Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [syzbot] WARNING: zero-size vmalloc in corrupted, (continued)
- [PATCH nft] evaluate: fix maps with key and data concatenations, Pablo Neira Ayuso
- [PATCH nf 2/2,v2] netfilter: nf_tables: do not allow to delete table with owner by handle, Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nf_tables: skip netlink portID validation if zero,
Pablo Neira Ayuso
- [PATCH libmnl 0/1] build: doc: "make" builds & installs a full set of man pages,
Duncan Roe
- [PATCH nf,v4] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN transfer logic, Pablo Neira Ayuso
- [PATCH nf,v3] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
- [syzbot] general protection fault in smc_tx_sendmsg,
syzbot
- can't compile with CLANG + ThinLTO, Pascal Dupuis
- Re: [syzbot] KASAN: use-after-free Read in check_all_holdout_tasks_trace,
syzbot
- [PATCH net-next] netfilter: nfnetlink_hook: fix check for snprintf() overflow,
Dan Carpenter
- [PATCH] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables_offload: skip VLAN handling if FLOW_DISSECTOR_KEY_CONTROL is unset,
Pablo Neira Ayuso
- [PATCH nft,v2] rule: memleak of list of timeout policies, Pablo Neira Ayuso
- [PATCH nft] rule: memleak of list of timeout policies, Pablo Neira Ayuso
- [PATCH nft] parser_bison: memleak in osf flags, Pablo Neira Ayuso
- [PATCH nft] netlink_delinearize: memleak when listing ct event rule, Pablo Neira Ayuso
- [PATCH nft] segtree: memleak in error path of the set to segtree conversion, Pablo Neira Ayuso
- [PATCH nf-next] docs: networking: Update connection tracking offload sysctl parameters,
Oz Shlomo
- [PATCH nf-next,v6] netfilter: nf_tables: add last expression, Pablo Neira Ayuso
- [PATCH nft] netlink_delinearize: memleak in string netlink postprocessing, Pablo Neira Ayuso
- [PATCH nft] evaluate: memleak in binary operation transfer to RHS, Pablo Neira Ayuso
- [PATCH nft 0/8] Enableruntime queue selection via jhash, numgen and map statement,
Florian Westphal
- [PATCH nf-next,v5] netfilter: nf_tables: add last expression, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: conntrack: pass hook state to log functions,
Florian Westphal
- [PATCH nf,v2 1/2] netfilter: nft_exthdr: check for IPv6 packet before further processing,
Pablo Neira Ayuso
- [PATCH nft 1/2] evaluate: do not skip evaluation of mapping set elements,
Pablo Neira Ayuso
- [PATCH nft v2 0/3] fix icmpv6 id dependeny handling,
Florian Westphal
- nfqueue hashing on TCP/UDP port,
Jake Owen
- [PATCH nf] Revert "netfilter: flowtable: Remove redundant hw refresh bit",
Aleksander Jan Bajkowski
- [PATCH nft 0/3] fix icmpv6 id dependeny handling,
Florian Westphal
- [PATCH nftables] src: use opencoded NFT_SET_ANONYMOUS set flag check by set_is_anonymous(),
Pablo Neira Ayuso
- [PATCH nftables] src: add xzalloc_array() and use it to allocate the expression hashtable,
Pablo Neira Ayuso
- [PATCH nftables] evaluate: add set to cache once,
Pablo Neira Ayuso
- [PATCH nftables,v2] src: add vlan dei, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols, Pablo Neira Ayuso
- [PATCH nft 2/2] evaluate: restore interval + concatenation in anonymous set,
Pablo Neira Ayuso
- [PATCH nft] src: add vlan dei, Pablo Neira Ayuso
- [nf-next PATCH] netfilter: nft_extdhr: Drop pointless check of tprot_set,
Phil Sutter
- [nf-next PATCH v2] netfilter: nft_exthdr: Search chunks in SCTP packets only,
