Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH nft] src: Support netdev egress hook, (continued)
[PATCH nf-next 0/3] Netfilter egress hook, Lukas Wunner
- [PATCH nf-next 1/3] netfilter: Rename ingress hook include file, Lukas Wunner
- [PATCH nf-next 3/3] netfilter: Introduce egress hook, Lukas Wunner
  - Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Daniel Borkmann
    - Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Lukas Wunner
      - Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Daniel Borkmann
    - Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Pablo Neira Ayuso
      - Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Daniel Borkmann
        
        Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Pablo Neira Ayuso
        
        Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Laura Garcia
        
        Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Lukas Wunner
        
        Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Pablo Neira Ayuso
        
        Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Daniel Borkmann
        
        Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Lukas Wunner
        
        Re: [PATCH nf-next 3/3] netfilter: Introduce egress hook, Lukas Wunner
- [PATCH nf-next 2/3] netfilter: Generalize ingress hook, Lukas Wunner
- Re: [PATCH nf-next 0/3] Netfilter egress hook, Pablo Neira Ayuso
[PATCH 4/8] netfilter: Add missing annotation for ctnetlink_parse_nat_setup(), Jules Irenge
- Re: [PATCH 4/8] netfilter: Add missing annotation for ctnetlink_parse_nat_setup(), Pablo Neira Ayuso
[PATCH 5/8] netfilter: conntrack: Add missing annotations for nf_conntrack_all_lock() and nf_conntrack_all_unlock(), Jules Irenge
- Re: [PATCH 5/8] netfilter: conntrack: Add missing annotations for nf_conntrack_all_lock() and nf_conntrack_all_unlock(), Pablo Neira Ayuso
[nft PATCH] tests/py: Move tcpopt.t to any/ directory, Phil Sutter
- Re: [nft PATCH] tests/py: Move tcpopt.t to any/ directory, Florian Westphal
Re: Restoring rulesets containing dynamic sets with counters, Pablo Neira Ayuso
- Re: Restoring rulesets containing dynamic sets with counters, Frank Myhr
  - Re: Restoring rulesets containing dynamic sets with counters, Frank Myhr
[PATCH nft] parser_bison: fix rshift statement expression., Jeremy Sowden
- Re: [PATCH nft] parser_bison: fix rshift statement expression., Pablo Neira Ayuso
shift_stmt_expr grammar question, Jeremy Sowden
- Re: shift_stmt_expr grammar question, Pablo Neira Ayuso
[PATCH nf-next v2 0/6] nft_set_pipapo: Performance improvements: Season 1, Stefano Brivio
- [PATCH nf-next v2 1/6] nft_set_pipapo: Generalise group size for buckets, Stefano Brivio
- [PATCH nf-next v2 2/6] nft_set_pipapo: Add support for 8-bit lookup groups and dynamic switch, Stefano Brivio
- [PATCH nf-next v2 3/6] nft_set_pipapo: Prepare for vectorised implementation: alignment, Stefano Brivio
- [PATCH nf-next v2 4/6] nft_set_pipapo: Prepare for vectorised implementation: helpers, Stefano Brivio
- [PATCH nf-next v2 6/6] nft_set_pipapo: Prepare for single ranged field usage, Stefano Brivio
- [PATCH nf-next v2 5/6] nft_set_pipapo: Introduce AVX2-based lookup implementation, Stefano Brivio
- Re: [PATCH nf-next v2 0/6] nft_set_pipapo: Performance improvements: Season 1, Pablo Neira Ayuso
[nft PATCH v2 1/2] parser_json: Support ranges in concat expressions, Phil Sutter
- [nft PATCH v2 2/2] tests/py: Add tests involving concatenated ranges, Phil Sutter
  - Re: [nft PATCH v2 2/2] tests/py: Add tests involving concatenated ranges, Stefano Brivio
- Re: [nft PATCH v2 1/2] parser_json: Support ranges in concat expressions, Eric Garver
[nft PATCH] tests/py: Fix JSON output for changed timezone, Phil Sutter
[PATCH nf] netfilter: nf_tables: missing module ownership in chain type definitions, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: nf_tables: missing module ownership in chain type definitions, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_chain_nat: inet family is missing module ownership, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: nft_chain_nat: inet family is missing module ownership, Florian Westphal
[nft PATCH] parser_json: Support ranges in concat expressions, Phil Sutter
- Re: [nft PATCH] parser_json: Support ranges in concat expressions, Eric Garver
  - Re: [nft PATCH] parser_json: Support ranges in concat expressions, Phil Sutter
[PATCH nft] tests: Introduce test for insertion of overlapping and non-overlapping ranges, Stefano Brivio
- Re: [PATCH nft] tests: Introduce test for insertion of overlapping and non-overlapping ranges, Pablo Neira Ayuso
[PATCH nf 0/4] nftables: Consistently report partial and entire set overlaps, Stefano Brivio
- [PATCH nf 1/4] nf_tables: Allow set back-ends to report partial overlaps on insertion, Stefano Brivio
- [PATCH nf 2/4] nft_set_pipapo: Separate partial and complete overlap cases on insertion, Stefano Brivio
- [PATCH nf 3/4] nft_set_rbtree: Introduce and use nft_rbtree_interval_start(), Stefano Brivio
- [PATCH nf 4/4] nft_set_rbtree: Detect partial overlaps on insertion, Stefano Brivio
  - Re: [PATCH nf 4/4] nft_set_rbtree: Detect partial overlaps on insertion, Pablo Neira Ayuso
    - Re: [PATCH nf 4/4] nft_set_rbtree: Detect partial overlaps on insertion, Stefano Brivio
[PATCH AUTOSEL 5.4 24/58] netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports, Sasha Levin
[PATCH AUTOSEL 5.4 25/58] netfilter: ipset: Fix forceadd evaluation path, Sasha Levin
[PATCH AUTOSEL 5.5 29/67] netfilter: ipset: Fix forceadd evaluation path, Sasha Levin
[PATCH AUTOSEL 5.5 28/67] netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports, Sasha Levin
[PATCH nft 0/4] Help and getopt improvements, Jeremy Sowden
- [PATCH nft 3/4] main: interpolate default include path into help format-string., Jeremy Sowden
- [PATCH nft 2/4] main: include '--reversedns' in help., Jeremy Sowden
- [PATCH nft 1/4] main: include '-d' in help., Jeremy Sowden
- [PATCH nft 4/4] main: use one data-structure to initialize getopt_long(3) arguments and help., Jeremy Sowden
- Re: [PATCH nft 0/4] Help and getopt improvements, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: fix infinite loop when expr is not available, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: fix infinite loop when expr is not available, Pablo Neira Ayuso
[iptables PATCH v2] connlabel: Allow numeric labels even if connlabel.conf exists, Phil Sutter
[iptables PATCH] connlabel: Allow numeric labels even if connlabel.conf exists, Phil Sutter
- Re: [iptables PATCH] connlabel: Allow numeric labels even if connlabel.conf exists, Florian Westphal
  - Re: [iptables PATCH] connlabel: Allow numeric labels even if connlabel.conf exists, Phil Sutter
[PATCH nft] main: add more information to `nft -V`., Pablo Neira Ayuso
- Re: [PATCH nft] main: add more information to `nft -V`., Jeremy Sowden
  - Re: [PATCH nft] main: add more information to `nft -V`., Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: dump NFTA_CHAIN_FLAGS attribute, Pablo Neira Ayuso
[PATCH nft] src: support for offload chain flags, Pablo Neira Ayuso
[PATCH libnftnl] chain: add NFTNL_CHAIN_FLAGS, Pablo Neira Ayuso
[PATCH nft v3 00/18] Support for boolean binops with variable RHS operands., Jeremy Sowden
- [PATCH nft v3 01/18] evaluate: add separate variables for lshift and xor binops., Jeremy Sowden
- [PATCH nft v3 02/18] evaluate: simplify calculation of payload size., Jeremy Sowden
- [PATCH nft v3 06/18] netlink_delinearize: set shift RHS byte-order., Jeremy Sowden
- [PATCH nft v3 03/18] evaluate: don't evaluate payloads twice., Jeremy Sowden
- [PATCH nft v3 07/18] src: fix leaks., Jeremy Sowden
- [PATCH nft v3 08/18] include: update nf_tables.h., Jeremy Sowden
- [PATCH nft v3 04/18] evaluate: convert the byte-order of payload statement arguments., Jeremy Sowden
- [PATCH nft v3 09/18] src: support (de)linearization of bitwise op's with variable right operands., Jeremy Sowden
- [PATCH nft v3 05/18] evaluate: no need to swap byte-order for values of fewer than 16 bits., Jeremy Sowden
- [PATCH nft v3 14/18] netlink_delinearize: add support for processing variable payload statement arguments., Jeremy Sowden
- [PATCH nft v3 15/18] netlink_delinearize: add postprocessing for payload binops., Jeremy Sowden
- [PATCH nft v3 16/18] tests: shell: remove stray debug flag., Jeremy Sowden
- [PATCH nft v3 13/18] netlink_delinearize: refactor stmt_payload_binop_postprocess., Jeremy Sowden
- [PATCH nft v3 18/18] tests: py: add variable binop RHS tests., Jeremy Sowden
  - Re: [PATCH nft v3 18/18] tests: py: add variable binop RHS tests., Pablo Neira Ayuso
    - Re: [PATCH nft v3 18/18] tests: py: add variable binop RHS tests., Jeremy Sowden
      - Re: [PATCH nft v3 18/18] tests: py: add variable binop RHS tests., Pablo Neira Ayuso
        
