Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH nf-next v3 00/16] netfilter: conntrack: remove percpu lists, (continued)
- [PATCH] netfilter: ipset: Fix duplicate included ip_set_hash_gen.h,
Haowen Bai
- [PATCH 0/1] Reusing mnl socket for bulk ct loads,
Mikhail Sennikovsky
- [PATCH v2] netfilter: nf_tables: replace unnecessary use of list_for_each_entry_continue(),
Jakob Koschel
- bug report and future request,
Martin Zaharinov
- [PATCH nft] evaluate: copy field_count for anonymous object maps as well, Florian Westphal
- [PATCH net-next 00/19] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 03/19] netfilter: nf_tables: do not reduce read-only expressions, Pablo Neira Ayuso
- [PATCH net-next 13/19] netfilter: nft_xfrm: track register operations, Pablo Neira Ayuso
- [PATCH net-next 07/19] netfilter: nft_meta: extend reduce support to bridge family, Pablo Neira Ayuso
- [PATCH net-next 05/19] netfilter: nft_ct: track register operations, Pablo Neira Ayuso
- [PATCH net-next 17/19] netfilter: nf_nat_h323: eliminate anonymous module_init & module_exit, Pablo Neira Ayuso
- [PATCH net-next 10/19] netfilter: nft_hash: track register operations, Pablo Neira Ayuso
- [PATCH net-next 12/19] netfilter: nft_socket: track register operations, Pablo Neira Ayuso
- [PATCH net-next 16/19] netfilter: nft_exthdr: add reduce support, Pablo Neira Ayuso
- [PATCH net-next 02/19] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned(), Pablo Neira Ayuso
- [PATCH net-next 08/19] netfilter: nft_numgen: cancel register tracking, Pablo Neira Ayuso
- [PATCH net-next 06/19] netfilter: nft_lookup: only cancel tracking for clobbered dregs, Pablo Neira Ayuso
- [PATCH net-next 04/19] netfilter: nf_tables: cancel tracking for clobbered destination registers, Pablo Neira Ayuso
- [PATCH net-next 09/19] netfilter: nft_osf: track register operations, Pablo Neira Ayuso
- [PATCH net-next 11/19] netfilter: nft_immediate: cancel register tracking for data destination register, Pablo Neira Ayuso
- [PATCH net-next 01/19] netfilter: conntrack: revisit gc autotuning, Pablo Neira Ayuso
- [PATCH net-next 14/19] netfilter: nft_tunnel: track register operations, Pablo Neira Ayuso
- [PATCH net-next 15/19] netfilter: nft_fib: add reduce support, Pablo Neira Ayuso
- [PATCH net-next 18/19] netfilter: flowtable: remove redundant field in flow_offload_work struct, Pablo Neira Ayuso
- [PATCH net-next 19/19] netfilter: flowtable: pass flowtable to nf_flow_table_iterate(), Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net-next 00/19] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/19] netfilter: nft_set_rbtree: rename gc deactivate+erase function, Pablo Neira Ayuso
- [PATCH net-next 03/19] netfilter: nf_tables: Open-code audit log call in nf_tables_getrule(), Pablo Neira Ayuso
- [PATCH net-next 04/19] netfilter: nf_tables: Introduce nf_tables_getrule_single(), Pablo Neira Ayuso
- [PATCH net-next 02/19] netfilter: nft_set_rbtree: prefer sync gc to async worker, Pablo Neira Ayuso
- [PATCH net-next 07/19] netfilter: conntrack: switch connlabels to atomic_t, Pablo Neira Ayuso
- [PATCH net-next 08/19] netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj, Pablo Neira Ayuso
- [PATCH net-next 09/19] netfilter: nf_tables: Unconditionally allocate nft_obj_filter, Pablo Neira Ayuso
- [PATCH net-next 11/19] netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx, Pablo Neira Ayuso
- [PATCH net-next 05/19] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests, Pablo Neira Ayuso
- [PATCH net-next 10/19] netfilter: nf_tables: A better name for nft_obj_filter, Pablo Neira Ayuso
- [PATCH net-next 12/19] netfilter: nf_tables: nft_obj_filter fits into cb->ctx, Pablo Neira Ayuso