Phil Sutter
- [nft PATCH 00/10] Some covscan fixes,
Phil Sutter
- [nft PATCH 08/10] netlink: Avoid memleak in error path of netlink_delinearize_obj(), Phil Sutter
- [nft PATCH 04/10] json: Drop pointless assignment in exthdr_expr_json(), Phil Sutter
- [nft PATCH 06/10] netlink: Avoid memleak in error path of netlink_delinearize_chain(), Phil Sutter
- [nft PATCH 03/10] evaluate: Mark fall through case in str2hooknum(), Phil Sutter
- [nft PATCH 01/10] parser_bison: Fix for implicit declaration of isalnum, Phil Sutter
- [nft PATCH 02/10] parser_json: Fix for memleak in tcp option error path, Phil Sutter
- [nft PATCH 05/10] netlink: Avoid memleak in error path of netlink_delinearize_set(), Phil Sutter
- [nft PATCH 09/10] netlink_delinearize: Fix suspicious calloc() call, Phil Sutter
- [nft PATCH 07/10] netlink: Avoid memleak in error path of netlink_delinearize_table(), Phil Sutter
- [nft PATCH 10/10] rule: Fix for potential off-by-one in cmd_add_loc(), Phil Sutter
- [PATCH v27 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v27 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v27 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v27 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v27 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH libnftnl 1/2] expr: add last match time support,
Pablo Neira Ayuso
- [PATCH nft] tests: shell: extend connlimit test, Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nft_exthdr: check for IPv6 packet before further processing,
Pablo Neira Ayuso
- [nf-next PATCH] netfilter: nft_exthdr: Search chunks in SCTP packets only,
Phil Sutter
- Re: [syzbot] KASAN: use-after-free Read in blk_mq_exit_sched, syzbot
- Re: linux-next: Tree for Jun 9 (net/netfilter/nfnetlink_hook.c),
Randy Dunlap
- linux-next: Fixes tags need some work in the netfilter-next tree, Stephen Rothwell
- [PATCH net-next 00/13] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 01/13] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it, Pablo Neira Ayuso
- [PATCH net-next 02/13] netfilter: nf_tables: remove nft_ctx_init_from_elemattr(), Pablo Neira Ayuso
- [PATCH net-next 03/13] netfilter: nf_tables: remove nft_ctx_init_from_setattr(), Pablo Neira Ayuso
- [PATCH net-next 04/13] netfilter: nftables: add nf_ct_pernet() helper function, Pablo Neira Ayuso
- [PATCH net-next 05/13] netfilter: conntrack: Introduce tcp offload timeout configuration, Pablo Neira Ayuso
- [PATCH net-next 06/13] netfilter: conntrack: Introduce udp offload timeout configuration, Pablo Neira Ayuso
- [PATCH net-next 07/13] netfilter: flowtable: Set offload timeouts according to proto values, Pablo Neira Ayuso
- [PATCH net-next 08/13] netfilter: annotate nf_tables base hook ops, Pablo Neira Ayuso
- [PATCH net-next 09/13] netfilter: add new hook nfnl subsystem, Pablo Neira Ayuso
- [PATCH net-next 10/13] netfilter: nft_exthdr: Fix for unsafe packet data read, Pablo Neira Ayuso
- [PATCH net-next 11/13] netfilter: nfnetlink_hook: fix array index out-of-bounds error, Pablo Neira Ayuso
- [PATCH net-next 12/13] netfilter: nfnetlink_hook: add depends-on nftables, Pablo Neira Ayuso
- [PATCH net-next 13/13] netfilter: nf_tables: move base hook annotation to init helper, Pablo Neira Ayuso
- [PATCH nf-next,v4] netfilter: nf_tables: add last expression,
Pablo Neira Ayuso
- [nft PATCH] segtree: Fix segfault when restoring a huge interval set, Phil Sutter
