Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH net 4/6] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value., (continued)
- [PATCH nf-next] netfilter: ebtables: do not hook tables by default,
Florian Westphal
- [PATCH nft 1/2] parser_bison: missing initialization of ct timeout policy list,
Pablo Neira Ayuso
- [PATCH nf-next 0/3] netfilter: clusterip: don't register hook in all netns,
Florian Westphal
- [PATCH v28 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v28 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v28 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v28 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v28 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH] netfilter: nfnl_hook: fix unused variable warning,
Arnd Bergmann
- [PATCH nf] netfilter: nft_nat: allow to specify layer 4 protocol NAT only, Pablo Neira Ayuso
- [PATCH nft] evaluate: fix inet nat with no layer 3 info, Pablo Neira Ayuso
- [PATCH nft] src: add --define key=value, Pablo Neira Ayuso
- [PATCH nf-next,v2] netfilter: flowtable: remove nf_ct_l4proto_find() call, Pablo Neira Ayuso
- [PATCH nf] netfilter: conntrack: adjust stop timestamp to real expiry value,
Florian Westphal
- [PATCH libnetfilter_queue] src: Stop users from accidentally using legacy linux_nfnetlink_queue.h,
Duncan Roe
- [PATCH libnetfilter_queue] build: doc: get rid of the need for manual updating of Makefile, Duncan Roe
- [PATCH libmnl] build: doc: get rid of the need for manual updating of Makefile,
Duncan Roe
- [PATCH nf 1/2] netfilter: flowtable: avoid possible false sharing,
Pablo Neira Ayuso
- [PATCH nf-next] netfilter: flowtable: remove nf_ct_l4proto_find() call, Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nft_last: avoid possible false sharing,
Pablo Neira Ayuso
- [syzbot] general protection fault in nf_tables_dump_flowtable, syzbot
- [PATCH nf-next,v2] netfilter: nft_compat: use nfnetlink_unicast(), Pablo Neira Ayuso
- [PATCH v3] audit: fix memory leak in nf_tables_commit,
Dongliang Mu
- [PATCH] xtables: Call init_extensions6() for static builds,
Erik Wilson
- [PATCH nftables,v3 1/3] src: remove STMT_NAT_F_INTERVAL flags and interval keyword,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_compat: use nfnetlink_unicast(), Pablo Neira Ayuso
- [PATCH v2] audit: fix memory leak in nf_tables_commit,
Dongliang Mu
- [PATCH nftables,v2 1/2] src: infer interval from set,
Pablo Neira Ayuso
- [issue] conntrack: lack of lock during nat, ze wang
- [PATCH] audit: fix memory leak in nf_tables_commit,
Dongliang Mu
- [PATCH v2] net: Use nlmsg_unicast() instead of netlink_unicast(),
Yajun Deng
- [PATCH nftables] src: support for nat with interval concatenation, Pablo Neira Ayuso
- [PATCH nftables] netlink_delinearize: stmt and expr error path memleaks, Pablo Neira Ayuso
- [PATCH] net: Use nlmsg_unicast() instead of netlink_unicast(),
Yajun Deng
- [PATCH net 00/11] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH net 01/11] selftest: netfilter: add test case for unreplied tcp connections, Pablo Neira Ayuso
- [PATCH net 02/11] netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state, Pablo Neira Ayuso
- [PATCH net 03/11] netfilter: nf_tables: Fix dereference of null pointer flow, Pablo Neira Ayuso
- [PATCH net 04/11] netfilter: conntrack: nf_ct_gre_keymap_flush() removal, Pablo Neira Ayuso
- [PATCH net 05/11] netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo, Pablo Neira Ayuso
- [PATCH net 07/11] netfilter: conntrack: add new sysctl to disable RST check, Pablo Neira Ayuso
