Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH v10 09/13] landlock: Add network rules and TCP hooks support, (continued)
- [PATCH] netfilter: nfnetlink_queue: enable classid socket info retrieval,
eric_sage
- [PATCH nft,v2 0/8] mark statement support for non-constant expression,
Pablo Neira Ayuso
- [PATCH nft,v2 3/8] evaluate: don't eval unary arguments, Pablo Neira Ayuso
- [PATCH nft,v2 4/8] evaluate: get length from statement instead of lhs expression, Pablo Neira Ayuso
- [PATCH nft,v2 2/8] evaluate: support shifts larger than the width of the left operand, Pablo Neira Ayuso
- [PATCH nft,v2 1/8] netlink_delinearize: correct type and byte-order of shifts, Pablo Neira Ayuso
- [PATCH nft,v2 5/8] evaluate: relax type-checking for integer arguments in mark statements, Pablo Neira Ayuso
- [PATCH nft,v2 8/8] tests: shell: add test-cases for ct and packet mark payload expressions, Pablo Neira Ayuso
- [PATCH nft,v2 6/8] tests: py: add test-cases for ct and packet mark payload expressions, Pablo Neira Ayuso
- [PATCH nft,v2 7/8] tests: shell: rename and move bitwise test-cases, Pablo Neira Ayuso
- [PATCH nf-next 1/1] netfilter: ctnetlink: Support offloaded conntrack entry deletion,
Paul Blakey
- [PATCH] net : netfilter: Keep conntrack reference until IPsecv6 policy checks are done, Madhu Koriginja
- [PATCH net-next 1/1] netfilter: ctnetlink: Support offloaded conntrack entry deletion,
Paul Blakey
- [nft PATCH 1/2] Reduce signature of do_list_table(),
Phil Sutter
- [PATCH v5] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH nft 0/9] mark statement support for non-constant expression,
Pablo Neira Ayuso
- [PATCH nf-next] xtables: move icmp/icmpv6 logic to xt_tcpudp, Florian Westphal
- [PATCH nf-next] netfilter: xtables: disable 32bit compat interface by default, Florian Westphal
- [PATCH ulogd2 v3 0/2] pcap: prevent crashes when output `FILE *` is null,
Jeremy Sowden
- Re: [PATCH net-next] net: netfilter: Keep conntrack reference until IPsecv6 policy checks are done, Florian Westphal
- [PATCH nf-next v2 0/2] NF NAT deduplication refactoring,
Jeremy Sowden
- [PATCH nft] meta: don't crash if meta key isn't known, Florian Westphal
- [PATCH nft,v3] parser_bison: simplify reset syntax,
Pablo Neira Ayuso
- [PATCH nft,v2] parser_bison: simplify reset syntax,
Pablo Neira Ayuso
- [PATCH nft] parser_bison: simplify reset syntax,
Pablo Neira Ayuso
- [PATCH] Correct documentation errors in nf_tables.h,
Matthieu De Beule
- [PATCH nft] Revert "evaluate: relax type-checking for integer arguments in mark statements", Pablo Neira Ayuso
- [ANNOUNCE] nftables 1.0.7 release, Pablo Neira Ayuso
- [PATCH nf-next 0/3] NF NAT deduplication refactoring,
Jeremy Sowden
- [PATCH nftables] src: fix a couple of typo's in comments, Jeremy Sowden
- [PATCH nf-next] netfilter: nft_exthdr: add boolean DCCP option matching,
Jeremy Sowden
- [PATCH nftables] exthdr: add boolean DCCP option matching,
Jeremy Sowden
- [PATCH nft] cmd: move command functions to src/cmd.c, Pablo Neira Ayuso
- [PATCH nft] src: improve error reporting for unsupported chain type,
Pablo Neira Ayuso
- [ipset PATCH] tests: hash:ip,port.t: Replace VRRP by GRE protocol,
Phil Sutter
- [nft PATCH v2] Reject invalid chain priority values in user space,
Phil Sutter
- [nft PATCH] Reject invalid chain priority values in user space,
Phil Sutter
- [ANNOUNCE] libnftnl 1.2.5 release,
Pablo Neira Ayuso
- [nft PATCH] doc: nft.8: Document lower priority limit for nat type chains,
Phil Sutter
- [nft PATCH] xt: Fix fallback printing for extensions matching keywords,
Phil Sutter
- [PATCH v2] ulogd2: Avoid use after free in unregister on global ulogd_fds linked list,
Kyuwon Shim
- [PATCH nf-next v2 0/9] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nf-next v2 2/9] netfilter: nat: fix indentation of function arguments, Jeremy Sowden
