Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH net,v2] uapi: linux: restore IPPROTO_MAX to 256 and add IPPROTO_UAPI_MAX, (continued)
- [PATCH] netfilter: nf_tables: Modify nla_memdup's flag to GFP_KERNEL_ACCOUNT,
Chen Aotian
- [PATCH bpf-next 0/6] bpf: add netfilter program type,
Florian Westphal
- [PATCH nft,v2 4/4] optimize: support for redirect and masquerade,
Pablo Neira Ayuso
- [iptables PATCH] tests: shell: Test for false-positive rule check,
Phil Sutter
- [PATCH nft 0/4] revisit NAT redirect support,
Pablo Neira Ayuso
- [PATCH iptables 1/2] include: update nf_tables uapi header,
Florian Westphal
- [PATCH iptables] ip6tables: Fix checking existence of rule,
Markus Boehme
- [PATCH nf] netfilter: br_netfilter: fix recent physdev match breakage,
Florian Westphal
- [PATCH iptables v2] build: use pkg-config for libpcap,
Alyssa Ross
- [PATCH] udp:nat:vxlan tx after nat should recsum if vxlan tx offload on,
Fei Cheng
- [PATCH iptables] build: use pkg-config for libpcap,
Alyssa Ross
- [PATCH net-next 0/4] netfilter updates for net-next,
Florian Westphal
- [RFC PATCH v2] nft: autocomplete for libreadline, Sriram Yagnaraman
- [RFC PATCH] nft: autocomplete for libreadline,
Sriram Yagnaraman
- [PATCH nf-next] netfilter: Correct documentation errors in nf_tables.h, Matthieu De Beule
- [PATCH nf-next] netfilter: nfnetlink_log: remove rcu_bh usage, Florian Westphal
- [nft PATCH] xt: Fix translation error path,
Phil Sutter
- RE: iptables patch,
Kevin Peeters
- [PATCH v5] netfilter: nfnetlink_queue: enable classid socket info retrieval, Eric Sage
- [PATCH nft] intervals: use expression location when translating to intervals, Pablo Neira Ayuso
- [lvc-project] [PATCH] netfilter: nfnetlink: NULL-check skb->dev in __build_packet_message(),
Igor Artemiev
- [PATCH v4] netfilter: nfnetlink_queue: enable classid socket info retrieval,
Eric Sage
- [PATCH nf-next v3 0/4] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH v3] netfilter: nfnetlink_queue: enable classid socket info retrieval,
Eric Sage
- [PATCH nft] payload: set byteorder when completing expression,
Pablo Neira Ayuso
- [PATCH v2] netfilter: nfnetlink_queue: enable classid socket info retrieval,
Eric Sage
- [PATCH nft,v3 00/12] mark statement support for non-constant expression,
Pablo Neira Ayuso
- [PATCH nft,v3 01/12] netlink_delinearize: correct type and byte-order of shifts, Pablo Neira Ayuso
- [PATCH nft,v3 03/12] evaluate: don't eval unary arguments, Pablo Neira Ayuso
- [PATCH nft,v3 05/12] evaluate: set up integer type to shift expression, Pablo Neira Ayuso
- [PATCH nft,v3 06/12] evaluate: honor statement length in integer evaluation, Pablo Neira Ayuso
- [PATCH nft,v3 08/12] netlink_delinerize: incorrect byteorder in mark statement listing, Pablo Neira Ayuso
- [PATCH nft,v3 02/12] evaluate: support shifts larger than the width of the left operand, Pablo Neira Ayuso
- [PATCH nft,v3 07/12] evaluate: honor statement length in bitwise evaluation, Pablo Neira Ayuso
- [PATCH nft,v3 10/12] tests: shell: rename and move bitwise test-cases, Pablo Neira Ayuso
- [PATCH nft,v3 04/12] evaluate: relax type-checking for integer arguments in mark statements, Pablo Neira Ayuso
- [PATCH nft,v3 09/12] tests: py: add test-cases for ct and packet mark payload expressions, Pablo Neira Ayuso
- [PATCH nft,v3 12/12] tests: py: extend test-cases for mark statements with bitwise expressions, Pablo Neira Ayuso
- [PATCH nft,v3 11/12] tests: shell: add test-cases for ct and packet mark payload expressions, Pablo Neira Ayuso
- [PATCH v10 00/13] Network support for Landlock,
Konstantin Meskhidze
