Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH net-next 1/2] netlink: introduce NLA_POLICY_MAX_BE, (continued)
- [PATCH nft v2] json: fix empty statement list output in sets and maps,
Fernando Fernandez Mancera
- [PATCH nft] json: fix empty statement list output in sets and maps, Fernando Fernandez Mancera
- CPE-ID?,
Nick
- [PATCH v4] netlink: Bounds-check struct nlmsgerr creation,
Kees Cook
- [PATCH nft] json: fix json schema version verification,
Fernando Fernandez Mancera
- [PATCH nft] json: add table map statement support,
Fernando Fernandez Mancera
- [PATCH bpf-next 0/4] Introduce bpf_ct_set_nat_info kfunc helper,
Lorenzo Bianconi
- [PATCH nftables] rule: check address family in set collapse,
Derek Hageman
- [PATCH nft v2] json: add set statement list support,
Fernando Fernandez Mancera
- [PATCH v3] netlink: Bounds-check struct nlmsgerr creation,
Kees Cook
- [PATCH net 0/4] netfilter: bug fixes for net,
Florian Westphal
- [PATCH v2] netlink: Bounds-check struct nlmsgerr creation,
Kees Cook
- [PATCH 0/2] netlink: Bounds-check struct nlmsgerr creation,
Kees Cook
- [ANNOUNCE] 17th Netfilter Workshop in Seville, Spain,
Pablo Neira Ayuso
- [PATCH nft] tests/py: missing userdata in netlink payload, Pablo Neira Ayuso
- [PATCH libnftnl] rule, set_elem: remove trailing \n in userdata snprintf, Pablo Neira Ayuso
- [PATCH nft] json: add set statement list support,
Fernando Fernandez Mancera
- [PATCH nf] netfilter: nf_tables: clean up hook list when offload flags check fails, Pablo Neira Ayuso
- [conntrack-tools PATCH] local: Avoid sockaddr_un::sun_path buffer overflow, Phil Sutter
- [PATCH nf-next] netfilter: nf_tables: add ebpf expression,
Florian Westphal
- [PATCH bridge, v3] br_netfilter: Drop dst references before setting.,
Harsh Modi
- [PATCH AUTOSEL 5.15 15/23] netfilter: conntrack: work around exceeded receive window, Sasha Levin
- [PATCH AUTOSEL 5.19 21/33] netfilter: conntrack: work around exceeded receive window, Sasha Levin
- [PATCH nft] src: allow burst 0 for byte ratelimit and use it as default,
Pablo Neira Ayuso
- [PATCH nf,v3] netfilter: remove nf_conntrack_helper sysctl and modparam toggles, Pablo Neira Ayuso
- [nft PATCH] doc: nft.8: Add missing '-T' in synopsis, Phil Sutter
- [nft PATCH] erec: Dump locations' expressions only if set, Phil Sutter
- [PATCH nf,v2] netfilter: remove nf_conntrack_helper sysctl and modparam toggles, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: check offload flags before splicing hook list, Pablo Neira Ayuso
- [syzbot] memory leak in nft_chain_parse_hook, syzbot
- [PATCH v7 00/18] Network support for Landlock,
Konstantin Meskhidze
- [PATCH v7 02/18] landlock: refactor landlock_find_rule/insert_rule, Konstantin Meskhidze
- [PATCH v7 03/18] landlock: refactor merge/inherit_ruleset functions, Konstantin Meskhidze
- [PATCH v7 07/18] landlock: user space API network support, Konstantin Meskhidze
- [PATCH v7 06/18] landlock: refactor landlock_add_rule syscall, Konstantin Meskhidze
- [PATCH v7 01/18] landlock: rename access mask, Konstantin Meskhidze
- [PATCH v7 05/18] landlock: refactor helper functions, Konstantin Meskhidze
- [PATCH v7 04/18] landlock: move helper functions, Konstantin Meskhidze
- [PATCH v7 09/18] landlock: implement TCP network hooks, Konstantin Meskhidze
- [PATCH v7 10/18] seltests/landlock: move helper function, Konstantin Meskhidze
- [PATCH v7 11/18] seltests/landlock: add tests for bind() hooks, Konstantin Meskhidze
- [PATCH v7 14/18] seltests/landlock: add rules overlapping test, Konstantin Meskhidze
- [PATCH v7 13/18] seltests/landlock: add AF_UNSPEC family test, Konstantin Meskhidze
- [PATCH v7 12/18] seltests/landlock: add tests for connect() hooks, Konstantin Meskhidze