- [PATCH nf-next v2 6/9] netfilter: nft_masq: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 9/9] netfilter: nft_redir: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 5/9] netfilter: nft_masq: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next v2 8/9] netfilter: nft_redir: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next v2 3/9] netfilter: nat: extend core support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 4/9] netfilter: nft_nat: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 7/9] netfilter: nf_nat_redirect: use `struct nf_nat_range2` in ipv4 API, Jeremy Sowden
- [PATCH nf-next v2 1/9] netfilter: conntrack: fix typo, Jeremy Sowden
- Re: [PATCH nf-next v2 0/9] Support for shifted port-ranges in NAT, Florian Westphal
- [PATCH nf 0/4] NAT fixes,
Jeremy Sowden
- [PATCHv2 nf-next 0/6] netfilter: handle ipv6 jumbo packets properly for bridge ovs and tc,
Xin Long
- [ipset PATCH 0/4] Some testsuite improvements,
Phil Sutter
- [PATCH net] netfilter: conntrack:,
Eric Dumazet
- [PATCH nf-next 00/13] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nf-next 06/13] netfilter: nft_masq: correct length for loading protocol registers, Jeremy Sowden
- [PATCH nf-next 03/13] netfilter: nat: extend core support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next 07/13] netfilter: nft_masq: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next 02/13] netfilter: nat: fix indentation of function arguments, Jeremy Sowden
- [PATCH nf-next 09/13] netfilter: nft_redir: correct value of inet type `.maxattrs`, Jeremy Sowden
- [PATCH nf-next 04/13] netfilter: nft_nat: correct length for loading protocol registers, Jeremy Sowden
- [PATCH nf-next 01/13] netfilter: conntrack: fix typo, Jeremy Sowden
- [PATCH nf-next 08/13] netfilter: nft_masq: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next 05/13] netfilter: nft_nat: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next 12/13] netfilter: nft_redir: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next 10/13] netfilter: nf_nat_redirect: use `struct nf_nat_range2` in ipv4 API, Jeremy Sowden
- [PATCH nf-next 11/13] netfilter: nft_redir: correct length for loading protocol registers, Jeremy Sowden
- [PATCH nf-next 13/13] netfilter: nft_redir: add support for shifted port-ranges, Jeremy Sowden
- Re: [PATCH nf-next 00/13] Support for shifted port-ranges in NAT, Florian Westphal
- [PATCH libnftnl 0/3] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nftables 0/8] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nf-next 0/6] netfilter: handle ipv6 jumbo packets properly for bridge ovs and tc,
Xin Long
- [PATCH nf] netfilter: tproxy: fix deadlock due to missing BH disable,
Florian Westphal
- [PATCH v2] netfilter: ctnetlink: revert to dumping mark regardless of event type,
Ivan Delalande
- [PATCH RFC v2 bpf-next 0/3] bpf: add netfilter program type,
Florian Westphal
- CPU soft lockup in a spin lock using tproxy and nfqueue,
Major Dávid
- Re: Bug report DNAT destination not work,
Florian Westphal
- [PATCH] netfilter: ctnetlink: revert to dumping mark regardless of event type,
Ivan Delalande
- [PATCH nft 1/2] cache: fetch more objects when resetting rule,
Pablo Neira Ayuso
- [PATCH nft] parser_bison: allow to use quota in sets, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_quota: copy content when cloning expression, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_last: copy content when cloning expression, Pablo Neira Ayuso
- [iptables PATCH] nft-restore: Fix for deletion of new, referenced rule,
Phil Sutter
- [PATCH nft,v2] src: add last statement, Pablo Neira Ayuso
- [PATCH nft,v3] evaluate: expand value to range when nat mapping contains intervals, Pablo Neira Ayuso
