Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH net 3/3] netfilter: flowtable: validate vlan header, (continued)
- [PATCH libnetfilter_conntrack] examples: check return value of nfct_nlmsg_build(),
Eyal Birger
- WARNING: suspicious RCU usage in xt_obj_to_user, syzbot
- Announcing Netdev 0x15, Jamal Hadi Salim
- [PATCH nf 1/2] netfilter: nft_dynset: report EOPNOTSUPP on missing set feature,
Pablo Neira Ayuso
- stack corruption with EBT_ENTRY_ITERATE, sharathv
- [PATCH conntrack-tools] conntrackd: add ip netns test script,
Pablo Neira Ayuso
- kernel BUG at lib/string.c:LINE! (6),
syzbot
- [PATCH ghak90 v10 00/11] audit: implement container identifier,
Richard Guy Briggs
- [PATCH ghak90 v10 01/11] audit: collect audit task parameters, Richard Guy Briggs
- [PATCH ghak90 v10 02/11] audit: add container id, Richard Guy Briggs
- [PATCH ghak90 v10 03/11] audit: log container info of syscalls, Richard Guy Briggs
- [PATCH ghak90 v10 04/11] audit: add contid support for signalling the audit daemon, Richard Guy Briggs
- [PATCH ghak90 v10 06/11] audit: add containerid support for user records, Richard Guy Briggs
- [PATCH ghak90 v10 05/11] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
- [PATCH ghak90 v10 07/11] audit: add containerid filtering, Richard Guy Briggs
- [PATCH ghak90 v10 08/11] audit: add support for containerid to network namespaces, Richard Guy Briggs
- [PATCH ghak90 v10 09/11] audit: contid check descendancy and nesting, Richard Guy Briggs
- [PATCH ghak90 v10 10/11] audit: track container nesting, Richard Guy Briggs
- [PATCH ghak90 v10 11/11] audit: add capcontid to set contid outside init_user_ns, Richard Guy Briggs
- [ANNOUNCE] ipset 7.10 released, Jozsef Kadlecsik
- Re: INFO: rcu detected stall in tipc_release,
syzbot
- [PATCH nft] tests: shell: set element multistatement support, Pablo Neira Ayuso
- [PATCH nft 1/2,v2] src: add support for multi-statement in dynamic sets and maps,
Pablo Neira Ayuso
- [PATCH nft,v2] src: disallow burst 0 in ratelimits, Pablo Neira Ayuso
- [PATCH 1/3 libnftnl,v2] src: add NFTNL_SET_ELEM_EXPRESSIONS,
Pablo Neira Ayuso
- [PATCH v2] netfilter: ipset: fix shift-out-of-bounds in htable_bits(),
Vasily Averin
- [PATCH nf] parser_bison: disallow burst 0 in ratelimits, Pablo Neira Ayuso
- [PATCH nft 0/2] multi-statement support for set elements,
Pablo Neira Ayuso
- [PATCH] netfilter: ipset: fixes possible oops in mtype_resize,
Vasily Averin
- [PATCH nf] netfilter: x_tables: Update remaining dereference to RCU,
Subash Abhinov Kasiviswanathan
- [PATCH conntrack-tools] conntrack: pretty-print the portid, Florian Westphal
- UBSAN: shift-out-of-bounds in hash_ipmark_create, syzbot
- WARNING: suspicious RCU usage in nf_ct_iterate_cleanup, syzbot
- [nft PATCH] tests: py: Fix for changed concatenated ranges output, Phil Sutter
- [PATCH][next] netfilter: nftables: fix incorrect increment of loop counter,
Colin King
- [libnftnl PATCH 1/2] set_elem: Use nftnl_data_reg_snprintf(),
Phil Sutter
- [PATCH nft] json: don't leave dangling pointers on hlist, Florian Westphal
- UBSAN: shift-out-of-bounds in hash_mac_create, syzbot
- [PATCH net-next 00/10] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 04/10] netfilter: nfnl_acct: remove data from struct net, Pablo Neira Ayuso
- [PATCH net-next 09/10] netfilter: nftables: generalize set extension to support for several expressions, Pablo Neira Ayuso
- [PATCH net-next 06/10] netfilter: ctnetlink: add timeout and protoinfo to destroy events, Pablo Neira Ayuso
- [PATCH net-next 10/10] netfilter: nftables: netlink support for several set element expressions, Pablo Neira Ayuso