- [PATCH v10 01/13] landlock: Make ruleset's access masks more generic, Konstantin Meskhidze
- [PATCH v10 02/13] landlock: Allow filesystem layout changes for domains without such rule type, Konstantin Meskhidze
- [PATCH v10 04/13] landlock: Refactor landlock_find_rule/insert_rule, Konstantin Meskhidze
- [PATCH v10 03/13] landlock: Remove unnecessary inlining, Konstantin Meskhidze
- [PATCH v10 05/13] landlock: Refactor merge/inherit_ruleset functions, Konstantin Meskhidze
- [PATCH v10 06/13] landlock: Move and rename layer helpers, Konstantin Meskhidze
- [PATCH v10 07/13] landlock: Refactor layer helpers, Konstantin Meskhidze
- [PATCH v10 08/13] landlock: Refactor landlock_add_rule() syscall, Konstantin Meskhidze
- [PATCH v10 10/13] selftests/landlock: Share enforce_ruleset(), Konstantin Meskhidze
- [PATCH v10 12/13] samples/landlock: Add network demo, Konstantin Meskhidze
- [PATCH v10 09/13] landlock: Add network rules and TCP hooks support, Konstantin Meskhidze
- [PATCH v10 11/13] selftests/landlock: Add 10 new test suites dedicated to network, Konstantin Meskhidze
- [PATCH v10 13/13] landlock: Document Landlock's network support, Konstantin Meskhidze
- [PATCH] netfilter: nfnetlink_queue: enable classid socket info retrieval,
eric_sage
- [PATCH nft,v2 0/8] mark statement support for non-constant expression,
Pablo Neira Ayuso
- [PATCH nft,v2 3/8] evaluate: don't eval unary arguments, Pablo Neira Ayuso
- [PATCH nft,v2 4/8] evaluate: get length from statement instead of lhs expression, Pablo Neira Ayuso
- [PATCH nft,v2 2/8] evaluate: support shifts larger than the width of the left operand, Pablo Neira Ayuso
- [PATCH nft,v2 1/8] netlink_delinearize: correct type and byte-order of shifts, Pablo Neira Ayuso
- [PATCH nft,v2 5/8] evaluate: relax type-checking for integer arguments in mark statements, Pablo Neira Ayuso
- [PATCH nft,v2 8/8] tests: shell: add test-cases for ct and packet mark payload expressions, Pablo Neira Ayuso
- [PATCH nft,v2 6/8] tests: py: add test-cases for ct and packet mark payload expressions, Pablo Neira Ayuso
- [PATCH nft,v2 7/8] tests: shell: rename and move bitwise test-cases, Pablo Neira Ayuso
- [PATCH nf-next 1/1] netfilter: ctnetlink: Support offloaded conntrack entry deletion,
Paul Blakey
- [PATCH] net : netfilter: Keep conntrack reference until IPsecv6 policy checks are done, Madhu Koriginja
- [PATCH net-next 1/1] netfilter: ctnetlink: Support offloaded conntrack entry deletion,
Paul Blakey
- [nft PATCH 1/2] Reduce signature of do_list_table(),
Phil Sutter
- [PATCH v5] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH nft 0/9] mark statement support for non-constant expression,
Pablo Neira Ayuso
- [PATCH nf-next] xtables: move icmp/icmpv6 logic to xt_tcpudp, Florian Westphal
- [PATCH nf-next] netfilter: xtables: disable 32bit compat interface by default, Florian Westphal
- [PATCH ulogd2 v3 0/2] pcap: prevent crashes when output `FILE *` is null,
Jeremy Sowden
- Re: [PATCH net-next] net: netfilter: Keep conntrack reference until IPsecv6 policy checks are done, Florian Westphal
- [PATCH nf-next v2 0/2] NF NAT deduplication refactoring,
Jeremy Sowden
- [PATCH nft] meta: don't crash if meta key isn't known, Florian Westphal
- [PATCH nft,v3] parser_bison: simplify reset syntax,
Pablo Neira Ayuso
- [PATCH nft,v2] parser_bison: simplify reset syntax,
Pablo Neira Ayuso
- [PATCH nft] parser_bison: simplify reset syntax,
Pablo Neira Ayuso
- [PATCH] Correct documentation errors in nf_tables.h,
Matthieu De Beule
- [PATCH nft] Revert "evaluate: relax type-checking for integer arguments in mark statements", Pablo Neira Ayuso