- [PATCH net-next 06/19] br_netfilter: use single forward hook for ip and arp, Pablo Neira Ayuso
- [PATCH net-next 13/19] netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx, Pablo Neira Ayuso
- [PATCH net-next 14/19] netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush, Pablo Neira Ayuso
- [PATCH net-next 15/19] netfilter: nf_tables: set backend .flush always succeeds, Pablo Neira Ayuso
- [PATCH net-next 17/19] netfilter: nf_tables: shrink memory consumption of set elements, Pablo Neira Ayuso
- [PATCH net-next 16/19] netfilter: nf_tables: expose opaque set element as struct nft_elem_priv, Pablo Neira Ayuso
- [PATCH net-next 19/19] netfilter: nf_tables: Carry reset boolean in nft_set_dump_ctx, Pablo Neira Ayuso
- [PATCH net-next 18/19] netfilter: nf_tables: set->ops->insert returns opaque set element in case of EEXIST, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options,
Pablo Neira Ayuso
- [PATCH] netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options, Pablo Neira Ayuso
- [PATCH] netfilter: nf_tables: replace unnecessary use of list_for_each_entry_continue(),
Jakob Koschel
- [PATCH] ebtables: fix the 'static' build target, Robert Kolchmeyer
- [PATCH nf-next] netfilter: nf_conntrack_tcp: skip tracking for offloaded packets,
Pablo Neira Ayuso
- [PATCH nf-next 1/2] netfilter: flowtable: remove redundant field in flow_offload_work struct,
Pablo Neira Ayuso
- [PATCH nf,v2 1/2] netfilter: nf_tables: validate registers coming from userspace.,
Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nf_tables: registers should not go over NFT_REG32_NUM,
Pablo Neira Ayuso
- Re: Intermittent performance regression related to ipset between 5.10 and 5.15,
Jakub Kicinski
- [PATCH 0/9] treewide: eliminate anonymous module_init & module_exit,
Randy Dunlap
- [PATCH 6/9] usb: gadget: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 3/9] net: mlx5: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 1/9] virtio_blk: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 2/9] virtio_console: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 5/9] virtio-scsi: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 7/9] usb: usbip: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 4/9] netfilter: h323: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 8/9] x86/crypto: eliminate anonymous module_init & module_exit, Randy Dunlap
- [PATCH 9/9] testmmiotrace: eliminate anonymous module_init & module_exit, Randy Dunlap
- Re: [PATCH 0/9] treewide: eliminate anonymous module_init & module_exit, Ira Weiny
- Re: (subset) [PATCH 0/9] treewide: eliminate anonymous module_init & module_exit, Jens Axboe
- [iptables PATCH 0/3] Speed up restoring huge rulesets,
Phil Sutter
- "Decoding" ipset error codes,
Ian Pilcher
- [PATCH nf] netfilter: flowtable: Fix QinQ and PPPoE support for inet table, Pablo Neira Ayuso
- Feature Request: nft: support non-immediate second operand,
Kevin 'ldir' Darbyshire-Bryant
- [iptables PATCH 0/5] Fixes for static builds,
Phil Sutter
- [RFC] conntrack event framework speedup,
Florian Westphal
- [PATCH nf-next 0/6] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH nf-next,v3 00/14] register tracking infrastructure follow up,
Pablo Neira Ayuso
- [PATCH nf-next,v3 01/14] netfilter: nf_tables: do not reduce read-only expressions, Pablo Neira Ayuso
- [PATCH nf-next,v3 02/14] netfilter: nf_tables: cancel tracking for clobbered destination registers, Pablo Neira Ayuso
- [PATCH nf-next,v3 03/14] netfilter: nft_ct: track register operations, Pablo Neira Ayuso
- [PATCH nf-next,v3 04/14] netfilter: nft_lookup: only cancel tracking for clobbered dregs, Pablo Neira Ayuso
- [PATCH nf-next,v3 05/14] netfilter: nft_meta: extend reduce support to bridge family, Pablo Neira Ayuso