        Re: [PATCH nft v3 18/18] tests: py: add variable binop RHS tests., Jeremy Sowden
        
        Re: [PATCH nft v3 18/18] tests: py: add variable binop RHS tests., Pablo Neira Ayuso
        
        Re: [PATCH nft v3 18/18] tests: py: add variable binop RHS tests., Jeremy Sowden
- [PATCH nft v3 12/18] netlink_delinearize: fix typo., Jeremy Sowden
- [PATCH nft v3 17/18] tests: shell: add variable binop RHS tests., Jeremy Sowden
- [PATCH nft v3 11/18] evaluate: don't clobber binop bitmask lengths., Jeremy Sowden
- [PATCH nft v3 10/18] evaluate: allow boolean binop expressions with variable righthand arguments., Jeremy Sowden
- Re: [PATCH nft v3 00/18] Support for boolean binops with variable RHS operands., Florian Westphal
  - Re: [PATCH nft v3 00/18] Support for boolean binops with variable RHS operands., Jeremy Sowden
Re: + seq_read-info-message-about-buggy-next-functions.patch added to -mm tree, Vasily Averin
[PATCH netfilter 0/3] netfilter: add missing attribute validation, Jakub Kicinski
- [PATCH netfilter 2/3] netfilter: add missing attribute validation for payload csum flags, Jakub Kicinski
- [PATCH netfilter 3/3] netfilter: nf_tables: add missing attribute validation for tunnels, Jakub Kicinski
- [PATCH netfilter 1/3] netfilter: add missing attribute validation for cthelper, Jakub Kicinski
- Re: [PATCH netfilter 0/3] netfilter: add missing attribute validation, Pablo Neira Ayuso
[PATCH nft v2 00/18] Support for boolean binops with variable RHS operands., Jeremy Sowden
- [PATCH nft v2 02/18] evaluate: simplify calculation of payload size., Jeremy Sowden
- [PATCH nft v2 01/18] evaluate: add separate variables for lshift and xor binops., Jeremy Sowden
- [PATCH nft v2 03/18] evaluate: don't evaluate payloads twice., Jeremy Sowden
- [PATCH nft v2 06/18] netlink_delinearize: set shift RHS byte-order., Jeremy Sowden
- [PATCH nft v2 08/18] include: update nf_tables.h., Jeremy Sowden
- [PATCH nft v2 07/18] src: fix leaks., Jeremy Sowden
- [PATCH nft v2 05/18] evaluate: no need to swap byte-order for values of fewer than 16 bits., Jeremy Sowden
- [PATCH nft v2 09/18] src: support (de)linearization of bitwise op's with variable right operands., Jeremy Sowden
- [PATCH nft v2 04/18] evaluate: convert the byte-order of payload statement arguments., Jeremy Sowden
- [PATCH nft v2 15/18] netlink_delinearize: add postprocessing for payload binops., Jeremy Sowden
- [PATCH nft v2 11/18] netlink_linearize: round binop bitmask length up., Jeremy Sowden
  - Re: [PATCH nft v2 11/18] netlink_linearize: round binop bitmask length up., Jeremy Sowden
- [PATCH nft v2 13/18] netlink_delinearize: refactor stmt_payload_binop_postprocess., Jeremy Sowden
- [PATCH nft v2 18/18] tests: py: add variable binop RHS tests., Jeremy Sowden
- [PATCH nft v2 16/18] tests: shell: remove stray debug flag., Jeremy Sowden
- [PATCH nft v2 17/18] tests: shell: add variable binop RHS tests., Jeremy Sowden
- [PATCH nft v2 10/18] evaluate: allow boolean binop expressions with variable righthand arguments., Jeremy Sowden
- [PATCH nft v2 12/18] netlink_delinearize: fix typo., Jeremy Sowden
- [PATCH nft v2 14/18] netlink_delinearize: add support for processing variable payload statement arguments., Jeremy Sowden
[PATCH nf] netfilter: nf_tables: free flowtable hooks on hook register error, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: free flowtable hooks on hook register error, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: nf_tables: free flowtable hooks on hook register error, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_tables: free flowtable hooks on hook register error, Florian Westphal
  - Re: [PATCH nf] netfilter: nf_tables: free flowtable hooks on hook register error, Pablo Neira Ayuso
memory leak in nf_tables_parse_netdev_hooks (2), syzbot
[iptables PATCH 0/4] Fix for iptables-nft-restore under pressure, Phil Sutter
- [iptables PATCH 3/4] nft: cache: Simplify chain list allocation, Phil Sutter
- [iptables PATCH 2/4] nft: cache: Make nft_rebuild_cache() respect fake cache, Phil Sutter
  - Re: [iptables PATCH 2/4] nft: cache: Make nft_rebuild_cache() respect fake cache, Pablo Neira Ayuso
    - Re: [iptables PATCH 2/4] nft: cache: Make nft_rebuild_cache() respect fake cache, Phil Sutter
- [iptables PATCH 1/4] nft: cache: Fix nft_release_cache() under stress, Phil Sutter
  - Re: [iptables PATCH 1/4] nft: cache: Fix nft_release_cache() under stress, Pablo Neira Ayuso
    - Re: [iptables PATCH 1/4] nft: cache: Fix nft_release_cache() under stress, Phil Sutter
      - Re: [iptables PATCH 1/4] nft: cache: Fix nft_release_cache() under stress, Pablo Neira Ayuso
        
        Re: [iptables PATCH 1/4] nft: cache: Fix nft_release_cache() under stress, Phil Sutter
        
