Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

[PATCH nftables] evaluate: don't crash on set definition with incorrect datatype, Pablo Neira Ayuso
[PATCH nftables 2/2] src: add set element catch-all support, Pablo Neira Ayuso
[PATCH nftables 1/2] parser_bison: add set_elem_key_expr rule, Pablo Neira Ayuso
- [PATCH nftables 2/2] src: add set element catch-all support, Pablo Neira Ayuso
  - Re: [PATCH nftables 2/2] src: add set element catch-all support, Phil Sutter
    - Re: [PATCH nftables 2/2] src: add set element catch-all support, Arturo Borrero Gonzalez
      - Re: [PATCH nftables 2/2] src: add set element catch-all support, Pablo Neira Ayuso
        
        Re: [PATCH nftables 2/2] src: add set element catch-all support, Phil Sutter
[PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state, Stefano Brivio
- Re: [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state, Pablo Neira Ayuso
  - Re: [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state, Andy Lutomirski
    - Re: [PATCH nf-next] nft_set_pipapo_avx2: Skip LDMXCSR, we don't need a valid MXCSR state, Stefano Brivio
[PATCH nf] nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version, Stefano Brivio
- Re: [PATCH nf] nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version, Pablo Neira Ayuso
[PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 2/8] netfilter: arptables: use pernet ops struct during unregister, Pablo Neira Ayuso
- [PATCH net 1/8] netfilter: xt_SECMARK: add new revision to fix structure layout, Pablo Neira Ayuso
  - Re: [PATCH net 1/8] netfilter: xt_SECMARK: add new revision to fix structure layout, patchwork-bot+netdevbpf
- [PATCH net 3/8] netfilter: nfnetlink: add a missing rcu_read_unlock(), Pablo Neira Ayuso
- [PATCH net 4/8] netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check, Pablo Neira Ayuso
- [PATCH net 5/8] netfilter: remove BUG_ON() after skb_header_pointer(), Pablo Neira Ayuso
- [PATCH net 6/8] netfilter: nftables: Fix a memleak from userdata error path in new objects, Pablo Neira Ayuso
- [PATCH net 7/8] netfilter: nftables: avoid overflows in nft_hash_buckets(), Pablo Neira Ayuso
- [PATCH net 8/8] netfilter: nftables: avoid potential overflows on 32bit arches, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 1/8] MAINTAINERS: netfilter: add irc channel, Pablo Neira Ayuso
    - Re: [PATCH net 1/8] MAINTAINERS: netfilter: add irc channel, patchwork-bot+netdevbpf
  - [PATCH net 2/8] netfilter: nft_exthdr: check for IPv6 packet before further processing, Pablo Neira Ayuso
  - [PATCH net 3/8] netfilter: nft_osf: check for TCP packet before further processing, Pablo Neira Ayuso
  - [PATCH net 4/8] netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols, Pablo Neira Ayuso
  - [PATCH net 7/8] netfilter: nf_tables: skip netlink portID validation if zero, Pablo Neira Ayuso
  - [PATCH net 8/8] netfilter: nf_tables: do not allow to delete table with owner by handle, Pablo Neira Ayuso
  - [PATCH net 6/8] netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN transfer logic, Pablo Neira Ayuso
  - [PATCH net 5/8] netfilter: nf_tables: memleak in hw offload abort path, Pablo Neira Ayuso
  - Re: [PATCH net 0/8] Netfilter fixes for net, David Miller
    - Re: [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 1/8] netfilter: Remove flowtable relics, Pablo Neira Ayuso
    - Re: [PATCH net 1/8] netfilter: Remove flowtable relics, patchwork-bot+netdevbpf
  - [PATCH net 2/8] netfilter: nft_ct: fix use after free when attaching zone template, Pablo Neira Ayuso
  - [PATCH net 4/8] selftests: netfilter: check stateless nat udp checksum fixup, Pablo Neira Ayuso
  - [PATCH net 3/8] selftests: netfilter: reduce zone stress test running time, Pablo Neira Ayuso
  - [PATCH net 6/8] netfilter: nft_byteorder: track register operations, Pablo Neira Ayuso
  - [PATCH net 7/8] selftests: nft_concat_range: add test for reload with no element add/del, Pablo Neira Ayuso
  - [PATCH net 5/8] netfilter: nft_reject_bridge: Fix for missing reply from prerouting, Pablo Neira Ayuso
  - [PATCH net 8/8] netfilter: nf_tables: remove assignment with no effect in chain blob builder, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 1/8] netfilter: nf_tables: prefer kfree_rcu(ptr, rcu) variant, Pablo Neira Ayuso
    - Re: [PATCH net 1/8] netfilter: nf_tables: prefer kfree_rcu(ptr, rcu) variant, patchwork-bot+netdevbpf
  - [PATCH net 3/8] netfilter: egress: silence egress hook lockdep splats, Pablo Neira Ayuso
  - [PATCH net 2/8] netfilter: fix use-after-free in __nf_register_net_hook(), Pablo Neira Ayuso
  - [PATCH net 5/8] selftests: netfilter: add nfqueue TCP_NEW_SYN_RECV socket race test, Pablo Neira Ayuso
  - [PATCH net 6/8] netfilter: nf_queue: fix possible use-after-free, Pablo Neira Ayuso
  - [PATCH net 4/8] netfilter: nf_queue: don't assume sk is full socket, Pablo Neira Ayuso
  - [PATCH net 7/8] netfilter: nf_queue: handle socket prefetch, Pablo Neira Ayuso
  - [PATCH net 8/8] net/sched: act_ct: Fix flow table lookup failure with no originating ifindex, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 2/8] netfilter: nf_tables: do not allow SET_ID to refer to another table, Pablo Neira Ayuso
  - [PATCH net 3/8] netfilter: nf_tables: do not allow CHAIN_ID to refer to another table, Pablo Neira Ayuso
  - [PATCH net 1/8] netfilter: nf_tables: validate variable length element extension, Pablo Neira Ayuso
    - Re: [PATCH net 1/8] netfilter: nf_tables: validate variable length element extension, Jakub Kicinski
    - Re: [PATCH net 1/8] netfilter: nf_tables: validate variable length element extension, patchwork-bot+netdevbpf
  - [PATCH net 7/8] netfilter: nf_tables: disallow jump to implicit chain from set element, Pablo Neira Ayuso
  - [PATCH net 6/8] netfilter: nf_tables: upfront validation of data via nft_data_init(), Pablo Neira Ayuso
  - [PATCH net 8/8] netfilter: nf_tables: fix null deref due to zeroed list head, Pablo Neira Ayuso
  - [PATCH net 4/8] netfilter: nf_tables: do not allow RULE_ID to refer to another chain, Pablo Neira Ayuso
  - [PATCH net 5/8] netfilter: ip6t_LOG: Fix a typo in a comment, Pablo Neira Ayuso
  - Re: [PATCH net 0/8] Netfilter fixes for net, Jakub Kicinski
    - Re: [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/8] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 2/8] netfilter: nfnetlink: Initialise extack before use in ACKs, Pablo Neira Ayuso
  - [PATCH net 3/8] netfilter: flowtable: initialise extack before use, Pablo Neira Ayuso
  - [PATCH net 1/8] netfilter: allow ipv6 fragments to arrive on different devices, Pablo Neira Ayuso
    - Re: [PATCH net 1/8] netfilter: allow ipv6 fragments to arrive on different devices, patchwork-bot+netdevbpf
  - [PATCH net 4/8] netfilter: nf_queue: drop packets with cloned unconfirmed conntracks, Pablo Neira Ayuso
  - [PATCH net 5/8] selftests: netfilter: add test for br_netfilter+conntrack+queue combination, Pablo Neira Ayuso
  - [PATCH net 8/8] netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests, Pablo Neira Ayuso
  - [PATCH net 6/8] netfilter: nf_tables: Audit log dump reset after the fact, Pablo Neira Ayuso
  - [PATCH net 7/8] netfilter: nf_tables: Introduce nf_tables_getobj_single, Pablo Neira Ayuso
nft_pipapo_avx2_lookup backtrace in linux 5.10, Arturo Borrero Gonzalez
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Florian Westphal
  - Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Stefano Brivio
    - Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Stefano Brivio
      - Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Arturo Borrero Gonzalez
- Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Stefano Brivio
  - Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Arturo Borrero Gonzalez
    - Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Stefano Brivio
      - Re: nft_pipapo_avx2_lookup backtrace in linux 5.10, Arturo Borrero Gonzalez
[PATCH net 2/2] netfilter: nf_tables: avoid potential overflows on 32bit arches, Eric Dumazet
- Re: [PATCH net 2/2] netfilter: nf_tables: avoid potential overflows on 32bit arches, Pablo Neira Ayuso