- [PATCH v7 08/18] landlock: add network rules support, Konstantin Meskhidze
- [PATCH v7 18/18] landlock: Document Landlock's network support, Konstantin Meskhidze
- [PATCH v7 17/18] samples/landlock: add network demo, Konstantin Meskhidze
- [PATCH v7 15/18] seltests/landlock: add ruleset expanding test, Konstantin Meskhidze
- [PATCH v7 16/18] seltests/landlock: add invalid input data test, Konstantin Meskhidze
- [PATCH nft,v2] optimize: expand implicit set element when merging into concatenation, Pablo Neira Ayuso
- [PATCH 1/4] net-next: frags: move inetpeer from ip4 to inet, Richard Gobert
- [PATCH 4/4] net-next: frags: dynamic timeout under load,
Richard Gobert
- [PATCH 3/4] net-next: frags: add inetpeer frag_mem tracking,
Richard Gobert
- [PATCH 2/4] net-next: ip6: fetch inetpeer in ip6frag_init,
Richard Gobert
- [PATCH 0/4] net-next: frags: add adaptive per-peer timeout under load, Richard Gobert
- [PATCH libnftnl] rule, set_elem: fix printing of user data,
Jeremy Sowden
- [iptables PATCH] nft: Expand extended error reporting to nft_cmd, too, Phil Sutter
- [PATCH v2 nf-next 0/4] netfilter: conntrack: ignore overly delayed tcp packets,
Florian Westphal
- [nft PATCH] doc: nft.8: Extend limit statement's burst value info,
Phil Sutter
- [PATCH nf] netfilter: remove nf_conntrack_helper sysctl toggle,
Pablo Neira Ayuso
- [PATCH 1/2] netfilter: nf_conntrack_irc: Tighten matching on DCC message,
David Leadbeater
- [iptables PATCH] xtables-restore: Extend failure error message, Phil Sutter
- [PATCH AUTOSEL 4.14 3/4] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Sasha Levin
- [PATCH AUTOSEL 4.9 2/3] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Sasha Levin
- [PATCH AUTOSEL 4.19 4/5] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Sasha Levin
- [PATCH AUTOSEL 5.4 6/8] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Sasha Levin
- [PATCH AUTOSEL 5.10 09/11] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Sasha Levin
- [PATCH AUTOSEL 5.15 15/20] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Sasha Levin
- [PATCH AUTOSEL 5.19 31/38] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Sasha Levin
- [PATCH net-next] genetlink: start to validate reserved header bytes,
Jakub Kicinski
- [PATCH net 00/14] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH net 01/14] netfilter: ebtables: reject blobs that don't provide all entry points, Pablo Neira Ayuso
- [PATCH net 02/14] netfilter: conntrack: work around exceeded receive window, Pablo Neira Ayuso
- [PATCH net 03/14] netfilter: nft_tproxy: restrict to prerouting hook, Pablo Neira Ayuso
- [PATCH net 06/14] netfilter: nft_payload: report ERANGE for too long offset and length, Pablo Neira Ayuso
- [PATCH net 05/14] netfilter: nf_tables: make table handle allocation per-netns friendly, Pablo Neira Ayuso
- [PATCH net 07/14] netfilter: nft_payload: do not truncate csum_offset and csum_type, Pablo Neira Ayuso
- [PATCH net 10/14] netfilter: nft_tunnel: restrict it to netdev family, Pablo Neira Ayuso
- [PATCH net 14/14] netfilter: nf_defrag_ipv6: allow nf_conntrack_frag6_high_thresh increases, Pablo Neira Ayuso
- [PATCH net 08/14] netfilter: nf_tables: do not leave chain stats enabled on error, Pablo Neira Ayuso
- [PATCH net 11/14] netfilter: nf_tables: disallow binding to already bound chain, Pablo Neira Ayuso
- [PATCH net 09/14] netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families, Pablo Neira Ayuso
- [PATCH net 04/14] netfilter: nf_tables: disallow updates of implicit chain, Pablo Neira Ayuso
- [PATCH net 13/14] netfilter: flowtable: fix stuck flows on cleanup due to pending work, Pablo Neira Ayuso