- [PATCH v4] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH nft,v2] evaluate: expand value to range when nat mapping contains intervals, Pablo Neira Ayuso
- [PATCH nf] selftests: nft_nat: ensuring the listening side is up before starting the client,
Hangbin Liu
- [PATCH v3] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH AUTOSEL 5.15 22/36] netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj(), Sasha Levin
- [PATCH AUTOSEL 6.1 28/49] netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj(), Sasha Levin
- [PATCH AUTOSEL 6.2 30/53] netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj(), Sasha Levin
- [PATCH v2] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH libnftnl] expr: meta: introduce broute meta expression,
Sriram Yagnaraman
- [PATCH nft v3] meta: introduce broute expression, Sriram Yagnaraman
- [PATCH] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH nft 1/2,v2] tests: shell: cover rule insertion by index,
Pablo Neira Ayuso
- [PATCH nft v2] meta: introduce broute expression,
Sriram Yagnaraman
- [PATCH nf-next v2] netfilter: bridge: introduce broute meta statement,
Sriram Yagnaraman
- [PATCH nft 1/2] tests: shell: cover rule insertion by index,
Pablo Neira Ayuso
- [PATCH nft] meta: introduce broute expression,
Sriram Yagnaraman
- [PATCH nf-next] netfilter: bridge: introduce broute meta statement,
Sriram Yagnaraman
- [PATCH nft] evaluate: expand value to range in nat mapping with intervals, Pablo Neira Ayuso
- [ipset PATCH 0/2] Two minor code fixes,
Phil Sutter
- [iptables PATCH] include: Add missing linux/netfilter/xt_LOG.h,
Phil Sutter
- [PATCH nft] parser_bison: missing close scope in destroy start condition, Pablo Neira Ayuso
- [RFC nf-next PATCH] netfilter: nft: introduce broute chain type,
Sriram Yagnaraman
- [PATCH v2] [iptables] include: netfilter: add xt_LOG.h to fix an include error on Linux < 3.4, Thomas Devoogdt
- [PATCH nft] py: replace distutils with setuptools, Jose M. Guisado Gomez
- [PATCH net 0/8] Netfilterf fixes for net,
Pablo Neira Ayuso
- [PATCH] [iptables] extensions: libxt_LOG.c: fix linux/netfilter/xt_LOG.h include on Linux < 3.4,
Thomas Devoogdt
- Kernel panic in nf_send_reset6() path, Thomas S.
- [nft PATCH] netlink_delinearize: Sanitize concat data element decoding,
Phil Sutter
- [PATCH iptables] xt_sctp: add the missing chunk types in sctp_help,
Xin Long
- [PATCH nf] netfilter: ctnetlink: make event listener tracking global,
Florian Westphal
- [PATCH nf] netfilter: use skb len to match in length_mt6,
Xin Long
- [PATCH nf] ebtables: fix table blob use-after-free,
Florian Westphal
- [syzbot] [bridge?] [coreteam?] KASAN: vmalloc-out-of-bounds Read in __ebt_unregister_table, syzbot
- [iptables PATCH 1/6] extensions: libebt_redirect: Fix target translation,
Phil Sutter
- [iptables PATCH 1/2] tests: xlate: Properly split input in replay mode,
Phil Sutter
- [iptables PATCH 1/3] nft-shared: Lookup matches in iptables_command_state,
Phil Sutter
- [iptables PATCH] tests: CLUSTERIP: Drop test file,
Phil Sutter
- [PATCH net-next 0/6] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH nft 1/3] evaluate: print error on missing family in nat statement,
Pablo Neira Ayuso
- [PATCH nft] src: use start condition with new destroy command, Pablo Neira Ayuso
- [PATCH nft 1/3] evaluate: infer family from mapping,
Pablo Neira Ayuso
- [nf PATCH] netfilter: Fix regression in ip6t_rpfilter with VRF interfaces,
Phil Sutter
- PROBLEM: nf_conntrack_events autodetect mode invalidates NETLINK_LISTEN_ALL_NSID netlink socket option,
Bryce Kahle
- [PATCH nf v2] netfilter: conntrack: fix rmmod double-free race,
Florian Westphal
- [PATCH nf] netfilter: conntrack: fix rmmod double-free race,
Florian Westphal
- [PATCH] netfilter: fix percpu counter block leak on error path when creating new netns,
Pavel Tikhomirov
- [PATCH] net: netfilter: fix possible refcount leak in ctnetlink_create_conntrack(),
