Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH nf-next v3 0/4] netfilter: nf_flow_table_offload: support tunnel offload, (continued)
- [PATCH 00/17] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH 01/17] netfilter: ctnetlink: netns exit must wait for callbacks, Pablo Neira Ayuso
- [PATCH 13/17] netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init(), Pablo Neira Ayuso
- [PATCH 15/17] netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions, Pablo Neira Ayuso
- [PATCH 17/17] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle(), Pablo Neira Ayuso
- [PATCH 16/17] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp(), Pablo Neira Ayuso
- [PATCH 14/17] netfilter: nf_tables: skip module reference count bump on object updates, Pablo Neira Ayuso
- [PATCH 08/17] selftests: netfilter: use randomized netns names, Pablo Neira Ayuso
- [PATCH 12/17] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END, Pablo Neira Ayuso
- [PATCH 11/17] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets, Pablo Neira Ayuso
- [PATCH 10/17] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h, Pablo Neira Ayuso
- [PATCH 03/17] netfilter: nf_flow_table_offload: Fix block_cb tc_setup_type as TC_SETUP_CLSFLOWER, Pablo Neira Ayuso
- [PATCH 05/17] netfilter: conntrack: tell compiler to not inline nf_ct_resolve_clash, Pablo Neira Ayuso
- [PATCH 09/17] netfilter: nf_queue: enqueue skbs with NULL dst, Pablo Neira Ayuso
- [PATCH 07/17] netfilter: nf_tables_offload: Check for the NETDEV_UNREGISTER event, Pablo Neira Ayuso
- [PATCH 04/17] netfilter: nf_flow_table_offload: Don't use offset uninitialized in flow_offload_port_{d,s}nat, Pablo Neira Ayuso
- [PATCH 06/17] netfilter: nf_flow_table_offload: add IPv6 match description, Pablo Neira Ayuso
- [PATCH 02/17] netfilter: nf_flow_table_offload: Fix block setup as TC_SETUP_FT cmd, Pablo Neira Ayuso
- Re: [PATCH 00/17] Netfilter fixes for net, David Miller
- Re: KASAN: global-out-of-bounds Read in fb_pad_aligned_buffer, syzbot
- [PATCH net] net: flow_dissector: fix tcp flags dissection on big-endian,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle(), Pablo Neira Ayuso
- [PATCH libnetfilter_queue 1/2] src: doc: Update sample code to agree with documentation,
Duncan Roe
- [PATCH nftables] doc: Remove repeated paragraph and fix typo,
nl6720
- [PATCH nf-next 0/7] netfilter: nft_tunnel: reinforce key opts support,
Xin Long
- RFC: libnetfilter_queue: nfq_udp_get_payload_len() gives wrong answer,
Duncan Roe
- [PATCH netfilter] netfilter: bridge: make sure to pull arp header in br_nf_forward_arp(),
Eric Dumazet
- [PATCH nf] netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: skip module reference count bump on object updates, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init(), Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets, Pablo Neira Ayuso
- Re: KASAN: use-after-free Read in soft_cursor,
syzbot
- [iptables PATCH 0/6] A series of covscan-indicated fixes,
Phil Sutter
- [PATCH nft] segtree: don't remove nul-root element from interval set, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets,
Pablo Neira Ayuso
- [nf PATCH] uapi: netfilter: Avoid undefined left-shift in xt_sctp.h,
Phil Sutter
- [PATCH] nftables: Bump dependency on libnftnl to 1.1.5,
Jan-Philipp Litza
- [PATCH nft] build: nftables 0.9.3 depends on libnftnl 1.1.5,
Pablo Neira Ayuso
- [iptables PATCH 1/7] iptables: install iptables-apply script and manpage,
Arturo Borrero Gonzalez
- [libnftnl PATCH] examples: Replace use of deprecated symbols,
Phil Sutter
- [iptables PATCH] extensions: CLUSTERIP: Mark as deprecated in man page,
Phil Sutter
- [iptables PATCH 1/2] Fix DEBUG build,
Phil Sutter
- Numen with reference to vmap,
Serguei Bezverkhi (sbezverk)
- [PATCH 0/1] netfilter: connmark: introduce set-dscpmark,
Kevin Darbyshire-Bryant
- [PATCH] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle,
