Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH libnftnl] src: add dynamic register allocation infrastructure, (continued)
- [PATCH nft 0/3] nftables: add support for wildcard interfaces,
Florian Westphal
- [PATCH nf-next] selftests: netfilter: flowtable vlan filtering bridge support, wenxu
- Minor issue in iptables(8) man page,
Steve Brecher
- [PATCH v2 nf] netfilter: nft_socket: only do sk lookups when indev is available,
Florian Westphal
- [PATCH nf] netfilter: nft_socket: only do sk lookup when indev is available,
Florian Westphal
- [PATCH nf] netfilter: nft_socket: allow socket expression from prerouting and input only, Pablo Neira Ayuso
- [PATCH net] netfilter: conn: fix udp offload timeout sysctl,
Volodymyr Mytnyk
- [PATCH] nf_flowtable: nft_flow_route use more data for reverse route,
Sven Auhagen
- LPC 2022 Networking and BPF Track CFP,
Daniel Borkmann
- [PATCH nft] src: fix always-true assertions,
Florian Westphal
- [PATCH 1/1] configure: add an option to compile the examples,
Dario Binacchi
- [PATCH nf-next 0/4] netfilter: conntrack: avoid eache extension allocation,
Florian Westphal
- [PATCH nf] netfilter: nf_conntrack_tcp: re-init for syn packets only,
Florian Westphal
- [PATCH nf-next] netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*(), Pablo Neira Ayuso
- [PATCH] nf_flowtable: ensure dst.dev is not blackhole,
Ritaro Takenaka
- [PATCH iptables 0/7] support for dynamic register allocation,
Pablo Neira Ayuso
- [PATCH] socket gid and socket uid, Topi Miettinen
- [PATCH] netfilter: nft_socket: socket expressions for GID & UID,
Topi Miettinen
- [PATCH v1] netfilter: Remove the empty file, clement wei
- [PATCH nf v2 0/2] netfilter: Fix/update mangled packet re-routing within VRF domains,
Martin Willi
- [PATCH v35 16/29] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v35 15/29] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v35 18/29] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v35 09/29] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v35 08/29] LSM: Use lsmblob in security_secctx_to_secid,
Casey Schaufler
- [PATCH nft] intervals: set on EXPR_F_KERNEL flag for new elements in set cache, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion,
Pablo Neira Ayuso
- [PATCH nft 0/2] allow base integer type in concatenation,
Florian Westphal
- [PATCH nft,v2 1/3] intervals: add elements with EXPR_F_KERNEL to purge list only,
Pablo Neira Ayuso
- [PATCH nft 1/2] intervals: add elements with EXPR_F_KERNEL to purge list only,
Pablo Neira Ayuso
- [nft PATCH] intervals: Simplify element sanity checks,
Phil Sutter
- [PATCH nft] intervals: remove check for EXPR_F_REMOVE in remove_element(), Pablo Neira Ayuso
- [PATCH nft] intervals: unset EXPR_F_KERNEL for adjusted elements, Pablo Neira Ayuso
- [PATCH nft,v6 0/8] revisit overlap/automerge codebase,
Pablo Neira Ayuso
- [PATCH nft,v6 1/8] src: add EXPR_F_KERNEL to identify expression in the kernel, Pablo Neira Ayuso
- [PATCH nft,v6 4/8] mnl: update mnl_nft_setelem_del() to allow for more reuse, Pablo Neira Ayuso
- [PATCH nft,v6 2/8] src: replace interval segment tree overlap and automerge, Pablo Neira Ayuso
- [PATCH nft,v6 6/8] evaluate: allow for zero length ranges, Pablo Neira Ayuso
- [PATCH nft,v6 5/8] intervals: add support to automerge with kernel elements, Pablo Neira Ayuso
- [PATCH nft,v6 8/8] src: restore interval sets work with string datatypes, Pablo Neira Ayuso
- [PATCH nft,v6 7/8] intervals: support to partial deletion with automerge, Pablo Neira Ayuso
- [PATCH nft,v6 3/8] src: remove rbtree datastructure, Pablo Neira Ayuso