- [PATCH net 06/11] netfilter: conntrack: improve RST handling when tuple is re-used, Pablo Neira Ayuso
- [PATCH net 08/11] netfilter: conntrack: Mark access for KCSAN, Pablo Neira Ayuso
- [PATCH net 09/11] netfilter: nft_last: honor NFTA_LAST_SET on restoration, Pablo Neira Ayuso
- [PATCH net 10/11] netfilter: nft_last: incorrect arithmetics when restoring last used, Pablo Neira Ayuso
- [PATCH net 11/11] netfilter: uapi: refer to nfnetlink_conntrack.h, not nf_conntrack_netlink.h, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net 00/11] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 01/11] selftests: netfilter: add a vrf+conntrack testcase, Pablo Neira Ayuso
- [PATCH net 02/11] selftests: netfilter: extend nfqueue tests to cover vrf device, Pablo Neira Ayuso
- [PATCH net 04/11] selftests: nft_nat: Improve port shadow test stability, Pablo Neira Ayuso
- [PATCH net 06/11] netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY, Pablo Neira Ayuso
- [PATCH net 07/11] netfilter: ctnetlink: do not erase error code with EINVAL, Pablo Neira Ayuso
- [PATCH net 03/11] netfilter: nft_payload: Remove duplicated include in nft_payload.c, Pablo Neira Ayuso
- [PATCH net 08/11] netfilter: ipvs: Fix reuse connection if RS weight is 0, Pablo Neira Ayuso
- [PATCH net 05/11] selftests: nft_nat: Simplify port shadow notrack test, Pablo Neira Ayuso
- [PATCH net 10/11] netfilter: flowtable: fix IPv6 tunnel addr match, Pablo Neira Ayuso
- [PATCH net 09/11] netfilter: xt_IDLETIMER: replace snprintf in show functions with sysfs_emit, Pablo Neira Ayuso
- [PATCH net 11/11] selftests: nft_nat: switch port shadow test cases to socat, Pablo Neira Ayuso
- Netdevconf 0x15 update, Jamal Hadi Salim
- Re: netfilter: Use netlink_ns_capable to verify the permisions of netlink messages,
Pablo Neira Ayuso
- [PATCH] net: Add netfilter hooks to track SRv6-encapsulated flows,
Ryoga Saito
[PATCH nftables] src: add last statement, Pablo Neira Ayuso
[PATCH libnftnl] expr: last: add NFTNL_EXPR_LAST_SET, Pablo Neira Ayuso
[PATCH nf 1/2] netfilter: nft_last: honor NFTA_LAST_SET on restoration,
Pablo Neira Ayuso
[PATCH nf-next] include: fix header file name in 3 comments,
Duncan Roe
[PATCH nftables] build: get `make distcheck` to pass again,
Duncan Roe
[PATCH libnetfilter_queue] src: annotation: Correctly identify item for which header is needed,
Duncan Roe
[PATCH NETFILTER v2] netfilter: nfnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo,
Vasily Averin
[PATCH NETFILTER v2] netfilter: gre: nf_ct_gre_keymap_flush() removal,
Vasily Averin
Re: [PATCH NETFILTER] netfilter: gre: nf_ct_gre_keymap_flush() removal, Florian Westphal
Re: [PATCH NETFILTER] netfilter: nfnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo,
Florian Westphal
[PATCH nft] cmd: incorrect error reporting when table declaration exists, Pablo Neira Ayuso
[PATCH nftables] cmd: incorrect table location in error reporting, Pablo Neira Ayuso
Netfilter rules to replicate, consume ingress packet locally and forward clone packet., rakesh goyal
Re: Reload IPtables,
Neal P. Murphy
Re: Reload IPtables, slow_speed
[PATCH] extensions: masquerade: Add RFC-7597 section 5.1 PSID support,
Cole Dishington
[PATCH 0/2] Fixes for KCSAN findings,
Manfred Spraul
[PATCH iptables] extensions: libxt_multiport: add translation for -m multiport --ports, Pablo Neira Ayuso
[PATCH ipset,v4 0/4] nftables to ipset translation infrastructure,
Pablo Neira Ayuso
- [PATCH ipset,v4 1/4] lib: split parser from command execution, Pablo Neira Ayuso