- [PATCH -next] netfilter: Make NETFILTER_NETLINK_HOOK depends on NF_TABLES, He Ying
- [PATCH nf-next] netfilter: move nf_tables base hook annotation to init helper,
Florian Westphal
- [PATCH v2 nf-next] netfilter: nfnetlink_hook: add depends-on nftables,
Florian Westphal
- Re: [syzbot] WARNING in cancel_delayed_work, syzbot
- [PATCH nft,v2] netlink: quick sort array of devices, Pablo Neira Ayuso
- [PATCH][next] etfilter: fix array index out-of-bounds error,
Colin King
- [PATCH nf-next] nfilter: nf_hooks: fix build failure with NF_TABLES=n,
Florian Westphal
- [PATCH nft] cmd: check for table mismatch first in error reporting,
Pablo Neira Ayuso
- [PATCH nf 0/2] netfilter: nft_fib: ignore icmpv6 packets from ::,
Florian Westphal
- [nf-next PATCH v2] netfilter: nft_exthdr: Fix for unsafe packet data read,
Phil Sutter
- [nf-next PATCH] netfilter: nft_exthdr: Fix for unsafe packet data read,
Phil Sutter
- Re: [syzbot] KASAN: use-after-free Read in hci_chan_del, syzbot
- [PATCH nf-next,v3] netfilter: nf_tables: add last expression, Pablo Neira Ayuso
- Re: [syzbot] BUG: using smp_processor_id() in preemptible code in radix_tree_node_alloc,
syzbot
- [syzbot] general protection fault in kcm_sendmsg,
syzbot
- [PATCH nft v2 1/3] scanner: add list cmd parser scope,
Florian Westphal
- [PATCH nf-next,v2] netfilter: nf_tables: add last expression,
Pablo Neira Ayuso
- [PATCH nftables] rule: rework CMD_OBJ_SETELEMS logic, Pablo Neira Ayuso
- [PATCH nft 0/4] nftables: convert single-elem anon sets to compare operation,
Florian Westphal
- [PATCH nf-next v2 0/2] netfilter: new hook nfnl subsystem,
Florian Westphal
- [syzbot] KMSAN: uninit-value in translate_table (2), syzbot
- [PATCH nf] netfilter: nf_tables: initialize set before expression setup, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_tables: add last expression,
Pablo Neira Ayuso
- [PATCH iptables,v2 0/5] iptables-translation enhancements,
Pablo Neira Ayuso
- [PATCH iptables,v2 1/5] libxtables: extend xlate infrastructure, Pablo Neira Ayuso
- [PATCH iptables,v2 2/5] tests: xlate-test: support multiline expectation, Pablo Neira Ayuso
- [PATCH iptables,v2 3/5] extensions: libxt_connlimit: add translation, Pablo Neira Ayuso
- [PATCH iptables,v2 4/5] extensions: libxt_tcp: rework translation to use flags match representation, Pablo Neira Ayuso
- [PATCH iptables,v2 5/5] extensions: libxt_conntrack: simplify translation using negation, Pablo Neira Ayuso
- [PATCH nf-next 0/3] Control nf flow table timeouts,
Oz Shlomo
- [PATCH iptables] extensions: libxt_conntrack: simplify translation using negation, Pablo Neira Ayuso
- [PATCH iptables] extensions: libxt_tcp: rework translation to use flags match representation, Pablo Neira Ayuso
- [PATCH nft] statement: connlimit: remove extra whitespace in print function, Pablo Neira Ayuso
- [PATCH iptables 1/2] libxtables: extend xlate infrastructure,
Pablo Neira Ayuso
- [PATCH nft] tests: py: update netdev reject test file, Florian Westphal
- [PATCH nft] json: catchall element support, Florian Westphal
- [syzbot] general protection fault in nft_set_elem_expr_alloc,
syzbot
- [syzbot] general protection fault in lock_page_memcg, syzbot
- [iptables PATCH 0/9] Fix a bunch of static analyzer warnings,
Phil Sutter
- [PATCH nft] json: fix parse of flagcmp expression, Florian Westphal
- [PATCH nft] json: fix base chain output, Florian Westphal