- [ANNOUNCE] nftables 1.0.7 release, Pablo Neira Ayuso
- [PATCH nf-next 0/3] NF NAT deduplication refactoring,
Jeremy Sowden
- [PATCH nftables] src: fix a couple of typo's in comments, Jeremy Sowden
- [PATCH nf-next] netfilter: nft_exthdr: add boolean DCCP option matching,
Jeremy Sowden
- [PATCH nftables] exthdr: add boolean DCCP option matching,
Jeremy Sowden
- [PATCH nft] cmd: move command functions to src/cmd.c, Pablo Neira Ayuso
- [PATCH nft] src: improve error reporting for unsupported chain type,
Pablo Neira Ayuso
- [ipset PATCH] tests: hash:ip,port.t: Replace VRRP by GRE protocol,
Phil Sutter
- [nft PATCH v2] Reject invalid chain priority values in user space,
Phil Sutter
- [nft PATCH] Reject invalid chain priority values in user space,
Phil Sutter
- [ANNOUNCE] libnftnl 1.2.5 release,
Pablo Neira Ayuso
- [nft PATCH] doc: nft.8: Document lower priority limit for nat type chains,
Phil Sutter
- [nft PATCH] xt: Fix fallback printing for extensions matching keywords,
Phil Sutter
- [PATCH v2] ulogd2: Avoid use after free in unregister on global ulogd_fds linked list,
Kyuwon Shim
- [PATCH nf-next v2 0/9] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nf-next v2 2/9] netfilter: nat: fix indentation of function arguments, Jeremy Sowden
- [PATCH nf-next v2 6/9] netfilter: nft_masq: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 9/9] netfilter: nft_redir: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 5/9] netfilter: nft_masq: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next v2 8/9] netfilter: nft_redir: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next v2 3/9] netfilter: nat: extend core support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 4/9] netfilter: nft_nat: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next v2 7/9] netfilter: nf_nat_redirect: use `struct nf_nat_range2` in ipv4 API, Jeremy Sowden
- [PATCH nf-next v2 1/9] netfilter: conntrack: fix typo, Jeremy Sowden
- Re: [PATCH nf-next v2 0/9] Support for shifted port-ranges in NAT, Florian Westphal
- [PATCH nf 0/4] NAT fixes,
Jeremy Sowden
- [PATCHv2 nf-next 0/6] netfilter: handle ipv6 jumbo packets properly for bridge ovs and tc,
Xin Long
- [ipset PATCH 0/4] Some testsuite improvements,
Phil Sutter
- [PATCH net] netfilter: conntrack:,
Eric Dumazet
- [PATCH nf-next 00/13] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nf-next 06/13] netfilter: nft_masq: correct length for loading protocol registers, Jeremy Sowden
- [PATCH nf-next 03/13] netfilter: nat: extend core support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next 07/13] netfilter: nft_masq: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next 02/13] netfilter: nat: fix indentation of function arguments, Jeremy Sowden
- [PATCH nf-next 09/13] netfilter: nft_redir: correct value of inet type `.maxattrs`, Jeremy Sowden
- [PATCH nf-next 04/13] netfilter: nft_nat: correct length for loading protocol registers, Jeremy Sowden
- [PATCH nf-next 01/13] netfilter: conntrack: fix typo, Jeremy Sowden
- [PATCH nf-next 08/13] netfilter: nft_masq: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next 05/13] netfilter: nft_nat: add support for shifted port-ranges, Jeremy Sowden
- [PATCH nf-next 12/13] netfilter: nft_redir: deduplicate eval call-backs, Jeremy Sowden
- [PATCH nf-next 10/13] netfilter: nf_nat_redirect: use `struct nf_nat_range2` in ipv4 API, Jeremy Sowden
- [PATCH nf-next 11/13] netfilter: nft_redir: correct length for loading protocol registers, Jeremy Sowden
- [PATCH nf-next 13/13] netfilter: nft_redir: add support for shifted port-ranges, Jeremy Sowden