- [PATCH ipset,v4 2/4] lib: Detach restore routine from parser, Pablo Neira Ayuso
- [PATCH ipset,v4 4/4] tests: add tests ipset to nftables, Pablo Neira Ayuso
- [PATCH ipset,v4 3/4] add ipset to nftables translation infrastructure, Pablo Neira Ayuso
- Re: [PATCH ipset,v4 0/4] nftables to ipset translation infrastructure, Jozsef Kadlecsik
[PATCH][next] netfilter: nf_tables: Fix dereference of null pointer flow,
Colin King
[PATCH ipset 3/3,v3] add ipset to nftables translation infrastructure, Pablo Neira Ayuso
[PATCH nf-next 0/2] netfilter: conntrack: do not renew timeout while in tcp SYN_SENT state,
Florian Westphal
[PATCH net] ipv6/netfilter: Drop Packet Too Big with invalid payload,
Georg Kohmann
[PATCH net-next 0/6] Netfilter updates for net-next,
Pablo Neira Ayuso
[PATCH nft] rule: obj_free() releases timeout state string, Pablo Neira Ayuso
[PATCH nft] parser_bison: memleak in rate limit parser, Pablo Neira Ayuso
[PATCH nft] libnftables: fix memleak when first message in batch is used to report error, Pablo Neira Ayuso
[PATCH nft] libnftables: fix memleak when EOPNOTSUPP, Pablo Neira Ayuso
[PATCH nft] parser_bison: string memleak in YYERROR path, Pablo Neira Ayuso
[PATCH nft] parser_bison: string memleak when datatype is incorrect, Pablo Neira Ayuso
[syzbot] WARNING: zero-size vmalloc in corrupted,
syzbot
[PATCH nft] evaluate: fix maps with key and data concatenations, Pablo Neira Ayuso
[PATCH nf 2/2,v2] netfilter: nf_tables: do not allow to delete table with owner by handle, Pablo Neira Ayuso
[PATCH nf 1/2] netfilter: nf_tables: skip netlink portID validation if zero,
Pablo Neira Ayuso
[PATCH libmnl 0/1] build: doc: "make" builds & installs a full set of man pages,
Duncan Roe
[PATCH nf,v4] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN transfer logic, Pablo Neira Ayuso
[PATCH nf,v3] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
[PATCH nf,v2] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
[syzbot] general protection fault in smc_tx_sendmsg,
syzbot
can't compile with CLANG + ThinLTO, Pascal Dupuis
Re: [syzbot] KASAN: use-after-free Read in check_all_holdout_tasks_trace,
syzbot
[PATCH net-next] netfilter: nfnetlink_hook: fix check for snprintf() overflow,
Dan Carpenter
[PATCH] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables_offload: skip VLAN handling if FLOW_DISSECTOR_KEY_CONTROL is unset,
Pablo Neira Ayuso
[PATCH nft,v2] rule: memleak of list of timeout policies, Pablo Neira Ayuso
[PATCH nft] rule: memleak of list of timeout policies, Pablo Neira Ayuso
[PATCH nft] parser_bison: memleak in osf flags, Pablo Neira Ayuso
[PATCH nft] netlink_delinearize: memleak when listing ct event rule, Pablo Neira Ayuso
[PATCH nft] segtree: memleak in error path of the set to segtree conversion, Pablo Neira Ayuso
[PATCH nf-next] docs: networking: Update connection tracking offload sysctl parameters,
Oz Shlomo
[PATCH nf-next,v6] netfilter: nf_tables: add last expression, Pablo Neira Ayuso
[PATCH nft] netlink_delinearize: memleak in string netlink postprocessing, Pablo Neira Ayuso
[PATCH nft] evaluate: memleak in binary operation transfer to RHS, Pablo Neira Ayuso
[PATCH nft 0/8] Enableruntime queue selection via jhash, numgen and map statement,
Florian Westphal
[PATCH nf-next,v5] netfilter: nf_tables: add last expression, Pablo Neira Ayuso
[PATCH nf-next] netfilter: conntrack: pass hook state to log functions,
Florian Westphal
[PATCH nf,v2 1/2] netfilter: nft_exthdr: check for IPv6 packet before further processing,
Pablo Neira Ayuso