[PATCH net 1/2] netfilter: nf_tables: avoid overflows in nft_hash_buckets(), Eric Dumazet
- Re: [PATCH net 1/2] netfilter: nf_tables: avoid overflows in nft_hash_buckets(), Pablo Neira Ayuso
[nft PATCH] doc: Reduce size of NAT statement synopsis, Phil Sutter
[PATCH nft 0/2] Fix display of < 64 bits IPv6 masks in concatenated elements, Stefano Brivio
- [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int, Stefano Brivio
  - Re: [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int, Phil Sutter
    - Re: [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int, Stefano Brivio
      - Re: [PATCH nft 1/2] segtree: Fix range_mask_len() for subnet ranges exceeding unsigned int, Phil Sutter
- [PATCH nft 2/2] tests: Introduce 0043_concatenated_ranges_1 for subnets of different sizes, Stefano Brivio
[PATCH nf,v2] netfilter: remove BUG_ON() after skb_header_pointer(), Pablo Neira Ayuso
[PATCH nf] netfilter: nftables: Fix a memleak from userdata error path in new objects, Pablo Neira Ayuso
[PATCH nf] netfilter: remove BUG_ON() after skb_header_pointer(), Pablo Neira Ayuso
[PATCH nf] netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check, Pablo Neira Ayuso
[PATCH] ipv6: netfilter.c: fix missing line after declaration, Pallavi Prabhu
- Re: [PATCH] ipv6: netfilter.c: fix missing line after declaration, Pablo Neira Ayuso
[PATCH net] netfilter: nfnetlink: add a missing rcu_read_unlock(), Eric Dumazet
- Re: [PATCH net] netfilter: nfnetlink: add a missing rcu_read_unlock(), Pablo Neira Ayuso
[iptables PATCH 1/2] extensions: sctp: Fix nftables translation, Phil Sutter
- [iptables PATCH 2/2] extensions: sctp: Translate --chunk-types option, Phil Sutter
[nft PATCH 1/3] scanner: sctp: Move to own scope, Phil Sutter
- [nft PATCH 2/3] json: Simplify non-tcpopt exthdr printing a bit, Phil Sutter
- [nft PATCH 3/3] exthdr: Implement SCTP Chunk matching, Phil Sutter
  - Re: [nft PATCH 3/3] exthdr: Implement SCTP Chunk matching, Florian Westphal
- Re: [nft PATCH 1/3] scanner: sctp: Move to own scope, Florian Westphal
[net-next PATCH] net: netfilter: nft_exthdr: Support SCTP chunks, Phil Sutter
- Re: [net-next PATCH] net: netfilter: nft_exthdr: Support SCTP chunks, Pablo Neira Ayuso
[PATCH nf] netfilter: conntrack: unregister ipv4 sockopts on error unwind, Florian Westphal
[PATCH RFC libnetfilter_queue 0/1] Eliminate packet copy when constructing struct pkt_buff, Duncan Roe
- [PATCH RFC libnetfilter_queue 1/1] Eliminate packet copy when constructing struct pkt_buff, Duncan Roe
  - [PATCH libnetfilter_queue v2 0/1] Speed-up, Duncan Roe
  - [PATCH libnetfilter_queue v2 1/1] Eliminate packet copy when constructing struct pkt_buff, Duncan Roe
    - Re: [PATCH libnetfilter_queue v2 1/1] Eliminate packet copy when constructing struct pkt_buff, Pablo Neira Ayuso
      - Re: [PATCH libnetfilter_queue v2 1/1] Eliminate packet copy when constructing struct pkt_buff, Duncan Roe
      - Re: [PATCH libnetfilter_queue v2 1/1] Eliminate packet copy when constructing struct pkt_buff, Duncan Roe
- Re: [PATCH RFC libnetfilter_queue 0/1] Eliminate packet copy when constructing struct pkt_buff, Duncan Roe
- Re: [PATCH RFC libnetfilter_queue 0/1] Eliminate packet copy when constructing struct pkt_buff, Duncan Roe
Re: conntrackd inverted NAT address, endianness issue?, Pablo Neira Ayuso
[PATCH conntrack-tools] conntrack: release options after parsing, Pablo Neira Ayuso
[syzbot] bpf test error: WARNING in __nf_unregister_net_hook, syzbot
- Re: [syzbot] bpf test error: WARNING in __nf_unregister_net_hook, Florian Westphal
[syzbot] net test error: WARNING in __nf_unregister_net_hook, syzbot
- Re: [syzbot] net test error: WARNING in __nf_unregister_net_hook, Florian Westphal
[syzbot] memory leak in nf_hook_entries_grow (2), syzbot
- Re: [syzbot] memory leak in nf_hook_entries_grow (2), syzbot
- Re: [syzbot] memory leak in nf_hook_entries_grow (2), Florian Westphal
[syzbot] upstream test error: WARNING in __nf_unregister_net_hook, syzbot
- Re: [syzbot] upstream test error: WARNING in __nf_unregister_net_hook, Florian Westphal
[PATCH nf] netfilter: arptables: use pernet ops struct during unregister, Florian Westphal
- Re: [PATCH nf] netfilter: arptables: use pernet ops struct during unregister, Pablo Neira Ayuso
[syzbot] bpf-next test error: WARNING in __nf_unregister_net_hook, syzbot
- Re: [syzbot] bpf-next test error: WARNING in __nf_unregister_net_hook, Florian Westphal
[syzbot] linux-next test error: WARNING in __nf_unregister_net_hook, syzbot
- Re: [syzbot] linux-next test error: WARNING in __nf_unregister_net_hook, Florian Westphal
[iptables PATCH v2] extensions: SECMARK: Implement revision 1, Phil Sutter
[net-next PATCH v2] netfilter: xt_SECMARK: add new revision to fix structure layout, Phil Sutter
- Re: [net-next PATCH v2] netfilter: xt_SECMARK: add new revision to fix structure layout, Pablo Neira Ayuso
[PATCH] Avoid potentially erroneos RST drop., Ali Abdallah
- Re: [PATCH] Avoid potentially erroneos RST drop., Florian Westphal
  - Re: [PATCH] Avoid potentially erroneos RST drop., Ali Abdallah
  - Re: [PATCH] Avoid potentially erroneos RST drop., Ali Abdallah
    - Re: [PATCH] Avoid potentially erroneos RST drop., Florian Westphal
      - Re: [PATCH] Avoid potentially erroneos RST drop., Pablo Neira Ayuso
      - Re: [PATCH] Avoid potentially erroneos RST drop., Ali Abdallah
[PATCH] netfilter: Remove redundant assignment to ret, Yang Li
- Re: [PATCH] netfilter: Remove redundant assignment to ret, Pablo Neira Ayuso
[PATCH nft 00/18] cache updates,v2, Pablo Neira Ayuso
- [PATCH nft 01/18] tests: shell: remove missing modules, Pablo Neira Ayuso
- [PATCH nft 02/18] src: unbreak deletion by table handle, Pablo Neira Ayuso
- [PATCH nft 03/18] rule: skip fuzzy lookup for unexisting 64-bit handle, Pablo Neira Ayuso
- [PATCH nft 04/18] src: pass chain name to chain_cache_find(), Pablo Neira Ayuso
- [PATCH nft 05/18] src: consolidate nft_cache infrastructure, Pablo Neira Ayuso
- [PATCH nft 06/18] src: consolidate object cache infrastructure, Pablo Neira Ayuso
- [PATCH nft 09/18] cache: add set_cache_del() and use it, Pablo Neira Ayuso
- [PATCH nft 07/18] cache: add hashtable cache for object, Pablo Neira Ayuso
- [PATCH nft 08/18] cache: add hashtable cache for flowtable, Pablo Neira Ayuso
- [PATCH nft 10/18] evaluate: add set to the cache, Pablo Neira Ayuso
- [PATCH nft 11/18] evaluate: add flowtable to the cache, Pablo Neira Ayuso
- [PATCH nft 12/18] cache: missing table cache for several policy objects, Pablo Neira Ayuso
- [PATCH nft 13/18] evaluate: add object to the cache, Pablo Neira Ayuso
- [PATCH nft 14/18] cache: add hashtable cache for table, Pablo Neira Ayuso
- [PATCH nft 15/18] evaluate: remove chain from cache on delete chain command, Pablo Neira Ayuso
- [PATCH nft 17/18] evaluate: remove flowtable from cache on delete flowtable command, Pablo Neira Ayuso
- [PATCH nft 16/18] evaluate: remove set from cache on delete set command, Pablo Neira Ayuso
- [PATCH nft 18/18] evaluate: remove object from cache on delete object command, Pablo Neira Ayuso
[PATCH net-next] netfilter: x_tables: improve limit_mt scalability, Jason Baron
- Re: [PATCH net-next] netfilter: x_tables: improve limit_mt scalability, Pablo Neira Ayuso
[iptables PATCH] extensions: SECMARK: Implement revision 1, Phil Sutter
[net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout, Phil Sutter
- Re: [net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout, Jan Engelhardt
  - Re: [net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout, Phil Sutter
    - Re: [net-next PATCH] netfilter: xt_SECMARK: add new revision to fix structure layout, Jan Engelhardt
[iptables PATCH] extensions: sctp: Explain match types in man page, Phil Sutter
[iptables PATCH 0/5] Merge some common code, Phil Sutter
- [iptables PATCH 4/5] ebtables-translate: Use shared ebt_get_current_chain() function, Phil Sutter
- [iptables PATCH 1/5] xtables: Make invflags 16bit wide, Phil Sutter
- [iptables PATCH 5/5] Use proto_to_name() from xshared in more places, Phil Sutter
- [iptables PATCH 3/5] xshared: Merge invflags handling code, Phil Sutter
- [iptables PATCH 2/5] xshared: Eliminate iptables_command_state->invert, Phil Sutter
