan Engelhardt
- [PATCH 22/28] libxt_comment: use guided option parser, Jan Engelhardt
- [PATCH 23/28] libxt_helper: use guided option parser, Jan Engelhardt
- [PATCH 26/28] libxt_state: use guided option parser, Jan Engelhardt
- [PATCH 24/28] libxt_physdev: use guided option parser, Jan Engelhardt
- [PATCH 25/28] libxt_pkttype: use guided option parser, Jan Engelhardt
- [PATCH 27/28] libxt_time: use guided option parser, Jan Engelhardt
- [PATCH 28/28] libxt_u32: use guided option parser, Jan Engelhardt
- Re: guided option parser, run 2, Patrick McHardy
ipset-6.3 unexpected htable order, Jan Engelhardt
- Re: ipset-6.3 unexpected htable order, Jozsef Kadlecsik
[ANNOUNCE] ipset 6.3 released, Jozsef Kadlecsik
[PATCH 0/3] netfilter: ipset: fixes, Jozsef Kadlecsik
- [PATCH 1/3] netfilter: ipset: bitmap:ip,mac type requires "src" for MAC, Jozsef Kadlecsik
  - [PATCH 2/3] netfilter: ipset: Whitespace fixes: some space before tab slipped in., Jozsef Kadlecsik
    - [PATCH 3/3] netfilter: ipset: set match and SET target fixes, Jozsef Kadlecsik
      - Re: [PATCH 3/3] netfilter: ipset: set match and SET target fixes, Patrick McHardy
    - Re: [PATCH 2/3] netfilter: ipset: Whitespace fixes: some space before tab slipped in., Patrick McHardy
  - Re: [PATCH 1/3] netfilter: ipset: bitmap:ip,mac type requires "src" for MAC, Patrick McHardy
ipset issues in 2.6.39-rc2, Lennert Buytenhek
- Re: ipset issues in 2.6.39-rc2, Jozsef Kadlecsik
  - Re: ipset issues in 2.6.39-rc2, Lennert Buytenhek
Performance issue due to constant "modprobes", Ed W
- Re: Performance issue due to constant "modprobes", Jan Engelhardt
  - Re: Performance issue due to constant "modprobes", Ed W
- Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
  - Re: Performance issue due to constant "modprobes", Ed W
    - Re: Performance issue due to constant "modprobes", Jan Engelhardt
      - Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Jan Engelhardt
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Jan Engelhardt
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Jan Engelhardt
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Jan Engelhardt
        
        Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Jan Engelhardt
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Jan Engelhardt
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Mr Dash Four
        
        Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
        
        Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
        
        Re: Performance issue due to constant "modprobes", Jan Engelhardt
        
        Re: Performance issue due to constant "modprobes", Patrick McHardy
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
        
        Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
        
        Re: Performance issue due to constant "modprobes", Ed W
        
        Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
        
        Re: Performance issue due to constant "modprobes", Maciej Żenczykowski
        
        Re: Performance issue due to constant "modprobes", Jozsef Kadlecsik
        
        Re: Performance issue due to constant "modprobes", Ed W
ipset-6.2 testsuite failure, Jan Engelhardt
- Re: ipset-6.2 testsuite failure, Jozsef Kadlecsik
- Re: ipset-6.2 testsuite failure, Jozsef Kadlecsik
  - Re: ipset-6.2 testsuite failure, Jan Engelhardt
    - Re: ipset-6.2 testsuite failure, Jozsef Kadlecsik
      - Re: ipset-6.2 testsuite failure, Jan Engelhardt
        
        Re: ipset-6.2 testsuite failure, Jozsef Kadlecsik
[PATCH 0/2] netfilter: ipset: new features, Jozsef Kadlecsik
- [PATCH 1/2] netfilter: ipset: SCTP, UDPLITE support added, Jozsef Kadlecsik
  - [PATCH 2/2] netfilter: ipset: Timeout can be modified for already added elements, Jozsef Kadlecsik
    - Re: [PATCH 2/2] netfilter: ipset: Timeout can be modified for already added elements, Patrick McHardy
  - Re: [PATCH 1/2] netfilter: ipset: SCTP, UDPLITE support added, Patrick McHardy
[PATCH 1/1] netfilter: ebtables: only call xt_compat_add_offset once per rule, Florian Westphal
- Re: [PATCH 1/1] netfilter: ebtables: only call xt_compat_add_offset once per rule, Patrick McHardy
Guided option parser, Jan Engelhardt
- [PATCH 01/10] extensions: add missing checks for specific flags (2), Jan Engelhardt
- [PATCH 02/10] libxtables: guided option parser, Jan Engelhardt
- [PATCH 03/10] libxt_CHECKSUM: use guided option parser, Jan Engelhardt
- [PATCH 04/10] libxt_socket: use guided option parser, Jan Engelhardt
- [PATCH 05/10] libxtables: provide better final_check, Jan Engelhardt
- [PATCH 06/10] libxt_CONNSECMARK: use guided option parser, Jan Engelhardt
- [PATCH 07/10] libxtables: XTTYPE_UINT32 support, Jan Engelhardt
- [PATCH 08/10] libxt_cpu: use guided option parser, Jan Engelhardt
- [PATCH 09/10] libxtables: min-max option support, Jan Engelhardt
- [PATCH 10/10] libxt_cluster: use guided option parser, Jan Engelhardt
- Re: Guided option parser, Patrick McHardy
One documentation fix, Jan Engelhardt
- [PATCH] doc: avoid duplicate entries in manpage, Jan Engelhardt
- Re: One documentation fix, Patrick McHardy
[PATCH 0/8] netfilter: netfilter fixes for 2.6.39-rc1, kaber
- [PATCH 4/8] IPVS: fix NULL ptr dereference in ip_vs_ctl.c ip_vs_genl_dump_daemons(), kaber
- [PATCH 3/8] netfilter: h323: bug in parsing of ASN1 SEQOF field, kaber
- [PATCH 6/8] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, kaber
- [PATCH 8/8] netfilter: xt_conntrack: fix inverted conntrack direction test, kaber
- [PATCH 2/8] netfilter: ipset: references are protected by rwlock instead of mutex, kaber
- [PATCH 7/8] netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route, kaber
- [PATCH 5/8] netfilter: af_info: add network namespace parameter to route hook, kaber
- [PATCH 1/8] netfilter: ipset: list:set timeout variant fixes, kaber
- Re: [PATCH 0/8] netfilter: netfilter fixes for 2.6.39-rc1, David Miller
[PATCH] RFC - introduce xtables-multi, Maciej Żenczykowski
- Re: [PATCH] RFC - introduce xtables-multi, Jan Engelhardt
  - [PATCH] combine ip6?tables-multi into xtables-multi, Maciej Żenczykowski
[PATCH] convert ip6?tables-multi to actually use their own header files, Maciej Żenczykowski
- Re: [PATCH] convert ip6?tables-multi to actually use their own header files, Patrick McHardy
[PATCH] move 'int line' definition from ip6?tables.c into xtables.c, Maciej Żenczykowski
- Re: [PATCH] move 'int line' definition from ip6?tables.c into xtables.c, Patrick McHardy
[Announce] New IPVS GIT trees, Simon Horman
Re: shutdown oops in xt_compat_calc_jump, Patrick McHardy
- Re: shutdown oops in xt_compat_calc_jump, Eric Dumazet
  - Re: shutdown oops in xt_compat_calc_jump, dann frazier
  - Re: shutdown oops in xt_compat_calc_jump, Eric Dumazet
    - Re: shutdown oops in xt_compat_calc_jump, Eric Dumazet
      - Re: shutdown oops in xt_compat_calc_jump, Eric Dumazet
        