[PATCH nft 1/2] evaluate: do not skip evaluation of mapping set elements,
Pablo Neira Ayuso
[PATCH nft v2 0/3] fix icmpv6 id dependeny handling,
Florian Westphal
nfqueue hashing on TCP/UDP port,
Jake Owen
[PATCH nf] Revert "netfilter: flowtable: Remove redundant hw refresh bit",
Aleksander Jan Bajkowski
[PATCH nft 0/3] fix icmpv6 id dependeny handling,
Florian Westphal
[PATCH nftables] src: use opencoded NFT_SET_ANONYMOUS set flag check by set_is_anonymous(),
Pablo Neira Ayuso
[PATCH nftables] src: add xzalloc_array() and use it to allocate the expression hashtable,
Pablo Neira Ayuso
[PATCH nftables] evaluate: add set to cache once,
Pablo Neira Ayuso
[PATCH nftables,v2] src: add vlan dei, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols, Pablo Neira Ayuso
[PATCH nft 2/2] evaluate: restore interval + concatenation in anonymous set,
Pablo Neira Ayuso
[PATCH nft] src: add vlan dei, Pablo Neira Ayuso
[nf-next PATCH] netfilter: nft_extdhr: Drop pointless check of tprot_set,
Phil Sutter
[nf-next PATCH v2] netfilter: nft_exthdr: Search chunks in SCTP packets only,
Phil Sutter
[nft PATCH 00/10] Some covscan fixes,
Phil Sutter
- [nft PATCH 08/10] netlink: Avoid memleak in error path of netlink_delinearize_obj(), Phil Sutter
- [nft PATCH 04/10] json: Drop pointless assignment in exthdr_expr_json(), Phil Sutter
- [nft PATCH 06/10] netlink: Avoid memleak in error path of netlink_delinearize_chain(), Phil Sutter
- [nft PATCH 03/10] evaluate: Mark fall through case in str2hooknum(), Phil Sutter
- [nft PATCH 01/10] parser_bison: Fix for implicit declaration of isalnum, Phil Sutter
- [nft PATCH 02/10] parser_json: Fix for memleak in tcp option error path, Phil Sutter
- [nft PATCH 05/10] netlink: Avoid memleak in error path of netlink_delinearize_set(), Phil Sutter
- [nft PATCH 09/10] netlink_delinearize: Fix suspicious calloc() call, Phil Sutter
- [nft PATCH 07/10] netlink: Avoid memleak in error path of netlink_delinearize_table(), Phil Sutter
- [nft PATCH 10/10] rule: Fix for potential off-by-one in cmd_add_loc(), Phil Sutter
[PATCH v27 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
[PATCH v27 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
[PATCH v27 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
[PATCH v27 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
[PATCH v27 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
[PATCH libnftnl 1/2] expr: add last match time support,
Pablo Neira Ayuso
[PATCH nft] tests: shell: extend connlimit test, Pablo Neira Ayuso
[PATCH nf 1/2] netfilter: nft_exthdr: check for IPv6 packet before further processing,
Pablo Neira Ayuso
[nf-next PATCH] netfilter: nft_exthdr: Search chunks in SCTP packets only,
Phil Sutter
Re: [syzbot] KASAN: use-after-free Read in blk_mq_exit_sched, syzbot
Re: linux-next: Tree for Jun 9 (net/netfilter/nfnetlink_hook.c),
Randy Dunlap
linux-next: Fixes tags need some work in the netfilter-next tree, Stephen Rothwell
[PATCH net-next 00/13] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 01/13] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it, Pablo Neira Ayuso
- [PATCH net-next 02/13] netfilter: nf_tables: remove nft_ctx_init_from_elemattr(), Pablo Neira Ayuso
- [PATCH net-next 03/13] netfilter: nf_tables: remove nft_ctx_init_from_setattr(), Pablo Neira Ayuso
- [PATCH net-next 04/13] netfilter: nftables: add nf_ct_pernet() helper function, Pablo Neira Ayuso
- [PATCH net-next 05/13] netfilter: conntrack: Introduce tcp offload timeout configuration, Pablo Neira Ayuso