Hangyu Hua
- [lvc-project] [PATCH] netfilter: xt_recent: Fix attempt to update removed entry,
Igor Artemiev
- [RFC nf-next 0/3] bpf, netfilter: minimal support for bpf progs,
Florian Westphal
- [PATCH nf] netfilter: nf_tables: allow to fetch set elements when table has an owner, Pablo Neira Ayuso
- [PATCH nft] optimize: ignore existing nat mapping, Pablo Neira Ayuso
- [PATCH 1/1] iptables_lib.sh: Fix for iptables-translate >= v1.8.9,
Petr Vorel
- [PATCH nft 1/2] rule: add helper function to expand chain rules into commands,
Pablo Neira Ayuso
- [PATCH nft] optimize: select merge criteria based on candidates rules, Pablo Neira Ayuso
- [PATCH nft] rule: expand chain that contains rules, Pablo Neira Ayuso
- [PATCH nft 1/2] optimize: wrap code to build concatenation in helper function,
Pablo Neira Ayuso
- [PATCH net-next] ipvs: avoid kfree_rcu without 2nd arg,
Julian Anastasov
- [PATCH net-next v6 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [PATCH nf-next] netfilter: let reset rules clean out conntrack entries,
Florian Westphal
- [RFC] bpf: add bpf_link support for BPF_NETFILTER programs,
Florian Westphal
- allow user to offload tc action to net device : Question, Martin Zaharinov
- [PATCH nf] netfilter: br_netfilter: disable sabotage_in hook after first suppression,
Florian Westphal
- [PATCH net-next v5 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [iptables PATCH 0/7] Small ebtables-translate review + extras,
Phil Sutter
- [PATCH nf] Revert "netfilter: conntrack: fix bug in for_each_sctp_chunk",
Florian Westphal
- [PATCH net-next] net: Kconfig: fix spellos,
Randy Dunlap
- [PATCH net-next v4 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [PATCH nft] evaluate: set eval ctx for add/update statements with integer constants, Florian Westphal
- [PATCH v4 0/4] sctp conntrack fixes,
Sriram Yagnaraman
- [PATCH net-next] netlink: fix spelling mistake in dump size assert,
Jakub Kicinski
- [PATCH nf-next] netfilter: conntrack: udp: fix seen-reply test,
Florian Westphal
- [PATCH] netfilter: conntrack: remote a return value of the 'seq_print_acct' function.,
Gavrilov Ilia
- Stateless load-balancer, Armen Hovhannisyan
- [PATCH net-next v3 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [PATCH net-next] netfilter: nf_tables: fix wrong pointer passed to PTR_ERR(),
Yang Yingliang
- [PATCH nf,v4 1/2] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection,
Pablo Neira Ayuso
- [PATCH net-next 0/9] Netfilter updates for net-next,
Florian Westphal
- [PATCH net-next 2/9] netfilter: conntrack: remove pr_debug calls, Florian Westphal
- [PATCH net-next 6/9] netfilter: nf_tables: add static key to skip retpoline workarounds, Florian Westphal
- [PATCH net-next 3/9] netfilter: conntrack: avoid reload of ct->status, Florian Westphal
- [PATCH net-next 4/9] netfilter: conntrack: move rcu read lock to nf_conntrack_find_get, Florian Westphal
- [PATCH net-next 5/9] netfilter: ip_tables: remove clusterip target, Florian Westphal
- [PATCH net-next 1/9] netfilter: conntrack: sctp: use nf log infrastructure for invalid packets, Florian Westphal
- [PATCH net-next 7/9] netfilter: nf_tables: avoid retpoline overhead for objref calls, Florian Westphal
- [PATCH net-next 8/9] netfilter: nf_tables: avoid retpoline overhead for some ct expression calls, Florian Westphal
- [PATCH net-next 9/9] netfilter: nf_tables: add support to destroy operation, Florian Westphal
- <Possible follow-ups>
- [PATCH net-next 0/9] Netfilter updates for net-next, Florian Westphal
- [PATCH net-next 0/9] Netfilter updates for net-next, Florian Westphal
- [PATCH net-next 0/9] Netfilter updates for net-next, Florian Westphal
- [PATCH net-next 0/9] Netfilter updates for net-next, Pablo Neira Ayuso
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