[PATCH] Avoid potentially erroneos RST check, Ali Abdallah
- Re: [PATCH] Avoid potentially erroneos RST check, Florian Westphal
- Re: [PATCH] Avoid potentially erroneos RST check, Pablo Neira Ayuso
  - Re: [PATCH] Avoid potentially erroneos RST check, Ali Abdallah
    - Re: [PATCH] Avoid potentially erroneos RST check, Pablo Neira Ayuso
      - Re: [PATCH] Avoid potentially erroneos RST check, Ali Abdallah
[PATCH] Don't drop out of segments RST if tcp_be_liberal is set, Ali Abdallah
[PATCH net-next 0/7] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 1/7] netfilter: nftables: rename set element data activation/deactivation functions, Pablo Neira Ayuso
  - Re: [PATCH net-next 1/7] netfilter: nftables: rename set element data activation/deactivation functions, patchwork-bot+netdevbpf
- [PATCH net-next 2/7] netfilter: nftables: add loop check helper function, Pablo Neira Ayuso
- [PATCH net-next 3/7] netfilter: nftables: add helper function to flush set elements, Pablo Neira Ayuso
- [PATCH net-next 4/7] netfilter: nftables: add helper function to validate set element data, Pablo Neira Ayuso
- [PATCH net-next 5/7] netfilter: nftables: add catch-all set element support, Pablo Neira Ayuso
- [PATCH net-next 6/7] netfilter: nft_socket: fix an unused variable warning, Pablo Neira Ayuso
- [PATCH net-next 7/7] netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net-next 0/7] netfilter updates for net-next, Florian Westphal
  - [PATCH net-next 1/7] netfilter: xt_mangle: only check verdict part of return value, Florian Westphal
    - Re: [PATCH net-next 1/7] netfilter: xt_mangle: only check verdict part of return value, patchwork-bot+netdevbpf
  - [PATCH net-next 2/7] netfilter: nf_tables: mask out non-verdict bits when checking return value, Florian Westphal
  - [PATCH net-next 3/7] netfilter: conntrack: convert nf_conntrack_update to netfilter verdicts, Florian Westphal
  - [PATCH net-next 5/7] netfilter: make nftables drops visible in net dropmonitor, Florian Westphal
  - [PATCH net-next 4/7] netfilter: nf_nat: mask out non-verdict bits when checking return value, Florian Westphal
  - [PATCH net-next 6/7] netfilter: bridge: convert br_netfilter to NF_DROP_REASON, Florian Westphal
  - [PATCH net-next 7/7] netfilter: nf_tables: de-constify set commit ops function argument, Florian Westphal
[PATCH 1/2] netfilter: nft_socket: fix an unused variable warning, Arnd Bergmann
- [PATCH 2/2] netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n, Arnd Bergmann
  - Re: [PATCH 2/2] netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n, Pablo Neira Ayuso
- Re: [PATCH 1/2] netfilter: nft_socket: fix an unused variable warning, Pablo Neira Ayuso
[PATCH nf-next 1/5, v2] netfilter: nftables: rename set element data activation/deactivation functions, Pablo Neira Ayuso
- [PATCH nf-next 5/5,v4] netfilter: nftables: add catch-all set element support, Pablo Neira Ayuso
- [PATCH nf-next 4/5] netfilter: nftables: add helper function to validate set element data, Pablo Neira Ayuso
- [PATCH nf-next 3/5,v2] netfilter: nftables: add helper function to flush set elements, Pablo Neira Ayuso
- [PATCH nf-next 2/5,v2] netfilter: nftables: add loop check helper function, Pablo Neira Ayuso
[iptables PATCH 0/2] Drop use of some obsolete functions, Phil Sutter
- [iptables PATCH 2/2] nft-arp: Make use of ipv4_addr_to_string(), Phil Sutter
- [iptables PATCH 1/2] Eliminate inet_aton() and inet_ntoa(), Phil Sutter
[PATCH net-next 00/22] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/22] netfilter: nat: move nf_xfrm_me_harder to where it is used, Pablo Neira Ayuso
  - Re: [PATCH net-next 01/22] netfilter: nat: move nf_xfrm_me_harder to where it is used, patchwork-bot+netdevbpf
- [PATCH net-next 02/22] netfilter: nft_socket: add support for cgroupsv2, Pablo Neira Ayuso
- [PATCH net-next 03/22] netfilter: disable defrag once its no longer needed, Pablo Neira Ayuso
- [PATCH net-next 04/22] netfilter: ebtables: remove the 3 ebtables pointers from struct net, Pablo Neira Ayuso
- [PATCH net-next 05/22] netfilter: x_tables: remove ipt_unregister_table, Pablo Neira Ayuso
- [PATCH net-next 06/22] netfilter: x_tables: add xt_find_table, Pablo Neira Ayuso
- [PATCH net-next 07/22] netfilter: iptables: unregister the tables by name, Pablo Neira Ayuso
- [PATCH net-next 08/22] netfilter: ip6tables: unregister the tables by name, Pablo Neira Ayuso
- [PATCH net-next 09/22] netfilter: arptables: unregister the tables by name, Pablo Neira Ayuso
- [PATCH net-next 10/22] netfilter: x_tables: remove paranoia tests, Pablo Neira Ayuso
- [PATCH net-next 11/22] netfilter: xt_nat: pass table to hookfn, Pablo Neira Ayuso
- [PATCH net-next 21/22] netfilter: nfnetlink: consolidate callback types, Pablo Neira Ayuso
- [PATCH net-next 22/22] netfilter: allow to turn off xtables compat layer, Pablo Neira Ayuso
- [PATCH net-next 12/22] netfilter: ip_tables: pass table pointer via nf_hook_ops, Pablo Neira Ayuso
- [PATCH net-next 13/22] netfilter: arp_tables: pass table pointer via nf_hook_ops, Pablo Neira Ayuso
- [PATCH net-next 15/22] netfilter: remove all xt_table anchors from struct net, Pablo Neira Ayuso
- [PATCH net-next 16/22] netfilter: nf_log_syslog: Unset bridge logger in pernet exit, Pablo Neira Ayuso
- [PATCH net-next 14/22] netfilter: ip6_tables: pass table pointer via nf_hook_ops, Pablo Neira Ayuso
- [PATCH net-next 17/22] netfilter: nftables: add nft_pernet() helper function, Pablo Neira Ayuso
- [PATCH net-next 18/22] netfilter: nfnetlink: add struct nfnl_info and pass it to callbacks, Pablo Neira Ayuso
- [PATCH net-next 19/22] netfilter: nfnetlink: pass struct nfnl_info to rcu callbacks, Pablo Neira Ayuso
- [PATCH net-next 20/22] netfilter: nfnetlink: pass struct nfnl_info to batch callbacks, Pablo Neira Ayuso
[nf-next:for-net-next 25/25] net/netfilter/nf_tables_api.c:4448:22: warning: variable 'ext' set but not used, kernel test robot
[PATCH nf-next] netfilter: allow to turn off xtables compat layer, Florian Westphal
- Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer, Jan Engelhardt
  - Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer, Pablo Neira Ayuso
    - Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer, Florian Westphal
- Re: [PATCH nf-next] netfilter: allow to turn off xtables compat layer, Pablo Neira Ayuso
[PATCH nf-next 1/4] netfilter: nftables: rename set element data activation/deactivation functions, Pablo Neira Ayuso
- [PATCH nf-next 2/4] netfilter: nftables: add loop check helper function, Pablo Neira Ayuso
- [PATCH nf-next 3/4] netfilter: nftables: add helper function to flush set elements, Pablo Neira Ayuso
- [PATCH nf-next 4/4,v3] netfilter: nftables: add catch-all set element support, Pablo Neira Ayuso
[PATCH nf-next,v2] netfilter: nftables: add catch-all set element support, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nftables: add catch-all set element support, Pablo Neira Ayuso
RSTs being marked as invalid because of wrong td_maxack value, Ali Abdallah
- Re: RSTs being marked as invalid because of wrong td_maxack value, Florian Westphal
  - Re: RSTs being marked as invalid because of wrong td_maxack value, Ali Abdallah
    - Re: RSTs being marked as invalid because of wrong td_maxack value, Florian Westphal
[PATCH nf-next 0/5] nfnetlink housekeeping, Pablo Neira Ayuso
- [PATCH nf-next 3/5] netfilter: nfnetlink: pass struct nfnl_info to rcu callbacks, Pablo Neira Ayuso
- [PATCH nf-next 1/5] netfilter: nftables: add nft_pernet() helper function, Pablo Neira Ayuso
- [PATCH nf-next 2/5] netfilter: nfnetlink: add struct nfnl_info and pass it to callbacks, Pablo Neira Ayuso
- [PATCH nf-next 4/5] netfilter: nfnetlink: pass struct nfnl_info to batch callbacks, Pablo Neira Ayuso
- [PATCH nf-next 5/5] netfilter: nfnetlink: consolidate callback types, Pablo Neira Ayuso
[PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
- Re: [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Florian Westphal
  - [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
    - Re: [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Florian Westphal
      - Message not available
        