- [PATCH net-next 07/10] netfilter: nftables: generalize set expressions support, Pablo Neira Ayuso
- [PATCH net-next 05/10] netfilter: use actual socket sk for REJECT action, Pablo Neira Ayuso
- [PATCH net-next 08/10] netfilter: nftables: move nft_expr before nft_set, Pablo Neira Ayuso
- [PATCH net-next 01/10] netfilter: nft_reject_bridge: fix build errors due to code movement, Pablo Neira Ayuso
- [PATCH net-next 03/10] netfilter: Remove unnecessary conversion to bool, Pablo Neira Ayuso
- [PATCH net-next 02/10] ipvs: replace atomic_add_return(), Pablo Neira Ayuso
- Re: [PATCH net-next 00/10] Netfilter/IPVS updates for net-next, Jakub Kicinski
- [PATCH libnftnl 1/3] src: add NFTNL_SET_ELEM_EXPRESSIONS,
Pablo Neira Ayuso
- [PATCH nft] nft: trace: print packet unconditionally,
Florian Westphal
- [PATCH xtables-nft 0/3] xt-monitor fixes,
Florian Westphal
- [PATCH nf-next,v4 1/4] netfilter: nftables: generalize set expressions support,
Pablo Neira Ayuso
- [PATCH nf-next,v3] netfilter: ctnetlink: add timeout and protoinfo to destroy events, Pablo Neira Ayuso
- [PATCH nf-next,v3 1/4] netfilter: nftables: generalize set expressions support,
Pablo Neira Ayuso
- [PATCH nf-next v2 1/1] netfilter: ctnetlink: add timeout and protoinfo to destroy events,
Florian Westphal
- [iptables PATCH v3 0/9] nft: Sorted chain listing et al.,
Phil Sutter
- [iptables PATCH v3 7/9] nft: cache: Sort custom chains by name, Phil Sutter
- [iptables PATCH v3 2/9] nft: cache: Introduce nft_cache_add_chain(), Phil Sutter
- [iptables PATCH v3 6/9] nft: Introduce a dedicated base chain array, Phil Sutter
- [iptables PATCH v3 8/9] tests: shell: Drop any dump sorting in place, Phil Sutter
- [iptables PATCH v3 4/9] nft: cache: Move nft_chain_find() over, Phil Sutter
- [iptables PATCH v3 3/9] nft: Implement nft_chain_foreach(), Phil Sutter
- [iptables PATCH v3 5/9] nft: Introduce struct nft_chain, Phil Sutter
- [iptables PATCH v3 1/9] nft: Fix selective chain compatibility checks, Phil Sutter
- [iptables PATCH v3 9/9] nft: Avoid pointless table/chain creation, Phil Sutter
- Re: [iptables PATCH v3 0/9] nft: Sorted chain listing et al., Phil Sutter
- [PATCH nf-next] netfilter: ctnetlink: always include remaining timeout,
Florian Westphal
- [PATCH nft 0/10] nft: add automatic icmp/icmpv6 dependencies,
Florian Westphal
- [PATCH nft 01/10] exthdr: remove unused proto_key member from struct, Florian Westphal
- [PATCH nft 03/10] src: add auto-dependencies for ipv4 icmp, Florian Westphal
- [PATCH nft 04/10] tests: fix exepcted payload of icmp expressions, Florian Westphal
- [PATCH nft 05/10] src: add auto-dependencies for ipv6 icmp6, Florian Westphal
- [PATCH nft 07/10] payload: auto-remove simple icmp/icmpv6 dependency expressions, Florian Westphal
- [PATCH nft 02/10] proto: reduce size of proto_desc structure, Florian Westphal
- [PATCH nft 06/10] tests: fix exepcted payload of icmpv6 expressions, Florian Westphal
- [PATCH nft 08/10] tests: icmp, icmpv6: avoid remaining warnings, Florian Westphal
- [PATCH nft 10/10] tests: icmp, icmpv6: check we don't add second dependency, Florian Westphal
- [PATCH nft 09/10] tests: ip: add one test case to cover both id and sequence, Florian Westphal
- Re: [PATCH nft 0/10] nft: add automatic icmp/icmpv6 dependencies, Phil Sutter
- [PATCH 5/5 nf-next,v2] netfilter: nftables: netlink support for several set element expressions, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_ct: Remove confirmation check for NFT_CT_ID,
Brett Mastbergen
- [PATCH net] net: sched: incorrect Kconfig dependencies on Netfilter modules,
Pablo Neira Ayuso