- [PATCH nf-next,v3 06/14] netfilter: nft_numgen: cancel register tracking, Pablo Neira Ayuso
- [PATCH nf-next,v3 13/14] netfilter: nft_fib: add reduce support, Pablo Neira Ayuso
- [PATCH nf-next,v3 09/14] netfilter: nft_immediate: cancel register tracking for data destination register, Pablo Neira Ayuso
- [PATCH nf-next,v3 14/14] netfilter: nft_exthdr: add reduce support, Pablo Neira Ayuso
- [PATCH nf-next,v3 11/14] netfilter: nft_xfrm: track register operations, Pablo Neira Ayuso
- [PATCH nf-next,v3 08/14] netfilter: nft_hash: track register operations, Pablo Neira Ayuso
- [PATCH nf-next,v3 12/14] netfilter: nft_tunnel: track register operations, Pablo Neira Ayuso
- [PATCH nf-next,v3 07/14] netfilter: nft_osf: track register operations, Pablo Neira Ayuso
- [PATCH nf-next,v3 10/14] netfilter: nft_socket: track register operations, Pablo Neira Ayuso
- [PATCH nf-next 00/12,v2] register tracking infrastructure follow up,
Pablo Neira Ayuso
- [PATCH nf-next 03/12,v2] netfilter: nft_ct: track register operations, Pablo Neira Ayuso
- [PATCH nf-next 02/12,v2] netfilter: nf_tables: cancel tracking for clobbered destination registers, Pablo Neira Ayuso
- [PATCH nf-next 01/12,v2] netfilter: nf_tables: do not reduce read-only expressions, Pablo Neira Ayuso
- [PATCH nf-next 06/12,v2] netfilter: nft_numgen: cancel register tracking, Pablo Neira Ayuso
- [PATCH nf-next 10/12,v2] netfilter: nft_socket: track register operations, Pablo Neira Ayuso
- [PATCH nf-next 05/12,v2] netfilter: nft_meta: extend reduce support to bridge family, Pablo Neira Ayuso
- [PATCH nf-next 04/12,v2] netfilter: nft_lookup: only cancel tracking for clobbered dregs, Pablo Neira Ayuso
- [PATCH nf-next 07/12,v2] netfilter: nft_osf: track register operations, Pablo Neira Ayuso
- [PATCH nf-next 09/12,v2] netfilter: nft_immediate: cancel register tracking for data destination register, Pablo Neira Ayuso
- [PATCH nf-next 08/12,v2] netfilter: nft_hash: track register operations, Pablo Neira Ayuso
- [PATCH nf-next 11/12,v2] netfilter: nft_xfrm: track register operations, Pablo Neira Ayuso
- [PATCH nf-next 12/12,v2] netfilter: nft_tunnel: track register operations, Pablo Neira Ayuso
- Xtables-addons URL issues, Pander
- Xtables-addons geoip manual, Pander
- [PATCH nf-next 0/9] register tracking infrastructure follow up,
Pablo Neira Ayuso
- [PATCH nf,v3] netfilter: nf_tables: disable register tracking, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_tables: do not reduce read-only expressions, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_tables: disable register tracking, Pablo Neira Ayuso
- [PATCH nf-next,v2] netfilter: nf_tables: cancel register tracking if .reduce is not defined, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nft_payload: only cancel tracking for clobbered dregs, Pablo Neira Ayuso
- [PATCH nf-next,v5] netfilter: nf_tables: cancel register tracking if .reduce is not defined, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: disable register tracking, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_tables: add stubs for readonly expressions,
Florian Westphal
- [PATCH nf-next] netfilter: nft_meta: extend reduce support to bridge family, Florian Westphal
- [PATCH nf-next] netfilter: nft_lookup: only cancel tracking for clobbered dregs, Florian Westphal
- [PATCH nf,v4] netfilter: nf_tables: cancel register tracking if .reduce is not defined, Pablo Neira Ayuso
- [PATCH nf,v3] netfilter: nf_tables: cancel register tracking if .reduce is not defined, Pablo Neira Ayuso