- [PATCH net 12/14] netfilter: flowtable: add function to invoke garbage collection immediately, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net 00/14] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 01/14] netfilter: nf_tables: reject invalid set policy, Pablo Neira Ayuso
- [PATCH net 02/14] netfilter: nf_tables: validate .maxattr at expression registration, Pablo Neira Ayuso
- [PATCH net 03/14] netfilter: nf_tables: bail out if stateful expression provides no .clone, Pablo Neira Ayuso
- [PATCH net 04/14] netfilter: nft_limit: do not ignore unsupported flags, Pablo Neira Ayuso
- [PATCH net 06/14] netfilter: nf_queue: remove excess nf_bridge variable, Pablo Neira Ayuso
- [PATCH net 05/14] netfilter: nfnetlink_log: use proper helper for fetching physinif, Pablo Neira Ayuso
- [PATCH net 09/14] netfilter: nf_tables: check if catch-all set element is active in next generation, Pablo Neira Ayuso
- [PATCH net 10/14] netfilter: nf_tables: do not allow mismatch field size and set key length, Pablo Neira Ayuso
- [PATCH net 07/14] netfilter: propagate net to nf_bridge_get_physindev, Pablo Neira Ayuso
- [PATCH net 08/14] netfilter: bridge: replace physindev with physinif in nf_bridge_info, Pablo Neira Ayuso
- [PATCH net 12/14] netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description, Pablo Neira Ayuso
- [PATCH net 11/14] netfilter: nf_tables: skip dead set elements in netlink dump, Pablo Neira Ayuso
- [PATCH net 14/14] netfilter: ipset: fix performance regression in swap operation, Pablo Neira Ayuso
- [PATCH net 13/14] ipvs: avoid stat macros calls from preemptible context, Pablo Neira Ayuso
- [PATCH net 00/14] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 01/14] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash, Pablo Neira Ayuso
- [PATCH net 02/14] netfilter: conntrack: add clash resolution for reverse collisions, Pablo Neira Ayuso
- [PATCH net 03/14] selftests: netfilter: add reverse-clash resolution test case, Pablo Neira Ayuso
- [PATCH net 04/14] selftests: netfilter: nft_tproxy.sh: add tcp tests, Pablo Neira Ayuso
- [PATCH net 06/14] docs: tproxy: ignore non-transparent sockets in iptables, Pablo Neira Ayuso
- [PATCH net 05/14] netfilter: ctnetlink: Guard possible unused functions, Pablo Neira Ayuso
- [PATCH net 07/14] netfilter: nf_tables: Keep deleted flowtable hooks until after RCU, Pablo Neira Ayuso
- [PATCH net 09/14] netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS, Pablo Neira Ayuso
- [PATCH net 08/14] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n, Pablo Neira Ayuso
- [PATCH net 10/14] netfilter: nf_tables: use rcu chain hook list iterator from netlink dump path, Pablo Neira Ayuso
- [PATCH net 11/14] netfilter: nf_tables: missing objects with no memcg accounting, Pablo Neira Ayuso
- [PATCH net 12/14] netfilter: nfnetlink_queue: remove old clash resolution logic, Pablo Neira Ayuso
- [PATCH net 14/14] selftests: netfilter: Avoid hanging ipvs.sh, Pablo Neira Ayuso
- [PATCH net 13/14] kselftest: add test for nfqueue induced conntrack race, Pablo Neira Ayuso
- Re: [PATCH net 00/14] Netfilter fixes for net, Paolo Abeni
- [PATCH nf] netfilter: nf_defrag_ipv6: allow nf_conntrack_frag6_high_thresh increases,
Eric Dumazet
- [PATCH nft] expr: update EXPR_MAX and add missing comments, Florian Westphal
- [PATCH] br_netfilter: Drop dst references before setting.,
Harsh Modi
- [PATCH nf 1/2] netfilter: flowtable: add function to invoke garbage collection immediately,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: disallow binding to already bound chain, Pablo Neira Ayuso
- [PATCH bpf-next v4 0/5] Support direct writes to nf_conn:mark,
Daniel Xu
- [PATCH nf-next] netfilter: remove NFPROTO_DECNET,
Florian Westphal