Laura Abbott
- [PATCH nft] include: include nf_tables_compat.h in tarball, Pablo Neira Ayuso
- [libnftnl PATCH 0/4] Fix covscan-detected issues,
Phil Sutter
- [ANNOUNCE] nftables 0.9.3 release,
Pablo Neira Ayuso
- [PATCH] build: remove stray @ sign in manpage,
Jan Engelhardt
- [PATCH nf] netfilter: nf_queue: enqueue skbs with NULL dst,
Marco Oliverio
- [PATCH nft] netlink: off-by-one write in netdev chain device array, Pablo Neira Ayuso
- [PATCH nf] selftests: netfilter: use randomized netns names,
Florian Westphal
- [libnftnl PATCH] tests: flowtable: Don't check NFTNL_FLOWTABLE_SIZE,
Phil Sutter
- [PATCH iptables] build: bump dependency on libnftnl,
Pablo Neira Ayuso
- [ANNOUNCE] iptables 1.8.4 release,
Phil Sutter
- [ANNOUNCE] ebtables 2.0.11 release,
Pablo Neira Ayuso
- [ANNOUNCE] arptables 0.0.5 release, Pablo Neira Ayuso
- [PATCH,nf-next RFC 0/2] add NFTA_SET_ELEM_KEY_END,
Pablo Neira Ayuso
- forwarded bridged packets enqueuing is broken,
Marco Oliverio
- Documentation question (verdicts),
Duncan Roe
- [nft PATCH v3] src: Support maps as left side expressions,
Phil Sutter
- [PATCH nft v2 0/1] doc: fix inconsistency in set statement documentation.,
Jeremy Sowden
- [PATCH v2 nft] scanner: fix out-of-bound memory write in include_file(),
Eric Jallot
- [PATCH nf] netfilter: nf_flow_table_offload: add IPv6 match description, Pablo Neira Ayuso
- [PATCH nf] netfilter: conntrack: tell compile to not inline nf_ct_resolve_clash,
Florian Westphal
- Re: KASAN: use-after-free Read in ccid2_hc_tx_packet_recv, syzbot
- [nft PATCH] nft.8: Describe numgen expression,
Phil Sutter
- [nft PATCH] nft.8: Fix nat family spec position,
Phil Sutter
- [PATCH] netfilter: nf_flow_table_offload: Don't use offset uninitialized in flow_offload_port_{d,s}nat,
Nathan Chancellor
- nf_flow on big-endian (was: Re: linux-next: build warning after merge of the net-next tree),
Geert Uytterhoeven
- [PATCH nft 1/2] Revert "segtree: Check ranges when deleting elements",
Pablo Neira Ayuso
- [PATCH nft] doc: fix inconsistency in set statement documentation.,
Jeremy Sowden
- Operation not supported when adding jump command,
Serguei Bezverkhi (sbezverk)
- Re: KASAN: use-after-free Read in blkdev_get,
syzbot
- [PATCH libnetfilter_queue] src: Fix test for IPv6 header,
Duncan Roe
- KMSAN: uninit-value in __skb_checksum_complete (4),
syzbot
- [PATCH nftables v2 1/2] src: add ability to set/get secmarks to/from connection,
Christian Göttsche
- Certificate of https://wiki.nftables.org expired, Christian Göttsche
- [PATCH libnetfilter_queue 0/1] src: Comment-out code not needed since Linux 3.8 in examples/nf-queue.c,
Duncan Roe
- [PATCH nft] scanner: fix out-of-bound memory write in include_file(), Eric Jallot
- [PATCH nf-next v2 0/8] nftables: Set implementation for arbitrary concatenation of ranges,
Stefano Brivio
- [PATCH nf-next v2 1/8] netfilter: nf_tables: Support for subkeys, set with multiple ranged fields, Stefano Brivio
- [PATCH nf-next v2 2/8] bitmap: Introduce bitmap_cut(): cut bits and shift remaining, Stefano Brivio
- [PATCH nf-next v2 3/8] nf_tables: Add set type for arbitrary concatenation of ranges, Stefano Brivio
- [PATCH nf-next v2 5/8] nft_set_pipapo: Provide unrolled lookup loops for common field sizes, Stefano Brivio
- [PATCH nf-next v2 4/8] selftests: netfilter: Introduce tests for sets with range concatenation, Stefano Brivio
- [PATCH nf-next v2 6/8] nft_set_pipapo: Prepare for vectorised implementation: alignment, Stefano Brivio
- [PATCH nf-next v2 7/8] nft_set_pipapo: Prepare for vectorised implementation: helpers, Stefano Brivio
- [PATCH nf-next v2 8/8] nft_set_pipapo: Introduce AVX2-based lookup implementation, Stefano Brivio
- Re: [PATCH nf-next v2 0/8] nftables: Set implementation for arbitrary concatenation of ranges, Pablo Neira Ayuso