        Re: [iptables PATCH 1/4] nft: cache: Fix nft_release_cache() under stress, Pablo Neira Ayuso
- [iptables PATCH 4/4] nft: cache: Review flush_cache(), Phil Sutter
  - Re: [iptables PATCH 4/4] nft: cache: Review flush_cache(), Pablo Neira Ayuso
    - Re: [iptables PATCH 4/4] nft: cache: Review flush_cache(), Phil Sutter
general protection fault in gc_worker, syzbot
0x14: COVID-19 update, postponement of Netdev conf 0x14, Jamal Hadi Salim
Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Pablo Neira Ayuso
- Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Jiri Pirko
  - Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Pablo Neira Ayuso
    - Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Jiri Pirko
    - Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Edward Cree
      - Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Pablo Neira Ayuso
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Jakub Kicinski
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Pablo Neira Ayuso
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Jakub Kicinski
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Pablo Neira Ayuso
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Jakub Kicinski
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Edward Cree
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Jakub Kicinski
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Pablo Neira Ayuso
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Edward Cree
        
        Re: [patch net-next v2 01/12] flow_offload: Introduce offload of HW stats type, Pablo Neira Ayuso
[PATCH nft 00/18] Support for boolean binops with variable RHS operands., Jeremy Sowden
- [PATCH nft 08/18] include: update nf_tables.h., Jeremy Sowden
- [PATCH nft 07/18] src: fix leaks., Jeremy Sowden
- [PATCH nft 09/18] src: support (de)linearization of bitwise op's with variable right operands., Jeremy Sowden
- [PATCH nft 01/18] evaluate: add separate variables for lshift and xor binops., Jeremy Sowden
- [PATCH nft 02/18] evaluate: simplify calculation of payload size., Jeremy Sowden
- [PATCH nft 03/18] evaluate: don't evaluate payloads twice., Jeremy Sowden
- [PATCH nft 05/18] evaluate: no need to swap byte-order for values of fewer than 16 bits., Jeremy Sowden
  - Re: [PATCH nft 05/18] evaluate: no need to swap byte-order for values of fewer than 16 bits., Jeremy Sowden
- [PATCH nft 06/18] netlink_delinearize: set shift RHS byte-order., Jeremy Sowden
- [PATCH nft 04/18] evaluate: convert the byte-order of payload statement arguments., Jeremy Sowden
- [PATCH nft 11/18] netlink_linearize: round binop bitmask length up., Jeremy Sowden
- [PATCH nft 18/18] tests: py: add variable binop RHS tests., Jeremy Sowden
- [PATCH nft 17/18] tests: shell: add variable binop RHS tests., Jeremy Sowden
- [PATCH nft 13/18] netlink_delinearize: refactor stmt_payload_binop_postprocess., Jeremy Sowden
- [PATCH nft 14/18] netlink_delinearize: add support for processing variable payload statement arguments., Jeremy Sowden
- [PATCH nft 10/18] evaluate: allow boolean binop expressions with variable righthand arguments., Jeremy Sowden
- [PATCH nft 15/18] netlink_delinearize: add postprocessing for payload binops., Jeremy Sowden
- [PATCH nft 12/18] netlink_delinearize: fix typo., Jeremy Sowden
- [PATCH nft 16/18] tests: shell: remove stray debug flag., Jeremy Sowden
Ipv6 address in concatenation, Serguei Bezverkhi (sbezverk)
- Re: Ipv6 address in concatenation, Phil Sutter
- Re: Ipv6 address in concatenation, Florian Westphal
  - Re: Ipv6 address in concatenation, Florian Westphal
  - Re: Ipv6 address in concatenation, Serguei Bezverkhi (sbezverk)
    - Re: Ipv6 address in concatenation, Florian Westphal
[PATCH net] netlink: Use netlink header as base to calculate bad attribute offset, Pablo Neira Ayuso
- Re: [PATCH net] netlink: Use netlink header as base to calculate bad attribute offset, David Miller
[PATCH nft 1/2] expressions: concat: add typeof support, Florian Westphal
- [PATCH nft 2/2] tests: update nat_addr_port with typeof+concat maps, Florian Westphal
- Re: [PATCH nft 1/2] expressions: concat: add typeof support, Pablo Neira Ayuso
Null Pointer Dereference in nf_nat, Alex Buie
[PATCH] netfilter: clean up some indenting, Dan Carpenter
- Re: [PATCH] netfilter: clean up some indenting, Pablo Neira Ayuso
[PATCH nf] netfilter: ensure rcu_read_lock() in ipv4_find_option(), Matteo Croce
- Re: [PATCH nf] netfilter: ensure rcu_read_lock() in ipv4_find_option(), Florian Westphal
  - Re: [PATCH nf] netfilter: ensure rcu_read_lock() in ipv4_find_option(), Matteo Croce
    - Re: [PATCH nf] netfilter: ensure rcu_read_lock() in ipv4_find_option(), Matteo Croce
[PATCH 7/6 nft,v2] src: nat concatenation support with anonymous maps, Pablo Neira Ayuso
- [PATCH 8/6 nft,v2] tests: shell: adjust tests to new nat concatenation syntax, Pablo Neira Ayuso
[PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
- Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
  - Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
    - Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
      - Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Phil Sutter
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Stefano Brivio
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Jozsef Kadlecsik
        