- [PATCH nft,v5 7/7] intervals: support to partial deletion with automerge, Pablo Neira Ayuso
- [PATCH nft,v4 0/7] revisit overlap/automerge codebase,
Pablo Neira Ayuso
- [PATCH nft,v4 1/7] src: add EXPR_F_KERNEL to identify expression in the kernel, Pablo Neira Ayuso
- [PATCH nft,v4 3/7] src: remove rbtree datastructure, Pablo Neira Ayuso
- [PATCH nft,v4 4/7] mnl: update mnl_nft_setelem_del() to allow for more reuse, Pablo Neira Ayuso
- [PATCH nft,v4 6/7] evaluate: allow for zero length ranges, Pablo Neira Ayuso
- [PATCH nft,v4 5/7] intervals: add support to automerge with kernel elements, Pablo Neira Ayuso
- [PATCH nft,v4 2/7] src: replace interval segment tree overlap and automerge, Pablo Neira Ayuso
- [PATCH nft,v4 7/7] intervals: support to partial deletion with automerge, Pablo Neira Ayuso
- [PATCH nf,v2] ipvs: correctly print the memory size of ip_vs_conn_tab,
Pengcheng Yang
- [PATCH nf] netfilter: Update ip6_route_me_harder to consider L3 domain,
Martin Willi
- [PATCH nf] ipvs: correctly print the memory size of ip_vs_conn_tab,
Pengcheng Yang
- [PATCH nf] netfilter: nf_tables: nft_parse_register can return a negative value,
Antoine Tenart
- [PATCH nf-next v4 00/10] netfilter: conntrack: remove percpu lists,
Florian Westphal
- [PATCH nf-next v4 01/10] netfilter: ecache: use dedicated list for event redelivery, Florian Westphal
- [PATCH nf-next v4 02/10] netfilter: conntrack: include ecache dying list in dumps, Florian Westphal
- [PATCH nf-next v4 03/10] netfilter: conntrack: remove the percpu dying list, Florian Westphal
- [PATCH nf-next v4 04/10] netfilter: cttimeout: decouple unlink and free on netns destruction, Florian Westphal
- [PATCH nf-next v4 06/10] netfilter: extensions: introduce extension genid count, Florian Westphal
- [PATCH nf-next v4 05/10] netfilter: remove nf_ct_unconfirmed_destroy helper, Florian Westphal
- [PATCH nf-next v4 07/10] netfilter: cttimeout: decouple unlink and free on netns destruction, Florian Westphal
- [PATCH nf-next v4 08/10] netfilter: conntrack: remove __nf_ct_unconfirmed_destroy, Florian Westphal
- [PATCH nf-next v4 09/10] netfilter: conntrack: remove unconfirmed list, Florian Westphal
- [PATCH nf-next v4 10/10] netfilter: conntrack: avoid unconditional local_bh_disable, Florian Westphal
- Re: [PATCH nf-next v4 00/10] netfilter: conntrack: remove percpu lists, Pablo Neira Ayuso
- [PATCH net-next 00/11] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 01/11] netfilter: nf_tables: replace unnecessary use of list_for_each_entry_continue(), Pablo Neira Ayuso
- [PATCH net-next 04/11] netfilter: cttimeout: inc/dec module refcount per object, not per use refcount, Pablo Neira Ayuso
- [PATCH net-next 03/11] netfilter: conntrack: split inner loop of list dumping to own function, Pablo Neira Ayuso
- [PATCH net-next 07/11] netfilter: nf_log_syslog: Consolidate entry checks, Pablo Neira Ayuso
- [PATCH net-next 06/11] netfilter: nf_log_syslog: Don't ignore unknown protocols, Pablo Neira Ayuso
- [PATCH net-next 10/11] netfilter: nft_fib: reverse path filter for policy-based routing on iif, Pablo Neira Ayuso
- [PATCH net-next 08/11] netfilter: bitwise: replace hard-coded size with `sizeof` expression, Pablo Neira Ayuso
- [PATCH net-next 05/11] netfilter: nf_log_syslog: Merge MAC header dumpers, Pablo Neira Ayuso
- [PATCH net-next 02/11] netfilter: ecache: move to separate structure, Pablo Neira Ayuso
- [PATCH net-next 11/11] selftests: netfilter: add fib expression forward test case, Pablo Neira Ayuso