        [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support xtables API, Cole Dishington
      - Message not available
        
        [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        Re: [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Florian Westphal
        
        [PATCH 0/3] Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        [PATCH 1/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support xtables API, Cole Dishington
        
        [PATCH 3/3] selftests: netfilter: Add RFC-7597 Section 5.1 PSID selftests, Cole Dishington
        
        [PATCH 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        Re: [PATCH 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Florian Westphal
        
        [PATCH 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        Re: [PATCH 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Florian Westphal
        
        [PATCH 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        Re: [PATCH 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Florian Westphal
        
        [PATCH net-next 0/3] Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        [PATCH net-next 1/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support xtables API, Cole Dishington
        
        [PATCH net-next 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        Re: [PATCH net-next 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Pablo Neira Ayuso
        
        Re: [PATCH net-next 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support, Cole Dishington
        
        [PATCH net-next 3/3] selftests: netfilter: Add RFC-7597 Section 5.1 PSID selftests, Cole Dishington
[PATCH] netfilter: nf_log_syslog: Unset bridge logger in pernet exit, Phil Sutter
- Re: [PATCH] netfilter: nf_log_syslog: Unset bridge logger in pernet exit, Florian Westphal
- Re: [PATCH] netfilter: nf_log_syslog: Unset bridge logger in pernet exit, Pablo Neira Ayuso
[PATCH nf-next v2 00/12] netfilter: x_tables: remove ipt_unregister_table, Florian Westphal
- [PATCH nf-next v2 01/12] netfilter: ebtables: remove the 3 ebtables pointers from struct net, Florian Westphal
- [PATCH nf-next v2 02/12] netfilter: x_tables: remove ipt_unregister_table, Florian Westphal
- [PATCH nf-next v2 03/12] netfilter: add xt_find_table, Florian Westphal
- [PATCH nf-next v2 04/12] netfilter: iptables: unregister the tables by name, Florian Westphal
- [PATCH nf-next v2 05/12] netfilter: ip6tables: unregister the tables by name, Florian Westphal
- [PATCH nf-next v2 06/12] netfilter: arptables: unregister the tables by name, Florian Westphal
- [PATCH nf-next v2 08/12] netfilter: xt_nat: pass table to hookfn, Florian Westphal
- [PATCH nf-next v2 07/12] netfilter: x_tables: remove paranoia tests, Florian Westphal
- [PATCH nf-next v2 10/12] netfilter: arp_tables: pass table pointer via nf_hook_ops, Florian Westphal
- [PATCH nf-next v2 09/12] netfilter: ip_tables: pass table pointer via nf_hook_ops, Florian Westphal
- [PATCH nf-next v2 12/12] netfilter: remove all xt_table anchors from struct net, Florian Westphal
- [PATCH nf-next v2 11/12] netfilter: ip6_tables: pass table pointer via nf_hook_ops, Florian Westphal
- Re: [PATCH nf-next v2 00/12] netfilter: x_tables: remove ipt_unregister_table, Pablo Neira Ayuso
[PATCH v2 nf-next] netfilter: disable defrag once its no longer needed, Florian Westphal
- Re: [PATCH v2 nf-next] netfilter: disable defrag once its no longer needed, Pablo Neira Ayuso
[PATCH nft] src: add cgroupsv2 support, Pablo Neira Ayuso
[PATCH libnftnl] expr: socket: add cgroups v2 support, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nft_socket: add support for cgroupsv2, Pablo Neira Ayuso
[PATCH nf-next] netfilter: disable defrag once its no longer needed, Florian Westphal
- Re: [PATCH nf-next] netfilter: disable defrag once its no longer needed, kernel test robot
[PATCH nf-next 00/12] netfilter: remove xtables pointers from struct net, Florian Westphal
- [PATCH nf-next 01/12] netfilter: ebtables: remove the 3 ebtables pointers from struct net, Florian Westphal
- [PATCH nf-next 02/12] netfilter: x_tables: remove ipt_unregister_table, Florian Westphal
  - Re: [PATCH nf-next 02/12] netfilter: x_tables: remove ipt_unregister_table, kernel test robot
  - Re: [PATCH nf-next 02/12] netfilter: x_tables: remove ipt_unregister_table, kernel test robot
- [PATCH nf-next 03/12] netfilter: add xt_find_table, Florian Westphal
- [PATCH nf-next 04/12] netfilter: iptables: unregister the tables by name, Florian Westphal
- [PATCH nf-next 05/12] netfilter: ip6tables: unregister the tables by name, Florian Westphal
- [PATCH nf-next 06/12] netfilter: arptables: unregister the tables by name, Florian Westphal
- [PATCH nf-next 07/12] netfilter: x_tables: remove paranoia tests, Florian Westphal
- [PATCH nf-next 08/12] netfilter: xt_nat: pass table to hookfn, Florian Westphal
- [PATCH nf-next 09/12] netfilter: ip_tables: pass table pointer via nf_hook_ops, Florian Westphal
- [PATCH nf-next 10/12] netfilter: arp_tables: pass table pointer via nf_hook_ops, Florian Westphal
- [PATCH nf-next 11/12] netfilter: ip6_tables: pass table pointer via nf_hook_ops, Florian Westphal
- [PATCH nf-next 12/12] netfilter: remove all xt_table anchors from struct net, Florian Westphal
[PATCH] netfilter: conntrack: Reset the max ACK flag on SYN in ignore state, Ali Abdallah
- Re: [PATCH] netfilter: conntrack: Reset the max ACK flag on SYN in ignore state, Florian Westphal
Error when using clone option in iptables, Mohan Das
- Re: Error when using clone option in iptables, Jan Engelhardt
Now have make distcheck passing with doxygen enabled, Duncan Roe
- [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled, Duncan Roe
  - Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled, Jan Engelhardt
    - Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled, Duncan Roe
      - Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled, Jan Engelhardt
        
        Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled, Duncan Roe
        
        Re: [PATCH libnetfilter_queue 1/1] build: doc: `make distcheck` passes with doxygen enabled, Jan Engelhardt
        