        Re: [PATCH] ipset: Update byte and packet counters regardless of whether they match, Phil Sutter
[PATCH libnftnl 0/3] bitwise: support for passing mask and xor via registers, Jeremy Sowden
- [PATCH libnftnl 2/3] include: update nf_tables.h., Jeremy Sowden
- [PATCH libnftnl 1/3] tests: bitwise: fix error message., Jeremy Sowden
- [PATCH libnftnl 3/3] bitwise: add support for passing mask and xor via registers., Jeremy Sowden
- Re: [PATCH libnftnl 0/3] bitwise: support for passing mask and xor via registers, Pablo Neira Ayuso
[PATCH nft 7/6] src: nat concatenation support with anonymous maps, Pablo Neira Ayuso
[PATCH nf-next 0/2] netfilter: bitwise: support variable RHS operands, Jeremy Sowden
- [PATCH nf-next 2/2] netfilter: bitwise: add support for passing mask and xor values in registers., Jeremy Sowden
- [PATCH nf-next 1/2] netfilter: bitwise: use more descriptive variable-names., Jeremy Sowden
- Re: [PATCH nf-next 0/2] netfilter: bitwise: support variable RHS operands, Pablo Neira Ayuso
[PATCH nf-next v5 0/4] netfilter: flowtable: add indr-block offload, wenxu
- [PATCH nf-next v5 1/4] netfilter: flowtable: add nf_flow_table_block_offload_init(), wenxu
- [PATCH nf-next v5 3/4] netfilter: flowtable: add tunnel match offload support, wenxu
- [PATCH nf-next v5 2/4] netfilter: flowtable: add indr block setup support, wenxu
- [PATCH nf-next v5 4/4] netfilter: flowtable: add tunnel encap/decap action offload support, wenxu
- Re: [PATCH nf-next v5 0/4] netfilter: flowtable: add indr-block offload, wenxu
- Re: [PATCH nf-next v5 0/4] netfilter: flowtable: add indr-block offload, Pablo Neira Ayuso
  - Re: [PATCH nf-next v5 0/4] netfilter: flowtable: add indr-block offload, wenxu
    - Re: [PATCH nf-next v5 0/4] netfilter: flowtable: add indr-block offload, Pablo Neira Ayuso
[PATCH nft 0/6] allow s/dnat to map to both addr and port, Florian Westphal
- [PATCH nft 1/6] tests: add initial nat map test, Florian Westphal
- [PATCH nft 2/6] evaluate: process concat expressions when used as mapped-to expr, Florian Westphal
- [PATCH nft 3/6] netlink: handle concatenations on set elements mappings, Florian Westphal
- [PATCH nft 4/6] evaluate: add two new helpers, Florian Westphal
- [PATCH nft 5/6] src: allow nat maps containing both ip(6) address and port, Florian Westphal
- [PATCH nft 6/6] tests: nat: add and use maps with both address and service, Florian Westphal
  - Re: [PATCH nft 6/6] tests: nat: add and use maps with both address and service, Pablo Neira Ayuso
- Re: [PATCH nft 0/6] allow s/dnat to map to both addr and port, Pablo Neira Ayuso
  - Re: [PATCH nft 0/6] allow s/dnat to map to both addr and port, Pablo Neira Ayuso
[PATCH libnetfilter_queue] src: add nfq_get_skbinfo(), Florian Westphal
- Re: [PATCH libnetfilter_queue] src: add nfq_get_skbinfo(), Duncan Roe
  - Re: [PATCH libnetfilter_queue] src: add nfq_get_skbinfo(), Florian Westphal
    - Re: [PATCH libnetfilter_queue] src: add nfq_get_skbinfo(), Duncan Roe
[PATCH nf-next 0/5] nft_set_pipapo: Performance improvements: Season 1, Stefano Brivio
- [PATCH nf-next 1/5] nft_set_pipapo: Generalise group size for buckets, Stefano Brivio
- [PATCH nf-next 2/5] nft_set_pipapo: Add support for 8-bit lookup groups and dynamic switch, Stefano Brivio
- [PATCH nf-next 4/5] nft_set_pipapo: Prepare for vectorised implementation: helpers, Stefano Brivio
- [PATCH nf-next 3/5] nft_set_pipapo: Prepare for vectorised implementation: alignment, Stefano Brivio
  - Re: [PATCH nf-next 3/5] nft_set_pipapo: Prepare for vectorised implementation: alignment, Florian Westphal
    - Re: [PATCH nf-next 3/5] nft_set_pipapo: Prepare for vectorised implementation: alignment, Stefano Brivio
      - Re: [PATCH nf-next 3/5] nft_set_pipapo: Prepare for vectorised implementation: alignment, Florian Westphal
    - Re: [PATCH nf-next 3/5] nft_set_pipapo: Prepare for vectorised implementation: alignment, Stefano Brivio
- [PATCH nf-next 5/5] nft_set_pipapo: Introduce AVX2-based lookup implementation, Stefano Brivio
  - Re: [PATCH nf-next 5/5] nft_set_pipapo: Introduce AVX2-based lookup implementation, Florian Westphal
[PATCH 1/2] netfilter: Pass lockdep expression to __instance_lookup traversal, Amol Grover
- [PATCH 2/2] netfilter: Pass lockdep expression to instance_lookup traversal, Amol Grover
[PATCH nft] expression: use common code for expr_ops/expr_ops_by_type, Florian Westphal
[ANNOUNCE] ipset 7.6 released, Jozsef Kadlecsik
KMSAN: uninit-value in nf_flow_table_offload_setup, syzbot
[iptables PATCH] iptables-test.py: Fix --host mode, Phil Sutter
[iptables PATCH 1/3] xtables: Align effect of -4/-6 options with legacy, Phil Sutter
- [iptables PATCH 2/3] xtables: Drop -4 and -6 support from xtables-{save,restore}, Phil Sutter
- [iptables PATCH 3/3] xtables: Review nft_init(), Phil Sutter
- Re: [iptables PATCH 1/3] xtables: Align effect of -4/-6 options with legacy, Pablo Neira Ayuso
[PATCH] ulogd: printpkt: always print IPv6 protocol, Andreas Jaggi
- Re: [PATCH] ulogd: printpkt: always print IPv6 protocol, Pablo Neira Ayuso
[PATCH nf] selftests: nft_concat_range: Move option for 'list ruleset' before command, Stefano Brivio
- Re: [PATCH nf] selftests: nft_concat_range: Move option for 'list ruleset' before command, Pablo Neira Ayuso
[PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
- [PATCH nf 1/2] nft_set_pipapo: Actually fetch key data in nft_pipapo_remove(), Stefano Brivio
- [PATCH nf 2/2] selftests: nft_concat_range: Add test for reported add/flush/add issue, Stefano Brivio
- Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Phil Sutter
  - Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
    - Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Phil Sutter
      - Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Phil Sutter
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Stefano Brivio
        
        Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
- Re: [PATCH nf 0/2] nft_set_pipapo: Fix crash due to dangling entries in mapping table, Pablo Neira Ayuso
[PATCH 1/2] parser_json: fix parsing prefix inside concat, Eric Garver
- [PATCH 2/2] tests: shell: json parsing prefix inside concat, Eric Garver
- Re: [PATCH 1/2] parser_json: fix parsing prefix inside concat, Eric Garver
[PATCH][next] netfilter: Replace zero-length array with flexible-array member, Gustavo A. R. Silva
- Re: [PATCH][next] netfilter: Replace zero-length array with flexible-array member, Pablo Neira Ayuso
  - Re: [PATCH][next] netfilter: Replace zero-length array with flexible-array member, Gustavo A. R. Silva
[PATCH][nf-next] netfilter: cleanup unused macro, Li RongQing
- Re: [PATCH][nf-next] netfilter: cleanup unused macro, Pablo Neira Ayuso
[PATCH nft 2/2,v2] mnl: do not use expr->identifier to fetch device name, Pablo Neira Ayuso
[PATCH nft 1/2] parser_bison: memleak in device parser, Pablo Neira Ayuso
- [PATCH nft 2/2] mnl: do not use expr->identifier to fetch device name, Pablo Neira Ayuso
[PATCH nft 1/3] mnl: extended error support for create command, Pablo Neira Ayuso
- [PATCH nft 2/3] src: improve error reporting when setting policy on non-base chain, Pablo Neira Ayuso
- [PATCH nft 3/3] src: improve error reporting when remove rules, Pablo Neira Ayuso
[libnftnl PATCH] src: Fix for reading garbage in nftnl_chain getters, Phil Sutter
[PATCH] netfilter: ipt_CLUSTERIP: Pass lockdep expression to RCU lists, Amol Grover
- Re: [PATCH] netfilter: ipt_CLUSTERIP: Pass lockdep expression to RCU lists, Pablo Neira Ayuso
[PATCH libnftnl] src: add nftnl_*_{get,set}_array(), Pablo Neira Ayuso
- Re: [PATCH libnftnl] src: add nftnl_*_{get,set}_array(), Phil Sutter
[PATCH nft] src: combine extended netlink error reporting with mispelling support, Pablo Neira Ayuso
[PATCH nf-next v2 0/2] netfilter: nf_tables: make sets built-in, Florian Westphal
- [PATCH nf-next v2 1/2] netfilter: nf_tables: make sets built-in, Florian Westphal
- [PATCH nf-next v2 2/2] netfilter: nf_tables: make all set structs const, Florian Westphal
- Re: [PATCH nf-next v2 0/2] netfilter: nf_tables: make sets built-in, Pablo Neira Ayuso
[PATCH nft] src: initial extended netlink error reporting, Pablo Neira Ayuso
[PATCH][next] netfilter: ebtables: Replace zero-length array with flexible-array member, Gustavo A. R. Silva
Strange nf_conntrack_tcp_timeout_established behavior, FUSTE Emmanuel
- Re: Strange nf_conntrack_tcp_timeout_established behavior, FUSTE Emmanuel
[iptables PATCH] nft: Drop pointless assignment, Phil Sutter
- Re: [iptables PATCH] nft: Drop pointless assignment, Pablo Neira Ayuso
[PATCH nf-next 0/2] netfilter: nf_tables: make sets built-in, Florian Westphal
- [PATCH nf-next 1/2] netfilter: nf_tables: make sets built-in, Florian Westphal
- [PATCH nf-next 2/2] netfilter: nf_tables: make all set structs const, Florian Westphal
  - Re: [PATCH nf-next 2/2] netfilter: nf_tables: make all set structs const, Stefano Brivio
    - Re: [PATCH nf-next 2/2] netfilter: nf_tables: make all set structs const, Florian Westphal
[PATCH] netfilter: ipset: Pass lockdep expression to RCU lists, Amol Grover
- Re: [PATCH] netfilter: ipset: Pass lockdep expression to RCU lists, Amol Grover
- Re: [PATCH] netfilter: ipset: Pass lockdep expression to RCU lists, Pablo Neira Ayuso
0x14: Schedule out!, Jamal Hadi Salim
[PATCH AUTOSEL 5.5 126/542] netfilter: flowtable: Fix hardware flush order on nf_flow_table_cleanup, Sasha Levin
[PATCH AUTOSEL 5.5 125/542] netfilter: flowtable: Fix missing flush hardware on table free, Sasha Levin
[PATCH AUTOSEL 5.5 220/542] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy, Sasha Levin
[PATCH AUTOSEL 5.5 386/542] netfilter: flowtable: restrict flow dissector match on meta ingress device, Sasha Levin
[PATCH AUTOSEL 5.4 193/459] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy, Sasha Levin
[libnftnl PATCH] src: Fix nftnl_assert() on data_len, Phil Sutter
- Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Pablo Neira Ayuso
  - Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Phil Sutter
    - Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Pablo Neira Ayuso
      - Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Phil Sutter
        
        Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Pablo Neira Ayuso
        
        Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Phil Sutter
        
        Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Pablo Neira Ayuso
        
        Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Phil Sutter
        
        Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Pablo Neira Ayuso
        
        Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Phil Sutter
        
        Re: [libnftnl PATCH] src: Fix nftnl_assert() on data_len, Pablo Neira Ayuso
[PATCH nf-next 0/2] Two non-functional fixes for nft_set_pipapo, Stefano Brivio
- [PATCH nf-next 1/2] netfilter: nft_set_pipapo: Fix mapping table example in comments, Stefano Brivio
- [PATCH nf-next 2/2] netfilter: nft_set_pipapo: Don't abuse unlikely() in pipapo_refill(), Stefano Brivio
- Re: [PATCH nf-next 0/2] Two non-functional fixes for nft_set_pipapo, Pablo Neira Ayuso
- Re: [PATCH nf-next 0/2] Two non-functional fixes for nft_set_pipapo, Pablo Neira Ayuso
[PATCH AUTOSEL 4.19 100/252] netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy, Sasha Levin
[PATCH nft v5] tests: Introduce test for set with concatenated ranges, Stefano Brivio
- Re: [PATCH nft v5] tests: Introduce test for set with concatenated ranges, Phil Sutter
- Re: [PATCH nft v5] tests: Introduce test for set with concatenated ranges, Pablo Neira Ayuso
[iptables PATCH] ebtables: among: Support mixed MAC and MAC/IP entries, Phil Sutter
- Re: [iptables PATCH] ebtables: among: Support mixed MAC and MAC/IP entries, Pablo Neira Ayuso
  - Re: [iptables PATCH] ebtables: among: Support mixed MAC and MAC/IP entries, Phil Sutter
Thank you for your fundamental work!, Max Mehl
Proposing to add a structure to UserData, sbezverk
- Re: Proposing to add a structure to UserData, Florian Westphal
  - Re: Proposing to add a structure to UserData, sbezverk
    - Re: Proposing to add a structure to UserData, Phil Sutter
[iptables PATCH] xtables-translate: Fix for iface++, Phil Sutter
- Re: [iptables PATCH] xtables-translate: Fix for iface++, Pablo Neira Ayuso
  - Re: [iptables PATCH] xtables-translate: Fix for iface++, Phil Sutter
[PATCH nft] scanner: use list_is_first() from scanner_pop_indesc(), Pablo Neira Ayuso
[PATCH nft] src: maps: update data expression dtype based on set, Florian Westphal
- Re: [PATCH nft] src: maps: update data expression dtype based on set, Pablo Neira Ayuso
[PATCH nft] tests: shell: validate error reporting with include and glob, Pablo Neira Ayuso
[Patch nf] netfilter: xt_hashlimit: unregister proc file before releasing mutex, Cong Wang
- Re: [Patch nf] netfilter: xt_hashlimit: unregister proc file before releasing mutex, Pablo Neira Ayuso
  - Re: [Patch nf] netfilter: xt_hashlimit: unregister proc file before releasing mutex, Cong Wang
    - Re: [Patch nf] netfilter: xt_hashlimit: unregister proc file before releasing mutex, Pablo Neira Ayuso
      - Re: [Patch nf] netfilter: xt_hashlimit: unregister proc file before releasing mutex, Cong Wang
        
        Re: [Patch nf] netfilter: xt_hashlimit: unregister proc file before releasing mutex, Pablo Neira Ayuso
        