- Re: [PATCH nf-next 00/13] Support for shifted port-ranges in NAT, Florian Westphal
- [PATCH libnftnl 0/3] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nftables 0/8] Support for shifted port-ranges in NAT,
Jeremy Sowden
- [PATCH nf-next 0/6] netfilter: handle ipv6 jumbo packets properly for bridge ovs and tc,
Xin Long
- [PATCH nf] netfilter: tproxy: fix deadlock due to missing BH disable,
Florian Westphal
- [PATCH v2] netfilter: ctnetlink: revert to dumping mark regardless of event type,
Ivan Delalande
- [PATCH RFC v2 bpf-next 0/3] bpf: add netfilter program type,
Florian Westphal
- CPU soft lockup in a spin lock using tproxy and nfqueue,
Major Dávid
- Re: Bug report DNAT destination not work,
Florian Westphal
- [PATCH] netfilter: ctnetlink: revert to dumping mark regardless of event type,
Ivan Delalande
- [PATCH nft 1/2] cache: fetch more objects when resetting rule,
Pablo Neira Ayuso
- [PATCH nft] parser_bison: allow to use quota in sets, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_quota: copy content when cloning expression, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_last: copy content when cloning expression, Pablo Neira Ayuso
- [iptables PATCH] nft-restore: Fix for deletion of new, referenced rule,
Phil Sutter
- [PATCH nft,v2] src: add last statement, Pablo Neira Ayuso
- [PATCH nft,v3] evaluate: expand value to range when nat mapping contains intervals, Pablo Neira Ayuso
- [PATCH v4] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH nft,v2] evaluate: expand value to range when nat mapping contains intervals, Pablo Neira Ayuso
- [PATCH nf] selftests: nft_nat: ensuring the listening side is up before starting the client,
Hangbin Liu
- [PATCH v3] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH AUTOSEL 5.15 22/36] netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj(), Sasha Levin
- [PATCH AUTOSEL 6.1 28/49] netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj(), Sasha Levin
- [PATCH AUTOSEL 6.2 30/53] netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj(), Sasha Levin
- [PATCH v2] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH libnftnl] expr: meta: introduce broute meta expression,
Sriram Yagnaraman
- [PATCH nft v3] meta: introduce broute expression, Sriram Yagnaraman
- [PATCH] netfilter: nf_flow_table: count offloaded flows,
Sven Auhagen
- [PATCH nft 1/2,v2] tests: shell: cover rule insertion by index,
Pablo Neira Ayuso
- [PATCH nft v2] meta: introduce broute expression,
Sriram Yagnaraman
- [PATCH nf-next v2] netfilter: bridge: introduce broute meta statement,
Sriram Yagnaraman
- [PATCH nft 1/2] tests: shell: cover rule insertion by index,
Pablo Neira Ayuso
- [PATCH nft] meta: introduce broute expression,
Sriram Yagnaraman
- [PATCH nf-next] netfilter: bridge: introduce broute meta statement,
Sriram Yagnaraman
- [PATCH nft] evaluate: expand value to range in nat mapping with intervals, Pablo Neira Ayuso
- [ipset PATCH 0/2] Two minor code fixes,
Phil Sutter
- [iptables PATCH] include: Add missing linux/netfilter/xt_LOG.h,
Phil Sutter
- [PATCH nft] parser_bison: missing close scope in destroy start condition, Pablo Neira Ayuso
- [RFC nf-next PATCH] netfilter: nft: introduce broute chain type,
Sriram Yagnaraman
- [PATCH v2] [iptables] include: netfilter: add xt_LOG.h to fix an include error on Linux < 3.4, Thomas Devoogdt
- [PATCH nft] py: replace distutils with setuptools, Jose M. Guisado Gomez
- [PATCH net 0/8] Netfilterf fixes for net,
Pablo Neira Ayuso
- [PATCH] [iptables] extensions: libxt_LOG.c: fix linux/netfilter/xt_LOG.h include on Linux < 3.4,
Thomas Devoogdt
- Kernel panic in nf_send_reset6() path, Thomas S.