- [PATCH nf-next] netfilter: nftables: add nf_ct_pernet() helper function, Pablo Neira Ayuso
- Re: [syzbot] WARNING in idr_get_next,
syzbot
- [PATCH net-next 00/16] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 01/16] netfilter: nft_exthdr: Support SCTP chunks, Pablo Neira Ayuso
- [PATCH net-next 02/16] netfilter: nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state, Pablo Neira Ayuso
- [PATCH net-next 03/16] netfilter: add and use nft_set_do_lookup helper, Pablo Neira Ayuso
- [PATCH net-next 05/16] netfilter: Remove leading spaces in Kconfig, Pablo Neira Ayuso
- [PATCH net-next 08/16] netfilter: use nfnetlink_unicast(), Pablo Neira Ayuso
- [PATCH net-next 07/16] netfilter: xt_CT: Remove redundant assignment to ret, Pablo Neira Ayuso
- [PATCH net-next 06/16] netfilter: x_tables: improve limit_mt scalability, Pablo Neira Ayuso
- [PATCH net-next 04/16] netfilter: nf_tables: prefer direct calls for set lookups, Pablo Neira Ayuso
- [PATCH net-next 11/16] netfilter: nf_tables: add and use nft_sk helper, Pablo Neira Ayuso
- [PATCH net-next 10/16] netfilter: reduce size of nf_hook_state on 32bit platforms, Pablo Neira Ayuso
- [PATCH net-next 09/16] netfilter: x_tables: reduce xt_action_param by 8 byte, Pablo Neira Ayuso
- [PATCH net-next 12/16] netfilter: nf_tables: add and use nft_thoff helper, Pablo Neira Ayuso
- [PATCH net-next 13/16] netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec(), Pablo Neira Ayuso
- [PATCH net-next 15/16] netfilter: nft_set_pipapo_avx2: fix up description warnings, Pablo Neira Ayuso
- [PATCH net-next 14/16] netfilter: nf_tables: remove xt_action_param from nft_pktinfo, Pablo Neira Ayuso
- [PATCH net-next 16/16] netfilter: fix clang-12 fmt string warnings, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net-next 00/16] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/16] netfilter: ctnetlink: support CTA_FILTER for flush, Pablo Neira Ayuso
- [PATCH net-next 02/16] netfilter: nft_counter: Use u64_stats_t for statistic., Pablo Neira Ayuso
- [PATCH net-next 03/16] netfilter: Use kmemdup_array instead of kmemdup for multiple allocation, Pablo Neira Ayuso
- [PATCH net-next 06/16] netfilter: nf_tables: Correct spelling in nf_tables.h, Pablo Neira Ayuso
- [PATCH net-next 04/16] netfilter: conntrack: Convert to use ERR_CAST(), Pablo Neira Ayuso
- [PATCH net-next 08/16] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire, Pablo Neira Ayuso
- [PATCH net-next 07/16] netfilter: nf_tables: Add missing Kernel doc, Pablo Neira Ayuso
- [PATCH net-next 05/16] netfilter: nf_tables: drop unused 3rd argument from validate callback ops, Pablo Neira Ayuso
- [PATCH net-next 09/16] netfilter: nf_tables: reject element expiration with no timeout, Pablo Neira Ayuso
- [PATCH net-next 10/16] netfilter: nf_tables: reject expiration higher than timeout, Pablo Neira Ayuso
- [PATCH net-next 11/16] netfilter: nf_tables: remove annotation to access set timeout while holding lock, Pablo Neira Ayuso
- [PATCH net-next 12/16] netfilter: nft_dynset: annotate data-races around set timeout, Pablo Neira Ayuso
- [PATCH net-next 13/16] netfilter: nf_tables: annotate data-races around element expiration, Pablo Neira Ayuso
- [PATCH net-next 14/16] netfilter: nf_tables: consolidate timeout extension for elements, Pablo Neira Ayuso
- [PATCH net-next 15/16] netfilter: nf_tables: zero timeout means element never times out, Pablo Neira Ayuso