        Re: shutdown oops in xt_compat_calc_jump, Patrick McHardy
        
        Re: shutdown oops in xt_compat_calc_jump, dann frazier
        
        Re: shutdown oops in xt_compat_calc_jump, Florian Westphal
        
        Re: shutdown oops in xt_compat_calc_jump, Eric Dumazet
        
        Re: shutdown oops in xt_compat_calc_jump, Florian Westphal
        
        Re: shutdown oops in xt_compat_calc_jump, dann frazier
        
        Re: shutdown oops in xt_compat_calc_jump, Eric Dumazet
        
        Re: shutdown oops in xt_compat_calc_jump, Eric Dumazet
        
        Re: shutdown oops in xt_compat_calc_jump, dann frazier
        
        Re: shutdown oops in xt_compat_calc_jump, Patrick McHardy
[PATCH] netfilter: xt_conntrack: fix inverted conntrack direction test, Florian Westphal
- Re: [PATCH] netfilter: xt_conntrack: fix inverted conntrack direction test, Patrick McHardy
Re: [PATCH] netfilter: h323: bug in parsing of ASN1 SEQOF field, Patrick McHardy
[ANN] Linux Security Summit 2011 - Announcement and CFP, James Morris
- [ANN] Linux Security Summit 2012 - Announcement and CFP, James Morris
Writing a mangle TARGET for iptables, questions about fragments, checksums, Brian G
- Re: Writing a mangle TARGET for iptables, questions about fragments, checksums, Jan Engelhardt
How to get access to NAT info from userland, Brian G
- Message not available
  - Re: How to get access to NAT info from userland, Brian G
    - Re: How to get access to NAT info from userland, Jan Engelhardt
      - Re: How to get access to NAT info from userland, Brian G
        
        Re: How to get access to NAT info from userland, Jan Engelhardt
A small series of iptables userspace cleanups, Maciej Żenczykowski
- [PATCH 01/17] man pages: allow underscores in match and target names, Maciej Żenczykowski
  - Re: [PATCH 01/17] man pages: allow underscores in match and target names, Patrick McHardy
- [PATCH 02/17] mark newly opened fds as FD_CLOEXEC (close on exec), Maciej Żenczykowski
  - Re: [PATCH 02/17] mark newly opened fds as FD_CLOEXEC (close on exec), Jan Engelhardt
    - Re: [PATCH 02/17] mark newly opened fds as FD_CLOEXEC (close on exec), Maciej Żenczykowski
      - Re: [PATCH 02/17] mark newly opened fds as FD_CLOEXEC (close on exec), Patrick McHardy
        
        Re: [PATCH 02/17] mark newly opened fds as FD_CLOEXEC (close on exec), Jan Engelhardt
  - Re: [PATCH 02/17] mark newly opened fds as FD_CLOEXEC (close on exec), Patrick McHardy
- [PATCH 03/17] xtables_ip6addr_to_numeric: fix typo in comment, Maciej Żenczykowski
  - Re: [PATCH 03/17] xtables_ip6addr_to_numeric: fix typo in comment, Patrick McHardy
- [PATCH 04/17] Delay (statically built) match/target initialization, Maciej Żenczykowski
  - Re: [PATCH 04/17] Delay (statically built) match/target initialization, Patrick McHardy
- [PATCH 05/17] v4: rename init_extensions() to init_extensions4(), Maciej Żenczykowski
  - Re: [PATCH 05/17] v4: rename init_extensions() to init_extensions4(), Jan Engelhardt
    - Re: [PATCH 05/17] v4: rename init_extensions() to init_extensions4(), Maciej Żenczykowski
  - Re: [PATCH 05/17] v4: rename init_extensions() to init_extensions4(), Patrick McHardy
- [PATCH 07/17] xtables.h: init_extensions() no longer exists., Maciej Żenczykowski
  - Re: [PATCH 07/17] xtables.h: init_extensions() no longer exists., Patrick McHardy
- [PATCH 08/17] v4: rename for_each_chain() to for_each_chain4(), Maciej Żenczykowski
  - Re: [PATCH 08/17] v4: rename for_each_chain() to for_each_chain4(), Patrick McHardy
- [PATCH 09/17] v6: rename for_each_chain() to for_each_chain6(), Maciej Żenczykowski
  - Re: [PATCH 09/17] v6: rename for_each_chain() to for_each_chain6(), Patrick McHardy
- [PATCH 10/17] v4: rename flush_entries() to flush_entries4(), Maciej Żenczykowski
  - Re: [PATCH 10/17] v4: rename flush_entries() to flush_entries4(), Patrick McHardy
- [PATCH 11/17] v6: rename flush_entries() to flush_entries6(), Maciej Żenczykowski
  - Re: [PATCH 11/17] v6: rename flush_entries() to flush_entries6(), Patrick McHardy
- [PATCH 12/17] v4: rename delete_chain() to delete_chain4(), Maciej Żenczykowski
  - Re: [PATCH 12/17] v4: rename delete_chain() to delete_chain4(), Patrick McHardy
- [PATCH 13/17] v6: rename delete_chain() to delete_chain6(), Maciej Żenczykowski
  - Re: [PATCH 13/17] v6: rename delete_chain() to delete_chain6(), Patrick McHardy
- [PATCH 14/17] v4: rename print_rule() to print_rule4(), Maciej Żenczykowski
  - Re: [PATCH 14/17] v4: rename print_rule() to print_rule4(), Patrick McHardy
- [PATCH 15/17] v6: rename print_rule() to print_rule6(), Maciej Żenczykowski
  - Re: [PATCH 15/17] v6: rename print_rule() to print_rule6(), Patrick McHardy
- [PATCH 16/17] v4: rename do_command() to do_command4(), Maciej Żenczykowski
  - Re: [PATCH 16/17] v4: rename do_command() to do_command4(), Patrick McHardy
- [PATCH 17/17] v6: rename do_command() to do_command6(), Maciej Żenczykowski
  - Re: [PATCH 17/17] v6: rename do_command() to do_command6(), Patrick McHardy
    - Re: [PATCH 17/17] v6: rename do_command() to do_command6(), Maciej Żenczykowski
      - Re: [PATCH 17/17] v6: rename do_command() to do_command6(), Patrick McHardy
- [PATCH 06/17] v6: rename init_extensions() to init_extensions6(), Maciej Żenczykowski
  - Re: [PATCH 06/17] v6: rename init_extensions() to init_extensions6(), Patrick McHardy
[PATCH] IPVS Bug, Null ptr in ip_vs_ctl.c ip_vs_genl_dump_daemons()., Hans Schillstrom
- Re: [PATCH] IPVS Bug, Null ptr in ip_vs_ctl.c ip_vs_genl_dump_daemons()., Simon Horman
Re: [PATCH] netfilter: Fix build failure when ipv6 but xt_tproxy is built in, David Miller
- Re: [PATCH] netfilter: Fix build failure when ipv6 but xt_tproxy is built in, Steven Rostedt
- Re: [PATCH] netfilter: Fix build failure when ipv6 but xt_tproxy is built in, Patrick McHardy
  - Re: [PATCH] netfilter: Fix build failure when ipv6 but xt_tproxy is built in, KOVACS Krisztian
    - Re: [PATCH] netfilter: Fix build failure when ipv6 but xt_tproxy is built in, Patrick McHardy
      - Re: [PATCH] netfilter: Fix build failure when ipv6 but xt_tproxy is built in, KOVACS Krisztian
[PATCH] iptables: documentation for iptables and ip6tables "security" tables, Mark Montague
- Re: [PATCH] iptables: documentation for iptables and ip6tables "security" tables, Patrick McHardy
- [PATCH v2] iptables: documentation for iptables and ip6tables "security" tables, Mark Montague
  - Re: [PATCH v2] iptables: documentation for iptables and ip6tables "security" tables, Patrick McHardy
Re: ctnetlink kernel dump while running multiple libnfct clients, Pablo Neira Ayuso
- Re: ctnetlink kernel dump while running multiple libnfct clients, Sam Roberts
  - Re: ctnetlink kernel dump while running multiple libnfct clients, Pablo Neira Ayuso
    - Message not available
      - Message not available
        