- [PATCH net-next 06/13] netfilter: conntrack: Introduce udp offload timeout configuration, Pablo Neira Ayuso
- [PATCH net-next 07/13] netfilter: flowtable: Set offload timeouts according to proto values, Pablo Neira Ayuso
- [PATCH net-next 08/13] netfilter: annotate nf_tables base hook ops, Pablo Neira Ayuso
- [PATCH net-next 09/13] netfilter: add new hook nfnl subsystem, Pablo Neira Ayuso
- [PATCH net-next 10/13] netfilter: nft_exthdr: Fix for unsafe packet data read, Pablo Neira Ayuso
- [PATCH net-next 11/13] netfilter: nfnetlink_hook: fix array index out-of-bounds error, Pablo Neira Ayuso
- [PATCH net-next 12/13] netfilter: nfnetlink_hook: add depends-on nftables, Pablo Neira Ayuso
- [PATCH net-next 13/13] netfilter: nf_tables: move base hook annotation to init helper, Pablo Neira Ayuso
[PATCH nf-next,v4] netfilter: nf_tables: add last expression,
Pablo Neira Ayuso
[nft PATCH] segtree: Fix segfault when restoring a huge interval set, Phil Sutter
[PATCH -next] netfilter: Make NETFILTER_NETLINK_HOOK depends on NF_TABLES, He Ying
[PATCH nf-next] netfilter: move nf_tables base hook annotation to init helper,
Florian Westphal
[PATCH v2 nf-next] netfilter: nfnetlink_hook: add depends-on nftables,
Florian Westphal
Re: [syzbot] WARNING in cancel_delayed_work, syzbot
[PATCH nft,v2] netlink: quick sort array of devices, Pablo Neira Ayuso
[PATCH][next] etfilter: fix array index out-of-bounds error,
Colin King
[PATCH nf-next] nfilter: nf_hooks: fix build failure with NF_TABLES=n,
Florian Westphal
[PATCH nft] cmd: check for table mismatch first in error reporting,
Pablo Neira Ayuso
[PATCH nf 0/2] netfilter: nft_fib: ignore icmpv6 packets from ::,
Florian Westphal
[nf-next PATCH v2] netfilter: nft_exthdr: Fix for unsafe packet data read,
Phil Sutter
[nf-next PATCH] netfilter: nft_exthdr: Fix for unsafe packet data read,
Phil Sutter
Re: [syzbot] KASAN: use-after-free Read in hci_chan_del, syzbot
[PATCH nf-next,v3] netfilter: nf_tables: add last expression, Pablo Neira Ayuso
Re: [syzbot] BUG: using smp_processor_id() in preemptible code in radix_tree_node_alloc,
syzbot
[syzbot] general protection fault in kcm_sendmsg,
syzbot
[PATCH nft v2 1/3] scanner: add list cmd parser scope,
Florian Westphal
[PATCH nf-next,v2] netfilter: nf_tables: add last expression,
Pablo Neira Ayuso
[PATCH nftables] rule: rework CMD_OBJ_SETELEMS logic, Pablo Neira Ayuso
[PATCH nft 0/4] nftables: convert single-elem anon sets to compare operation,
Florian Westphal
[PATCH nf-next v2 0/2] netfilter: new hook nfnl subsystem,
Florian Westphal
[syzbot] KMSAN: uninit-value in translate_table (2), syzbot
[PATCH nf] netfilter: nf_tables: initialize set before expression setup, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_tables: add last expression,
Pablo Neira Ayuso
[PATCH iptables,v2 0/5] iptables-translation enhancements,
Pablo Neira Ayuso
- [PATCH iptables,v2 1/5] libxtables: extend xlate infrastructure, Pablo Neira Ayuso
- [PATCH iptables,v2 2/5] tests: xlate-test: support multiline expectation, Pablo Neira Ayuso
- [PATCH iptables,v2 3/5] extensions: libxt_connlimit: add translation, Pablo Neira Ayuso
- [PATCH iptables,v2 4/5] extensions: libxt_tcp: rework translation to use flags match representation, Pablo Neira Ayuso
- [PATCH iptables,v2 5/5] extensions: libxt_conntrack: simplify translation using negation, Pablo Neira Ayuso
[PATCH nf-next 0/3] Control nf flow table timeouts,
Oz Shlomo
[PATCH iptables] extensions: libxt_conntrack: simplify translation using negation, Pablo Neira Ayuso