        Re: [Patch nf] netfilter: xt_hashlimit: unregister proc file before releasing mutex, Pablo Neira Ayuso
[iptables PATCH] tests: shell: Fix skip checks with --host mode, Phil Sutter
[PATCH nft 0/4] glob and maximum number of includes, Pablo Neira Ayuso
- [PATCH nft 1/4] scanner: call scanner_push_file() after scanner_push_file(), Pablo Neira Ayuso
- [PATCH nft 2/4] scanner: add indesc_file_alloc() helper function, Pablo Neira Ayuso
- [PATCH nft 3/4] scanner: call scanner_push_indesc() after scanner_push_file(), Pablo Neira Ayuso
- [PATCH nft 4/4] scanner: multi-level input file stack for glob, Pablo Neira Ayuso
- Re: [PATCH nft 0/4] glob and maximum number of includes, Pablo Neira Ayuso
[PATCH v4 net 0/5] icmp: account for NAT when sending icmps from ndo layer, Jason A. Donenfeld
- Re: [PATCH v4 net 0/5] icmp: account for NAT when sending icmps from ndo layer, David Miller
[iptables PATCH] xtables-restore: fix for --noflush and empty lines, Phil Sutter
- Re: [iptables PATCH] xtables-restore: fix for --noflush and empty lines, Arturo Borrero Gonzalez
[PATCH v3 net 0/9] icmp: account for NAT when sending icmps from ndo layer, Jason A. Donenfeld
WARNING: proc registration bug in hashlimit_mt_check_common, syzbot
- Re: WARNING: proc registration bug in hashlimit_mt_check_common, Cong Wang
[PATCH v2 net 0/5] icmp: account for NAT when sending icmps from ndo layer, Jason A. Donenfeld
[iptables PATCH v2] xtables-translate: Fix for interface name corner-cases, Phil Sutter
- Re: [iptables PATCH v2] xtables-translate: Fix for interface name corner-cases, Pablo Neira Ayuso
[nft PATCH v2 1/2] doc: nft.8: Mention wildcard interface matching, Phil Sutter
- [nft PATCH v2 2/2] scanner: Extend asteriskstring definition, Phil Sutter
  - Re: [nft PATCH v2 2/2] scanner: Extend asteriskstring definition, Pablo Neira Ayuso
- Re: [nft PATCH v2 1/2] doc: nft.8: Mention wildcard interface matching, Pablo Neira Ayuso
[PATCH nft include v2 0/7] Improve include behaviour, Laurent Fasnacht
- [PATCH nft include v2 2/7] scanner: move the file descriptor to be in the input_descriptor structure, Laurent Fasnacht
  - Re: [PATCH nft include v2 2/7] scanner: move the file descriptor to be in the input_descriptor structure, Pablo Neira Ayuso
- [PATCH nft include v2 1/7] tests: shell: add test for glob includes, Laurent Fasnacht
  - Re: [PATCH nft include v2 1/7] tests: shell: add test for glob includes, Pablo Neira Ayuso
- [PATCH nft include v2 3/7] scanner: move indesc list append in scanner_push_indesc, Laurent Fasnacht
  - Re: [PATCH nft include v2 3/7] scanner: move indesc list append in scanner_push_indesc, Pablo Neira Ayuso
- [PATCH nft include v2 4/7] scanner: remove parser_state->indescs static array, Laurent Fasnacht
  - Re: [PATCH nft include v2 4/7] scanner: remove parser_state->indescs static array, Pablo Neira Ayuso
    - Re: [PATCH nft include v2 4/7] scanner: remove parser_state->indescs static array, Laurent Fasnacht
  - Re: [PATCH nft include v2 4/7] scanner: remove parser_state->indescs static array, Pablo Neira Ayuso
- [PATCH nft include v2 6/7] scanner: fix indesc_list stack to be in the correct order, Laurent Fasnacht
  - Re: [PATCH nft include v2 6/7] scanner: fix indesc_list stack to be in the correct order, Pablo Neira Ayuso
    - Re: [PATCH nft include v2 6/7] scanner: fix indesc_list stack to be in the correct order, Laurent Fasnacht
- [PATCH nft include v2 5/7] scanner: correctly compute include depth, Laurent Fasnacht
- [PATCH nft include v2 7/7] scanner: remove parser_state->indesc_idx, Laurent Fasnacht
  - Re: [PATCH nft include v2 7/7] scanner: remove parser_state->indesc_idx, Pablo Neira Ayuso
    - Re: [PATCH nft include v2 7/7] scanner: remove parser_state->indesc_idx, Laurent Fasnacht
[PATCH next] nf_tables: make the symbol 'nft_pipapo_get' static, Chen Wandun
- Re: [PATCH next] nf_tables: make the symbol 'nft_pipapo_get' static, Stefano Brivio
[PATCHv2 nf-next] netfilter: nft_tunnel: add support for geneve opts, Xin Long
- Re: [PATCHv2 nf-next] netfilter: nft_tunnel: add support for geneve opts, Pablo Neira Ayuso
[PATCH net 1/5] icmp: introduce helper for NAT'd source address in ndo context, Jason A. Donenfeld
- [PATCH net 2/5] gtp: use icmp_ndo_send helper, Jason A. Donenfeld
- [PATCH net 3/5] sunvnet: use icmp_ndo_send helper, Jason A. Donenfeld
  - Re: [PATCH net 3/5] sunvnet: use icmp_ndo_send helper, David Miller
    - Re: [PATCH net 3/5] sunvnet: use icmp_ndo_send helper, Jason A. Donenfeld
- [PATCH net 4/5] wireguard: use icmp_ndo_send helper, Jason A. Donenfeld
- [PATCH net 5/5] xfrm: interface: use icmp_ndo_send helper, Jason A. Donenfeld
- Re: [PATCH net 1/5] icmp: introduce helper for NAT'd source address in ndo context, Florian Westphal
  - Re: [PATCH net 1/5] icmp: introduce helper for NAT'd source address in ndo context, Jason A. Donenfeld
[PATCH libnetfilter_queue] build: doc: "make" builds & installs a full set of man pages, Duncan Roe
- Re: [PATCH libnetfilter_queue] build: doc: "make" builds & installs a full set of man pages, Pablo Neira Ayuso
  - Re: [PATCH libnetfilter_queue] build: doc: "make" builds & installs a full set of man pages, Florian Westphal
    - Re: [PATCH libnetfilter_queue] build: doc: "make" builds & installs a full set of man pages, Pablo Neira Ayuso
      - Re: [PATCH libnetfilter_queue] build: doc: "make" builds & installs a full set of man pages, Florian Westphal
        
        Re: [PATCH libnetfilter_queue] build: doc: "make" builds & installs a full set of man pages, Pablo Neira Ayuso
[PATCH nft] src: compute mnemonic port name much easier, Jan Engelhardt
- Re: [PATCH nft] src: compute mnemonic port name much easier, Pablo Neira Ayuso
[nft PATCH] doc: nft.8: Describe element commands in their own section, Phil Sutter
- Re: [nft PATCH] doc: nft.8: Describe element commands in their own section, Pablo Neira Ayuso
[iptables PATCH] xtables-translate: Fix for interface name corner-cases, Phil Sutter
- Re: [iptables PATCH] xtables-translate: Fix for interface name corner-cases, Pablo Neira Ayuso
[nft PATCH 1/2] doc: nft.8: Mention wildcard interface matching, Phil Sutter
- [nft PATCH 2/2] scanner: Extend asteriskstring definition, Phil Sutter
  - Re: [nft PATCH 2/2] scanner: Extend asteriskstring definition, Pablo Neira Ayuso
    - Re: [nft PATCH 2/2] scanner: Extend asteriskstring definition, Phil Sutter
      - Re: [nft PATCH 2/2] scanner: Extend asteriskstring definition, Pablo Neira Ayuso
        
        Re: [nft PATCH 2/2] scanner: Extend asteriskstring definition, Phil Sutter
How to continue to use Maxmind geoip csv in xtables-addons 3.8+, jean-christophe manciot
- Re: How to continue to use Maxmind geoip csv in xtables-addons 3.8+, Jan Engelhardt
[PATCH] [nf-next,v4] netfilter: xtables: Add snapshot of hardidletimer target, Manoj Basapathi
- Re: [PATCH] [nf-next,v4] netfilter: xtables: Add snapshot of hardidletimer target, Pablo Neira Ayuso
Xtalbes -> Xtables ?, Franta Hanzlík
- Re: Xtalbes -> Xtables ?, Jan Engelhardt
[nft PATCH 0/4] Extend testsuites to run against installed binaries, Phil Sutter
- [nft PATCH 1/4] tests: json_echo: Fix for Python3, Phil Sutter
- [nft PATCH 4/4] tests: py: Support testing host binaries, Phil Sutter
- [nft PATCH 2/4] tests: json_echo: Support testing host binaries, Phil Sutter
- [nft PATCH 3/4] tests: monitor: Support testing host's nft binary, Phil Sutter
- Re: [nft PATCH 0/4] Extend testsuites to run against installed binaries, Pablo Neira Ayuso
masquerade, Serguei Bezverkhi (sbezverk)
- Re: masquerade, Florian Westphal
[PATCH nft 0/3] scanner: improving include handling, Laurent Fasnacht
- [PATCH nft 1/3] scanner: move the file descriptor to be in the input_descriptor structure, Laurent Fasnacht
  - Re: [PATCH nft 1/3] scanner: move the file descriptor to be in the input_descriptor structure, Pablo Neira Ayuso
- [PATCH nft 2/3] scanner: correctly compute include depth, Laurent Fasnacht
  - Re: [PATCH nft 2/3] scanner: correctly compute include depth, Pablo Neira Ayuso
- [PATCH nft 3/3] scanner: remove indescs and indescs_idx attributes from the parser, and directly use indesc_list, Laurent Fasnacht
  - Re: [PATCH nft 3/3] scanner: remove indescs and indescs_idx attributes from the parser, and directly use indesc_list, Pablo Neira Ayuso
- Re: [PATCH nft 0/3] scanner: improving include handling, Pablo Neira Ayuso
[PATCH] [nf-next v3] netfilter: xtables: Add snapshot of hardidletimer target, Manoj Basapathi
- Re: [PATCH] [nf-next v3] netfilter: xtables: Add snapshot of hardidletimer target, kbuild test robot
- Re: [PATCH] [nf-next v3] netfilter: xtables: Add snapshot of hardidletimer target, Florian Westphal
- Re: [PATCH] [nf-next v3] netfilter: xtables: Add snapshot of hardidletimer target, kbuild test robot
[PATCH iptables] extensions: time: add translation and tests, Jose M. Guisado Gomez
- Re: [PATCH iptables] extensions: time: add translation and tests, Florian Westphal
[PATCH nft] tests: shell: add test for glob includes, Laurent Fasnacht
[PATCH libnetfilter_queue 0/1] src: Add nfq_hdr_put to library, Duncan Roe
- [PATCH libnetfilter_queue 1/1] src: move static nfq_hdr_put from examples/nf-queue.c into the library since everyone is going to want it., Duncan Roe
  - Re: [PATCH libnetfilter_queue 1/1] src: move static nfq_hdr_put from examples/nf-queue.c into the library since everyone is going to want it., Pablo Neira Ayuso
    - [PATCH libnetfilter_queue v2] src: move static nfq_hdr_put from examples/nf-queue.c into the library since everyone is going to want it., Duncan Roe
      - [PATCH libnetfilter_queue v3] src: move static nfq_hdr_put from examples/nf-queue.c into the library since everyone is going to want it., Duncan Roe
        