- [PATCH net-next 16/16] netfilter: nf_tables: set element timeout update support, Pablo Neira Ayuso
- [PATCH nf-next 0/2] netfilter: new hook nfnl subsystem,
Florian Westphal
- [PATCH ipset,v2] add ipset to nftables translation infrastructure, Pablo Neira Ayuso
- [PATCH ipset 1/3] lib: split parser from command execution,
Pablo Neira Ayuso
- [PATCH nf-next 1/3,v3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it,
Pablo Neira Ayuso
- [PATCH nf-next,v2 1/3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it,
Pablo Neira Ayuso
- [PATCH nf-next 1/3] netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it,
Pablo Neira Ayuso
- [PATCH nf-next] netfilter: fix clang-12 fmt string warnings, Florian Westphal
- [PATCH nf-next] netfilter: nft_set_pipapo_avx2: fix up description warnings, Florian Westphal
- [PATCH nf-next] netfilter: nft_compat: fix bridge family target evaluation,
Florian Westphal
- [PATCH] netfilter: conntrack: remove the repeated declaration,
Shaokun Zhang
- [nf-next:master 14/14] net/netfilter/nft_compat.c:113:10: warning: address of 'xt.hotdrop' will always evaluate to 'true', kernel test robot
- [nf-next:master 4/14] net/netfilter/nft_set_pipapo.c:412:6: error: static declaration of 'nft_pipapo_lookup' follows non-static declaration,
kernel test robot
- [PATCH conntrackd] cthelper: fix overlapping queue numbers in example file, Pablo Neira Ayuso
- [PATCH nf] netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches, Pablo Neira Ayuso
- [PATCH conntrackd,v2 1/2] cthelper: Set up userspace helpers when daemon starts,
Pablo Neira Ayuso
- [PATCH nf-next 0/6] netfilter: reduce size of core data structures,
Florian Westphal
- [PATCH nf] MAINTAINERS: netfilter: add irc channel,
Nicolas Dichtel
- [PATCH conntrackd] cthelper: Set up userspace helpers when daemon starts,
Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nft_ct: skip expectations for confirmed conntrack, Pablo Neira Ayuso
- [PATCH nf-next,v3] netfilter: use nfnetlink_unicast(), Pablo Neira Ayuso
- [PATCH net 0/5] Netfilter/IPVS fixes for net,
Pablo Neira Ayuso
- [PATCH nft 0/6] nftables: add --optimize support,
Florian Westphal
- [PATCH nf-next,v2] netfilter: use nfnetlink_unicast(), Pablo Neira Ayuso
- [PATCH-v2] netfilter: conntrack: add new sysctl to disable RST check, Ali Abdallah
- [PATCH] netfilter: conntrack: add new sysctl to disable RST check,
Ali Abdallah
- [ANNOUNCE] nftables 0.9.9 release, Pablo Neira Ayuso
- [PATCH nf-next v2 0/4] netfilter: add hook dump feature,
Florian Westphal
- [ANNOUNCE] libnftnl 1.2.0 release, Pablo Neira Ayuso
- [ulogd2 PATCH] ulogd: printpkt: print pkt mark like kernel,
Cole Dishington
- [PATCH nftables] evaluate: allow == and != in the new shortcut syntax to match for flags,
Pablo Neira Ayuso
- [PATCH net] ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service,
Julian Anastasov
- [PATCH nf] netfilter: nf_tables: fix table flag updates, Pablo Neira Ayuso
- [syzbot] memory leak in ip_vs_add_service,
syzbot
- [nftables PATCH] files: improve secmark.nft example,
Dominick Grift
- [PATCH nft 0/3] hook dump support,
Florian Westphal
- [PATCH nf-next 0/4] netfilter: add hook dump feature,
Florian Westphal
- [PATCH] Disable RST seq number check when tcp_be_liberal is greater 1,
Ali Abdallah
- Re: mmotm 2021-05-19-23-58 uploaded (net/netfilter/nft_set_pipapo_avx2.c),
Randy Dunlap