        [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled, Duncan Roe
        
        Re: [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled, Duncan Roe
        
        Re: [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled, Jan Engelhardt
        
        Re: [PATCH libnetfilter_queue v2] build: doc: `make distcheck` passes with doxygen enabled, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nat: move nf_xfrm_me_harder to where it is used, Florian Westphal
- Re: [PATCH nf-next] netfilter: nat: move nf_xfrm_me_harder to where it is used, Pablo Neira Ayuso
[PATCH nft] parser_bison: missing relational operation on flag list, Pablo Neira Ayuso
[PATCH net-next 00/14] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/14] netfilter: flowtable: add vlan match offload support, Pablo Neira Ayuso
  - Re: [PATCH net-next 01/14] netfilter: flowtable: add vlan match offload support, patchwork-bot+netdevbpf
- [PATCH net-next 02/14] netfilter: flowtable: add vlan pop action offload support, Pablo Neira Ayuso
- [PATCH net-next 03/14] netfilter: conntrack: move autoassign warning member to net_generic data, Pablo Neira Ayuso
- [PATCH net-next 04/14] netfilter: conntrack: move autoassign_helper sysctl to net_generic data, Pablo Neira Ayuso
- [PATCH net-next 05/14] netfilter: conntrack: move expect counter to net_generic data, Pablo Neira Ayuso
- [PATCH net-next 07/14] netfilter: conntrack: convert sysctls to u8, Pablo Neira Ayuso
- [PATCH net-next 06/14] netfilter: conntrack: move ct counter to net_generic data, Pablo Neira Ayuso
- [PATCH net-next 08/14] netfilter: flowtable: Add FLOW_OFFLOAD_XMIT_UNSPEC xmit type, Pablo Neira Ayuso
- [PATCH net-next 09/14] netfilter: nft_payload: fix C-VLAN offload support, Pablo Neira Ayuso
- [PATCH net-next 10/14] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector, Pablo Neira Ayuso
- [PATCH net-next 12/14] netfilter: Dissect flow after packet mangling, Pablo Neira Ayuso
- [PATCH net-next 11/14] netfilter: nftables_offload: special ethertype handling for VLAN, Pablo Neira Ayuso
- [PATCH net-next 13/14] selftests: fib_tests: Add test cases for interaction with mangling, Pablo Neira Ayuso
- [PATCH net-next 14/14] netfilter: nftables: counter hardware offload support, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net-next 00/14] Netfilter updates for net-next, Pablo Neira Ayuso
  - [PATCH net-next 02/14] netfilter: nfqueue: enable to get skb->priority, Pablo Neira Ayuso
  - [PATCH net-next 01/14] netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY, Pablo Neira Ayuso
    - Re: [PATCH net-next 01/14] netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY, patchwork-bot+netdevbpf
    - Re: [PATCH net-next 01/14] netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY, Gal Pressman
      - Re: [PATCH net-next 01/14] netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY, Florian Westphal
        
        Re: [PATCH net-next 01/14] netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY, Pablo Neira Ayuso
        
        Re: [PATCH net-next 01/14] netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY, Gal Pressman
        
        Re: [PATCH net-next 01/14] netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY, Florian Westphal
  - [PATCH net-next 03/14] netfilter: conntrack: make all extensions 8-byte alignned, Pablo Neira Ayuso
  - [PATCH net-next 06/14] netfilter: conntrack: remove extension register api, Pablo Neira Ayuso
  - [PATCH net-next 05/14] netfilter: conntrack: handle ->destroy hook via nat_ops instead, Pablo Neira Ayuso
  - [PATCH net-next 04/14] netfilter: conntrack: move extension sizes into core, Pablo Neira Ayuso
  - [PATCH net-next 07/14] netfilter: conntrack: pptp: use single option structure, Pablo Neira Ayuso
  - [PATCH net-next 08/14] netfilter: exthdr: add support for tcp option removal, Pablo Neira Ayuso
  - [PATCH net-next 10/14] netfilter: ecache: don't use nf_conn spinlock, Pablo Neira Ayuso
  - [PATCH net-next 09/14] netfilter: nft_compat: suppress comment match, Pablo Neira Ayuso
  - [PATCH net-next 13/14] nfqueue: enable to set skb->priority, Pablo Neira Ayuso
  - [PATCH net-next 12/14] netfilter: nft_cmp: optimize comparison for 16-bytes, Pablo Neira Ayuso
  - [PATCH net-next 11/14] netfilter: cttimeout: use option structure, Pablo Neira Ayuso
  - [PATCH net-next 14/14] netfilter: ctnetlink: use dump structure instead of raw args, Pablo Neira Ayuso
- [PATCH net-next 00/14] Netfilter updates for net-next, Pablo Neira Ayuso
  - [PATCH net-next 03/14] netfilter: nf_tables: add nft_trans_commit_list_add_elem helper, Pablo Neira Ayuso
  - [PATCH net-next 01/14] netfilter: nfnetlink: Report extack policy errors for batched ops, Pablo Neira Ayuso
    - Re: [PATCH net-next 01/14] netfilter: nfnetlink: Report extack policy errors for batched ops, patchwork-bot+netdevbpf
  - [PATCH net-next 02/14] netfilter: bpf: Pass string literal as format argument of request_module(), Pablo Neira Ayuso
  - [PATCH net-next 05/14] netfilter: nf_tables: prepare nft audit for set element compaction, Pablo Neira Ayuso
  - [PATCH net-next 04/14] netfilter: nf_tables: prepare for multiple elements in nft_trans_elem structure, Pablo Neira Ayuso
  - [PATCH net-next 10/14] netfilter: rpfilter: Convert rpfilter_mt() to dscp_t., Pablo Neira Ayuso
  - [PATCH net-next 08/14] netfilter: ipv4: Convert ip_route_me_harder() to dscp_t., Pablo Neira Ayuso
  - [PATCH net-next 09/14] netfilter: flow_offload: Convert nft_flow_route() to dscp_t., Pablo Neira Ayuso
  - [PATCH net-next 07/14] netfilter: nf_tables: allocate element update information dynamically, Pablo Neira Ayuso
  - [PATCH net-next 06/14] netfilter: nf_tables: switch trans_elem to real flex array, Pablo Neira Ayuso
  - [PATCH net-next 12/14] netfilter: nf_dup4: Convert nf_dup_ipv4_route() to dscp_t., Pablo Neira Ayuso
  - [PATCH net-next 11/14] netfilter: nft_fib: Convert nft_fib4_eval() to dscp_t., Pablo Neira Ayuso
  - [PATCH net-next 13/14] netfilter: bitwise: rename some boolean operation functions, Pablo Neira Ayuso
  - [PATCH net-next 14/14] netfilter: bitwise: add support for doing AND, OR and XOR directly, Pablo Neira Ayuso
- [PATCH net-next 00/14] Netfilter updates for net-next, Pablo Neira Ayuso
  - [PATCH net-next 01/14] netfilter: nf_tables: fix set size with rbtree backend, Pablo Neira Ayuso
    - Re: [PATCH net-next 01/14] netfilter: nf_tables: fix set size with rbtree backend, Simon Horman
      - Re: [PATCH net-next 01/14] netfilter: nf_tables: fix set size with rbtree backend, Pablo Neira Ayuso
  - [PATCH net-next 02/14] netfilter: br_netfilter: remove unused conditional and dead code, Pablo Neira Ayuso
    - Re: [PATCH net-next 02/14] netfilter: br_netfilter: remove unused conditional and dead code, Jakub Kicinski
  - [PATCH net-next 04/14] netfilter: nf_tables: Store user-defined hook ifname, Pablo Neira Ayuso
  - [PATCH net-next 03/14] netfilter: nf_tables: Flowtable hook's pf value never varies, Pablo Neira Ayuso
  - [PATCH net-next 08/14] netfilter: nf_tables: Simplify chain netdev notifier, Pablo Neira Ayuso
  - [PATCH net-next 06/14] netfilter: nf_tables: Compare netdev hooks based on stored name, Pablo Neira Ayuso
  - [PATCH net-next 09/14] netfilter: nft_flow_offload: clear tcp MAXACK flag before moving to slowpath, Pablo Neira Ayuso
  - [PATCH net-next 07/14] netfilter: nf_tables: Tolerate chains with no remaining hooks, Pablo Neira Ayuso
  - [PATCH net-next 10/14] netfilter: nft_flow_offload: update tcp state flags under lock, Pablo Neira Ayuso
  - [PATCH net-next 05/14] netfilter: nf_tables: Use stored ifname in netdev hook dumps, Pablo Neira Ayuso
  - [PATCH net-next 13/14] netfilter: flowtable: teardown flow if cached mtu is stale, Pablo Neira Ayuso
  - [PATCH net-next 14/14] netfilter: flowtable: add CLOSING state, Pablo Neira Ayuso
  - [PATCH net-next 11/14] netfilter: conntrack: remove skb argument from nf_ct_refresh, Pablo Neira Ayuso
  - [PATCH net-next 12/14] netfilter: conntrack: rework offload nf_conn timeout extension logic, Pablo Neira Ayuso
    - Re: [PATCH net-next 12/14] netfilter: conntrack: rework offload nf_conn timeout extension logic, Jakub Kicinski
[PATCH 3/3,v4] netfilter: nftables_offload: special ethertype handling for VLAN, Pablo Neira Ayuso
[PATCH v2 0/2] Two fixes related to '--concurrent', Firo Yang
- [PATCH v2 1/2] libebtc: Fix an issue that '--concurrent' doesn't work with NFS, Firo Yang
- [PATCH v2 2/2] ebtables: Spewing an error if --concurrent isn't first argument, Firo Yang
- Re: [PATCH v2 0/2] Two fixes related to '--concurrent', Pablo Neira Ayuso
[PATCH nf-next] netfilter: nftables: counter hardware offload support, Pablo Neira Ayuso
[PATCH nft 0/10] cache updates, Pablo Neira Ayuso
- [PATCH nft 01/10] cache: add hashtable cache for object, Pablo Neira Ayuso
- [PATCH nft 02/10] cache: add hashtable cache for flowtable, Pablo Neira Ayuso
- [PATCH nft 03/10] cache: add set_cache_del() and use it, Pablo Neira Ayuso
- [PATCH nft 04/10] evaluate: add set to the cache, Pablo Neira Ayuso
- [PATCH nft 05/10] evaluate: add flowtable to the cache, Pablo Neira Ayuso
- [PATCH nft 07/10] evaluate: add object to the cache, Pablo Neira Ayuso
- [PATCH nft 06/10] cache: missing table cache for several policy objects, Pablo Neira Ayuso
- [PATCH nft 08/10] cache: move struct nft_cache declaration to cache.h, Pablo Neira Ayuso
- [PATCH nft 09/10] cache: add hashtable cache for table, Pablo Neira Ayuso
- [PATCH nft 10/10] evaluate: remove table_lookup_global(), Pablo Neira Ayuso
[nft PATCH] mnl: Increase BATCH_PAGE_SIZE to support huge rulesets, Phil Sutter
[PATCH nf-next v2 0/2] netfilter: Dissect flow after packet mangling, Ido Schimmel
- [PATCH nf-next v2 1/2] netfilter: Dissect flow after packet mangling, Ido Schimmel
- [PATCH nf-next v2 2/2] selftests: fib_tests: Add test cases for interaction with mangling, Ido Schimmel
  - Re: [PATCH nf-next v2 2/2] selftests: fib_tests: Add test cases for interaction with mangling, David Ahern
- Re: [PATCH nf-next v2 0/2] netfilter: Dissect flow after packet mangling, Pablo Neira Ayuso
[PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Cole Dishington
- Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Florian Westphal
  - [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Cole Dishington
    - Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Florian Westphal
      - Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Florian Westphal
        