        Re: [PATCH libnetfilter_queue v3] src: move static nfq_hdr_put from examples/nf-queue.c into the library since everyone is going to want it., Pablo Neira Ayuso
[PATCH nf 0/4] netfilter: conntrack: allow insertion of clashing entries, Florian Westphal
- [PATCH nf 2/4] netfilter: conntrack: place confirm-bit setting in a helper, Florian Westphal
- [PATCH nf 3/4] netfilter: conntrack: split resolve_clash function, Florian Westphal
- [PATCH nf 4/4] netfilter: conntrack: allow insertion of clashing entries, Florian Westphal
- [PATCH nf 1/4] netfilter: conntrack: remove two args from resolve_clash, Florian Westphal
- Re: [PATCH nf 0/4] netfilter: conntrack: allow insertion of clashing entries, Pablo Neira Ayuso
  - Re: [PATCH nf 0/4] netfilter: conntrack: allow insertion of clashing entries, Florian Westphal
invalid read in, dyslexicatheist
- Re: invalid read in, Phil Sutter
  - Re: invalid read in, dyslexicatheist
    - Re: invalid read in, Phil Sutter
      - Re: invalid read in, dyslexicatheist
[PATCH nf] netfilter: flowtable: always init block_offload struct, Florian Westphal
- Re: [PATCH nf] netfilter: flowtable: always init block_offload struct, Pablo Neira Ayuso
[PATCH nft v4 0/6] Remaining bitwise-shift-related changes, Jeremy Sowden
- [PATCH nft v4 1/6] parser: add parenthesized statement expressions., Jeremy Sowden
- [PATCH nft v4 2/6] evaluate: correct variable name., Jeremy Sowden
- [PATCH nft v4 5/6] tests: py: add missing JSON output., Jeremy Sowden
- [PATCH nft v4 4/6] tests: shell: add bit-shift tests., Jeremy Sowden
- [PATCH nft v4 3/6] evaluate: change shift byte-order to host-endian., Jeremy Sowden
- [PATCH nft v4 6/6] tests: py: add bit-shift tests., Jeremy Sowden
- Re: [PATCH nft v4 0/6] Remaining bitwise-shift-related changes, Pablo Neira Ayuso
[Patch nf v2 0/3] netfilter: xt_hashlimit: a few improvements, Cong Wang
- [Patch nf v2 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Cong Wang
  - Re: [Patch nf v2 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Florian Westphal
    - Re: [Patch nf v2 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Cong Wang
      - Re: [Patch nf v2 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Florian Westphal
  - Re: [Patch nf v2 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Pablo Neira Ayuso
- [Patch nf v2 2/3] xt_hashlimit: reduce hashlimit_mutex scope for htable_put(), Cong Wang
  - Re: [Patch nf v2 2/3] xt_hashlimit: reduce hashlimit_mutex scope for htable_put(), Pablo Neira Ayuso
- [Patch nf v2 3/3] xt_hashlimit: limit the max size of hashtable, Cong Wang
  - Re: [Patch nf v2 3/3] xt_hashlimit: limit the max size of hashtable, Florian Westphal
  - Re: [Patch nf v2 3/3] xt_hashlimit: limit the max size of hashtable, Pablo Neira Ayuso
NFT - delete rules per interface, Daniel
- Re: NFT - delete rules per interface, Florian Westphal
  - Re: NFT - delete rules per interface, Daniel
Ipset combined entry type like hash:ip,port,ip,port, Adam Kalisz
[Patch nf 0/3] netfilter: xt_hashlimit: a few improvements, Cong Wang
- [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Cong Wang
  - Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Florian Westphal
    - Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Cong Wang
      - Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Florian Westphal
        
        Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Cong Wang
        
        Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Florian Westphal
        
        Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Cong Wang
        
        Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable, Florian Westphal
- [Patch nf 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Cong Wang
  - Re: [Patch nf 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Florian Westphal
    - Re: [Patch nf 1/3] xt_hashlimit: avoid OOM for user-controlled vmalloc, Cong Wang
- [Patch nf 2/3] xt_hashlimit: reduce hashlimit_mutex scope for htable_put(), Cong Wang
  - Re: [Patch nf 2/3] xt_hashlimit: reduce hashlimit_mutex scope for htable_put(), Florian Westphal
[MAINTENANCE] migrating git.netfilter.org, Pablo Neira Ayuso
- Re: [MAINTENANCE] migrating git.netfilter.org, José M. Guisado
  - Re: [MAINTENANCE] migrating git.netfilter.org, Florian Westphal
  - Re: [MAINTENANCE] migrating git.netfilter.org, Pablo Neira Ayuso
Re: [PATCH net] netfilter: nf_flowtable: fix documentation, Matteo Croce
Proxy load balancer rules, Serguei Bezverkhi (sbezverk)
- Re: Proxy load balancer rules, Phil Sutter
  - Re: Proxy load balancer rules, Florian Westphal
    - Re: Proxy load balancer rules, Phil Sutter
[PATCH nf-next] netfilter: flowtable: Use nf_flow_offload_tuple for stats as well, Paul Blakey
- Re: [PATCH nf-next] netfilter: flowtable: Use nf_flow_offload_tuple for stats as well, Pablo Neira Ayuso
[PATCH 0/3] Various fixes for flowtable hardware offload, Paul Blakey
- [PATCH 1/3] netfilter: flowtable: Fix hardware flush order on nf_flow_table_cleanup, Paul Blakey
- [PATCH 3/3] netfilter: flowtable: Fix setting forgotten NF_FLOW_HW_DEAD flag, Paul Blakey
- [PATCH 2/3] netfilter: flowtable: Fix missing flush hardware on table free, Paul Blakey
- Re: [PATCH 0/3] Various fixes for flowtable hardware offload, Pablo Neira Ayuso
[PATCH nf-next] netfilter: xtables: Add snapshot of hardidletimer target, Subash Abhinov Kasiviswanathan
- Re: [PATCH nf-next] netfilter: xtables: Add snapshot of hardidletimer target, Florian Westphal
[PATCH nft v4 0/4] Introduce support for concatenated ranges, Stefano Brivio
- [PATCH nft v4 1/4] include: resync nf_tables.h cache copy, Stefano Brivio
  - Re: [PATCH nft v4 1/4] include: resync nf_tables.h cache copy, Pablo Neira Ayuso
- [PATCH nft v4 2/4] src: Add support for NFTNL_SET_DESC_CONCAT, Stefano Brivio
  - Re: [PATCH nft v4 2/4] src: Add support for NFTNL_SET_DESC_CONCAT, Pablo Neira Ayuso
- [PATCH nft v4 3/4] src: Add support for concatenated set ranges, Stefano Brivio
  - Re: [PATCH nft v4 3/4] src: Add support for concatenated set ranges, Pablo Neira Ayuso
    - Re: [PATCH nft v4 3/4] src: Add support for concatenated set ranges, Stefano Brivio
  - Re: [PATCH nft v4 3/4] src: Add support for concatenated set ranges, Pablo Neira Ayuso
    - Re: [PATCH nft v4 3/4] src: Add support for concatenated set ranges, Stefano Brivio
- [PATCH nft v4 4/4] tests: Introduce test for set with concatenated ranges, Stefano Brivio
  - Re: [PATCH nft v4 4/4] tests: Introduce test for set with concatenated ranges, Phil Sutter
  - Re: [PATCH nft v4 4/4] tests: Introduce test for set with concatenated ranges, Pablo Neira Ayuso
    - Re: [PATCH nft v4 4/4] tests: Introduce test for set with concatenated ranges, Stefano Brivio
      - Re: [PATCH nft v4 4/4] tests: Introduce test for set with concatenated ranges, Phil Sutter
      - Re: [PATCH nft v4 4/4] tests: Introduce test for set with concatenated ranges, Florian Westphal
        