[PATCH iptables] extensions: libxt_tcp: rework translation to use flags match representation, Pablo Neira Ayuso
[PATCH nft] statement: connlimit: remove extra whitespace in print function, Pablo Neira Ayuso
[PATCH iptables 1/2] libxtables: extend xlate infrastructure,
Pablo Neira Ayuso
[PATCH nft] tests: py: update netdev reject test file, Florian Westphal
[PATCH nft] json: catchall element support, Florian Westphal
[syzbot] general protection fault in nft_set_elem_expr_alloc,
syzbot
[syzbot] general protection fault in lock_page_memcg, syzbot
[iptables PATCH 0/9] Fix a bunch of static analyzer warnings,
Phil Sutter
[PATCH nft] json: fix parse of flagcmp expression, Florian Westphal
[PATCH nft] json: fix base chain output, Florian Westphal
[PATCH nf-next] netfilter: nftables: add nf_ct_pernet() helper function, Pablo Neira Ayuso
Re: [syzbot] WARNING in idr_get_next,
syzbot
[PATCH net-next 00/16] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 01/16] netfilter: nft_exthdr: Support SCTP chunks, Pablo Neira Ayuso
- [PATCH net-next 02/16] netfilter: nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state, Pablo Neira Ayuso
- [PATCH net-next 03/16] netfilter: add and use nft_set_do_lookup helper, Pablo Neira Ayuso
- [PATCH net-next 05/16] netfilter: Remove leading spaces in Kconfig, Pablo Neira Ayuso
- [PATCH net-next 08/16] netfilter: use nfnetlink_unicast(), Pablo Neira Ayuso
- [PATCH net-next 07/16] netfilter: xt_CT: Remove redundant assignment to ret, Pablo Neira Ayuso
- [PATCH net-next 06/16] netfilter: x_tables: improve limit_mt scalability, Pablo Neira Ayuso
- [PATCH net-next 04/16] netfilter: nf_tables: prefer direct calls for set lookups, Pablo Neira Ayuso
- [PATCH net-next 11/16] netfilter: nf_tables: add and use nft_sk helper, Pablo Neira Ayuso
- [PATCH net-next 10/16] netfilter: reduce size of nf_hook_state on 32bit platforms, Pablo Neira Ayuso
- [PATCH net-next 09/16] netfilter: x_tables: reduce xt_action_param by 8 byte, Pablo Neira Ayuso
- [PATCH net-next 12/16] netfilter: nf_tables: add and use nft_thoff helper, Pablo Neira Ayuso
- [PATCH net-next 13/16] netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec(), Pablo Neira Ayuso
- [PATCH net-next 15/16] netfilter: nft_set_pipapo_avx2: fix up description warnings, Pablo Neira Ayuso
- [PATCH net-next 14/16] netfilter: nf_tables: remove xt_action_param from nft_pktinfo, Pablo Neira Ayuso
- [PATCH net-next 16/16] netfilter: fix clang-12 fmt string warnings, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net-next 00/16] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/16] netfilter: ctnetlink: support CTA_FILTER for flush, Pablo Neira Ayuso
- [PATCH net-next 02/16] netfilter: nft_counter: Use u64_stats_t for statistic., Pablo Neira Ayuso
- [PATCH net-next 03/16] netfilter: Use kmemdup_array instead of kmemdup for multiple allocation, Pablo Neira Ayuso
- [PATCH net-next 06/16] netfilter: nf_tables: Correct spelling in nf_tables.h, Pablo Neira Ayuso
- [PATCH net-next 04/16] netfilter: conntrack: Convert to use ERR_CAST(), Pablo Neira Ayuso
- [PATCH net-next 08/16] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire, Pablo Neira Ayuso
- [PATCH net-next 07/16] netfilter: nf_tables: Add missing Kernel doc, Pablo Neira Ayuso
- [PATCH net-next 05/16] netfilter: nf_tables: drop unused 3rd argument from validate callback ops, Pablo Neira Ayuso
- [PATCH net-next 09/16] netfilter: nf_tables: reject element expiration with no timeout, Pablo Neira Ayuso
- [PATCH net-next 10/16] netfilter: nf_tables: reject expiration higher than timeout, Pablo Neira Ayuso