- [PATCH AUTOSEL 4.19 088/219] netfilter: nf_nat_sip: fix RTP/RTCP source port translations, Sasha Levin
- [PATCH AUTOSEL 4.19 158/219] netfilter: nf_tables: fix a missing check of nla_put_failure, Sasha Levin
- [iptables PATCH v4 00/12] Implement among match support,
Phil Sutter
- [iptables PATCH v4 07/12] nft: Introduce NFT_CL_SETS cache level, Phil Sutter
- [iptables PATCH v4 06/12] nft: Eliminate pointless calls to nft_family_ops_lookup(), Phil Sutter
- [iptables PATCH v4 10/12] nft: Embed rule's table name in nft_xt_ctx, Phil Sutter
- [iptables PATCH v4 02/12] nft: family_ops: Pass nft_handle to 'rule_find' callback, Phil Sutter
- [iptables PATCH v4 11/12] nft: Support parsing lookup expression, Phil Sutter
- [iptables PATCH v4 09/12] nft: Bore up nft_parse_payload(), Phil Sutter
- [iptables PATCH v4 03/12] nft: family_ops: Pass nft_handle to 'print_rule' callback, Phil Sutter
- [iptables PATCH v4 04/12] nft: family_ops: Pass nft_handle to 'rule_to_cs' callback, Phil Sutter
- [iptables PATCH v4 05/12] nft: Keep nft_handle pointer in nft_xt_ctx, Phil Sutter
- [iptables PATCH v4 08/12] nft: Support NFT_COMPAT_SET_ADD, Phil Sutter
- [iptables PATCH v4 12/12] nft: bridge: Rudimental among extension support, Phil Sutter
- [iptables PATCH v4 01/12] nft: family_ops: Pass nft_handle to 'add' callback, Phil Sutter
- Re: [iptables PATCH v4 00/12] Implement among match support, Pablo Neira Ayuso
- [PATCH libnftnl v2] set: Add support for NFTA_SET_SUBKEY attributes,
Stefano Brivio
- [PATCH nft v2 0/3] Introduce support for concatenated ranges,
Stefano Brivio
- [PATCH] net: Fix Kconfig indentation, continued,
Krzysztof Kozlowski
- [PATCH nft] mnl: Fix -Wimplicit-function-declaration warnings,
Michal Rostecki
- [libnftnl PATCH] utils: Define __visible even if not supported by compiler,
Phil Sutter
- [arptables PATCH 0/3] Some minor fixes,
Phil Sutter
- [nft PATCH] segtree: Fix add and delete of element in same batch,
Phil Sutter
- [PATCH nf-next v2 0/4] netfilter: nf_flow_table_offload: support tunnel offload,
wenxu
- [RFC 1/4] statement: make secmark statements idempotent,
Christian Göttsche
- [PATCH nf-next 0/7] nf_tables encapsulation/decapsulation support,
Pablo Neira Ayuso
- [PATCH nf-next] netfilter: Document ingress hook,
Lukas Wunner
- [PATCH nf-next] netfilter: Clean up unnecessary #ifdef,
Lukas Wunner
- [PATCH nf-next] netfilter: nf_flow_table_offload: Fix block_cb tc_setup_type as TC_SETUP_CLSFLOWER,
wenxu
- [PATCH nf-next] netfilter: nf_flow_table_offload: Fix setup block as TC_SETUP_FT cmd,
wenxu
- [PATCH net-next 0/4] nf_tables_offload: vlan matching support,
Pablo Neira Ayuso
- Choosing best API-way to full dump/restore nftables,
Alexander Mikhalitsyn
- Mysql has problem with synproxy,
İbrahim Ercan
- [PATCH libnftnl] set: Add support for NFTA_SET_SUBKEY attributes,
Stefano Brivio
- [PATCH nft 0/3] Introduce support for concatenated ranges,
Stefano Brivio
- [PATCH nf-next 0/8] nftables: Set implementation for arbitrary concatenation of ranges,
Stefano Brivio
- [PATCH nft] tests: shell: set reference from variable definition,
Pablo Neira Ayuso
- [PATCH nft,v2] parser_bison: Avoid set references in odd places,
Pablo Neira Ayuso
- [PATCH libnetfilter_queue 1/2] src: doc: Major re-work of user packet buffer documentation,
Duncan Roe
- [nft PATCH] tests/py: Set a fixed timezone in nft-test.py,
Phil Sutter
- [nft PATCH] parser_bison: Avoid set references in odd places, Phil Sutter
- [PATCH nf-next v2 0/4] netfilter: nft_tunnel: support tunnel match expr offload,
wenxu
- [PATCH libnetfilter_queue] src: Fix IPv4 checksum calculation in AF_BRIDGE packet buffer,
Duncan Roe
- [PATCH libnftnl] flowtable: remove NFTA_FLOWTABLE_SIZE,
Pablo Neira Ayuso
- [nft PATCH] scanner: Introduce numberstring,
Phil Sutter
- libnftnl: NFTA_FLOWTABLE_SIZE missing from kernel uapi headers,
Eric Garver
- [PATCH nf-next 0/4] netfilter: nf_flow_table_offload: support tunnel match,
