Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Kernel panic in nf_send_reset6() path, Thomas S.
- [nft PATCH] netlink_delinearize: Sanitize concat data element decoding,
Phil Sutter
- [PATCH iptables] xt_sctp: add the missing chunk types in sctp_help,
Xin Long
- [PATCH nf] netfilter: ctnetlink: make event listener tracking global,
Florian Westphal
- [PATCH nf] netfilter: use skb len to match in length_mt6,
Xin Long
- [PATCH nf] ebtables: fix table blob use-after-free,
Florian Westphal
- [syzbot] [bridge?] [coreteam?] KASAN: vmalloc-out-of-bounds Read in __ebt_unregister_table, syzbot
- [iptables PATCH 1/6] extensions: libebt_redirect: Fix target translation,
Phil Sutter
- [iptables PATCH 1/2] tests: xlate: Properly split input in replay mode,
Phil Sutter
- [iptables PATCH 1/3] nft-shared: Lookup matches in iptables_command_state,
Phil Sutter
- [iptables PATCH] tests: CLUSTERIP: Drop test file,
Phil Sutter
- [PATCH net-next 0/6] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH nft 1/3] evaluate: print error on missing family in nat statement,
Pablo Neira Ayuso
- [PATCH nft] src: use start condition with new destroy command, Pablo Neira Ayuso
- [PATCH nft 1/3] evaluate: infer family from mapping,
Pablo Neira Ayuso
- [nf PATCH] netfilter: Fix regression in ip6t_rpfilter with VRF interfaces,
Phil Sutter
- PROBLEM: nf_conntrack_events autodetect mode invalidates NETLINK_LISTEN_ALL_NSID netlink socket option,
Bryce Kahle
- [PATCH nf v2] netfilter: conntrack: fix rmmod double-free race,
Florian Westphal
- [PATCH nf] netfilter: conntrack: fix rmmod double-free race,
Florian Westphal
- [PATCH] netfilter: fix percpu counter block leak on error path when creating new netns,
Pavel Tikhomirov
- [PATCH] net: netfilter: fix possible refcount leak in ctnetlink_create_conntrack(),
Hangyu Hua
- [lvc-project] [PATCH] netfilter: xt_recent: Fix attempt to update removed entry,
Igor Artemiev
- [RFC nf-next 0/3] bpf, netfilter: minimal support for bpf progs,
Florian Westphal
- [PATCH nf] netfilter: nf_tables: allow to fetch set elements when table has an owner, Pablo Neira Ayuso
- [PATCH nft] optimize: ignore existing nat mapping, Pablo Neira Ayuso
- [PATCH 1/1] iptables_lib.sh: Fix for iptables-translate >= v1.8.9,
Petr Vorel
- [PATCH nft 1/2] rule: add helper function to expand chain rules into commands,
Pablo Neira Ayuso
- [PATCH nft] optimize: select merge criteria based on candidates rules, Pablo Neira Ayuso
- [PATCH nft] rule: expand chain that contains rules, Pablo Neira Ayuso
- [PATCH nft 1/2] optimize: wrap code to build concatenation in helper function,
Pablo Neira Ayuso
- [PATCH net-next] ipvs: avoid kfree_rcu without 2nd arg,
Julian Anastasov
- [PATCH net-next v6 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [PATCH nf-next] netfilter: let reset rules clean out conntrack entries,
Florian Westphal
- [RFC] bpf: add bpf_link support for BPF_NETFILTER programs,
Florian Westphal
- allow user to offload tc action to net device : Question, Martin Zaharinov
- [PATCH nf] netfilter: br_netfilter: disable sabotage_in hook after first suppression,
Florian Westphal
- [PATCH net-next v5 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [iptables PATCH 0/7] Small ebtables-translate review + extras,
Phil Sutter
- [PATCH nf] Revert "netfilter: conntrack: fix bug in for_each_sctp_chunk",