- [PATCH nf,v3 2/2] netfilter: nft_payload: do not truncate csum_offset and csum_type, Pablo Neira Ayuso
- [PATCH nf 1/3] netfilter: nft_dup: validate family and chains,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: do not leave chain stats enabled on error, Pablo Neira Ayuso
- [PATCH nf,v2 1/2] netfilter: nft_payload: report ERANGE for too long offset and length,
Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nft_dup: validate family and chains, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_dup: validate family and chains,
Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nft_payload: report ERANGE for too long offset and length,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: make table handle allocation per-netns friendly,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: disallow updates of implicit chain, Pablo Neira Ayuso
- [BUG] nft_tproxy: Null pointer dereference on local-send UDP,
Shell Chen
[PATCH] netfilter: ebtables: fix a NULL pointer dereference in ebt_do_table(),
Harshit Mogalapalli
[PATCH bpf-next v3 0/5] Support direct writes to nf_conn:mark,
Daniel Xu
[PATCH 5.10 283/545] netfilter: xtables: Bring SPDX identifier back, Greg Kroah-Hartman
Re: data-race in nf_tables_newtable / nf_tables_newtable,
Florian Westphal
Re: Raw payload matching beyond 2040 bits, Florian Westphal
[PATCH nft v3] src: Don't parse string as verdict in map, Xiao Liang
[PATCH nft v2] src: Don't parse string as verdict in map, Xiao Liang
[PATCH nf] netfilter: conntrack: work around exceeded receive window, Florian Westphal
[PATCH] netfilter: move from strlcpy with unused retval to strscpy,
Wolfram Sang
[PATCH] bridge: move from strlcpy with unused retval to strscpy,
Wolfram Sang
[PATCH nft] src: Don't parse string as verdict in map,
Xiao Liang
[PATCH net 1/1] netfilter: flowtable: Fix use after free after freeing flow table,
Paul Blakey
[PATCH net-next] Remove DECnet support from kernel,
Stephen Hemminger
[PATCH bpf-next v2 4/4] selftests/bpf: Add tests for writing to nf_conn:mark,
Daniel Xu
[PATCH bpf-next v2 2/4] bpf: Add stub for btf_struct_access(),
Daniel Xu
[PATCH bpf-next v2 1/4] bpf: Remove duplicate PTR_TO_BTF_ID RO check,
Daniel Xu
[PATCH bpf-next v2 3/4] bpf: Add support for writing to nf_conn:mark,
Daniel Xu
[PATCH bpf-next v2 0/4] Support direct writes to nf_conn:mark, Daniel Xu
[PATCH net 00/17] netfilter: conntrack and nf_tables bug fixes,
Florian Westphal
- [PATCH net 03/17] netfilter: nf_tables: possible module reference underflow in error path, Florian Westphal
- [PATCH net 05/17] netfilter: nf_ct_h323: cap packet size at 64k, Florian Westphal
- [PATCH net 01/17] netfilter: nf_tables: use READ_ONCE and WRITE_ONCE for shared generation id access, Florian Westphal
- [PATCH net 04/17] netfilter: nf_ct_sane: remove pseudo skb linearization, Florian Westphal
- [PATCH net 02/17] netfilter: nf_tables: disallow NFTA_SET_ELEM_KEY_END with NFT_SET_ELEM_INTERVAL_END flag, Florian Westphal
- [PATCH net 08/17] netfilter: nf_tables: fix scheduling-while-atomic splat, Florian Westphal
- [PATCH net 09/17] netfilter: nfnetlink: re-enable conntrack expectation events, Florian Westphal
- [PATCH net 10/17] netfilter: nf_tables: really skip inactive sets when allocating name, Florian Westphal
- [PATCH net 07/17] netfilter: nf_ct_irc: cap packet search space to 4k, Florian Westphal
- [PATCH net 06/17] netfilter: nf_ct_ftp: prefer skb_linearize, Florian Westphal
- [PATCH net 11/17] netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag, Florian Westphal
- [PATCH net 12/17] netfilter: nf_tables: NFTA_SET_ELEM_KEY_END requires concat and interval flags, Florian Westphal
- [PATCH net 13/17] netfilter: nf_tables: disallow NFT_SET_ELEM_CATCHALL and NFT_SET_ELEM_INTERVAL_END, Florian Westphal