- [nft PATCH] netlink_delinearize: Sanitize concat data element decoding,
Phil Sutter
- [PATCH iptables] xt_sctp: add the missing chunk types in sctp_help,
Xin Long
- [PATCH nf] netfilter: ctnetlink: make event listener tracking global,
Florian Westphal
- [PATCH nf] netfilter: use skb len to match in length_mt6,
Xin Long
- [PATCH nf] ebtables: fix table blob use-after-free,
Florian Westphal
- [syzbot] [bridge?] [coreteam?] KASAN: vmalloc-out-of-bounds Read in __ebt_unregister_table, syzbot
- [iptables PATCH 1/6] extensions: libebt_redirect: Fix target translation,
Phil Sutter
- [iptables PATCH 1/2] tests: xlate: Properly split input in replay mode,
Phil Sutter
- [iptables PATCH 1/3] nft-shared: Lookup matches in iptables_command_state,
Phil Sutter
- [iptables PATCH] tests: CLUSTERIP: Drop test file,
Phil Sutter
- [PATCH net-next 0/6] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH nft 1/3] evaluate: print error on missing family in nat statement,
Pablo Neira Ayuso
- [PATCH nft] src: use start condition with new destroy command, Pablo Neira Ayuso
- [PATCH nft 1/3] evaluate: infer family from mapping,
Pablo Neira Ayuso
- [nf PATCH] netfilter: Fix regression in ip6t_rpfilter with VRF interfaces,
Phil Sutter
- PROBLEM: nf_conntrack_events autodetect mode invalidates NETLINK_LISTEN_ALL_NSID netlink socket option,
Bryce Kahle
- [PATCH nf v2] netfilter: conntrack: fix rmmod double-free race,
Florian Westphal
- [PATCH nf] netfilter: conntrack: fix rmmod double-free race,
Florian Westphal
- [PATCH] netfilter: fix percpu counter block leak on error path when creating new netns,
Pavel Tikhomirov
- [PATCH] net: netfilter: fix possible refcount leak in ctnetlink_create_conntrack(),
Hangyu Hua
- [lvc-project] [PATCH] netfilter: xt_recent: Fix attempt to update removed entry,
Igor Artemiev
- [RFC nf-next 0/3] bpf, netfilter: minimal support for bpf progs,
Florian Westphal
- [PATCH nf] netfilter: nf_tables: allow to fetch set elements when table has an owner, Pablo Neira Ayuso
- [PATCH nft] optimize: ignore existing nat mapping, Pablo Neira Ayuso
- [PATCH 1/1] iptables_lib.sh: Fix for iptables-translate >= v1.8.9,
Petr Vorel
- [PATCH nft 1/2] rule: add helper function to expand chain rules into commands,
Pablo Neira Ayuso
- [PATCH nft] optimize: select merge criteria based on candidates rules, Pablo Neira Ayuso
- [PATCH nft] rule: expand chain that contains rules, Pablo Neira Ayuso
- [PATCH nft 1/2] optimize: wrap code to build concatenation in helper function,
Pablo Neira Ayuso
- [PATCH net-next] ipvs: avoid kfree_rcu without 2nd arg,
Julian Anastasov
- [PATCH net-next v6 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
- [PATCH nf-next] netfilter: let reset rules clean out conntrack entries,
Florian Westphal
- [RFC] bpf: add bpf_link support for BPF_NETFILTER programs,
Florian Westphal
- allow user to offload tc action to net device : Question, Martin Zaharinov
- [PATCH nf] netfilter: br_netfilter: disable sabotage_in hook after first suppression,
Florian Westphal
- [PATCH net-next v5 0/7] Allow offloading of UDP NEW connections via act_ct,
Vlad Buslov
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