- [PATCH nf] netfilter: nft_ct: skip unconfirmed helper extension for unconfirmed conntrack, Pablo Neira Ayuso
- [nft PATCH] expr_postprocess: Avoid an unintended fall through, Phil Sutter
- [PATCH nf] netfilter: conntrack: improve RST handling when tuple is re-used,
Florian Westphal
- [PATCH nf] netfilter: nf_tables: extended netlink error reporting for chain type, Pablo Neira Ayuso
- [PATCH nftables] rule: skip exact matches on fuzzy lookup, Pablo Neira Ayuso
- [PATCH nftables] cmd: typo in chain fuzzy lookup, Pablo Neira Ayuso
- [PATCH] libnftables: location-based error reporting for chain type, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: missing error reporting for not selected expressions, Pablo Neira Ayuso
- [nft PATCH] doc: nft.8: Extend monitor description by trace, Phil Sutter
- [PATCH nf,v2] netfilter: nftables: accept all dummy chain when table is dormant,
Pablo Neira Ayuso
- [PATCH nftables] doc: document cgroupv2, Pablo Neira Ayuso
- [PATCH nf] netfilter: nftables: accept all dummy chain when table is dormant,
Pablo Neira Ayuso
- [ebtables PATCH 1/2] ebtables.h: restore KERNEL_64_USERSPACE_32 checks,
Thomas De Schampheleire
- warning splat in nftables ct expect,
Pablo Neira Ayuso
- [PATCH nftables,v2] datatype: skip cgroupv2 rootfs in listing, Pablo Neira Ayuso
- [PATCH nftables 1/2] src: use PRIu64 format,
Pablo Neira Ayuso
- [PATCH nf-next] netfilter: use nfnetlink_unicast(), Pablo Neira Ayuso
- [PATCH] netfilter: Remove leading spaces in Kconfig,
Juerg Haefliger
- [PATCH] treewide: Remove leading spaces in Kconfig files,
Juerg Haefliger
- [PATCH nftables,v3] parser_bison: add shortcut syntax for matching flags without binary operations, Pablo Neira Ayuso
- [PATCH nftables,v2] parser_bison: add shortcut syntax for matching flags without binary operations, Pablo Neira Ayuso
- [PATCH nf 0/2] Netfilter fixes for net,
Pablo Neira Ayuso
- [pablo@xxxxxxxxxxxxx: Re: [PATCH net 1/1] netfilter: flowtable: Remove redundant hw refresh bit], Pablo Neira Ayuso
- [PATCH nf-next 0/2] nf_tables: avoid retpoline overhead on set lookups,
Florian Westphal
- [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter,
Casey Schaufler
- [PATCH v26 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser,
Casey Schaufler
- [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx,
Casey Schaufler
- [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid,
Casey Schaufler
- [nftables PATCH] cache: check errno before invoking cache_release(),
Marco Oliverio
- [PATCH nftables] parser_bison: add shortcut syntax for matching flags without binary operations, Pablo Neira Ayuso
- [PATCH nftables] netlink_delinearize: fix binary operation postprocessing with sets, Pablo Neira Ayuso
- netfilter: iptables-restore: setsockopt(3, SOL_IP, IPT_SO_SET_REPLACE, "security...", ...) return -EAGAIN,
Dexuan Cui
- [PATCH nftables,v3 2/2] src: add set element catch-all support,
Pablo Neira Ayuso
- [PATCH nftables,v2 2/2] src: add set element catch-all support,
Pablo Neira Ayuso
- [PATCH nftables] evaluate: don't crash on set definition with incorrect datatype, Pablo Neira Ayuso
- [PATCH nftables 2/2] src: add set element catch-all support, Pablo Neira Ayuso
- [PATCH nftables 1/2] parser_bison: add set_elem_key_expr rule,
Pablo Neira Ayuso
- [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state,
Stefano Brivio
- [PATCH nf] nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version,