        Re: ctnetlink kernel dump while running multiple libnfct clients, Sam Roberts
        
        Re: ctnetlink kernel dump while running multiple libnfct clients, Pablo Neira Ayuso
        
        Message not available
        
        Message not available
        
        Message not available
        
        Re: fix for userspace expectations, Sam Roberts
[ANNOUNCE] ipset 6.2 released, Jozsef Kadlecsik
- Message not available
  - Re: [ANNOUNCE] ipset 6.2 released, Jozsef Kadlecsik
    - Re: [ANNOUNCE] ipset 6.2 released, Michael Tokarev
      - Re: [ANNOUNCE] ipset 6.2 released, Jozsef Kadlecsik
      - Re: [ANNOUNCE] ipset 6.2 released, Michael Tokarev
        
        Re: [ANNOUNCE] ipset 6.2 released, Jozsef Kadlecsik
        
        Re: [ANNOUNCE] ipset 6.2 released, Jozsef Kadlecsik
    - Re: [ANNOUNCE] ipset 6.2 released, Michael Tokarev
      - Re: [ANNOUNCE] ipset 6.2 released, Michael Tokarev
Re: [PATCH] ip_fragment:kernel may panic when replay big packet with RST flag, Changli Gao
- Re: [PATCH] ip_fragment:kernel may panic when replay big packet with RST flag, Patrick McHardy
Problem getting IPv6 port numbers, Mark Montague
- Re: Problem getting IPv6 port numbers, Jan Engelhardt
  - Re: Problem getting IPv6 port numbers, Mark Montague
    - Re: Problem getting IPv6 port numbers, Jan Engelhardt
[PATCH 0/2] netfilter:ipset fixes: list:set and refcounting, Jozsef Kadlecsik
- [PATCH 1/2] netfilter:ipset: list:set timeout variant fixes, Jozsef Kadlecsik
  - [PATCH 2/2] netfilter:ipset: References are protected by rwlock instead of mutex, Jozsef Kadlecsik
    - Re: [PATCH 2/2] netfilter:ipset: References are protected by rwlock instead of mutex, Patrick McHardy
      - Re: [PATCH 2/2] netfilter:ipset: References are protected by rwlock instead of mutex, Jozsef Kadlecsik
        
        Re: [PATCH 2/2] netfilter:ipset: References are protected by rwlock instead of mutex, Patrick McHardy
  - Re: [PATCH 1/2] netfilter:ipset: list:set timeout variant fixes, Patrick McHardy
[PATCH v2 1/3] netfilter: af_info: add network namespace parameter to route hook, Florian Westphal
- [PATCH v2 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, Florian Westphal
  - Re: [PATCH v2 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, David Miller
    - Re: [PATCH v2 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, Patrick McHardy
- [PATCH v2 3/3] netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route, Florian Westphal
  - Re: [PATCH v2 3/3] netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route, David Miller
    - Re: [PATCH v2 3/3] netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route, Patrick McHardy
- Re: [PATCH v2 1/3] netfilter: af_info: add network namespace parameter to route hook, David Miller
  - Re: [PATCH v2 1/3] netfilter: af_info: add network namespace parameter to route hook, Patrick McHardy
is assert() an appropriate substitute for return -1?, Sam Roberts
- Re: is assert() an appropriate substitute for return -1?, Pablo Neira Ayuso
  - Re: is assert() an appropriate substitute for return -1?, Sam Roberts
can expectations be marked persistent, so they can match repeatedly until they timeout?, Sam Roberts
- Re: can expectations be marked persistent, so they can match repeatedly until they timeout?, Patrick McHardy
  - Re: can expectations be marked persistent, so they can match repeatedly until they timeout?, Sam Roberts
hardware specific extension to netfilter, xilinx microblaze, how to start, Jan Viktorin
ipt_owner pid match can be fixed, aletum
Problem sending skb built from scratch with IPv6, Pierre Rondou
- Re: Problem sending skb built from scratch with IPv6, Jan Engelhardt
  - Re: Problem sending skb built from scratch with IPv6, Pierre Rondou
Any suggestions for getting a pcap of traffic over netlink?, Sam Roberts
- Re: Any suggestions for getting a pcap of traffic over netlink?, Pablo Neira Ayuso
[PATCH 1/3] netfilter: af_info: add network namespace parameter to route hook, Florian Westphal
- [PATCH 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, Florian Westphal
  - Re: [PATCH 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, Eric Dumazet
    - Re: [PATCH 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, Eric Dumazet
      - Re: [PATCH 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, David Miller
        