wenxu
- [PATCH nf] netfilter: ctnetlink: netns exit must wait for callbacks,
Florian Westphal
- [PATCH nf-next] netfilter: nf_tables: check the bind callback failed and unbind callback if hook register failed,
wenxu
- [PATCH nf-next] netfilter: nf_tables: add nft_unregister_flowtable_hook(), Pablo Neira Ayuso
- [iptables PATCH 0/2] Restore rule counter zeroing,
Phil Sutter
- [net-next 1/1] netfilter: nf_tables_offload: Fix dangling extack pointer,
Saeed Mahameed
- [nft PATCH] cache: Reduce caching for get command,
Phil Sutter
- [nft PATCH] segtree: Fix get element for little endian ranges,
Phil Sutter
- [PATCH nf-next 1/3] netfilter: nf_tables_offload: remove reference to flow rule from deletion path,
Pablo Neira Ayuso
- Re: ipset bitmap:port question,
İbrahim Ercan
- [PATCH libnetfilter_queue] src: Make sure pktb_alloc() works for IPv6 over AF_BRIDGE,
Duncan Roe
- libnetfilter_queue git pull has stopped working, Duncan Roe
- [PATCH nf-next 1/2] netfilter: nf_flow_table_offload: add flow_action_entry_next() and use it,
Pablo Neira Ayuso
- [PATCH][v2] netfilter: only call csum_tcpudp_magic for TCP/UDP packets,
Li RongQing
- [PATCH net-next 0/4] netfilter: flow_table_offload something fixes,
wenxu
- [PATCH nf] netfilter: nf_tables_offload: Fix check the NETDEV_UNREGISTER in netdev event,
wenxu
- [PATCH AUTOSEL 4.19 195/209] netfilter: nft_compat: do not dump private area, Sasha Levin
- [PATCH AUTOSEL 4.14 105/115] netfilter: nft_compat: do not dump private area, Sasha Levin
- [nft PATCH] segtree: Check ranges when deleting elements,
Phil Sutter
- [nft PATCH] meta: Rewrite hour_type_print(),
Phil Sutter
- [nf-next PATCH] net: netfilter: Support iif matches in POSTROUTING,
Phil Sutter
- [PATCH mlx5-next 0/7] netfilter flowtable hardware offload support,
Pablo Neira Ayuso
- [PATCH net-next 0/6] netfilter flowtable hardware offload,
Pablo Neira Ayuso
- UAF in ip6_do_table on 4.19 kernel,
stranche
- [conntrack-tools PATCH] helpers: Fix for warning when compiling against libtirpc,
Phil Sutter
- [conntrack-tools PATCH] Makefile.am: Use ${} instead of @...@,
Phil Sutter
- [PATCH] netfilter: xtables: Add snapshot of hardidletimer target,
Manoj Basapathi
- [PATCH libnetfilter_queue 0/2] Miscellaneous fixes,
Duncan Roe
- [PATCH AUTOSEL 4.19 183/191] netfilter: masquerade: don't flush all conntracks if only one address deleted on device, Sasha Levin
- [PATCH AUTOSEL 4.14 105/109] netfilter: masquerade: don't flush all conntracks if only one address deleted on device, Sasha Levin
- [PATCH] netfilter: only call csum_tcpudp_magic for TCP/UDP packets,
Li RongQing
- [PATCH 00/16] drivers: y2038 updates,
Arnd Bergmann
- [PATCH 0/8] y2038: bug fixes from y2038 work,
Arnd Bergmann
- [PATCH AUTOSEL 4.19 203/205] netfilter: nf_tables: avoid BUG_ON usage, Sasha Levin
- KCSAN: data-race in pcpu_alloc / pcpu_free_area (2), syzbot
- [nft PATCH 1/2] files: Drop shebangs from config files,
Phil Sutter
- [PATCH] conntrackd UDP IPv6 destination address not usable (Bug 1378),
Jan-Martin Raemer
- [PATCH v3] [net]: Fix skb->csum update in inet_proto_csum_replace16().,
Praveen Chaudhary
- ipv6 forward rule after prerouting - Howto,
Daniel Huhardeaux
- [PATCH] src: add `set_is_meter` helper.,
Jeremy Sowden
- [nft PATCH] doc: Drop incorrect requirement for nft configs,
Phil Sutter
- [PATCH nft] src: flowtable: add support for delete command by handle,
Eric Jallot
- [PATCH libnftnl] flowtable: add support for handle attribute,
Eric Jallot
- [PATCH nf 1/2] netfilter: nf_tables: bogus EOPNOTSUPP on basechain update,
Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nft_payload: add C-VLAN support, Pablo Neira Ayuso
- [PATCH libnetfilter_queue] src: doc: Eliminate doxygen warnings from ipv{4,6}.c,
Duncan Roe
- ebtables dnat rule gets system frozen,
Tom Yan
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