- [PATCH net-next 09/11] netfilter: bitwise: improve error goto labels, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net-next 00/11] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/11] netfilter: Use l3mdev flow key when re-routing mangled packets, Pablo Neira Ayuso
- [PATCH net-next 03/11] netfilter: conntrack: remove pr_debug callsites from tcp tracker, Pablo Neira Ayuso
- [PATCH net-next 04/11] netfilter: ctnetlink: fix up for "netfilter: conntrack: remove unconfirmed list", Pablo Neira Ayuso
- [PATCH net-next 02/11] netfilter: nf_conncount: reduce unnecessary GC, Pablo Neira Ayuso
- [PATCH net-next 05/11] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table, Pablo Neira Ayuso
- [PATCH net-next 06/11] netfilter: nf_flow_table: count and limit hw offloaded entries, Pablo Neira Ayuso
- [PATCH net-next 08/11] netfilter: nfnetlink: fix warn in nfnetlink_unbind, Pablo Neira Ayuso
- [PATCH net-next 10/11] netfilter: cttimeout: fix slab-out-of-bounds read in cttimeout_net_exit, Pablo Neira Ayuso
- [PATCH net-next 07/11] netfilter: nf_flow_table: count pending offload workqueue tasks, Pablo Neira Ayuso
- [PATCH net-next 09/11] netfilter: conntrack: re-fetch conntrack after insertion, Pablo Neira Ayuso
- [PATCH net-next 11/11] netfilter: nf_tables: set element extended ACK reporting support, Pablo Neira Ayuso
- [PATCH net-next 00/11] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 02/11] netfilter: nf_tables: Fix percpu address space issues in nf_tables_api.c, Pablo Neira Ayuso
- [PATCH net-next 04/11] netfilter: nf_tables: prefer nft_trans_elem_alloc helper, Pablo Neira Ayuso
- [PATCH net-next 03/11] netfilter: nf_tables: replace deprecated strncpy with strscpy_pad, Pablo Neira Ayuso
- [PATCH net-next 01/11] netfilter: Make legacy configs user selectable, Pablo Neira Ayuso
- [PATCH net-next 06/11] netfilter: nf_tables: avoid false-positive lockdep splats with sets, Pablo Neira Ayuso
- [PATCH net-next 07/11] netfilter: nf_tables: avoid false-positive lockdep splats with flowtables, Pablo Neira Ayuso
- [PATCH net-next 08/11] netfilter: nf_tables: avoid false-positive lockdep splats in set walker, Pablo Neira Ayuso
- [PATCH net-next 05/11] netfilter: nf_tables: avoid false-positive lockdep splat on rule deletion, Pablo Neira Ayuso
- [PATCH net-next 10/11] netfilter: nf_tables: must hold rcu read lock while iterating expression type list, Pablo Neira Ayuso
- [PATCH net-next 09/11] netfilter: nf_tables: avoid false-positive lockdep splats with basechain hook, Pablo Neira Ayuso
- [PATCH net-next 11/11] netfilter: nf_tables: must hold rcu read lock while iterating object type list, Pablo Neira Ayuso
- Re: [PATCH net-next 00/11] Netfilter updates for net-next, Jakub Kicinski
- [RFC PATCH] datatype: accept abbrevs and ignore case on parsing symbolic constants,
Jo-Philipp Wich
- [libnetfilter_log PATCH] doc: correct non-native solecism,
Jeremy Sowden
- [PATCH nftables 0/9] nftables: add support for wildcard string as set keys,
Florian Westphal
- [PATCH nftables 1/9] evaluate: make byteorder conversion on string base type a no-op, Florian Westphal
- [PATCH nftables 2/9] evaluate: keep prefix expression length, Florian Westphal
- [PATCH nftables 3/9] segtree: split prefix and range creation to a helper function, Florian Westphal
- [PATCH nftables 4/9] evaluate: string prefix expression must retain original length, Florian Westphal
- [PATCH nftables 5/9] src: make interval sets work with string datatypes, Florian Westphal
- [PATCH nftables 6/9] segtree: add string "range" reversal support, Florian Westphal
- [PATCH nftables 7/9] tests: add testcases for interface names in sets, Florian Westphal
- [PATCH nftables 8/9] segtree: use correct byte order for 'element get', Florian Westphal