        Re: [PATCH 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, Florian Westphal
        
        Re: [PATCH 2/3] netfilter: af_info: add 'strict' parameter to limit lookup to .oif, David Miller
- [PATCH 3/3] netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route, Florian Westphal
iptables release plans, Patrick McHardy
- Re: iptables release plans, Jan Engelhardt
  - Re: iptables release plans, Patrick McHardy
    - Re: iptables release plans, Jan Engelhardt
- Re: iptables release plans, Jozsef Kadlecsik
  - Re: iptables release plans, Patrick McHardy
questions about variable-sized data in match rules, Mark Montague
[ANNOUNCE] ipset-6.1 released, Jozsef Kadlecsik
[PATCH] netfilter:ipset fix revision reporting, Jozsef Kadlecsik
- Re: [PATCH] netfilter:ipset fix revision reporting, Patrick McHardy
[PATCH 0/2] netfilter:ipset fixes, Jozsef Kadlecsik
- [PATCH 1/2] netfilter:ipset: fix address ranges at hash:*port* types, Jozsef Kadlecsik
  - [PATCH 2/2] netfilter:ipset: fix checking the type revision at create command, Jozsef Kadlecsik
  - Re: [PATCH 1/2] netfilter:ipset: fix address ranges at hash:*port* types, Patrick McHardy
[PATCH 2/2] netfilter: get rid of atomic ops in fast path, Eric Dumazet
- Re: [PATCH 2/2] netfilter: get rid of atomic ops in fast path, Patrick McHardy
  - Re: [PATCH 2/2] netfilter: get rid of atomic ops in fast path, Eric Dumazet
- [PATCH net-next-2.6] netfilter: get rid of atomic ops in fast path, Eric Dumazet
  - Re: [PATCH net-next-2.6] netfilter: get rid of atomic ops in fast path, Patrick McHardy
[PATCH 1/2] netfilter: xtables: fix reentrancy, Eric Dumazet
- Re: [PATCH 1/2] netfilter: xtables: fix reentrancy, Patrick McHardy
[PATCH 36/36] net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu(), Lai Jiangshan
- Re: [PATCH 36/36] net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu(), David Miller
[PATCH 25/36] net,rcu: convert call_rcu(__nf_ct_ext_free_rcu) to kfree_rcu(), Lai Jiangshan
- Re: [PATCH 25/36] net,rcu: convert call_rcu(__nf_ct_ext_free_rcu) to kfree_rcu(), David Miller
Poll about irqsafe_cpu_add and others, Eric Dumazet
- Re: Poll about irqsafe_cpu_add and others, David Miller
  - Re: Poll about irqsafe_cpu_add and others, Christoph Lameter
    - Re: Poll about irqsafe_cpu_add and others, Eric Dumazet
      - Re: Poll about irqsafe_cpu_add and others, Christoph Lameter
        
        Re: Poll about irqsafe_cpu_add and others, Eric Dumazet
        
        Re: Poll about irqsafe_cpu_add and others, Christoph Lameter
        
        Re: Poll about irqsafe_cpu_add and others, Eric Dumazet
        
        Re: Poll about irqsafe_cpu_add and others, Christoph Lameter
- Re: Poll about irqsafe_cpu_add and others, Christoph Lameter
- Re: Poll about irqsafe_cpu_add and others, Benjamin Herrenschmidt
[RFC] netfilter: get rid of atomic ops in fast path, Eric Dumazet
- Re: [RFC] netfilter: get rid of atomic ops in fast path, David Miller
  - [PATCH] netfilter: xtables: fix reentrancy, Eric Dumazet
    - Re: [PATCH] netfilter: xtables: fix reentrancy, Jesper Dangaard Brouer
      - Re: [PATCH] netfilter: xtables: fix reentrancy, Eric Dumazet
        
        Re: [PATCH] netfilter: xtables: fix reentrancy, Eric Dumazet
        
        Re: [PATCH] netfilter: xtables: fix reentrancy, Jesper Dangaard Brouer
        
        Re: [PATCH] netfilter: xtables: fix reentrancy, Eric Dumazet
- Re: [RFC] netfilter: get rid of atomic ops in fast path, Patrick McHardy
[PATCH 00/01] netfilter: netfilter fix for net-next, kaber
- [PATCH 01/01] netfilter ebtables: fix xt_AUDIT to work with ebtables, kaber
- Re: [PATCH 00/01] netfilter: netfilter fix for net-next, David Miller
[PATCH] ebtables: Clone xt_AUDIT to ebt_audit to return EBT_CONTINUE, Thomas Graf
- Re: [PATCH] ebtables: Clone xt_AUDIT to ebt_audit to return EBT_CONTINUE, Jan Engelhardt
  - Re: [PATCH] ebtables: Clone xt_AUDIT to ebt_audit to return EBT_CONTINUE, Patrick McHardy
    - Re: [PATCH] ebtables: Clone xt_AUDIT to ebt_audit to return EBT_CONTINUE, Thomas Graf
      - Re: [PATCH] ebtables: Clone xt_AUDIT to ebt_audit to return EBT_CONTINUE, Patrick McHardy
  - [PATCH] ebtables: Fix xt_AUDIT to work with ebtables, return EBT_CONTINUE if NFPROTO_BRIDGE, Thomas Graf
    - Re: [PATCH] ebtables: Fix xt_AUDIT to work with ebtables, return EBT_CONTINUE if NFPROTO_BRIDGE, Patrick McHardy
[PATCH] iptables: add manual page section for AUDIT target, Thomas Graf
- Re: [PATCH] iptables: add manual page section for AUDIT target, Stephen Hemminger
  - Re: [PATCH] iptables: add manual page section for AUDIT target, Stephen Hemminger
- Re: [PATCH] iptables: add manual page section for AUDIT target, Patrick McHardy
net-next-2.6 status..., David Miller
- Re: net-next-2.6 status..., John W. Linville
- Re: net-next-2.6 status..., Jeff Kirsher
- Re: net-next-2.6 status..., Jiri Pirko
  - Re: net-next-2.6 status..., David Miller
    - Re: net-next-2.6 status..., Jiri Pirko
      - Re: net-next-2.6 status..., Jiri Pirko
        
        Re: net-next-2.6 status..., Thomas Graf
        
        Re: net-next-2.6 status..., David Miller
        
        Re: net-next-2.6 status..., David Miller
        
        Re: net-next-2.6 status..., Ben Hutchings
        
        Re: net-next-2.6 status..., David Miller
      - Re: net-next-2.6 status..., David Miller
        