- [PATCH net 14/17] netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specified, Florian Westphal
- [PATCH net 15/17] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y, Florian Westphal
- [PATCH net 17/17] testing: selftests: nft_flowtable.sh: rework test to detect offload failure, Florian Westphal
- [PATCH net 16/17] testing: selftests: nft_flowtable.sh: use random netns names, Florian Westphal
[PATCH nf 0/2] testing: selftests: nft_flowtable.sh: unbreak test script,
Florian Westphal
[PATCH 5.19 0617/1157] netfilter: xtables: Bring SPDX identifier back, Greg Kroah-Hartman
[PATCH 5.18 0573/1095] netfilter: xtables: Bring SPDX identifier back, Greg Kroah-Hartman
[PATCH bpf-next 0/3] Support direct writes to nf_conn:mark,
Daniel Xu
[PATCH 5.15 418/779] netfilter: xtables: Bring SPDX identifier back, Greg Kroah-Hartman
[PATCH nf,v2] netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specified, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specified, Pablo Neira Ayuso
[PATCH nf,v4 2/2] netfilter: nf_tables: NFTA_SET_ELEM_KEY_END requires concat and interval flags, Pablo Neira Ayuso
[PATCH] netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y,
Geert Uytterhoeven
[PATCH nf,v3 2/2] netfilter: nf_tables: NFTA_SET_ELEM_KEY_END requires concat and interval flags, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: disallow NFT_SET_ELEM_CATCHALL and NFT_SET_ELEM_INTERVAL_END, Pablo Neira Ayuso
[PATCH nf,v2 2/2] netfilter: nf_tables: NFTA_SET_ELEM_KEY_END requires concat and interval flags, Pablo Neira Ayuso
Re: [PATCH net 1/3] netfilter: nf_conntrack_tcp: re-init for syn packets only,
Thomas Backlund
[PATCH nf 1/2] netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag,
Pablo Neira Ayuso
[RFC PATCH nf-next] netfilter: ipvs: Divide estimators into groups,
Jiri Wiesner
[PATCH bpf-next v4 0/3] Add more bpf_*_ct_lookup() selftests,
Daniel Xu
[PATCH] ipset-translate: allow invoking with a path name,
Quentin Armitage
[PATCH nf] netfilter: nf_tables: fix scheduling-while-atomic splat,
Florian Westphal
[PATCH nft] tests: shell: check for a tainted kernel, Florian Westphal
Re: Upgrading iptables firewall on Red Hat Enterprise Linux 9.0,
Phil Sutter
[PATCH nft] evaluate: allow implicit ether -> vlan dep, Florian Westphal
Re: [PATCH bpf-next v3 0/3] Add more bpf_*_ct_lookup() selftests,
Kumar Kartikeya Dwivedi
[PATCH nft 0/2] --optimize fixes,
Pablo Neira Ayuso
[ANNOUNCE] nftables 1.0.5 release,
Pablo Neira Ayuso
[ANNOUNCE] libnftnl 1.2.3 release, Pablo Neira Ayuso
[PATCH 1/3] netfilter: nf_tables: do not allow SET_ID to refer to another table,
Thadeu Lima de Souza Cascardo
[PATCH nf] netfilter: nf_tables: fix null deref due to zeroed list head,
Florian Westphal
[PATCH] netfilter: nf_tables: possible module reference underflow in error path,
Pablo Neira Ayuso
[PATCH nf 0/4] netfilter: conntrack: remove 64kb max size assumptions,
Florian Westphal
[PATCH nf] netfilter: nf_tables: disallow NFTA_SET_ELEM_KEY_END with NFT_SET_ELEM_INTERVAL_END flag, Pablo Neira Ayuso
[PATCH] netfilter: nf_tables: use READ_ONCE and WRITE_ONCE for shared generation id access, Pablo Neira Ayuso
[PATCH nf,v4] netfilter: nf_tables: validate variable length element extension,
Pablo Neira Ayuso
[PATCH] tests/py: disable arp family for queue statement, Pablo Neira Ayuso
[PATCH nftables] meta: don't use non-POSIX formats in strptime(),
Jo-Philipp Wich
[PATCH libmnl v3 1/2] libmnl: update attribute function comments to use \return,
Jacob Keller
[PATCH nf,v2 1/2] netfilter: nf_tables: upfront validation of data via nft_data_init(),
Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: upfront validation of data via nft_data_init(), Pablo Neira Ayuso