- [PATCH nftables 9/9] segtree: add support for get element with sets that contain ifnames, Florian Westphal
- Re: [PATCH nftables 0/9] nftables: add support for wildcard string as set keys, Pablo Neira Ayuso
- [nf-next PATCH v3 0/3] netfilter: bitwise: support boolean operations with variable RHS operands,
Jeremy Sowden
- [PATCH nft] tests: py: Add meta time tests without 'meta' keyword,
Martin Gignac
- [PATCH nf] netfilter: nft_socket: make cgroup match work in input too,
Florian Westphal
- [PATCH] doc: Document that kernel may accept unimplemented expressions,
Topi Miettinen
- [nft PATCH] tests: monitor: Hide temporary file names from error output, Phil Sutter
- [nft PATCH] tests: py: Don't colorize output if stderr is redirected,
Phil Sutter
- [PATCH nf-next RFC 1/2] netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*(),
Pablo Neira Ayuso
- [PATCH nft] tests: py: extend meta time coverage,
Pablo Neira Ayuso
- [PATCH nf-next v2 1/1] netfilter: conntrack: skip verification of zero UDP checksum,
Kevin Mitchell
- [PATCH v34 18/29] LSM: security_secid_to_secctx in netlink netfilter,
Casey Schaufler
- [PATCH v34 16/29] LSM: Use lsmcontext in security_secid_to_secctx,
Casey Schaufler
- [PATCH v34 15/29] LSM: Ensure the correct LSM context releaser,
Casey Schaufler
- [PATCH v34 09/29] LSM: Use lsmblob in security_secid_to_secctx,
Casey Schaufler
- [PATCH v34 08/29] LSM: Use lsmblob in security_secctx_to_secid,
Casey Schaufler
- Re: linux 5.17.1 disregarding ACK values resulting in stalled TCP connections,
Florian Westphal
- [PATCH v2 0/1] UDP traceroute packets with no checksum,
Kevin Mitchell
- [PATCH nf-next] nf_flow_table_offload: offload the vlan encap in the flowtable,
wenx05124561
- [ANNOUNCE] libmnl 1.0.5 release, Phil Sutter
- [ANNOUNCE] libnfnetlink 1.0.2 release, Phil Sutter
- [PATCH] meta.c: fix compiler warning in date_type_parse(),
Lukas Straub
- [PATCH nft] meta time: use uint64_t instead of time_t,
Lukas Straub
- meta time broken,
Lukas Straub
- [nft PATCH v4 00/32] Extend values assignable to packet marks and payload fields,
Jeremy Sowden
- [nft PATCH v4 02/32] include: add missing `#include`, Jeremy Sowden
- [nft PATCH v4 03/32] src: move `byteorder_names` array, Jeremy Sowden
- [nft PATCH v4 01/32] examples: add .gitignore file, Jeremy Sowden
- [nft PATCH v4 06/32] include: update nf_tables.h, Jeremy Sowden
- [nft PATCH v4 07/32] include: add new bitwise bit-length attribute to nf_tables.h, Jeremy Sowden
- [nft PATCH v4 04/32] datatype: support `NULL` symbol-tables when printing constants, Jeremy Sowden
- [nft PATCH v4 08/32] netlink: send bit-length of bitwise binops to kernel, Jeremy Sowden
- [nft PATCH v4 09/32] netlink_delinearize: add postprocessing for payload binops, Jeremy Sowden
- [nft PATCH v4 05/32] ct: support `NULL` symbol-tables when looking up labels, Jeremy Sowden
- [nft PATCH v4 24/32] netlink_delinearize: fix typo, Jeremy Sowden
- [nft PATCH v4 27/32] netlink: rename bitwise operation functions, Jeremy Sowden
- [nft PATCH v4 15/32] tests: shell: rename some test-cases, Jeremy Sowden
- [nft PATCH v4 16/32] tests: shell: add test-cases for ct and packet mark payload expressions, Jeremy Sowden
- [nft PATCH v4 21/32] evaluate: don't clobber binop lengths, Jeremy Sowden
- [nft PATCH v4 30/32] evaluate: allow binop expressions with variable right-hand operands, Jeremy Sowden
- [nft PATCH v4 29/32] parser_json: allow RHS ct, meta and payload expressions, Jeremy Sowden
- [nft PATCH v4 20/32] evaluate: prevent nested byte-order conversions, Jeremy Sowden