        [PATCH v3] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Cole Dishington
        
        Re: [PATCH v3] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Florian Westphal
        
        Re: [PATCH v3] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Florian Westphal
  - Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Jan Engelhardt
    - Re: [PATCH] netfilter: nf_conntrack: Add conntrack helper for ESP/IPsec, Cole Dishington
[PATCH nf-next,v3 1/3] netfilter: nft_payload: fix C-VLAN offload support, Pablo Neira Ayuso
- [PATCH nf-next,v3 3/3] netfilter: nftables_offload: special ethertype handling for VLAN, Pablo Neira Ayuso
- [PATCH nf-next,v3 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector, Pablo Neira Ayuso
[PATCH nft] parser: allow to load stateful ct connlimit elements in sets, nevola
- Re: [PATCH nft] parser: allow to load stateful ct connlimit elements in sets, Pablo Neira Ayuso
[PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 1/7] netfilter: flowtable: fix NAT IPv6 offload mangling, Pablo Neira Ayuso
  - Re: [PATCH net 1/7] netfilter: flowtable: fix NAT IPv6 offload mangling, patchwork-bot+netdevbpf
- [PATCH net 2/7] netfilter: conntrack: do not print icmpv6 as unknown via /proc, Pablo Neira Ayuso
- [PATCH net 3/7] netfilter: nft_limit: avoid possible divide error in nft_limit_init, Pablo Neira Ayuso
- [PATCH net 4/7] netfilter: bridge: add pre_exit hooks for ebtable unregistration, Pablo Neira Ayuso
- [PATCH net 5/7] netfilter: arp_tables: add pre_exit hook for table unregister, Pablo Neira Ayuso
- [PATCH net 6/7] netfilter: x_tables: fix compat match/target pad out-of-bound write, Pablo Neira Ayuso
- [PATCH net 7/7] netfilter: nftables: clone set element expression template, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 1/7] netfilter: nfnetlink_queue: silence bogus compiler warning, Pablo Neira Ayuso
    - Re: [PATCH net 1/7] netfilter: nfnetlink_queue: silence bogus compiler warning, patchwork-bot+netdevbpf
  - [PATCH net 4/7] selftests: netfilter: Add correctness test for mac,net set type, Pablo Neira Ayuso
  - [PATCH net 2/7] vrf: don't run conntrack on vrf with !dflt qdisc, Pablo Neira Ayuso
  - [PATCH net 5/7] netfilter: nft_exthdr: break evaluation if setting TCP option fails, Pablo Neira Ayuso
  - [PATCH net 3/7] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six 8-bit groups, Pablo Neira Ayuso
  - [PATCH net 7/7] netfilter: conntrack: annotate data-races around ct->timeout, Pablo Neira Ayuso
  - [PATCH net 6/7] selftests: netfilter: switch zone stress to socat, Pablo Neira Ayuso
- [PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 2/7] netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices, Pablo Neira Ayuso
  - [PATCH net 4/7] netfilter: nft_flow_offload: fix offload with pppoe + vlan, Pablo Neira Ayuso
  - [PATCH net 7/7] netfilter: nf_tables: disable expression reduction infra, Pablo Neira Ayuso
  - [PATCH net 3/7] net: fix dev_fill_forward_path with pppoe + bridge, Pablo Neira Ayuso
  - [PATCH net 1/7] netfilter: flowtable: fix excessive hw offload attempts after failure, Pablo Neira Ayuso
    - Re: [PATCH net 1/7] netfilter: flowtable: fix excessive hw offload attempts after failure, patchwork-bot+netdevbpf
  - [PATCH net 5/7] netfilter: flowtable: fix TCP flow teardown, Pablo Neira Ayuso
  - [PATCH net 6/7] netfilter: flowtable: move dst_check to packet path, Pablo Neira Ayuso
- [PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 7/7] netfilter: nf_tables: bail out early if hardware offload is not supported, Pablo Neira Ayuso
    - Re: [PATCH net 7/7] netfilter: nf_tables: bail out early if hardware offload is not supported, Jakub Kicinski
      - Re: [PATCH net 7/7] netfilter: nf_tables: bail out early if hardware offload is not supported, Pablo Neira Ayuso
  - [PATCH net 2/7] netfilter: nf_tables: use kfree_rcu(ptr, rcu) to release hooks in clean_net path, Pablo Neira Ayuso
  - [PATCH net 4/7] netfilter: nf_tables: always initialize flowtable hook list in transaction, Pablo Neira Ayuso
  - [PATCH net 6/7] netfilter: nf_tables: memleak flow rule from commit path, Pablo Neira Ayuso
  - [PATCH net 1/7] netfilter: nat: really support inet nat without l3 address, Pablo Neira Ayuso
    - Re: [PATCH net 1/7] netfilter: nat: really support inet nat without l3 address, patchwork-bot+netdevbpf
  - [PATCH net 5/7] netfilter: nf_tables: release new hooks on unsupported flowtable flags, Pablo Neira Ayuso
  - [PATCH net 3/7] netfilter: nf_tables: delete flowtable hooks via transaction list, Pablo Neira Ayuso
- [PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 1/7] netfilter: conntrack: fix ipv6 exthdr error check, Pablo Neira Ayuso
    - Re: [PATCH net 1/7] netfilter: conntrack: fix ipv6 exthdr error check, patchwork-bot+netdevbpf
  - [PATCH net 3/7] netfilter: nf_tables: add function to create set stateful expressions, Pablo Neira Ayuso
  - [PATCH net 4/7] netfilter: nf_tables: perform type checking for existing sets, Pablo Neira Ayuso
  - [PATCH net 2/7] netfilter: nf_tables: consolidate set description, Pablo Neira Ayuso
  - [PATCH net 5/7] netfilter: nf_tables: honor set timeout and garbage collection updates, Pablo Neira Ayuso
  - [PATCH net 6/7] netfilter: ipset: fix hash:net,port,net hang with /0 subnet, Pablo Neira Ayuso
  - [PATCH net 7/7] netfilter: ipset: Rework long task execution when adding/deleting entries, Pablo Neira Ayuso
- [PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
  - [PATCH net 2/7] netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get(), Pablo Neira Ayuso
  - [PATCH net 1/7] netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get(), Pablo Neira Ayuso
    - Re: [PATCH net 1/7] netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get(), patchwork-bot+netdevbpf
  - [PATCH net 4/7] netfilter: nft_set_pipapo: walk over current view on netlink dump, Pablo Neira Ayuso
  - [PATCH net 3/7] netfilter: br_netfilter: skip conntrack input hook for promisc packets, Pablo Neira Ayuso
  - [PATCH net 5/7] netfilter: nft_set_pipapo: do not free live element, Pablo Neira Ayuso
  - [PATCH net 6/7] netfilter: flowtable: validate pppoe header, Pablo Neira Ayuso
  - [PATCH net 7/7] netfilter: flowtable: incorrect pppoe tuple, Pablo Neira Ayuso
  - Re: [PATCH net 0/7] Netfilter fixes for net, Paolo Abeni
    - Re: [PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
      - Re: [PATCH net 0/7] Netfilter fixes for net, Paolo Abeni
        