[PATCH nf,v3] netfilter: nf_tables: validate variable length element extension, Pablo Neira Ayuso
[net] 2638eb8b50: WARNING:suspicious_RCU_usage, kernel test robot
[RESEND (v2) PATCH] netfilter: Fix a typo in a comment,
Christophe JAILLET
[RESEND PATCH] netfilter: Fix a typo in a comment, Christophe JAILLET
[PATCH libmnl v2 1/2] libmnl: update attribute function comments to use \return,
Jacob Keller
[PATCH nf] netfilter: nfnetlink: re-enable conntrack expectation events,
Florian Westphal
[PATCH libnetfilter_queue] build: doc: Update build_man.sh to find bash in PATH, Duncan Roe
[PATCH nf,v2] netfilter: nf_tables: validate variable length element extension, Pablo Neira Ayuso
[PATCH libmnl] libmnl: add support for signed types,
Jacob Keller
[PATCH nf] netfilter: flowtable: fix incorrect Kconfig dependencies, Pablo Neira Ayuso
[PATCH libmnl 0/6] Doxygen Build Improvements,
Jeremy Sowden
[syzbot] general protection fault in br_nf_pre_routing_finish (2), syzbot
[PATCH iptables] tests: add ebtables among testcase, Florian Westphal
[PATCH iptables] nft: fix ebtables among match when mac+ip addresses are used, Florian Westphal
[PATCH nft,v3] parser_json: fix device parsing in netdev family, Pablo Neira Ayuso
[PATCH nft,v2] parser_json: fix device parsing in netdev family, Pablo Neira Ayuso
[PATCH nf-next v2] netfilter: nf_flow_table: delay teardown the offload flow until fin packet recv from both direction, wenxu
iptables v1.6.2 EOS date,
Nicolas MAFFRE
[PATCH AUTOSEL 4.19 3/4] netfilter: nf_tables: add rescheduling points during loop detection walks, Sasha Levin
[PATCH AUTOSEL 5.4 5/6] netfilter: nf_tables: add rescheduling points during loop detection walks, Sasha Levin
[PATCH AUTOSEL 5.10 6/7] netfilter: nf_tables: add rescheduling points during loop detection walks, Sasha Levin
[PATCH AUTOSEL 5.15 7/8] netfilter: nf_tables: add rescheduling points during loop detection walks, Sasha Levin
[PATCH AUTOSEL 5.18 09/10] netfilter: nft_queue: only allow supported familes and hooks, Sasha Levin
[PATCH AUTOSEL 5.18 08/10] netfilter: nf_tables: add rescheduling points during loop detection walks, Sasha Levin
[PATCH libmnl] build: doc: refer to bash as bash, not /bin/bash,
Mark Mentovai
[PATCH nf 0/2] netfilter: nf_tables: fix nf_trace related crash,
Florian Westphal
[PATCH nft] parser_json: fix device parsing in netdev family, Pablo Neira Ayuso
[PATCH nft v2 0/8] really handle stacked l2 headers,
Florian Westphal
- [PATCH nft v2 1/8] netlink_delinearize: allow postprocessing on concatenated elements, Florian Westphal
- [PATCH nft v2 2/8] netlink_delinearize: postprocess binary ands in concatenations, Florian Westphal
- [PATCH nft v2 3/8] proto: track full stack of seen l2 protocols, not just cumulative offset, Florian Westphal
- [PATCH nft v2 4/8] debug: dump the l2 protocol stack, Florian Westphal
- [PATCH nft v2 5/8] tests: add a test case for ether and vlan listing, Florian Westphal
- [PATCH nft v2 6/8] netlink_delinearize: also postprocess OP_AND in set element context, Florian Westphal
- [PATCH nft v2 7/8] evaluate: search stacked header list for matching payload dep, Florian Westphal
- [PATCH nft v2 8/8] src: allow anon set concatenation with ether and vlan, Florian Westphal
- Re: [PATCH nft v2 0/8] really handle stacked l2 headers, Pablo Neira Ayuso
[PATCH] ebtables: add "allstatic" build target, Justin Swartz
[RFC] Remove DECNET support from kernel,
Stephen Hemminger
[PATCH libnftnl RFC 1/3] src: add string API support,
Pablo Neira Ayuso
[PATCH RFC 1/3] src: add string API support, Pablo Neira Ayuso
[PATCH RFC 0/3] nf_tables string match support,
Pablo Neira Ayuso
[iptables PATCH 1/3] tests: shell: Fix testcases for changed ip6tables opts output,