- [nft PATCH v4 17/32] tests: py: add test-cases for ct and packet mark payload expressions, Jeremy Sowden
- [nft PATCH v4 28/32] netlink: support (de)linearization of new bitwise boolean operations, Jeremy Sowden
- [nft PATCH v4 32/32] tests: py: add tests for binops with variable RHS operands, Jeremy Sowden
- [nft PATCH v4 12/32] payload: set byte-order when completing expression, Jeremy Sowden
- [nft PATCH v4 11/32] netlink_delinearize: correct length of right bitwise operand, Jeremy Sowden
- [nft PATCH v4 18/32] include: add new bitwise boolean attributes to nf_tables.h, Jeremy Sowden
- [nft PATCH v4 31/32] tests: shell: add tests for binops with variable RHS operands, Jeremy Sowden
- [nft PATCH v4 25/32] netlink_delinearize: refactor stmt_payload_binop_postprocess, Jeremy Sowden
- [nft PATCH v4 10/32] netlink_delinearize: correct type and byte-order of shifts, Jeremy Sowden
- [nft PATCH v4 23/32] evaluate: set eval context to leftmost bitwise operand, Jeremy Sowden
- [nft PATCH v4 26/32] netlink_delinearize: add support for processing variable payload statement arguments, Jeremy Sowden
- [nft PATCH v4 22/32] evaluate: insert byte-order conversions for expressions between 9 and 15 bits, Jeremy Sowden
- [nft PATCH v4 14/32] evaluate: relax type-checking for integer arguments in mark statements, Jeremy Sowden
- [nft PATCH v4 13/32] evaluate: support shifts larger than the width of the left operand, Jeremy Sowden
- [nft PATCH v4 19/32] evaluate: don't eval unary arguments, Jeremy Sowden
- Re: [nft PATCH v4 00/32] Extend values assignable to packet marks and payload fields, Kevin 'ldir' Darbyshire-Bryant
- [libnftnl PATCH v2 0/9] bitwise: support for boolean operations with variable RHS operands,
Jeremy Sowden
- [libnftnl PATCH v2 1/9] include: update nf_tables.h, Jeremy Sowden
- [libnftnl PATCH v2 2/9] include: add new bitwise bit-length attribute to nf_tables.h, Jeremy Sowden
- [libnftnl PATCH v2 3/9] expr: bitwise: pass bit-length to and from the kernel, Jeremy Sowden
- [libnftnl PATCH v2 5/9] expr: bitwise: fix a couple of white-space mistakes, Jeremy Sowden
- [libnftnl PATCH v2 4/9] include: add new bitwise boolean attributes to nf_tables.h, Jeremy Sowden
- [libnftnl PATCH v2 6/9] expr: bitwise: rename some boolean operation functions, Jeremy Sowden
- [libnftnl PATCH v2 9/9] tests: bitwise: add tests for new boolean operations, Jeremy Sowden
- [libnftnl PATCH v2 8/9] tests: bitwise: refactor shift tests, Jeremy Sowden
- [libnftnl PATCH v2 7/9] expr: bitwise: add support for kernel space AND, OR and XOR operations, Jeremy Sowden
- [nf-next PATCH v2 0/5] netfilter: bitwise: support boolean operations with variable RHS operands,
Jeremy Sowden
- [PATCH bpf-next] net: netfilter: reports ct direction in CT lookup helpers for XDP and TC-BPF,
Lorenzo Bianconi
- troubles caused by conntrack overlimit in init_netns,
Vasily Averin
- [no subject], Unknown
- [PATCH AUTOSEL 5.16 103/109] netfilter: conntrack: revisit gc autotuning, Sasha Levin
- [PATCH AUTOSEL 5.15 92/98] netfilter: conntrack: revisit gc autotuning, Sasha Levin
- [PATCH AUTOSEL 5.17 143/149] netfilter: conntrack: revisit gc autotuning, Sasha Levin
- Conntrack offload and ingress_ifindex, Edward Cree
- [PATCH nf-next,v2] netfilter: nft_fib: reverse path filter for policy-based routing on iif,
Pablo Neira Ayuso
- [PATCH nf-next] selftests: netfilter: add fib expression forward test case, Florian Westphal
- [iptables PATCH v2 0/9] extensions: Merge *_DNAT and *_REDIRECT,
Phil Sutter
- [iptables PATCH v2 9/9] extensions: man: Document service name support in DNAT and REDIRECT, Phil Sutter