        Re: [PATCH net 0/7] Netfilter fixes for net, Pablo Neira Ayuso
[PATCH nf-next v2 0/5] netfilter: conntrack: shrink size of netns_ct, Florian Westphal
- [PATCH nf-next v2 1/5] netfilter: conntrack: move autoassign warning member to net_generic data, Florian Westphal
- [PATCH nf-next v2 2/5] netfilter: conntrack: move autoassign_helper sysctl to net_generic data, Florian Westphal
- [PATCH nf-next v2 3/5] netfilter: conntrack: move expect counter to net_generic data, Florian Westphal
- [PATCH nf-next v2 4/5] netfilter: conntrack: move ct counter to net_generic data, Florian Westphal
- [PATCH nf-next v2 5/5] netfilter: conntrack: convert sysctls to u8, Florian Westphal
- Re: [PATCH nf-next v2 0/5] netfilter: conntrack: shrink size of netns_ct, Pablo Neira Ayuso
[PATCH nf-next,v2 1/3] netfilter: nft_payload: fix C-VLAN offload support, Pablo Neira Ayuso
- [PATCH nf-next,v2 3/3] netfilter: nftables_offload: special ethertype handling for VLAN, Pablo Neira Ayuso
- [PATCH nf-next,v2 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v2 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector, kernel test robot
[PATCH nf-next 1/3] netfilter: nft_payload: fix C-VLAN offload support, Pablo Neira Ayuso
- [PATCH nf-next 2/3] netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector, Pablo Neira Ayuso
- [PATCH nf-next 3/3] netfilter: nftables_offload: special ethertype handling for VLAN, Pablo Neira Ayuso
  - Re: [PATCH nf-next 3/3] netfilter: nftables_offload: special ethertype handling for VLAN, kernel test robot
linux-next: build failure after merge of the net-next tree, Stephen Rothwell
- Re: linux-next: build failure after merge of the net-next tree, Florian Westphal
- Re: linux-next: build failure after merge of the net-next tree, Pablo Neira Ayuso
[PATCH nf-next] netfilter: Dissect flow after packet mangling, Ido Schimmel
- Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling, David Ahern
  - Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling, Ido Schimmel
    - Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling, Michal Soltys
      - Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling, Ido Schimmel
        
        Re: [PATCH nf-next] netfilter: Dissect flow after packet mangling, Michal Soltys
[PATCH nf,v4] netfilter: nftables: clone set element expression template, Pablo Neira Ayuso
[PATCH nf,v3] netfilter: nftables: clone set element expression template, Pablo Neira Ayuso
[syzbot] WARNING in __nf_unregister_net_hook (4), syzbot
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4), Dmitry Vyukov
  - Re: [syzbot] WARNING in __nf_unregister_net_hook (4), Florian Westphal
    - Re: [syzbot] WARNING in __nf_unregister_net_hook (4), Pablo Neira Ayuso
      - Re: [syzbot] WARNING in __nf_unregister_net_hook (4), Dmitry Vyukov
        
        Re: [syzbot] WARNING in __nf_unregister_net_hook (4), Pablo Neira Ayuso
        
        Re: [syzbot] WARNING in __nf_unregister_net_hook (4), Dmitry Vyukov
        
        Re: [syzbot] WARNING in __nf_unregister_net_hook (4), Pablo Neira Ayuso
- Re: [syzbot] WARNING in __nf_unregister_net_hook (4), syzbot
- [PATCH nf] netfilter: nftables: skip netdev events generated on netns removal, Florian Westphal
  - Re: [PATCH nf] netfilter: nftables: skip netdev events generated on netns removal, Pablo Neira Ayuso
[PATCH net] netfilter: nft_limit: avoid possible divide error in nft_limit_init, Eric Dumazet
- Re: [PATCH net] netfilter: nft_limit: avoid possible divide error in nft_limit_init, Pablo Neira Ayuso
[PATCH nf-next 0/5] netfilter: conntrack: shrink size of netns_ct, Florian Westphal
- [PATCH nf-next 1/5] netfilter: conntrack: move autoassign warning member to net_generic data, Florian Westphal
- [PATCH nf-next 2/5] netfilter: conntrack: move autoassign_helper sysctl to net_generic data, Florian Westphal
- [PATCH nf-next 3/5] netfilter: conntrack: move expect counter to net_generic data, Florian Westphal
- [PATCH nf-next 4/5] netfilter: conntrack: move ct counter to net_generic data, Florian Westphal
  - Re: [PATCH nf-next 4/5] netfilter: conntrack: move ct counter to net_generic data, kernel test robot
- [PATCH nf-next 5/5] netfilter: conntrack: convert sysctls to u8, Florian Westphal
[PATCH] net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta, wenxu
- Re: [PATCH] net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta, Pablo Neira Ayuso
- Re: [PATCH] net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta, Saeed Mahameed
[PATCH nf v2] netfilter: nft_payload: fix the h_vlan_encapsulated_proto flow_dissector vlaue, wenxu
- Re: [PATCH nf v2] netfilter: nft_payload: fix the h_vlan_encapsulated_proto flow_dissector vlaue, Pablo Neira Ayuso
  - Re: [PATCH nf v2] netfilter: nft_payload: fix the h_vlan_encapsulated_proto flow_dissector vlaue, Pablo Neira Ayuso
    - Re: [PATCH nf v2] netfilter: nft_payload: fix the h_vlan_encapsulated_proto flow_dissector vlaue, wenxu
[PATCH nf] netfilter: nftables: clone set element expression template, Pablo Neira Ayuso
[PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state, Ali Abdallah
- Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state, Florian Westphal
  - Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state, Ali Abdallah
    - Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state, Florian Westphal
      - Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state, Ali Abdallah
        