Florian Westphal
- [PATCH net-next] net: Kconfig: fix spellos,
Randy Dunlap
- [PATCH net-next v4 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [PATCH nft] evaluate: set eval ctx for add/update statements with integer constants, Florian Westphal
- [PATCH v4 0/4] sctp conntrack fixes,
Sriram Yagnaraman
- [PATCH net-next] netlink: fix spelling mistake in dump size assert,
Jakub Kicinski
- [PATCH nf-next] netfilter: conntrack: udp: fix seen-reply test,
Florian Westphal
- [PATCH] netfilter: conntrack: remote a return value of the 'seq_print_acct' function.,
Gavrilov Ilia
- Stateless load-balancer, Armen Hovhannisyan
- [PATCH net-next v3 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [PATCH net-next] netfilter: nf_tables: fix wrong pointer passed to PTR_ERR(),
Yang Yingliang
- [PATCH nf,v4 1/2] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection,
Pablo Neira Ayuso
- [PATCH net-next 0/9] Netfilter updates for net-next,
Florian Westphal
- [PATCH net-next 2/9] netfilter: conntrack: remove pr_debug calls, Florian Westphal
- [PATCH net-next 6/9] netfilter: nf_tables: add static key to skip retpoline workarounds, Florian Westphal
- [PATCH net-next 3/9] netfilter: conntrack: avoid reload of ct->status, Florian Westphal
- [PATCH net-next 4/9] netfilter: conntrack: move rcu read lock to nf_conntrack_find_get, Florian Westphal
- [PATCH net-next 5/9] netfilter: ip_tables: remove clusterip target, Florian Westphal
- [PATCH net-next 1/9] netfilter: conntrack: sctp: use nf log infrastructure for invalid packets, Florian Westphal
- [PATCH net-next 7/9] netfilter: nf_tables: avoid retpoline overhead for objref calls, Florian Westphal
- [PATCH net-next 8/9] netfilter: nf_tables: avoid retpoline overhead for some ct expression calls, Florian Westphal
- [PATCH net-next 9/9] netfilter: nf_tables: add support to destroy operation, Florian Westphal
- <Possible follow-ups>
- [PATCH net-next 0/9] Netfilter updates for net-next, Florian Westphal
- [PATCH net-next 0/9] Netfilter updates for net-next, Florian Westphal
- [PATCH net-next 0/9] Netfilter updates for net-next, Florian Westphal
- [PATCH net-next 0/9] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH v3 0/4] sctp conntrack fixes,
Sriram Yagnaraman
- [PATCH v2 0/4] sctp conntrack fixes,
Sriram Yagnaraman
- [PATCH 1/2 nf,v3] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection,
Pablo Neira Ayuso
- [PATCH net 0/1] Netfilter fixes for net,
Pablo Neira Ayuso
- [nft PATCH v4] Implement 'reset rule' and 'reset rules' commands,
Phil Sutter
- [iptables PATCH] etc: Drop xtables.conf,
Phil Sutter
- [PATCH v2 6.1] netfilter: Null pointer dereference in nf_tables_updobj,
Alok Tiwari
- [nft PATCH v3] Implement 'reset rule' and 'reset rules' commands, Phil Sutter
- [PATCH 6.1] netfilter: Null pointer dereference in nf_tables_updobj,
Alok Tiwari
- [PATCH nf,v2 1/2] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection,
Pablo Neira Ayuso
- Proposal: Set nf_conn->tuplehash[IP_CT_DIR_REPLY] to the inverted address of packet when it is confirmed, Christian Worm Mortensen
- [PATCH 0/3] sctp conntrack fixes,
Sriram Yagnaraman
- [PATCH v9 00/12] Network support for Landlock,
Konstantin Meskhidze
- [PATCH v9 02/12] landlock: Allow filesystem layout changes for domains without such rule type, Konstantin Meskhidze