        Re: net-next-2.6 status..., Jiri Pirko
        
        Re: net-next-2.6 status..., David Miller
[PATCH 00/37] netfilter: netfilter update, kaber
- [PATCH 05/37] ipvs: avoid lookup for fwmark 0, kaber
- [PATCH 30/37] netfilter: xt_connlimit: use kmalloc() instead of kzalloc(), kaber
- [PATCH 29/37] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, kaber
- [PATCH 37/37] netfilter: xt_addrtype: ipv6 support, kaber
- [PATCH 36/37] netfilter: ipt_addrtype: rename to xt_addrtype, kaber
- [PATCH 35/37] ipv6: netfilter: ip6_tables: fix infoleak to userspace, kaber
- [PATCH 26/37] IPVS: Conditionally define and use ip_vs_lblc{r}_table, kaber
- [PATCH 33/37] netfilter: arp_tables: fix infoleak to userspace, kaber
- [PATCH 32/37] netfilter: xt_connlimit: remove connlimit_rnd_inited, kaber
- [PATCH 27/37] IPVS: Add __ip_vs_control_{init,cleanup}_sysctl(), kaber
- [PATCH 28/37] IPVS: Conditionally include sysctl members of struct netns_ipvs, kaber
- [PATCH 31/37] netfilter: xt_connlimit: use hlist instead, kaber
- [PATCH 34/37] netfilter: ip_tables: fix infoleak to userspace, kaber
- [PATCH 22/37] IPVS: Conditinally use sysctl_lblc{r}_expiration, kaber
- [PATCH 23/37] IPVS: ip_vs_todrop() becomes a noop when CONFIG_SYSCTL is undefined, kaber
- [PATCH 25/37] IPVS: Minimise ip_vs_leave when CONFIG_SYSCTL is undefined, kaber
- [PATCH 24/37] IPVS: Conditional ip_vs_conntrack_enabled(), kaber
- [PATCH 18/37] IPVS: Add {sysctl_sync_threshold,period}(), kaber
- [PATCH 17/37] IPVS: Add sysctl_nat_icmp_send(), kaber
- [PATCH 20/37] IPVS: Add sysctl_expire_nodest_conn(), kaber
- [PATCH 21/37] IPVS: Add expire_quiescent_template(), kaber
- [PATCH 19/37] IPVS: Add sysctl_sync_ver(), kaber
- [PATCH 15/37] IPVS: Add ip_vs_route_me_harder(), kaber
- [PATCH 04/37] netfilter: nf_conntrack: fix sysctl memory leak, kaber
- [PATCH 16/37] IPVS: Add sysctl_snat_reroute(), kaber
- [PATCH 14/37] ipvs: rename estimator functions, kaber
- [PATCH 10/37] ipvs: reorganize tot_stats, kaber
- [PATCH 09/37] ipvs: move struct netns_ipvs, kaber
- [PATCH 11/37] ipvs: properly zero stats and rates, kaber
- [PATCH 13/37] ipvs: optimize rates reading, kaber
- [PATCH 12/37] ipvs: remove unused seqcount stats, kaber
- [PATCH 08/37] IPVS: Fix variable assignment in ip_vs_notrack, kaber
- [PATCH 07/37] netfilter:ipvs: use kmemdup, kaber
- [PATCH 06/37] ipvs: remove _bh from percpu stats reading, kaber
- [PATCH 02/37] netfilter: x_tables: misuse of try_then_request_module, kaber
- [PATCH 01/37] netfilter: ipset: fix the compile warning in ip_set_create, kaber
- [PATCH 03/37] netfilter: x_tables: return -ENOENT for non-existant matches/targets, kaber
- Re: [PATCH 00/37] netfilter: netfilter update, David Miller
[PATCH v3 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Florian Westphal
- [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Florian Westphal
  - Re: [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Patrick McHardy
  - Re: [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Patrick McHardy
    - Re: [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Florian Westphal
      - Re: [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Florian Westphal
        
        Re: [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Patrick McHardy
    - Re: [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Florian Westphal
      - Re: [PATCH v3 2/2] netfilter: xt_addrtype: ipv6 support, Patrick McHardy
- Re: [PATCH v3 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Patrick McHardy
[PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Changli Gao
- [PATCH 2/4] netfilter: xt_connlimit: use kmalloc() instead of kzalloc(), Changli Gao
  - Re: [PATCH 2/4] netfilter: xt_connlimit: use kmalloc() instead of kzalloc(), Patrick McHardy
- [PATCH 3/4] netfilter: xt_connlimit: use hlist instead, Changli Gao
  - Re: [PATCH 3/4] netfilter: xt_connlimit: use hlist instead, Patrick McHardy
- [PATCH 4/4] netfilter: xt_connlimit: remove connlimit_rnd_inited, Changli Gao
  - Re: [PATCH 4/4] netfilter: xt_connlimit: remove connlimit_rnd_inited, Patrick McHardy
- Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Jan Engelhardt
  - Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Changli Gao
    - Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Patrick McHardy
    - Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Jan Engelhardt
      - Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Changli Gao
        
        Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Jan Engelhardt
        
        Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Changli Gao
        
        Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Jan Engelhardt
        
        Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Patrick McHardy
- Re: [PATCH 1/4] netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario, Patrick McHardy
[PATCH] iptables: fix the dead loop when meeting unknown options, Changli Gao
- Re: [PATCH] iptables: fix the dead loop when meeting unknown options, Jan Engelhardt
  - Re: [PATCH] iptables: fix the dead loop when meeting unknown options, Changli Gao
[patch v3 00/20] IPVS: Proposed Changes, Simon Horman
- [PATCH 01/20] ipvs: move struct netns_ipvs, Simon Horman
- [PATCH 02/20] ipvs: reorganize tot_stats, Simon Horman
  - Re: [PATCH 02/20] ipvs: reorganize tot_stats, Eric Dumazet
    - Re: [PATCH 02/20] ipvs: reorganize tot_stats, Julian Anastasov
- [PATCH 03/20] ipvs: properly zero stats and rates, Simon Horman
  - Re: [PATCH 03/20] ipvs: properly zero stats and rates, Eric Dumazet
- [PATCH 07/20] IPVS: Add ip_vs_route_me_harder(), Simon Horman
- [PATCH 06/20] ipvs: rename estimator functions, Simon Horman
- [PATCH 05/20] ipvs: optimize rates reading, Simon Horman
- [PATCH 08/20] IPVS: Add sysctl_snat_reroute(), Simon Horman
- [PATCH 15/20] IPVS: ip_vs_todrop() becomes a noop when CONFIG_SYSCTL is undefined, Simon Horman
- [PATCH 19/20] IPVS: Add __ip_vs_control_{init,cleanup}_sysctl(), Simon Horman
- [PATCH 16/20] IPVS: Conditional ip_vs_conntrack_enabled(), Simon Horman
- [PATCH 17/20] IPVS: Minimise ip_vs_leave when CONFIG_SYSCTL is undefined, Simon Horman
- [PATCH 20/20] IPVS: Conditionally include sysctl members of struct netns_ipvs, Simon Horman
- [PATCH 18/20] IPVS: Conditionally define and use ip_vs_lblc{r}_table, Simon Horman
- [PATCH 09/20] IPVS: Add sysctl_nat_icmp_send(), Simon Horman
- [PATCH 13/20] IPVS: Add expire_quiescent_template(), Simon Horman
- [PATCH 10/20] IPVS: Add {sysctl_sync_threshold,period}(), Simon Horman
- [PATCH 11/20] IPVS: Add sysctl_sync_ver(), Simon Horman
- [PATCH 12/20] IPVS: Add sysctl_expire_nodest_conn(), Simon Horman
- [PATCH 14/20] IPVS: Conditinally use sysctl_lblc{r}_expiration, Simon Horman
- [PATCH 04/20] ipvs: remove unused seqcount stats, Simon Horman
conntrack -L shows nothing, Jan Engelhardt
- Re: conntrack -L shows nothing, Sam Roberts
- Re: conntrack -L shows nothing, Pablo Neira Ayuso
  - Re: conntrack -L shows nothing, Jan Engelhardt
    - Re: conntrack -L shows nothing, Pablo Neira Ayuso
[PATCH] conntrack: fix sysctl memory leak, Stephen Hemminger
- Re: [PATCH] conntrack: fix sysctl memory leak, Patrick McHardy
[PATCH] ipv6: netfilter: ip6_tables: fix infoleak to userspace, Vasiliy Kulikov
- Re: [PATCH] ipv6: netfilter: ip6_tables: fix infoleak to userspace, Patrick McHardy
[PATCH] ipv4: netfilter: ip_tables: fix infoleak to userspace, Vasiliy Kulikov
- Re: [PATCH] ipv4: netfilter: ip_tables: fix infoleak to userspace, Patrick McHardy
[PATCH] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow, Vasiliy Kulikov
- Re: [PATCH] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow, Changli Gao
  - Re: [PATCH] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow, Patrick McHardy
    - [PATCH v2] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow, Vasiliy Kulikov
      - Re: [PATCH v2] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow, Changli Gao
        
        Re: [PATCH v2] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow, Patrick McHardy
[PATCH] ipv4: netfilter: arp_tables: fix infoleak to userspace, Vasiliy Kulikov
- Re: [PATCH] ipv4: netfilter: arp_tables: fix infoleak to userspace, Patrick McHardy
[RFC] x_tables: misuse of try_then_request_module, Stephen Hemminger
- Re: [RFC] x_tables: misuse of try_then_request_module, Patrick McHardy
  - Re: [RFC] x_tables: misuse of try_then_request_module, Stephen Hemminger
    - Re: [RFC] x_tables: misuse of try_then_request_module, Patrick McHardy
subcommand consolidation and -C option, Jan Engelhardt
- [PATCH 1/2] ip(6)tables-multi: unify subcommand handling, Jan Engelhardt
- [PATCH 2/2] iptables: add -C to check for existing rules, Jan Engelhardt
- Re: subcommand consolidation and -C option, Patrick McHardy
[PATCH v2 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Florian Westphal
- [PATCH v2 2/2] netfilter: xt_addrtype: ipv6 support., Florian Westphal
  - Re: [PATCH v2 2/2] netfilter: xt_addrtype: ipv6 support., Florian Westphal
    - Re: [PATCH v2 2/2] netfilter: xt_addrtype: ipv6 support., Patrick McHardy
XT_CONTINUE/EBT_CONTINUE for universal modules, Thomas Graf
- Re: XT_CONTINUE/EBT_CONTINUE for universal modules, Jan Engelhardt
  - Re: XT_CONTINUE/EBT_CONTINUE for universal modules, Thomas Graf
[PATCH] iptables: add -C to check for existing rules, Stefan Tomanek
- Re: [PATCH] iptables: add -C to check for existing rules, Patrick McHardy
- Re: [PATCH] iptables: add -C to check for existing rules, Jan Engelhardt
  - Re: [PATCH] iptables: add -C to check for existing rules, Stefan Tomanek
  - [PATCH] iptables: add -C to check for existing rules, Stefan Tomanek
    - Re: [PATCH] iptables: add -C to check for existing rules, Jan Engelhardt
[PATCH 1/2] libipt_addrtype: rename to libxt_addrtype, Florian Westphal
- [PATCH 2/2] libxt_addrtype: ipv6 support, Florian Westphal
[PATCH] ip(6)tables-multi: unify subcommand handling, Stefan Tomanek
- Re: [PATCH] ip(6)tables-multi: unify subcommand handling, Jan Engelhardt
[PATCH] xtables-addon: Remove recursive function calls, Changli Gao
- Re: [PATCH] xtables-addon: Remove recursive function calls, Jan Engelhardt
[PATCH net-next] netfilter:ipvs: use kmemdup, Shan Wei
- Re: [PATCH net-next] netfilter:ipvs: use kmemdup, Simon Horman
[patch v2 ] IPVS: Conditionally include sysctl code, Simon Horman
- [PATCH 04/18] ipvs: remove unused seqcount stats, Simon Horman
- [PATCH 02/18] ipvs: reorganize tot_stats, Simon Horman
- [PATCH 17/18] IPVS: Add __ip_vs_control_{init,cleanup}_sysctl(), Simon Horman
- [PATCH 18/18] IPVS: Conditionally include sysctl members of struct netns_ipvs, Simon Horman
- [PATCH 16/18] IPVS: Conditionally define and use ip_vs_lblc{r}_table, Simon Horman
- [PATCH 15/18] IPVS: Minimise ip_vs_leave when CONFIG_SYSCTL is undefined, Simon Horman
- [PATCH 14/18] IPVS: Conditional ip_vs_conntrack_enabled(), Simon Horman
- [PATCH 08/18] IPVS: Add {sysctl_sync_threshold,period}(), Simon Horman
- [PATCH 05/18] IPVS: Add ip_vs_route_me_harder(), Simon Horman
- [PATCH 07/18] IPVS: Add sysctl_nat_icmp_send(), Simon Horman
- [PATCH 13/18] IPVS: ip_vs_todrop() becomes a noop when CONFIG_SYSCTL is undefined, Simon Horman
- [PATCH 12/18] IPVS: Conditinally use sysctl_lblc{r}_expiration, Simon Horman
- [PATCH 10/18] IPVS: Add sysctl_expire_nodest_conn(), Simon Horman
- [PATCH 11/18] IPVS: Add expire_quiescent_template(), Simon Horman
- [PATCH 03/18] ipvs: zero percpu stats, Simon Horman
  - Re: [PATCH 03/18] ipvs: zero percpu stats, Eric Dumazet
    - Re: [PATCH 03/18] ipvs: zero percpu stats, Julian Anastasov
      - Re: [PATCH 03/18] ipvs: zero percpu stats, Simon Horman
        