- [PATCH nf,v4] netfilter: nft_dynset: fix timeouts later than 23 days,
Pablo Neira Ayuso
- [PATCH nft] tests: shell: timeouts later than 23 days,
Pablo Neira Ayuso
- [PATCH nf,v3] netfilter: nft_dynset: fix timeouts later than 23 days, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nft_dynset: fix timeouts later than 23 days, Pablo Neira Ayuso
- [PATCH nf] netfilter: nftables: comment indirect serialization of commit_mutex with rtnl_mutex,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_dynset: fix timeouts layer than 23 days,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nftables: fix incorrect element timeout,
Pablo Neira Ayuso
- [PATCH nft] parser_bison: double close_scope() call for implicit chains, Pablo Neira Ayuso
- [PATCH] Remove IP_NF_IPTABLES dependency for NET_ACT_CONNMARK,
Andreas Sundstrom
- [PATCH nf-next 0/5] support for several expression in set elements,
Pablo Neira Ayuso
- [PATCH v2] xfrm: interface: Don't hide plain packets from netfilter,
Phil Sutter
- [PATCH] xfrm: interface: Don't hide plain packets from netfilter,
Phil Sutter
- [PATCH nftables 1/2] monitor: add assignment check for json_echo,
Jose M. Guisado Gomez
- [iptables PATCH] tests/shell: Test for fixed extension registration, Phil Sutter
- [conntrack-tools PATCH v2 1/2] .gitignore: add nano swap file,
Arturo Borrero Gonzalez
- [conntrack-tools PATCH 1/2] .gitignore: add nano swap file,
Arturo Borrero Gonzalez
- [PATCH nft] src: report EPERM for non-root users,
Pablo Neira Ayuso
- [PATCH nft] mnl: reply netlink error message might be larger than MNL_SOCKET_BUFFER_SIZE, Pablo Neira Ayuso
- [iptables PATCH v3] extensions: dccp: Fix for DCCP type 'INVALID', Phil Sutter
- [nft PATCH] json: Fix seqnum_to_json() functionality,
Phil Sutter
- [nft PATCH] doc: Document 'dccp type' match, Phil Sutter
- [iptables PATCH v2] extensions: dccp: Fix for DCCP type 'INVALID', Phil Sutter
- [PATCH nft] parser_bison: allow to restore limit from dynamic set, Pablo Neira Ayuso
- [iptables PATCH] extensions: dccp: Fix translation of --dccp-type, Phil Sutter
- System crash on Ubuntu 18, in netlink code when using iptables / netfilter,
Yuri Lipnesh
- [PATCH libnetfilter_conntrack 1/2] build: use the right automake variables,
Jan Engelhardt
- [PATCH libnetfilter_queue 1/2] build: choose right automake variables,
Jan Engelhardt
- [PATCH libnetfilter_log] build: choose right automake variables,
Jan Engelhardt
- [PATCH libnetfilter_log 0/2] build: a couple of `-lnfnetlink` fixes.,
Jeremy Sowden
- WARNING: suspicious RCU usage in get_counters, syzbot
- [FYI] summary of Netfilter workshop 2020 virtual, Arturo Borrero Gonzalez
- [PATCH] netfilter: remove trailing semicolon in macro definition, trix
- [PATCH libftnl,RFC] src: add infrastructure to infer byteorder from keys,
Pablo Neira Ayuso
- [HEADS UP] Rebasing nf tree, Pablo Neira Ayuso
- [PATCH nf v2] netfilter: x_tables: Switch synchronization to RCU,
Subash Abhinov Kasiviswanathan
- XFRM interface and NF_INET_LOCAL_OUT hook,
Phil Sutter
- [PATCH net v3] ipvs: fix possible memory leak in ip_vs_control_net_init,
Wang Hai
- [PATCH net-next] netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal,
Antoine Tenart
- [PATCH nf] netfilter: x_tables: Switch synchronization to RCU,
Subash Abhinov Kasiviswanathan
- [PATCH xtables-addons 0/4] geoip: script fixes,
Jeremy Sowden
- [RFC] MAINTAINERS tag for cleanup robot,
trix
- [PATCH net 0/4] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH net 2/4] netfilter: nftables_offload: build mask based from the matching bytes, Pablo Neira Ayuso