        Re: [PATCH nft v4 4/4] tests: Introduce test for set with concatenated ranges, Stefano Brivio
[PATCH libnftnl v4 0/3] Attributes for concatenated ranges, Stefano Brivio
- [PATCH libnftnl v4 2/3] set: Add support for NFTA_SET_DESC_CONCAT attributes, Stefano Brivio
- [PATCH libnftnl v4 1/3] include: resync nf_tables.h cache copy, Stefano Brivio
- [PATCH libnftnl v4 3/3] set_elem: Introduce support for NFTNL_SET_ELEM_KEY_END, Stefano Brivio
- Re: [PATCH libnftnl v4 0/3] Attributes for concatenated ranges, Pablo Neira Ayuso
[PATCH v2] Documentation: changes.rst: update several outdated project URLs, Randy Dunlap
- Re: [PATCH v2] Documentation: changes.rst: update several outdated project URLs, Jonathan Corbet
use of netfilter-announce list, Thomas Jarosch
[PATCH nf-next V2] netfilter: ctnetlink: add kernel side filtering for dump, Romain Bellan
- Re: [PATCH nf-next V2] netfilter: ctnetlink: add kernel side filtering for dump, Florent Fourcot
- Re: [PATCH nf-next V2] netfilter: ctnetlink: add kernel side filtering for dump, Pablo Neira Ayuso
[PATCH libnftnl 1/2] Adding NFCT_FILTER_DUMP_TUPLE in filter_dump_attr, using kernel CTA_FILTER API, Romain Bellan
- [PATCH libnftnl 2/2] utils: add NFCT_FILTER_DUMP_TUPLE example, Romain Bellan
[PATCH] netfilter: Use kvcalloc, Joe Perches
- Re: [PATCH] netfilter: Use kvcalloc, Pablo Neira Ayuso
Re: [netfilter-core] INFO: rcu detected stall in hash_ip4_gc, Kadlecsik József
- <Possible follow-ups>
- Re: [netfilter-core] INFO: rcu detected stall in hash_ip4_gc, Kadlecsik József
INFO: rcu detected stall in hash_ip4_gc, syzbot
general protection fault in ip_set_comment_free, syzbot
[PATCH 1/1] netfilter: ipset: fix suspicious RCU usage in find_set_and_id, Kadlecsik József
- Re: [PATCH 1/1] netfilter: ipset: fix suspicious RCU usage in find_set_and_id, Pablo Neira Ayuso
INFO: rcu detected stall in ip_set_udel, syzbot
- Re: INFO: rcu detected stall in ip_set_udel, syzbot
KASAN: slab-out-of-bounds Read in bitmap_ipmac_destroy, syzbot
- Re: KASAN: slab-out-of-bounds Read in bitmap_ipmac_destroy, syzbot
- Re: KASAN: slab-out-of-bounds Read in bitmap_ipmac_destroy, syzbot
INFO: rcu detected stall in ip_set_uadd, syzbot
[PATCH AUTOSEL 5.4 060/107] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct, Sasha Levin
[PATCH AUTOSEL 5.4 059/107] netfilter: fix a use-after-free in mtype_destroy(), Sasha Levin
[PATCH AUTOSEL 5.4 090/107] netfilter: nf_tables: store transaction list locally while requesting module, Sasha Levin
[PATCH AUTOSEL 5.4 092/107] netfilter: nft_tunnel: ERSPAN_VERSION must not be null, Sasha Levin
[PATCH AUTOSEL 5.4 094/107] netfilter: nf_tables: fix flowtable list del corruption, Sasha Levin
[PATCH AUTOSEL 5.4 091/107] netfilter: nft_tunnel: fix null-attribute check, Sasha Levin
[PATCH AUTOSEL 5.4 093/107] netfilter: nf_tables: remove WARN and add NLA_STRING upper limits, Sasha Levin
[PATCH AUTOSEL 5.4 095/107] netfilter: nat: fix ICMP header corruption on ICMP errors, Sasha Levin
[PATCH AUTOSEL 4.19 29/56] netfilter: fix a use-after-free in mtype_destroy(), Sasha Levin
[PATCH AUTOSEL 4.19 30/56] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct, Sasha Levin
[PATCH AUTOSEL 4.19 48/56] netfilter: nf_tables: store transaction list locally while requesting module, Sasha Levin
[PATCH AUTOSEL 4.19 49/56] netfilter: nft_tunnel: fix null-attribute check, Sasha Levin
[PATCH AUTOSEL 4.19 52/56] netfilter: nf_tables: fix flowtable list del corruption, Sasha Levin
[PATCH AUTOSEL 4.19 51/56] netfilter: nf_tables: remove WARN and add NLA_STRING upper limits, Sasha Levin
[PATCH AUTOSEL 4.14 14/32] netfilter: fix a use-after-free in mtype_destroy(), Sasha Levin
[PATCH AUTOSEL 4.14 15/32] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct, Sasha Levin
[PATCH AUTOSEL 4.9 11/18] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct, Sasha Levin
[PATCH AUTOSEL 4.9 10/18] netfilter: fix a use-after-free in mtype_destroy(), Sasha Levin
[PATCH AUTOSEL 4.4 5/9] netfilter: fix a use-after-free in mtype_destroy(), Sasha Levin
[PATCH AUTOSEL 4.19 50/56] netfilter: nft_tunnel: ERSPAN_VERSION must not be null, Sasha Levin
KASAN: slab-out-of-bounds Read in bitmap_port_destroy, syzbot
- Re: KASAN: slab-out-of-bounds Read in bitmap_port_destroy, syzbot
- Re: KASAN: slab-out-of-bounds Read in bitmap_port_destroy, syzbot
- <Possible follow-ups>
- Re: KASAN: slab-out-of-bounds Read in bitmap_port_destroy, Dan Carpenter
[PATCH] Documentation: changes.rst: update several outdated project URLs, Randy Dunlap
- Re: [PATCH] Documentation: changes.rst: update several outdated project URLs, Darrick J. Wong
  - Re: [PATCH] Documentation: changes.rst: update several outdated project URLs, Randy Dunlap
- Re: [PATCH] Documentation: changes.rst: update several outdated project URLs, Theodore Y. Ts'o
  - Re: [PATCH] Documentation: changes.rst: update several outdated project URLs, Randy Dunlap
    - Re: [PATCH] Documentation: changes.rst: update several outdated project URLs, Theodore Y. Ts'o
[nft PATCH 0/4] Covscan-induced review of ei_insert(), Phil Sutter
- [nft PATCH 2/4] segtree: Drop dead code in ei_insert(), Phil Sutter
  - Re: [nft PATCH 2/4] segtree: Drop dead code in ei_insert(), Pablo Neira Ayuso
- [nft PATCH 3/4] segtree: Simplify overlap case in ei_insert(), Phil Sutter
  - Re: [nft PATCH 3/4] segtree: Simplify overlap case in ei_insert(), Pablo Neira Ayuso
- [nft PATCH 1/4] segtree: Drop needless insertion in ei_insert(), Phil Sutter

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]