- [iptables PATCH v2 6/9] extensions: DNAT: Rename from libipt to libxt, Phil Sutter
- [iptables PATCH v2 7/9] extensions: Merge IPv4 and IPv6 DNAT targets, Phil Sutter
- [iptables PATCH v2 5/9] extensions: ipt_DNAT: Combine xlate functions also, Phil Sutter
- [iptables PATCH v2 2/9] Revert "libipt_[SD]NAT: avoid false error about multiple destinations specified", Phil Sutter
- [iptables PATCH v2 1/9] man: DNAT: Describe shifted port range feature, Phil Sutter
- [iptables PATCH v2 8/9] extensions: Merge REDIRECT into DNAT, Phil Sutter
- [iptables PATCH v2 4/9] extensions: ipt_DNAT: Merge v1/v2 print/save code, Phil Sutter
- [iptables PATCH v2 3/9] extensions: ipt_DNAT: Merge v1 and v2 parsers, Phil Sutter
- Re: [iptables PATCH v2 0/9] extensions: Merge *_DNAT and *_REDIRECT, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nft_fib: reverse path filter for policy-based routing on iif,
Pablo Neira Ayuso
- [no subject], Unknown
- [iptables PATCH] xlate-test: Fix for empty source line on failure, Phil Sutter
- [iptables PATCH 0/9] extensions: Merge *_DNAT and *_REDIRECT,
Phil Sutter
- [PATCH nft] tests: py: add inet/vmap tests, Pablo Neira Ayuso
- [PATCH nft,v2 1/4] expression: typeof verdict needs verdict datatype,
Pablo Neira Ayuso
- [PATCH nft] expression: typeof verdict needs verdict datatype, Pablo Neira Ayuso
- [PATCH libnetfilter_queue v4] src: eliminate packet copy when constructing struct pktbuff,
Duncan Roe
- [PATCH] netfilter: bitwise: fix reduce comparison,
Jeremy Sowden
- [PATCH nft] src: allow to use typeof of raw expressions in set declaration, Pablo Neira Ayuso
- [PATCH libnetfilter_queue] examples: fix compiler warning,
Duncan Roe
- Support for loading firewall rules with cgroup(v2) expressions early,
Topi Miettinen
- [libnfnetlink PATCH 1/2] include: Silence gcc warning in linux_list.h,
Phil Sutter
- [libnetfilter_conntrack PATCH] expect/conntrack: Avoid spurious covscan overrun warning,
Phil Sutter
- [conntrack-tools PATCH 0/8] Fixes for a recent Coverity tool run,
Phil Sutter
- [nf-next PATCH] netfilter: nf_log_syslog: Consolidate entry checks,
Phil Sutter
- [nf-next PATCH 1/2] netfilter: nf_log_syslog: Merge MAC header dumpers,
Phil Sutter
- [nf PATCH] netfilter: egress: Report interface as outgoing,
Phil Sutter
- [PATCH nf-next v3 00/16] netfilter: conntrack: remove percpu lists,
Florian Westphal
- [PATCH nf-next v3 01/16] nfnetlink: handle already-released nl socket, Florian Westphal
- [PATCH nf-next v3 02/16] netfilter: ctnetlink: make ecache event cb global again, Florian Westphal
- [PATCH nf-next v3 03/16] netfilter: ecache: move to separate structure, Florian Westphal
- [PATCH nf-next v3 04/16] netfilter: ecache: use dedicated list for event redelivery, Florian Westphal
- [PATCH nf-next v3 06/16] netfilter: conntrack: include ecache dying list in dumps, Florian Westphal
- [PATCH nf-next v3 05/16] netfilter: conntrack: split inner loop of list dumping to own function, Florian Westphal
- [PATCH nf-next v3 08/16] netfilter: cttimeout: inc/dec module refcount per object, not per use refcount, Florian Westphal
- [PATCH nf-next v3 07/16] netfilter: conntrack: remove the percpu dying list, Florian Westphal
- [PATCH nf-next v3 09/16] netfilter: nfnetlink_cttimeout: use rcu protection in cttimeout_get_timeout, Florian Westphal
- [PATCH nf-next v3 11/16] netfilter: remove nf_ct_unconfirmed_destroy helper, Florian Westphal
- [PATCH nf-next v3 10/16] netfilter: cttimeout: decouple unlink and free on netns destruction, Florian Westphal
- [PATCH nf-next v3 12/16] netfilter: extensions: introduce extension genid count, Florian Westphal