- [PATCH v33 18/29] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v33 16/29] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v33 15/29] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v33 09/29] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v33 08/29] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH nf,v2] netfilter: nf_tables: cancel register tracking if .reduce is not defined, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: cancel register tracking if .reduce is not defined,
Pablo Neira Ayuso
- [PATCH nf-next 0/4] netfilter: conntrack: ignore overly delayed tcp packets,
Florian Westphal
- [PATCH AUTOSEL 5.16 18/27] netfilter: egress: silence egress hook lockdep splats, Sasha Levin
- [RFC PATCH v4 00/15] Landlock LSM,
Konstantin Meskhidze
- [RFC PATCH v4 01/15] landlock: access mask renaming, Konstantin Meskhidze
- [RFC PATCH v4 07/15] landlock: user space API network support, Konstantin Meskhidze
- [RFC PATCH v4 05/15] landlock: unmask_layers() function refactoring, Konstantin Meskhidze
- [RFC PATCH v4 04/15] landlock: merge and inherit function refactoring, Konstantin Meskhidze
- [RFC PATCH v4 06/15] landlock: landlock_add_rule syscall refactoring, Konstantin Meskhidze
- [RFC PATCH v4 09/15] landlock: TCP network hooks implementation, Konstantin Meskhidze
- [RFC PATCH v4 08/15] landlock: add support network rules, Konstantin Meskhidze
- [RFC PATCH v4 03/15] landlock: landlock_find/insert_rule refactoring, Konstantin Meskhidze
- [RFC PATCH v4 02/15] landlock: filesystem access mask helpers, Konstantin Meskhidze
- [RFC PATCH v4 10/15] seltest/landlock: add tests for bind() hooks, Konstantin Meskhidze
- [RFC PATCH v4 11/15] seltest/landlock: add tests for connect() hooks, Konstantin Meskhidze
- [RFC PATCH v4 14/15] seltest/landlock: ruleset expanding test, Konstantin Meskhidze
- [RFC PATCH v4 13/15] seltest/landlock: rules overlapping test, Konstantin Meskhidze
- [RFC PATCH v4 12/15] seltest/landlock: connect() with AF_UNSPEC tests, Konstantin Meskhidze
- [RFC PATCH v4 15/15] seltest/landlock: invalid user input data test, Konstantin Meskhidze
- Re: [RFC PATCH v4 00/15] Landlock LSM, Mickaël Salaün
- Looking for info on ipset set type revisions,
Ian Pilcher
- [PATCH conntrack-tools] nfct: remove lazy binding,
Pablo Neira Ayuso
- [PATCH nf] Revert "netfilter: nat: force port remap to prevent shadowing well-known ports",
Florian Westphal
- [PATCH] netfilter: bridge: clean up some inconsistent indenting,
Jiapeng Chong
- [PATCH] netfilter: conditionally use ct and ctinfo,
trix
- [PATCH bpf-next v4 7/8] bpf: Replace __diag_ignore with unified __diag_ignore_all, Kumar Kartikeya Dwivedi
- nftables 1.0.2 building issues,
Francesco Colista
- [iptables RFC 0/2] Speed up restoring huge rulesets,
Phil Sutter
- [nft PATCH] misspell: Avoid segfault with anonymous chains,
Phil Sutter
- [PATCH nft] evaluate: init cmd pointer for new on-stack context,
Florian Westphal
- [PATCH nft] optimize: do not assume log prefix, Pablo Neira Ayuso
- [PATCH bpf-next v3 7/8] bpf: Replace __diag_ignore with unified __diag_ignore_all, Kumar Kartikeya Dwivedi
- [PATCH nft,v3 1/3] optimize: more robust statement merge with vmap,
Pablo Neira Ayuso
- [PATCH nft,v2] optimize: do not merge unsupported statement expressions, Pablo Neira Ayuso
- [PATCH nf-next,v2] netfilter: nft_ct: track register operations, Pablo Neira Ayuso
- [PATCH nft,v2 1/2] optimize: more robust statement merge with vmap,
Pablo Neira Ayuso
- [PATCH nft] optimize: do not merge unsupported statement expressions, Pablo Neira Ayuso
- [RFC v3 nf-next 00/15] netfilter: conntrack: remove percpu lists,
Florian Westphal
- [RFC v3 nf-next 01/15] nfnetlink: handle already-released nl socket, Florian Westphal
- [RFC v3 nf-next 02/15] netfilter: ctnetlink: make ecache event cb global again, Florian Westphal