- [PATCH v9 01/12] landlock: Make ruleset's access masks more generic, Konstantin Meskhidze
- [PATCH v9 09/12] selftests/landlock: Share enforce_ruleset(), Konstantin Meskhidze
- [PATCH v9 07/12] landlock: Refactor landlock_add_rule() syscall, Konstantin Meskhidze
- [PATCH v9 04/12] landlock: Refactor merge/inherit_ruleset functions, Konstantin Meskhidze
- [PATCH v9 11/12] samples/landlock: Add network demo, Konstantin Meskhidze
- [PATCH v9 03/12] landlock: Refactor landlock_find_rule/insert_rule, Konstantin Meskhidze
- [PATCH v9 10/12] selftests/landlock: Add 10 new test suites dedicated to network, Konstantin Meskhidze
- [PATCH v9 06/12] landlock: Refactor _unmask_layers() and _init_layer_masks(), Konstantin Meskhidze
- [PATCH v9 12/12] landlock: Document Landlock's network support, Konstantin Meskhidze
- [PATCH v9 08/12] landlock: Add network rules and TCP hooks support, Konstantin Meskhidze
- [PATCH v9 05/12] landlock: Move and rename umask_layers() and init_layer_masks(), Konstantin Meskhidze
- Re: [PATCH v9 00/12] Network support for Landlock, Günther Noack
- [PATCH nft] tests: shell: extend runtime set element automerge to cover partial deletions, Pablo Neira Ayuso
- [PATCH nf 0/2] nf_tables rbtree fixes,
Pablo Neira Ayuso
- [iptables PATCH] iptables-test.py: make explicit use of python3, Arturo Borrero Gonzalez
- [PATCH libnetfilter_queue] build: doc: Fix doxygen obsolete option warning, Duncan Roe
- [PATCH libnetfilter_log] build: doc: Fix doxygen obsolete option warning, Duncan Roe
- [PATCH net-next v2 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- 6.1: possible bug with netfilter conntrack?,
Russell King (Oracle)
- [PATCH] build: put xtables.conf in EXTRA_DIST,
Jan Engelhardt
- [PATCH nft] intervals: restrict check missing elements fix to sets with no auto-merge, Pablo Neira Ayuso
- [nft PATCH 0/5] Fix some covscan findings,
Phil Sutter
- [nft PATCH v2] Implement 'reset rule' and 'reset rules' commands,
Phil Sutter
- [iptables PATCH] extensions: NAT: Fix for -Werror=format-security,
Phil Sutter
- [ANNOUNCE] iptables 1.8.9 release,
Phil Sutter
- [PATCH net] uapi: linux: restore IPPROTO_MAX to 256,
Pablo Neira Ayuso
- [PATCH libnetfilter_conntrack] conntrack: add sanity check to netlink socket filter API, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_payload: incorrect arithmetics when rebuiling VLAN header, Pablo Neira Ayuso
- [PATCH nf] netfilter: conntrack: handle tcp challenge acks during connection reuse, Florian Westphal
- [PATCH v4] netfilter: conntrack: simplify sctp state machine,
Sriram Yagnaraman
- build failure since commit 'xt: Rewrite unsupported compat expression dumping',
Neels Hofmeyr
- [iptables PATCH] Makefile: Replace brace expansion,
Phil Sutter
- [PATCH net-next v1 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [RFC PATCH v3] netfilter: conntrack: simplify sctp state machine,
Sriram Yagnaraman
- [no subject], Gavrilov Ilia
- [PATCH] netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.,
Gavrilov Ilia
- [PATCH libnetfilter_conntrack 1/1] conntrack: Allow setting of netlink buffer size,
William Blough
- [nft] src: allow for updating devices on existing netdev chain - Test result,
Martin Zaharinov
- [PATCH nft] src: allow for updating devices on existing netdev chain, Pablo Neira Ayuso