Phil Sutter
[PATCH nft 0/7] really handle stacked l2 headers,
Florian Westphal
[PATCH v2 nf] netfilter: nft_queue: only allow supported familes and hooks, Florian Westphal
[PATCH nf] netfilter: nf_tables: add rescheduling points during loop detection walks,
Florian Westphal
[PATCH nf] netfilter: nft_queue: only allow supported families,
Florian Westphal
[PATCH nf] netfilter: nf_queue: do not allow packet truncation below transport header offset,
Florian Westphal
[PATCH nf-next] netfilter: nf_flow_table: delay teardown the offload flow until fin packet recv from both direction,
wenxu
[PATCH bpf-next] net: netfilter: Remove ifdefs for code shared by BPF and ctnetlink,
Kumar Kartikeya Dwivedi
A probable bug in nftables doc, Eve Adam
iptables 1.8.8 misses -j CT calls,
Jan Engelhardt
[PATCH bpf-next v7 00/13] New nf_conntrack kfuncs for insertion, changing timeout, status,
Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 04/13] bpf: Add support for forcing kfunc args to be trusted, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 09/13] net: netfilter: Add kfuncs to set and change CT status, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 03/13] bpf: Switch to new kfunc flags infrastructure, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 01/13] bpf: Introduce 8-byte BTF set, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 07/13] net: netfilter: Add kfuncs to allocate and insert CT, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 06/13] net: netfilter: Deduplicate code in bpf_{xdp,skb}_ct_lookup, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 05/13] bpf: Add documentation for kfuncs, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 02/13] tools/resolve_btfids: Add support for 8-byte BTF sets, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 08/13] net: netfilter: Add kfuncs to set and change CT timeout, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 10/13] selftests/bpf: Add verifier tests for trusted kfunc args, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 11/13] selftests/bpf: Add tests for new nf_conntrack kfuncs, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 13/13] selftests/bpf: Fix test_verifier failed test in unprivileged mode, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v7 12/13] selftests/bpf: Add negative tests for new nf_conntrack kfuncs, Kumar Kartikeya Dwivedi
- Re: [PATCH bpf-next v7 00/13] New nf_conntrack kfuncs for insertion, changing timeout, status, Zvi Effron
- Re: [PATCH bpf-next v7 00/13] New nf_conntrack kfuncs for insertion, changing timeout, status, patchwork-bot+netdevbpf
[PATCH nf-next 00/18] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH nf-next 01/18] netfilter: conntrack: use fallthrough to cleanup, Pablo Neira Ayuso
- [PATCH nf-next 04/18] netfilter: nf_flow_table: count pending offload workqueue tasks, Pablo Neira Ayuso
- [PATCH nf-next 06/18] netfilter: nf_conntrack: use rcu accessors where needed, Pablo Neira Ayuso
- [PATCH nf-next 05/18] netfilter: nf_conntrack: add missing __rcu annotations, Pablo Neira Ayuso
- [PATCH nf-next 08/18] netfilter: nft_set_bitmap: Fix spelling mistake, Pablo Neira Ayuso
- [PATCH nf-next 02/18] netfilter: conntrack: use correct format characters, Pablo Neira Ayuso
- [PATCH nf-next 07/18] netfilter: h323: merge nat hook pointers into one, Pablo Neira Ayuso
- [PATCH nf-next 03/18] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table, Pablo Neira Ayuso
- [PATCH nf-next 10/18] netfilter: x_tables: use correct integer types, Pablo Neira Ayuso
- [PATCH nf-next 09/18] netfilter: nfnetlink: add missing __be16 cast, Pablo Neira Ayuso
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