- [RFC v3 nf-next 03/15] netfilter: ecache: move to separate structure, Florian Westphal
- [RFC v3 nf-next 04/15] netfilter: ecache: use dedicated list for event redelivery, Florian Westphal
- [RFC v3 nf-next 05/15] netfilter: conntrack: split inner loop of list dumping to own function, Florian Westphal
- [RFC v3 nf-next 06/15] netfilter: conntrack: include ecache dying list in dumps, Florian Westphal
- [RFC v3 nf-next 07/15] netfilter: conntrack: remove the percpu dying list, Florian Westphal
- [RFC v3 nf-next 08/15] netfilter: cttimeout: inc/dec module refcount per object, not per use refcount, Florian Westphal
- [RFC v3 nf-next 09/15] netfilter: nfnetlink_cttimeout: use rcu protection in cttimeout_get_timeout, Florian Westphal
- [RFC v3 nf-next 10/15] netfilter: cttimeout: decouple unlink and free on netns destruction, Florian Westphal
- [RFC v3 nf-next 11/15] netfilter: remove nf_ct_unconfirmed_destroy helper, Florian Westphal
- [RFC v3 nf-next 12/15] netfilter: extensions: introduce extension genid count, Florian Westphal
- [RFC v3 nf-next 13/15] netfilter: cttimeout: decouple unlink and free on netns destruction, Florian Westphal
- [RFC v3 nf-next 14/15] netfilter: conntrack: remove __nf_ct_unconfirmed_destroy, Florian Westphal
- [RFC v3 nf-next 15/15] netfilter: conntrack: remove unconfirmed list, Florian Westphal
- heads up, rebasing nf-next, Pablo Neira Ayuso
- [PATCH nft 1/2] optimize: more robust statement merge with vmap,
Pablo Neira Ayuso
- [PATCH nft] optimize: fix vmap with anonymous sets, Pablo Neira Ayuso
- [PATCH bpf-next v2 7/8] bpf: Replace __diag_ignore with unified __diag_ignore_all, Kumar Kartikeya Dwivedi
- [nf-next PATCH] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned(),
Phil Sutter
- [PATCH] netfilter: nft_ct: spurious warning when assigning conntrack helpers, Phil Sutter
- Re: [PATCH v2] selftests: netfilter: fix a build error on openSUSE,
Pablo Neira Ayuso
- [iptables PATCH 0/4] Speed up iptables-nft-save,
Phil Sutter
- [iptables PATCH 2/4] nft: Speed up immediate parsing, Phil Sutter
- [iptables PATCH 4/4] nft: Don't pass command state opaque to family ops callbacks, Phil Sutter
[nft PATCH] scanner: Fix for ipportmap nat statements, Phil Sutter
[PATCH nft,v3 0/7] revisit overlap/automerge codebase,
Pablo Neira Ayuso
- [PATCH nft,v3 1/7] src: add EXPR_F_KERNEL to identify expression in the kernel, Pablo Neira Ayuso
- [PATCH nft,v3 4/7] mnl: update mnl_nft_setelem_del() to allow for more reuse, Pablo Neira Ayuso
- [PATCH nft,v3 3/7] src: remove rbtree datastructure, Pablo Neira Ayuso
- [PATCH nft,v3 2/7] src: replace interval segment tree overlap and automerge, Pablo Neira Ayuso
- [PATCH nft,v3 5/7] intervals: add support to automerge with kernel elements, Pablo Neira Ayuso
- [PATCH nft,v3 7/7] intervals: support to partial deletion with automerge, Pablo Neira Ayuso
- [PATCH nft,v3 6/7] evaluate: allow for zero length ranges, Pablo Neira Ayuso
[PATCH] net/netfilter: use memset avoid infoleaks,
cgel . zte
[PATCH v2 nf 0/2] netfilter: nf_queue: be more careful with sk refcounts,
Florian Westphal
[PATCH ipset] Fix IPv6 sets nftables translation,
Pablo Neira Ayuso
[PATCH nf] netfilter: nf_queue: be more careful with sk refcounts,
Florian Westphal
[PATCH net v4 1/1] net/sched: act_ct: Fix flow table lookup failure with no originating ifindex,
Paul Blakey
[PATCH net v3 1/1] net/sched: act_ct: Fix flow table lookup failure with no originating ifindex,
Paul Blakey
[PATCH RFC] memcg: Enable accounting for nft objects,
Vasily Averin
[PATCH nf] netfilter: egress: silence egress hook lockdep splats,
Florian Westphal
[PATCH nf] netfilter: fix use-after-free in __nf_register_net_hook(),
Eric Dumazet
[PATCH v2 nf] netfilter: nf_queue: don't assume sk is full socket,