- [PATCH nf-next,v2 1/4] netfilter: nf_tables: rename function to destroy hook list,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: do not send complete notification of deletions, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: remove clusterip target, Florian Westphal
- [RFC PATCH v2] netfilter: conntrack: simplify sctp state machine,
Sriram Yagnaraman
- [PATCH nf] selftests: netfilter: fix transaction test script timeout handling,
Florian Westphal
- [RFC PATCH] netfilter: conntrack: simplify sctp state machine,
Sriram Yagnaraman
- [PATCH nft] optimize: payload expression requires inner_desc comparison, Pablo Neira Ayuso
- [PATCH net-next 04/14] netlink: add macro for checking dump ctx size,
Jakub Kicinski
- [PATCH nf-next,v1 1/3] netfilter: nf_tables: rename function to destroy hook list,
Pablo Neira Ayuso
- [PATCH nft,v1] src: allow for updating devices on existing netdev chain, Pablo Neira Ayuso
- [PATCH libnftnl] chain: relax logic to build NFTA_CHAIN_HOOK, Pablo Neira Ayuso
- [PATCH nf-next 0/3] netfilter: nf_tables: extend retpoline workarounds,
Florian Westphal
- [PATCH nf-next v5] netfilter: nf_tables: add support to destroy operation, Fernando Fernandez Mancera
- [PATCH nft v6] src: add support to command "destroy",
Fernando Fernandez Mancera
- [PATCH nf-next v4] netfilter: nf_tables: add support to destroy operation, Fernando Fernandez Mancera
- [PATCH] pcap: prevent crashes when output `FILE *` is null,
Jeremy Sowden
- [PATCH nf-next 0/3] netfilter: conntrack: cleanups,
Florian Westphal
- [ANNOUNCE] ipset 7.17 released, Jozsef Kadlecsik
- [PATCH xtables-addons 0/3] Add Linux 6.2 Support,
Jeremy Sowden
- [PATCH libmnl v2] doc: fix some non-native English usages, Jeremy Sowden
- [PATCH libmnl] doc: fix some non-native English usages,
Jeremy Sowden
- [PATCH libnetfilter_conntrack 1/2] conntrack: fix BPF code for filtering on big-endian architectures,
Jeremy Sowden
- [libnetfilter_conntrack PATCH] conntrack: increase the length of `l4proto_map`,
Jeremy Sowden
- ipset bug (kernel hang),
Марк Коренберг
- "nft list hooks" in older kernels?, Simon Kirby
- [iptables PATCH 1/3] gitignore: Ignore utils/nfsynproxy,
Phil Sutter
- [iptables PATCH] nft: Reject tcp/udp extension without proper protocol match,
Phil Sutter
- [PATCH nft 1/2,v2] evaluate: fix shift exponent underflow in concatenation evaluation,
Pablo Neira Ayuso
- [PATCH nft] evaluate: fix shift exponent underflow in concatenation evaluation, Pablo Neira Ayuso
- [PATCH nf 4/4,v6] netfilter: nf_tables: honor set timeout and garbage collection updates, Pablo Neira Ayuso
- [ANNOUNCE] nftables 1.0.6 release,
Pablo Neira Ayuso
- [PATCH nft] owner: Fix potential array out of bounds access,
Pablo Neira Ayuso
- [PATCH nf,v5 1/4] netfilter: nf_tables: consolidate set description,
Pablo Neira Ayuso
- [nf-next PATCH v2] netfilter: nf_tables: Introduce NFTA_RULE_ACTUAL_EXPR,
Phil Sutter
- [PATCH] treewide: Convert del_timer*() to timer_shutdown*(),
Steven Rostedt
- [PATCH nf,v4 4/4] netfilter: nf_tables: honor set timeout and garbage collection updates, Pablo Neira Ayuso
- [conntrack-tools PATCH 0/4] Fix some minor bugs,
Phil Sutter
- [PATCH nf,v3 4/4] netfilter: nf_tables: honor set timeout and garbage collection updates, Pablo Neira Ayuso
- [PATCH nf,v2 0/4] nf_tables: set updates type check,
Pablo Neira Ayuso
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]