- [PATCH net 1/4] netfilter: nftables_offload: set address type in control dissector, Pablo Neira Ayuso
- [PATCH net 4/4] netfilter: nf_tables: avoid false-postive lockdep splat, Pablo Neira Ayuso
- [PATCH net 3/4] netfilter: ipset: prevent uninit-value in hash_ip6_add, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH net 0/4] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH] netfilter: use actual socket sk for REJECT action,
Jan Engelhardt
- [PATCH v23 16/23] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v23 14/23] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v23 13/23] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v23 06/23] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v23 05/23] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [nft PATCH] json: echo: Speedup seqnum_to_json(),
Phil Sutter
- [PATCH 000/141] Fix fall-through warnings for Clang,
Gustavo A. R. Silva
Re: [PATCH 000/141] Fix fall-through warnings for Clang, Miguel Ojeda
Re: [PATCH 000/141] Fix fall-through warnings for Clang, Jason Gunthorpe
Message not available
Re: [PATCH 000/141] Fix fall-through warnings for Clang, Martin K. Petersen
Re: (subset) [PATCH 000/141] Fix fall-through warnings for Clang, Martin K. Petersen
[iptables PATCH] tests: shell: Stabilize nft-only/0009-needless-bitwise_0,
Phil Sutter
[PATCH net-next,v5 0/9] netfilter: flowtable bridge and vlan enhancements,
Pablo Neira Ayuso
- [PATCH net-next,v5 1/9] netfilter: flowtable: add hash offset field to tuple, Pablo Neira Ayuso
- [PATCH net-next,v5 4/9] net: 8021q: resolve forwarding path for vlan devices, Pablo Neira Ayuso
- [PATCH net-next,v5 3/9] net: resolve forwarding path from virtual netdevice and HW destination address, Pablo Neira Ayuso
- [PATCH net-next,v5 8/9] netfilter: flowtable: add vlan support, Pablo Neira Ayuso
- [PATCH net-next,v5 9/9] selftests: netfilter: flowtable bridge and VLAN support, Pablo Neira Ayuso
- [PATCH net-next,v5 7/9] netfilter: flowtable: use dev_fill_forward_path() to obtain egress device, Pablo Neira Ayuso
- [PATCH net-next,v5 6/9] netfilter: flowtable: use dev_fill_forward_path() to obtain ingress device, Pablo Neira Ayuso
- [PATCH net-next,v5 2/9] netfilter: flowtable: add xmit path types, Pablo Neira Ayuso
- [PATCH net-next,v5 5/9] bridge: resolve forwarding path for bridge devices, Pablo Neira Ayuso
- <Possible follow-ups>
- Re: [PATCH net-next,v5 0/9] netfilter: flowtable bridge and vlan enhancements, Alexander Lobakin
- Re: [PATCH net-next,v5 0/9] netfilter: flowtable bridge and vlan enhancements, Alexander Lobakin
[PATCH net v2] ipvs: fix possible memory leak in ip_vs_control_net_init,
Wang Hai
[ANNOUNCE] ipset 7.8 released,
Jozsef Kadlecsik
[PATCH nf] netfilter: nf_tables: avoid false-postive lockdep splat,
Florian Westphal
[PATCH net] ipvs: fix possible memory leak in ip_vs_control_net_init,
Wang Hai
[PATCH net] netfilter: ipset: prevent uninit-value in hash_ip6_add,
Eric Dumazet
[PATCH net v2] ipv6: Remove dependency of ipv6_frag_thdr_truncated on ipv6 module,
Georg Kohmann
WARNING: net/mptcp/protocol.c:719 mptcp_reset_timer+0x40/0x50,
Naresh Kamboju
[PATCH net] ipv6: Remove dependency of ipv6_frag_thdr_truncated on ipv6 module,
Georg Kohmann
[PATCH net-next,v4 0/9] netfilter: flowtable bridge and vlan enhancements,
Pablo Neira Ayuso
- [PATCH net-next,v4 1/9] netfilter: flowtable: add hash offset field to tuple, Pablo Neira Ayuso
- [PATCH net-next,v4 2/9] netfilter: flowtable: add xmit path types, Pablo Neira Ayuso
- [PATCH net-next,v4 4/9] net: 8021q: resolve forwarding path for vlan devices, Pablo Neira Ayuso