        Re: [PATCH 03/18] ipvs: zero percpu stats, David Miller
        
        Re: [PATCH 03/18] ipvs: zero percpu stats, Simon Horman
      - Re: [PATCH 03/18] ipvs: zero percpu stats, Eric Dumazet
        
        Re: [PATCH 03/18] ipvs: zero percpu stats, Julian Anastasov
- [PATCH 06/18] IPVS: Add sysctl_snat_reroute(), Simon Horman
- [PATCH 09/18] IPVS: Add sysctl_sync_ver(), Simon Horman
- [PATCH 01/18] ipvs: move struct netns_ipvs, Simon Horman
[PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Florian Westphal
- [PATCH 2/2] netfilter: xt_addrtype: ipv6 support., Florian Westphal
- Re: [PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Patrick McHardy
  - Re: [PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Jan Engelhardt
    - Re: [PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Florian Westphal
      - Re: [PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Jan Engelhardt
        
        Re: [PATCH 1/2] netfilter: ipt_addrtype: rename to xt_addrtype, Patrick McHardy
libmnl: other OS support, Jan Engelhardt
- [PATCH 1/3] src: use limits.h header, Jan Engelhardt
  - Re: [PATCH 1/3] src: use limits.h header, Pablo Neira Ayuso
- [PATCH 2/3] include: use sanitized header from headers_install, Jan Engelhardt
  - Re: [PATCH 2/3] include: use sanitized header from headers_install, Pablo Neira Ayuso
- [PATCH 3/3] build: support compilation on non-Linuxes, Jan Engelhardt
  - Re: [PATCH 3/3] build: support compilation on non-Linuxes, Pablo Neira Ayuso
    - Re: [PATCH 3/3] build: support compilation on non-Linuxes, Jan Engelhardt
libnetfilter_queue: Some accepted packets get lost, Fabien C.
- Re: libnetfilter_queue: Some accepted packets get lost, Pablo Neira Ayuso
  - Re: libnetfilter_queue: Some accepted packets get lost, Fabien C.
    - Re: libnetfilter_queue: Some accepted packets get lost, Florian Westphal
      - Re: libnetfilter_queue: Some accepted packets get lost, Pablo Neira Ayuso
        
        Re: libnetfilter_queue: Some accepted packets get lost, Fabien C.
[PATCH] netfilter:ipset: fix the compile warning in ip_set_create, Shan Wei
- Re: [PATCH] netfilter:ipset: fix the compile warning in ip_set_create, Jozsef Kadlecsik
  - Re: [PATCH] netfilter:ipset: fix the compile warning in ip_set_create, Shan Wei
    - Re: [PATCH] netfilter:ipset: fix the compile warning in ip_set_create, Patrick McHardy
[PATCH 00/13] netfilter: netfilter update, kaber
- [PATCH 01/13] netfilter: ipset: add dependency on CONFIG_NETFILTER_NETLINK, kaber
- [PATCH 02/13] netfilter: xt_connlimit: connlimit-above early loop termination, kaber
- [PATCH 11/13] ipvs: use enum to instead of magic numbers, kaber
- [PATCH 13/13] netfilter: nf_ct_tcp: fix out of sync scenario while in SYN_RECV, kaber
- [PATCH 12/13] ipvs: unify the formula to estimate the overhead of processing connections, kaber
- [PATCH 08/13] ipvs: remove extra lookups for ICMP packets, kaber
- [PATCH 09/13] ipvs: make "no destination available" message more informative, kaber
- [PATCH 10/13] ipvs: use hlist instead of list, kaber
- [PATCH 04/13] Revert "netfilter: xt_connlimit: connlimit-above early loop termination", kaber
- [PATCH 07/13] ipvs: fix timer in get_curr_sync_buff, kaber
- [PATCH 03/13] bridge: netfilter: fix information leak, kaber
- [PATCH 05/13] netfilter: xt_conntrack: warn about use in raw table, kaber
- [PATCH 06/13] netfilter: nfnetlink_log: remove unused parameter, kaber
- Re: [PATCH 00/13] netfilter: netfilter update, David Miller
ulogd2 - INSERT_OR_REPLACE_CT for MySQL, SPONEM Benoît
recommendations on implementing a custom Netfilter hook to QUEUE packets before their SEQ/ACK and size before fragmentation are known?, Igor 'Lo' (И.L.)
- Re: recommendations on implementing a custom Netfilter hook to QUEUE packets before their SEQ/ACK and size before fragmentation are known?, Frank Ch. Eigler
  - Re: recommendations on implementing a custom Netfilter hook to QUEUE packets before their SEQ/ACK and size before fragmentation are known?, Igor 'Lo' (И.L.)
- Re: recommendations on implementing a custom Netfilter hook to QUEUE packets before their SEQ/ACK and size before fragmentation are known?, Hassan
nfqueue: nfq_set_verdict(...., len), where len > MTU?, Igor 'Lo' (И.L.)
[GIT PULL nf-2.6] IPVS, Simon Horman
- [PATCH] ipvs: fix dst_lock locking on dest update, Simon Horman
- Re: [GIT PULL nf-2.6] IPVS, Patrick McHardy
  - Re: [GIT PULL nf-2.6] IPVS, Simon Horman
    - Re: [GIT PULL nf-2.6] IPVS, Patrick McHardy
      - Re: [GIT PULL nf-2.6] IPVS, Simon Horman
      - Re: [GIT PULL nf-2.6] IPVS, David Miller
- <Possible follow-ups>
- [GIT PULL nf-2.6] IPVS, Simon Horman
  - [PATCH] IPVS Bug, Null ptr in ip_vs_ctl.c ip_vs_genl_dump_daemons()., Simon Horman
    - Re: [PATCH] IPVS Bug, Null ptr in ip_vs_ctl.c ip_vs_genl_dump_daemons()., Patrick McHardy
  - Re: [GIT PULL nf-2.6] IPVS, Patrick McHardy
    - Re: [GIT PULL nf-2.6] IPVS, Simon Horman
- [GIT PULL nf-2.6] IPVS, Simon Horman
  - [PATCH 2/2] IPVS: labels at pos 0, Simon Horman
  - [PATCH 1/2] IPVS: Change of socket usage to enable name space exit., Simon Horman
  - Re: [GIT PULL nf-2.6] IPVS, Simon Horman
- [GIT PULL nf-2.6] IPVS, Simon Horman
  - [PATCH] IPVS: Free resources on module removal, Simon Horman
- [GIT PULL nf-2.6] IPVS, Simon Horman
  - [PATCH] IPVS netns exit causes crash in conntrack, Simon Horman
  - Re: [GIT PULL nf-2.6] IPVS, Patrick McHardy
    - Re: [GIT PULL nf-2.6] IPVS, Simon Horman
- [GIT PULL nf-2.6] IPVS, Simon Horman
  - [PATCH] IPVS: Free resources on module removal, Simon Horman
  - Re: [GIT PULL nf-2.6] IPVS, Simon Horman
    - Re: [GIT PULL nf-2.6] IPVS, David Miller
      - Re: [GIT PULL nf-2.6] IPVS, Patrick McHardy
iptables: option parsing inversion fix, Jan Engelhardt
- [PATCH 1/2] iptables: fix an inversion, Jan Engelhardt
- [PATCH 2/2] doc: add VERSION section to manpages, Jan Engelhardt
- Re: iptables: option parsing inversion fix, Patrick McHardy
[patch] fix nla_policy_len to actually _iterate_ over the policy, Lars Ellenberg
- Re: [patch] fix nla_policy_len to actually _iterate_ over the policy, David Miller
- Re: [stable] [patch] fix nla_policy_len to actually _iterate_ over the policy, Greg KH
[patch] nf_log: avoid oops in (un)bind with invalid nfproto values, Jan Engelhardt
- Re: [patch] nf_log: avoid oops in (un)bind with invalid nfproto values, Patrick McHardy
[ANNOUNCE] conntrack-tools 1.0.0 released, Pablo Neira Ayuso
- Re:[ANNOUNCE] conntrack-tools 1.0.0 released, xuhainanjing
iptables: docs & address parsing, Jan Engelhardt
- [PATCH 1/9] doc: mention other possible nf_loggers for TRACE, Jan Engelhardt
- [PATCH 2/9] doc: fix odd partial sentence in libipt_TTL, Jan Engelhardt
- [PATCH 4/9] doc: rateest options can be optional, Jan Engelhardt
- [PATCH 3/9] libxt_quota: require --quota to be specified, Jan Engelhardt
- [PATCH 6/9] libxtables: avoid confusing use of ai_protocol=IPPROTO_IPV6, Jan Engelhardt
- [PATCH 7/9] xtables: fix excessive memory allocation in host_to_ipaddr, Jan Engelhardt
- [PATCH 8/9] xtables: fix the broken detection/removal of redundant addresses, Jan Engelhardt
- [PATCH 5/9] libxtables: fix memory scribble beyond end of array, Jan Engelhardt
- [PATCH 9/9] xtables: use all IPv6 addresses resolved from a hostname, Jan Engelhardt
- Re: iptables: docs & address parsing, Patrick McHardy
[PATCH] improvement for TCP connection tracking, Pablo Neira Ayuso
- [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Changli Gao
  - Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Jozsef Kadlecsik
    - Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Pablo Neira Ayuso
      - Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Jozsef Kadlecsik
        
        Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Igor 'Lo' (И.L.)
        
        Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Patrick McHardy
        
        Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Jozsef Kadlecsik
        
        Re: [PATCH] netfilter: nf_ct_tcp: better handling for SYN retransmissions after SYN+ACK, Patrick McHardy
NFQUEUE: best way to deal with changed SEQ/ACK in a stream?, Igor 'Lo' (И.L.)
[ANNOUNCE] libnetfilter_conntrack 0.9.1 release, Pablo Neira Ayuso
[PATCH] ipvs: use enum to instead of magic numbers, Changli Gao
- Re: [PATCH] ipvs: use enum to instead of magic numbers, Simon Horman
Kernel panic nf_nat_setup_info+0x5b3/0x6e0, "Oleg A. Arkhangelsky"
- Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Patrick McHardy
  - Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Changli Gao
    - Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, "Oleg A. Arkhangelsky"
      - Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Changli Gao
        
        Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Changli Gao
        
        Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, "Oleg A. Arkhangelsky"
        
        Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Eric Dumazet
        
        Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Changli Gao
        
        Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Eric Dumazet
        
        Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Patrick McHardy
        
        Re: Kernel panic nf_nat_setup_info+0x5b3/0x6e0, Changli Gao
tproxy + bridge - possible redundant skb_orphan call ?, Haim Daniel
xtables: various fixes for handling multiple src/dst addresses, Wes Campaigne
- [PATCH 1/4] xtables: use *all* IPv6 addresses resolved from a hostname, Wes Campaigne
- [PATCH 2/4] xtables: fix excessive memory allocation in host_to_ipaddr, Wes Campaigne
- [PATCH 3/4] xtables: fix the broken detection/removal of redundant addresses, Wes Campaigne
- [PATCH 4/4] xtables: use the correct loop count when applying masks to addresses, Wes Campaigne
- Re: xtables: various fixes for handling multiple src/dst addresses, Jan Engelhardt
Re: [conntrack_ftp] ftp _server_ behind dnat, Klaus Ethgen
- Re: [conntrack_ftp] ftp _server_ behind dnat, Pascal Hambourg
  - Re: [conntrack_ftp] ftp _server_ behind dnat, Klaus Ethgen
iptables: misc option edits, Jan Engelhardt
- [PATCH 1/8] doc: fix wrong sentence about negation in xt_limit, Jan Engelhardt
- [PATCH 2/8] doc: fix misspelling of "field", Jan Engelhardt
- [PATCH 4/8] Remove unused CVS expanded keywords, Jan Engelhardt
- [PATCH 3/8] extensions: remove redundant init functions, Jan Engelhardt
- [PATCH 5/8] libip6t_dst: remove unimplemented --dst-not-strict, Jan Engelhardt
- [PATCH 7/8] extensions: add missing checks for specific flags, Jan Engelhardt
- [PATCH 6/8] libip6t_hbh: remove unimplemented --hbh-not-strict, Jan Engelhardt
- [PATCH 8/8] libipt_ECN: set proper option flags, Jan Engelhardt
- Re: iptables: misc option edits, Patrick McHardy
[PATCH 0/2] netfilter: netfilter fixes for 2.6.38, kaber
- [PATCH 2/2] netfilter: ip6t_LOG: fix a flaw in printing the MAC, kaber
- [PATCH 1/2] netfilter: tproxy: do not assign timewait sockets to skb->sk, kaber
- Re: [PATCH 0/2] netfilter: netfilter fixes for 2.6.38, David Miller
- <Possible follow-ups>
- [PATCH 0/2] netfilter: netfilter fixes for 2.6.38, kaber
  - [PATCH 2/2] netfilter: nf_log: avoid oops in (un)bind with invalid nfproto values, kaber
  - [PATCH 1/2] ipvs: fix dst_lock locking on dest update, kaber
  - Re: [PATCH 0/2] netfilter: netfilter fixes for 2.6.38, David Miller
[PATCH] ipvs: use hlist instead of list, Changli Gao
- Re: [PATCH] ipvs: use hlist instead of list, Simon Horman
[PATCH v2] ipvs: unify the formula to estimate the overhead of processing connections, Changli Gao

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]