        Re: [PATCH] conntrack_tcp: Reset the max ACK flag on SYN in ignore state, Florian Westphal
[PATCH nf 0/2] arp,ebtables: add pre_exit hooks for arp/ebtable hook unregister, Florian Westphal
- [PATCH nf 1/2] netfilter: bridge: add pre_exit hooks for ebtable unregistration, Florian Westphal
- [PATCH nf 2/2] netfilter: arp_tables: netfilter: bridge: add pre_exit hook for table unregister, Florian Westphal
- Re: [PATCH nf 0/2] arp,ebtables: add pre_exit hooks for arp/ebtable hook unregister, Pablo Neira Ayuso
[PATCH nf] netfilter: x_tables: fix compat match/target pad out-of-bound write, Florian Westphal
- Re: [PATCH nf] netfilter: x_tables: fix compat match/target pad out-of-bound write, Pablo Neira Ayuso
[PATCH nft] evaluate: check if nat statement map specifies a transport header expr, Florian Westphal
LPC 2021 Networking and BPF Track CFP, Daniel Borkmann
- LPC 2021 Networking and BPF Track CFP (Reminder), Daniel Borkmann
  - LPC 2021 Networking and BPF Track CFP (2nd reminder), Daniel Borkmann
[PATCH net-next 00/28] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 01/28] netfilter: nf_log_ipv4: rename to nf_log_syslog, Pablo Neira Ayuso
- [PATCH net-next 02/28] netfilter: nf_log_arp: merge with nf_log_syslog, Pablo Neira Ayuso
- [PATCH net-next 03/28] netfilter: nf_log_ipv6: merge with nf_log_syslog, Pablo Neira Ayuso
- [PATCH net-next 04/28] netfilter: nf_log_netdev: merge with nf_log_syslog, Pablo Neira Ayuso
- [PATCH net-next 05/28] netfilter: nf_log_bridge: merge with nf_log_syslog, Pablo Neira Ayuso
- [PATCH net-next 07/28] netfilter: nf_log: add module softdeps, Pablo Neira Ayuso
- [PATCH net-next 06/28] netfilter: nf_log_common: merge with nf_log_syslog, Pablo Neira Ayuso
- [PATCH net-next 12/28] netfilter: nftables: remove unnecessary spin_lock_init(), Pablo Neira Ayuso
- [PATCH net-next 08/28] netfilter: nft_log: perform module load from nf_tables, Pablo Neira Ayuso
- [PATCH net-next 10/28] netfilter: ipset: Remove duplicate declaration, Pablo Neira Ayuso
- [PATCH net-next 09/28] audit: log nftables configuration change events once per table, Pablo Neira Ayuso
- [PATCH net-next 13/28] netfilter: nftables: add helper function to set the base sequence number, Pablo Neira Ayuso
- [PATCH net-next 16/28] netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect(), Pablo Neira Ayuso
- [PATCH net-next 20/28] netfilter: cttimeout: use net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 22/28] netfilter: nf_defrag_ipv4: use net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 18/28] netfilter: nfnetlink: add and use nfnetlink_broadcast, Pablo Neira Ayuso
- [PATCH net-next 17/28] netfilter: nftables: remove documentation on static functions, Pablo Neira Ayuso
- [PATCH net-next 15/28] netfilter: ipvs: do not printk on netns creation, Pablo Neira Ayuso
- [PATCH net-next 14/28] netfilter: add helper function to set up the nfnetlink header and use it, Pablo Neira Ayuso
- [PATCH net-next 11/28] netfilter: flowtable: dst_check() from garbage collector path, Pablo Neira Ayuso
- [PATCH net-next 23/28] netfilter: ebtables: use net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 19/28] netfilter: nfnetlink: use net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 24/28] netfilter: nf_tables: use net_generic infra for transaction data, Pablo Neira Ayuso
- [PATCH net-next 21/28] netfilter: nf_defrag_ipv6: use net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 25/28] netfilter: x_tables: move known table lists to net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 26/28] netfilter: conntrack: move sysctl pointer to net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 27/28] netfilter: conntrack: move ecache dwork to net_generic infra, Pablo Neira Ayuso
- [PATCH net-next 28/28] net: remove obsolete members from struct net, Pablo Neira Ayuso
[PATCH v4 0/5] conntrack: save output format, Mikhail Sennikovsky
- [PATCH v4 1/5] conntrack: introduce ct_cmd_list, Mikhail Sennikovsky
- [PATCH v4 2/5] conntrack: accept commands from file, Mikhail Sennikovsky
- [PATCH v4 3/5] conntrack.8: man update for --load-file support, Mikhail Sennikovsky
- [PATCH v4 4/5] tests: saving and loading ct entries, save format, Mikhail Sennikovsky
- [PATCH v4 5/5] tests: conntrack -L/-D ip family filtering, Mikhail Sennikovsky
- Re: [PATCH v4 0/5] conntrack: save output format, Pablo Neira Ayuso
[iptables PATCH v2] nft: Increase BATCH_PAGE_SIZE to support huge rulesets, Phil Sutter
Unused macro, Alejandro Colomar (man-pages)
- Re: Unused macro, Florian Westphal
  - Re: Unused macro, Alejandro Colomar (man-pages)
    - Re: Unused macro, Pablo Neira Ayuso
      - Re: Unused macro, Alejandro Colomar (man-pages)
[PATCH nf-next v2 1/2] netfilter: flowtable: add vlan match offload support, wenxu
- [PATCH nf-next v2 2/2] netfilter: flowtable: add vlan pop action offload support, wenxu
  - Re: [PATCH nf-next v2 2/2] netfilter: flowtable: add vlan pop action offload support, Pablo Neira Ayuso
- Re: [PATCH nf-next v2 1/2] netfilter: flowtable: add vlan match offload support, Pablo Neira Ayuso
[syzbot] WARNING: suspicious RCU usage in find_inlist_lock, syzbot
- Re: [syzbot] WARNING: suspicious RCU usage in find_inlist_lock, Dmitry Vyukov
[PATCH iptables] fix build for missing ETH_ALEN definition, Maciej Żenczykowski
[PATCH netfilter] netfilter: xt_IDLETIMER: fix idletimer_tg_helper non-kosher casts, Maciej Żenczykowski
- Re: [PATCH netfilter] netfilter: xt_IDLETIMER: fix idletimer_tg_helper non-kosher casts, Florian Westphal
  - Re: [PATCH netfilter] netfilter: xt_IDLETIMER: fix idletimer_tg_helper non-kosher casts, Maciej Żenczykowski
[PATCH nft 1/2] cache: add hashtable cache for sets, Pablo Neira Ayuso
- [PATCH nft 2/2] cache: bail out if chain list cannot be fetched from kernel, Pablo Neira Ayuso
[PATCH] netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect(), Dan Carpenter
- Re: [PATCH] netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect(), Paul Moore
  - Re: [PATCH] netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect(), Pablo Neira Ayuso
    - Re: [PATCH] netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect(), Richard Guy Briggs
[PATCH nf] netfilter: nft_payload: fix vlan_tpid get from h_vlan_proto, wenxu
- Re: [PATCH nf] netfilter: nft_payload: fix vlan_tpid get from h_vlan_proto, kernel test robot
- Re: [PATCH nf] netfilter: nft_payload: fix vlan_tpid get from h_vlan_proto, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nft_payload: fix vlan_tpid get from h_vlan_proto, wenxu
    - Re: [PATCH nf] netfilter: nft_payload: fix vlan_tpid get from h_vlan_proto, wenxu
      - Re: [PATCH nf] netfilter: nft_payload: fix vlan_tpid get from h_vlan_proto, Pablo Neira Ayuso
[PATCH nft] cache: check for NULL chain in cache_init(), Pablo Neira Ayuso
[PATCH nft 1/4] cache: rename chain_htable to cache_chain_ht, Pablo Neira Ayuso
- [PATCH nft 2/4,v2] src: split chain list in table, Pablo Neira Ayuso
- [PATCH nft 3/4] evaluate: use chain hashtable for lookups, Pablo Neira Ayuso
- [PATCH nft 4/4] cache: statify chain_cache_dump(), Pablo Neira Ayuso
[iptables PATCH v5 1/2] extensions: libxt_conntrack: print xlate state as set, Alexander Mikhalitsyn
- [iptables PATCH v5 2/2] extensions: libxt_conntrack: print xlate status as set, Alexander Mikhalitsyn
  - Re: [iptables PATCH v5 2/2] extensions: libxt_conntrack: print xlate status as set, Florian Westphal
    - Re: [iptables PATCH v5 2/2] extensions: libxt_conntrack: print xlate status as set, Alexander Mikhalitsyn
- Re: [iptables PATCH v5 1/2] extensions: libxt_conntrack: print xlate state as set, Florian Westphal
[iptables PATCH v5 PATCH 1/2] extensions: libxt_conntrack: print xlate state as set, Alexander Mikhalitsyn
- [iptables PATCH v5 PATCH 2/2] extensions: libxt_conntrack: print xlate status as set, Alexander Mikhalitsyn

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]