- [PATCH net-next 11/16] netfilter: nf_tables: remove annotation to access set timeout while holding lock, Pablo Neira Ayuso
- [PATCH net-next 12/16] netfilter: nft_dynset: annotate data-races around set timeout, Pablo Neira Ayuso
- [PATCH net-next 13/16] netfilter: nf_tables: annotate data-races around element expiration, Pablo Neira Ayuso
- [PATCH net-next 14/16] netfilter: nf_tables: consolidate timeout extension for elements, Pablo Neira Ayuso
- [PATCH net-next 15/16] netfilter: nf_tables: zero timeout means element never times out, Pablo Neira Ayuso
- [PATCH net-next 16/16] netfilter: nf_tables: set element timeout update support, Pablo Neira Ayuso
[PATCH nf-next 0/2] netfilter: new hook nfnl subsystem,
Florian Westphal
[PATCH ipset,v2] add ipset to nftables translation infrastructure, Pablo Neira Ayuso
[PATCH ipset 1/3] lib: split parser from command execution,
Pablo Neira Ayuso
[PATCH nf-next 1/3,v3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it,
Pablo Neira Ayuso
[PATCH nf-next,v2 1/3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it,
Pablo Neira Ayuso
[PATCH nf-next 1/3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it,
Pablo Neira Ayuso
[PATCH nf-next] netfilter: fix clang-12 fmt string warnings, Florian Westphal
[PATCH nf-next] netfilter: nft_set_pipapo_avx2: fix up description warnings, Florian Westphal
[PATCH nf-next] netfilter: nft_compat: fix bridge family target evaluation,
Florian Westphal
[PATCH] netfilter: conntrack: remove the repeated declaration,
Shaokun Zhang
[nf-next:master 14/14] net/netfilter/nft_compat.c:113:10: warning: address of 'xt.hotdrop' will always evaluate to 'true', kernel test robot
[nf-next:master 4/14] net/netfilter/nft_set_pipapo.c:412:6: error: static declaration of 'nft_pipapo_lookup' follows non-static declaration,
kernel test robot
[PATCH conntrackd] cthelper: fix overlapping queue numbers in example file, Pablo Neira Ayuso
[PATCH nf] netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches, Pablo Neira Ayuso
[PATCH conntrackd,v2 1/2] cthelper: Set up userspace helpers when daemon starts,
Pablo Neira Ayuso
[PATCH nf-next 0/6] netfilter: reduce size of core data structures,
Florian Westphal
[PATCH nf] MAINTAINERS: netfilter: add irc channel,
Nicolas Dichtel
[PATCH conntrackd] cthelper: Set up userspace helpers when daemon starts,
Pablo Neira Ayuso
[PATCH nf,v2] netfilter: nft_ct: skip expectations for confirmed conntrack, Pablo Neira Ayuso
[PATCH nf-next,v3] netfilter: use nfnetlink_unicast(), Pablo Neira Ayuso
[PATCH net 0/5] Netfilter/IPVS fixes for net,
Pablo Neira Ayuso
[PATCH nft 0/6] nftables: add --optimize support,
Florian Westphal
[PATCH nf-next,v2] netfilter: use nfnetlink_unicast(), Pablo Neira Ayuso
[PATCH-v2] netfilter: conntrack: add new sysctl to disable RST check, Ali Abdallah
[PATCH] netfilter: conntrack: add new sysctl to disable RST check,
Ali Abdallah
[ANNOUNCE] nftables 0.9.9 release, Pablo Neira Ayuso
[PATCH nf-next v2 0/4] netfilter: add hook dump feature,
Florian Westphal
[ANNOUNCE] libnftnl 1.2.0 release, Pablo Neira Ayuso
[ulogd2 PATCH] ulogd: printpkt: print pkt mark like kernel,
Cole Dishington
[PATCH nftables] evaluate: allow == and != in the new shortcut syntax to match for flags,
Pablo Neira Ayuso
[PATCH net] ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service,
Julian Anastasov
[PATCH nf] netfilter: nf_tables: fix table flag updates, Pablo Neira Ayuso
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