- [PATCH net-next,v4 7/9] netfilter: flowtable: use dev_fill_forward_path() to obtain egress device, Pablo Neira Ayuso
- [PATCH net-next,v4 5/9] bridge: resolve forwarding path for bridge devices, Pablo Neira Ayuso
- [PATCH net-next,v4 9/9] selftests: netfilter: flowtable bridge and VLAN support, Pablo Neira Ayuso
- [PATCH net-next,v4 8/9] netfilter: flowtable: add vlan support, Pablo Neira Ayuso
- [PATCH net-next,v4 6/9] netfilter: flowtable: use dev_fill_forward_path() to obtain ingress device, Pablo Neira Ayuso
- [PATCH net-next,v4 3/9] net: resolve forwarding path from virtual netdevice and HW destination address, Pablo Neira Ayuso
Re: linux-next: Tree for Nov 18 (net/ipv6/netfilter/nf_conntrack_reasm.o), Randy Dunlap
Re: [PATCH 5.9 000/255] 5.9.9-rc1 review,
Naresh Kamboju
[iptables PATCH 1/2] iptables-test.py: Accept multiple test files on commandline,
Phil Sutter
[iptables PATCH] ebtables: Fix for broken chain renaming,
Phil Sutter
Issues w/ db-ip country database,
Philip Prindeville
[iptables PATCH 0/3] Merge some common code,
Phil Sutter
[PATCH net-next v2] net: openvswitch: Be liberal in tcp conntrack.,
nusiddiq
[PATCH] ipvs: replace atomic_add_return(),
Yejune Deng
[PATCH net-next] netfilter: nf_reject: bridge: fix build errors due to code movement,
Randy Dunlap
[PATCH] tests: py: update format of registers in bitwise payloads.,
Jeremy Sowden
[PATCH] netfilter: nfnl_acct: remove data from struct net,
Wang Shanker
[PATCH libnftnl 0/1] Bitwise dump format fix.,
Jeremy Sowden
[PATCH nf] x_tables: Properly close read section with read_seqcount_retry,
Sean Tranchetti
[PATCH nf,v2 1/2] netfilter: nftables_offload: set address type in control dissector,
Pablo Neira Ayuso
[PATCH net-next,v3 0/9] netfilter: flowtable bridge and vlan enhancements,
Pablo Neira Ayuso
- [PATCH net-next,v3 4/9] net: 8021q: resolve forwarding path for vlan devices, Pablo Neira Ayuso
- [PATCH net-next,v3 1/9] netfilter: flowtable: add hash offset field to tuple, Pablo Neira Ayuso
- [PATCH net-next,v3 2/9] netfilter: flowtable: add xmit path types, Pablo Neira Ayuso
- [PATCH net-next,v3 7/9] netfilter: flowtable: use dev_fill_forward_path() to obtain egress device, Pablo Neira Ayuso
- [PATCH net-next,v3 8/9] netfilter: flowtable: add vlan support, Pablo Neira Ayuso
- [PATCH net-next,v3 9/9] selftests: netfilter: flowtable bridge and VLAN support, Pablo Neira Ayuso
- [PATCH net-next,v3 6/9] netfilter: flowtable: use dev_fill_forward_path() to obtain ingress device, Pablo Neira Ayuso
- [PATCH net-next,v3 5/9] bridge: resolve forwarding path for bridge devices, Pablo Neira Ayuso
- [PATCH net-next,v3 3/9] net: resolve forwarding path from virtual netdevice and HW destination address, Pablo Neira Ayuso
- Re: [PATCH net-next,v3 0/9] netfilter: flowtable bridge and vlan enhancements, Jakub Kicinski
[PATCH net v4] ipv6/netfilter: Discard first fragment not including all headers,
Georg Kohmann
[iptables PATCH] tests/shell: Add test for bitwise avoidance fixes, Phil Sutter
[nft PATCH] proto: Fix ARP header field ordering, Phil Sutter
Re: [PATCH v22 06/23] LSM: Use lsmblob in security_secid_to_secctx, James Morris
Re: [PATCH v22 05/23] LSM: Use lsmblob in security_secctx_to_secid, James Morris
Re: [net-next] netfiler: conntrack: Add the option to set ct tcp flag - BE_LIBERAL per-ct basis.,
Jakub Kicinski
[PATCH v2 0/4] conntrack: accept commands from file + tests,
Mikhail Sennikovsky
[PATCH] tests: py: remove duplicate payloads.,
Jeremy Sowden
[PATCH net v3] ipv6/netfilter: Discard first fragment not including all headers,
Georg Kohmann
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