- [PATCH nf-next v3 13/16] netfilter: cttimeout: decouple unlink and free on netns destruction, Florian Westphal
- [PATCH nf-next v3 14/16] netfilter: conntrack: remove __nf_ct_unconfirmed_destroy, Florian Westphal
- [PATCH nf-next v3 15/16] netfilter: conntrack: remove unconfirmed list, Florian Westphal
- [PATCH nf-next v3 16/16] netfilter: conntrack: avoid unconditional local_bh_disable, Florian Westphal
- Re: [PATCH nf-next v3 00/16] netfilter: conntrack: remove percpu lists, Pablo Neira Ayuso
- [PATCH] netfilter: ipset: Fix duplicate included ip_set_hash_gen.h,
Haowen Bai
- [PATCH 0/1] Reusing mnl socket for bulk ct loads,
Mikhail Sennikovsky
- [PATCH v2] netfilter: nf_tables: replace unnecessary use of list_for_each_entry_continue(),
Jakob Koschel
- bug report and future request,
Martin Zaharinov
- [PATCH nft] evaluate: copy field_count for anonymous object maps as well, Florian Westphal
- [PATCH net-next 00/19] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 03/19] netfilter: nf_tables: do not reduce read-only expressions, Pablo Neira Ayuso
- [PATCH net-next 13/19] netfilter: nft_xfrm: track register operations, Pablo Neira Ayuso
- [PATCH net-next 07/19] netfilter: nft_meta: extend reduce support to bridge family, Pablo Neira Ayuso
- [PATCH net-next 05/19] netfilter: nft_ct: track register operations, Pablo Neira Ayuso
- [PATCH net-next 17/19] netfilter: nf_nat_h323: eliminate anonymous module_init & module_exit, Pablo Neira Ayuso
- [PATCH net-next 10/19] netfilter: nft_hash: track register operations, Pablo Neira Ayuso
- [PATCH net-next 12/19] netfilter: nft_socket: track register operations, Pablo Neira Ayuso
- [PATCH net-next 16/19] netfilter: nft_exthdr: add reduce support, Pablo Neira Ayuso
- [PATCH net-next 02/19] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned(), Pablo Neira Ayuso
- [PATCH net-next 08/19] netfilter: nft_numgen: cancel register tracking, Pablo Neira Ayuso
- [PATCH net-next 06/19] netfilter: nft_lookup: only cancel tracking for clobbered dregs, Pablo Neira Ayuso
- [PATCH net-next 04/19] netfilter: nf_tables: cancel tracking for clobbered destination registers, Pablo Neira Ayuso
- [PATCH net-next 09/19] netfilter: nft_osf: track register operations, Pablo Neira Ayuso
- [PATCH net-next 11/19] netfilter: nft_immediate: cancel register tracking for data destination register, Pablo Neira Ayuso
- [PATCH net-next 01/19] netfilter: conntrack: revisit gc autotuning, Pablo Neira Ayuso
- [PATCH net-next 14/19] netfilter: nft_tunnel: track register operations, Pablo Neira Ayuso
- [PATCH net-next 15/19] netfilter: nft_fib: add reduce support, Pablo Neira Ayuso
- [PATCH net-next 18/19] netfilter: flowtable: remove redundant field in flow_offload_work struct, Pablo Neira Ayuso
- [PATCH net-next 19/19] netfilter: flowtable: pass flowtable to nf_flow_table_iterate(), Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net-next 00/19] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/19] netfilter: nft_set_rbtree: rename gc deactivate+erase function, Pablo Neira Ayuso
- [PATCH net-next 03/19] netfilter: nf_tables: Open-code audit log call in nf_tables_getrule(), Pablo Neira Ayuso
- [PATCH net-next 04/19] netfilter: nf_tables: Introduce nf_tables_getrule_single(), Pablo Neira Ayuso
- [PATCH net-next 02/19] netfilter: nft_set_rbtree: prefer sync gc to async worker, Pablo Neira Ayuso
- [PATCH net-next 07/19] netfilter: conntrack: switch connlabels to atomic_t, Pablo Neira Ayuso
- [PATCH net-next 08/19] netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj, Pablo Neira Ayuso