Stefano Brivio
- [PATCH net 0/8] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH net 2/8] netfilter: arptables: use pernet ops struct during unregister, Pablo Neira Ayuso
- [PATCH net 1/8] netfilter: xt_SECMARK: add new revision to fix structure layout, Pablo Neira Ayuso
- [PATCH net 3/8] netfilter: nfnetlink: add a missing rcu_read_unlock(), Pablo Neira Ayuso
- [PATCH net 4/8] netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check, Pablo Neira Ayuso
- [PATCH net 5/8] netfilter: remove BUG_ON() after skb_header_pointer(), Pablo Neira Ayuso
- [PATCH net 6/8] netfilter: nftables: Fix a memleak from userdata error path in new objects, Pablo Neira Ayuso
- [PATCH net 7/8] netfilter: nftables: avoid overflows in nft_hash_buckets(), Pablo Neira Ayuso
- [PATCH net 8/8] netfilter: nftables: avoid potential overflows on 32bit arches, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- nft_pipapo_avx2_lookup backtrace in linux 5.10,
Arturo Borrero Gonzalez
- [PATCH net 2/2] netfilter: nf_tables: avoid potential overflows on 32bit arches,
Eric Dumazet
- [PATCH net 1/2] netfilter: nf_tables: avoid overflows in nft_hash_buckets(),
Eric Dumazet
- [nft PATCH] doc: Reduce size of NAT statement synopsis, Phil Sutter
- [PATCH nft 0/2] Fix display of < 64 bits IPv6 masks in concatenated elements,
Stefano Brivio
- [PATCH nf,v2] netfilter: remove BUG_ON() after skb_header_pointer(), Pablo Neira Ayuso
- [PATCH nf] netfilter: nftables: Fix a memleak from userdata error path in new objects, Pablo Neira Ayuso
- [PATCH nf] netfilter: remove BUG_ON() after skb_header_pointer(), Pablo Neira Ayuso
- [PATCH nf] netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check, Pablo Neira Ayuso
- [PATCH] ipv6: netfilter.c: fix missing line after declaration,
Pallavi Prabhu
- [PATCH net] netfilter: nfnetlink: add a missing rcu_read_unlock(),
Eric Dumazet
- [iptables PATCH 1/2] extensions: sctp: Fix nftables translation,
Phil Sutter
- [nft PATCH 1/3] scanner: sctp: Move to own scope,
Phil Sutter
- [net-next PATCH] net: netfilter: nft_exthdr: Support SCTP chunks,
Phil Sutter
- [PATCH nf] netfilter: conntrack: unregister ipv4 sockopts on error unwind, Florian Westphal
- [PATCH RFC libnetfilter_queue 0/1] Eliminate packet copy when constructing struct pkt_buff,
Duncan Roe
- Re: conntrackd inverted NAT address, endianness issue?, Pablo Neira Ayuso
- [PATCH conntrack-tools] conntrack: release options after parsing, Pablo Neira Ayuso
- [syzbot] bpf test error: WARNING in __nf_unregister_net_hook,
syzbot
- [syzbot] net test error: WARNING in __nf_unregister_net_hook,
syzbot
- [syzbot] memory leak in nf_hook_entries_grow (2),
syzbot
- [syzbot] upstream test error: WARNING in __nf_unregister_net_hook,
syzbot
- [PATCH nf] netfilter: arptables: use pernet ops struct during unregister,
Florian Westphal
- [syzbot] bpf-next test error: WARNING in __nf_unregister_net_hook,
syzbot
- [syzbot] linux-next test error: WARNING in __nf_unregister_net_hook,
syzbot
- [iptables PATCH v2] extensions: SECMARK: Implement revision 1, Phil Sutter
- [net-next PATCH v2] netfilter: xt_SECMARK: add new revision to fix structure layout,
Phil Sutter
- [PATCH] Avoid potentially erroneos RST drop.,
Ali Abdallah
- [PATCH] netfilter: Remove redundant assignment to ret,
Yang Li
- [PATCH nft 00/18] cache updates,v2,
Pablo Neira Ayuso
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]