Florian Westphal
TCP connection fails in a asymmetric routing situation,
Florian Westphal
[PATCH v2 nf] selftests: netfilter: add nfqueue TCP_NEW_SYN_RECV socket race test, Florian Westphal
[PATCH nf-next v2 0/3] Conntrack GRE offload,
Toshiaki Makita
Re: [netfilter-nf:master 47/47] nf_queue.c:undefined reference to `sock_gen_put',
Florian Westphal
[PATCH 1/2] libnftables.map: export new nft_ctx_{get,set}_optimize API,
Sam James
[PATCH nf-next v2 0/7] netfilter: remove pcpu dying list,
Florian Westphal
[PATCH nf] selftests: netfilter: add nfqueue TCP_NEW_SYN_RECV socket race test, Florian Westphal
[PATCH] netfilter: nf_tables: fix error code in nf_tables_updobj(),
Dan Carpenter
[PATCH v2] conntrack: fix build with kernel 5.15 and musl,
Robert Marko
[PATCH] conntrack: fix build with kernel 5.15 and musl, Robert Marko
[PATCH nf] netfilter: nf_queue: don't assume sk is full socket,
Florian Westphal
[PATCH net] netfilter: nf_tables: prefer kfree_rcu(ptr, rcu) variant,
Eric Dumazet
[PATCH net-next 0/8] Conntrack offload debuggability improvements,
Vlad Buslov
[PATCH net 0/5,v2] Netfilter fixes for net,
Pablo Neira Ayuso
[PATCH] build: add missing AM_CPPFLAGS to examples/,
Jan Engelhardt
[PATCH nft] examples: compile with `make check' and add AM_CPPFLAGS, Pablo Neira Ayuso
Re: [PATCH 5.16 000/227] 5.16.11-rc1 review, Naresh Kamboju
[PATCH nf] netfilter: nf_tables: make sure err is initialised to sane value,
Florian Westphal
[ANNOUNCE] nftables 1.0.2 release,
Pablo Neira Ayuso
[PATCH nf 0/5] Netfilter fixes for net,
Pablo Neira Ayuso
[PATCH v3] netfilter: nf_tables: fix memory leak during stateful obj update,
Florian Westphal
[PATCH bpf-next v1 00/15] Introduce typed pointer support in BPF maps,
Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 02/15] bpf: Make btf_find_field more generic, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 01/15] bpf: Factor out fd returning from bpf_btf_find_by_name_kind, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 05/15] bpf: Allow storing PTR_TO_PERCPU_BTF_ID in map, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 03/15] bpf: Allow storing PTR_TO_BTF_ID in map, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 04/15] bpf: Allow storing referenced PTR_TO_BTF_ID in map, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 06/15] bpf: Allow storing __user PTR_TO_BTF_ID in map, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 07/15] bpf: Prevent escaping of pointers loaded from maps, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 10/15] bpf: Wire up freeing of referenced PTR_TO_BTF_ID in map, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 14/15] selftests/bpf: Add C tests for PTR_TO_BTF_ID in map, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 08/15] bpf: Adapt copy_map_value for multiple offset case, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 09/15] bpf: Populate pairs of btf_id and destructor kfunc in btf, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 12/15] net/netfilter: Add bpf_ct_kptr_get helper, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 11/15] bpf: Teach verifier about kptr_get style kfunc helpers, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 13/15] libbpf: Add __kptr* macros to bpf_helpers.h, Kumar Kartikeya Dwivedi
- [PATCH bpf-next v1 15/15] selftests/bpf: Add verifier tests for PTR_TO_BTF_ID in map, Kumar Kartikeya Dwivedi
- Re: [PATCH bpf-next v1 00/15] Introduce typed pointer support in BPF maps, Song Liu
[PATCH v2 nf] netfilter: nf_tables: fix memory leak during stateful obj update,
Florian Westphal
[PATCH] netfilter: nf_tables: fix memory leak during stateful obj update, Florian Westphal