- [PATCH net-next 09/19] netfilter: nf_tables: Unconditionally allocate nft_obj_filter, Pablo Neira Ayuso
- [PATCH net-next 11/19] netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx, Pablo Neira Ayuso
- [PATCH net-next 05/19] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests, Pablo Neira Ayuso
- [PATCH net-next 10/19] netfilter: nf_tables: A better name for nft_obj_filter, Pablo Neira Ayuso
- [PATCH net-next 12/19] netfilter: nf_tables: nft_obj_filter fits into cb->ctx, Pablo Neira Ayuso
- [PATCH net-next 06/19] br_netfilter: use single forward hook for ip and arp, Pablo Neira Ayuso
- [PATCH net-next 13/19] netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx, Pablo Neira Ayuso
- [PATCH net-next 14/19] netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush, Pablo Neira Ayuso
- [PATCH net-next 15/19] netfilter: nf_tables: set backend .flush always succeeds, Pablo Neira Ayuso
- [PATCH net-next 17/19] netfilter: nf_tables: shrink memory consumption of set elements, Pablo Neira Ayuso
- [PATCH net-next 16/19] netfilter: nf_tables: expose opaque set element as struct nft_elem_priv, Pablo Neira Ayuso
- [PATCH net-next 19/19] netfilter: nf_tables: Carry reset boolean in nft_set_dump_ctx, Pablo Neira Ayuso
- [PATCH net-next 18/19] netfilter: nf_tables: set->ops->insert returns opaque set element in case of EEXIST, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options,
Pablo Neira Ayuso
- [PATCH] netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options, Pablo Neira Ayuso
- [PATCH] netfilter: nf_tables: replace unnecessary use of list_for_each_entry_continue(),
Jakob Koschel
- [PATCH] ebtables: fix the 'static' build target, Robert Kolchmeyer
- [PATCH nf-next] netfilter: nf_conntrack_tcp: skip tracking for offloaded packets,
Pablo Neira Ayuso
- [PATCH nf-next 1/2] netfilter: flowtable: remove redundant field in flow_offload_work struct,
Pablo Neira Ayuso
- [PATCH nf,v2 1/2] netfilter: nf_tables: validate registers coming from userspace.,
Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nf_tables: registers should not go over NFT_REG32_NUM,
Pablo Neira Ayuso
- Re: Intermittent performance regression related to ipset between 5.10 and 5.15,
Jakub Kicinski
- [PATCH 0/9] treewide: eliminate anonymous module_init & module_exit,
Randy Dunlap
- [PATCH 6/9] usb: gadget: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 3/9] net: mlx5: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 1/9] virtio_blk: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 2/9] virtio_console: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 5/9] virtio-scsi: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 7/9] usb: usbip: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 4/9] netfilter: h323: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 8/9] x86/crypto: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 9/9] testmmiotrace: eliminate anonymous module_init & module_exit, Randy Dunlap
- Re: [PATCH 0/9] treewide: eliminate anonymous module_init & module_exit, Ira Weiny
- Re: (subset) [PATCH 0/9] treewide: eliminate anonymous module_init & module_exit, Jens Axboe
- [iptables PATCH 0/3] Speed up restoring huge rulesets,
Phil Sutter
- "Decoding" ipset error codes,
Ian Pilcher
- [PATCH nf] netfilter: flowtable: Fix QinQ and PPPoE support for inet table, Pablo Neira Ayuso
- Feature Request: nft: support non-immediate second operand,
Kevin 'ldir' Darbyshire-Bryant
- [iptables PATCH 0/5] Fixes for static builds,
Phil Sutter
- [RFC] conntrack event framework speedup,
Florian Westphal
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