[PATCH net v2 1/1] net/sched: act_ct: Fix flow table lookup failure with no originating ifindex,
Paul Blakey
[PATCH nft,v2 1/5] src: add EXPR_F_KERNEL to identify expression in the kernel,
Pablo Neira Ayuso
[PATCH libnftnl] exthdr: tcp option reset support, Florian Westphal
[PATCH nft] src: add tcp option reset support,
Florian Westphal
[nft PATCH 00/26] scanner: Some fixes, many new scopes,
Phil Sutter
- [nft PATCH 21/26] scanner: flags: move to own scope, Phil Sutter
- [nft PATCH 23/26] scanner: nat: Move to own scope, Phil Sutter
- [nft PATCH 12/26] scanner: osf: Move to own scope, Phil Sutter
- [nft PATCH 15/26] scanner: type: Move to own scope, Phil Sutter
- [nft PATCH 11/26] scanner: dccp, th: Move to own scopes, Phil Sutter
- [nft PATCH 20/26] scanner: reject: Move to own scope, Phil Sutter
- [nft PATCH 19/26] scanner: import, export: Move to own scopes, Phil Sutter
- [nft PATCH 13/26] scanner: ah, esp: Move to own scopes, Phil Sutter
- [nft PATCH 25/26] scanner: meta: Move to own scope, Phil Sutter
- [nft PATCH 02/26] scanner: Move 'maps' keyword into list cmd scope, Phil Sutter
- [nft PATCH 10/26] scanner: udp{,lite}: Move to own scope, Phil Sutter
- [nft PATCH 09/26] scanner: comp: Move to own scope., Phil Sutter
- [nft PATCH 07/26] scanner: tcp: Move to own scope, Phil Sutter
- [nft PATCH 01/26] tests: py: Test connlimit statement, Phil Sutter
- [nft PATCH 16/26] scanner: rt: Extend scope over rt0, rt2 and srh, Phil Sutter
- [nft PATCH 17/26] scanner: monitor: Move to own Scope, Phil Sutter
- [nft PATCH 24/26] scanner: at: Move to own scope, Phil Sutter
- [nft PATCH 14/26] scanner: dst, frag, hbh, mh: Move to own scopes, Phil Sutter
- [nft PATCH 22/26] scanner: policy: move to own scope, Phil Sutter
- [nft PATCH 06/26] scanner: igmp: Move to own scope, Phil Sutter
- [nft PATCH 18/26] scanner: reset: move to own Scope, Phil Sutter
- [nft PATCH 03/26] scanner: Some time units are only used in limit scope, Phil Sutter
- [nft PATCH 04/26] scanner: rt: Move seg-left keyword into scope, Phil Sutter
- [nft PATCH 05/26] scanner: icmp{,v6}: Move to own scope, Phil Sutter
- [nft PATCH 26/26] scanner: dup, fwd, tproxy: Move to own scopes, Phil Sutter
- [nft PATCH 08/26] scanner: synproxy: Move to own scope, Phil Sutter
- Re: [nft PATCH 00/26] scanner: Some fixes, many new scopes, Pablo Neira Ayuso
[nf-next PATCH] netfilter: conntrack: Relax helper auto-assignment warning for nftables,
Phil Sutter
[PATCH nf] netfilter: nf_tables: fix memory leak during stateful obj update, Florian Westphal
[PATCH nf] netfilter: nft_limit: fix stateful object memory leak,
Florian Westphal
[PATCH nf] netfilter: nf_tables: unregister flowtable hooks on netns exit, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables_offload: incorrect flow offload action array size,
Pablo Neira Ayuso
[PATCH nft,v1 0/5] revisit overlap/automerge codebase,
Pablo Neira Ayuso
- [PATCH nft,v1 4/5] mnl: update mnl_nft_setelem_del() to allow for more reuse, Pablo Neira Ayuso
- [PATCH nft,v1 5/5] intervals: add support to automerge with kernel elements, Pablo Neira Ayuso
- [PATCH nft,v1 2/5] src: replace interval segment tree overlap and automerge, Pablo Neira Ayuso
- [PATCH nft,v1 1/5] src: add EXPR_F_KERNEL to identify expression in the kernel, Pablo Neira Ayuso
- [PATCH nft,v1 3/5] src: remove rbtree datastructure, Pablo Neira Ayuso
- [PATCH nft,v1 1/1] intervals: add support to automerge with kernel elements, Pablo Neira Ayuso
[PATCH nft] netlink: check key is EXPR_CONCAT before accessing field, Pablo Neira Ayuso
[PATCH net-next v1] net: Use csum_replace_... and csum_sub() helpers instead of opencoding,
Christophe Leroy
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
