Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH nft v2 1/5] src: mnl: clean up hook listing code, (continued)
- [PATCH libmnl] README: Document the contribution process, Petr Machata
- [PATCH libmnl] src: attr: Add mnl_attr_get_uint() function,
Danielle Ratson
- [RFC PATCH v1 0/9] Support TCP listen access-control,
Mikhail Ivanov
- [iptables PATCH 00/14] Some fixes and trivial improvements,
Phil Sutter
- [iptables PATCH 03/14] extensions: recent: Fix format string for unsigned values, Phil Sutter
- [iptables PATCH 01/14] nft: cache: Annotate faked base chains as such, Phil Sutter
- [iptables PATCH 14/14] ebtables: Omit all-wildcard interface specs from output, Phil Sutter
- [iptables PATCH 04/14] extensions: conntrack: Use the right callbacks, Phil Sutter
- [iptables PATCH 11/14] xshared: Move NULL pointer check into save_iface(), Phil Sutter
- [iptables PATCH 08/14] xshared: Do not omit all-wildcard interface spec when inverted, Phil Sutter
- [iptables PATCH 05/14] nft: cmd: Init struct nft_cmd::head early, Phil Sutter
- [iptables PATCH 12/14] libxtables: Debug: Slightly improve extension ordering debugging, Phil Sutter
- [iptables PATCH 09/14] extensions: conntrack: Reuse print_state() for old state match, Phil Sutter
- [iptables PATCH 13/14] arptables: Introduce print_iface(), Phil Sutter
- [iptables PATCH 10/14] xshared: Make save_iface() static, Phil Sutter
- [iptables PATCH 07/14] arptables: Fix conditional opcode/proto-type printing, Phil Sutter
- [iptables PATCH 06/14] nft: Add potentially missing init_cs calls, Phil Sutter
- [iptables PATCH 02/14] nft: Fix for zeroing existent builtin chains, Phil Sutter
- Re: [iptables PATCH 00/14] Some fixes and trivial improvements, Phil Sutter
- [PATCH nft 0/4] list hooks refactoring,
Florian Westphal
- [PATCH v1 nf 0/2] netfilter: iptables: Fix null-ptr-deref in ip6?table_nat_table_init().,
Kuniyuki Iwashima
- [RFC PATCH net-next 0/3] Preparations for FIB rule DSCP selector,
Ido Schimmel
- [GIT PULL] sysctl constification changes for v6.11-rc1,
Joel Granados
- Re: Sets update, Pablo Neira Ayuso
- nf_tables/set: Is dynamic + interval possible?,
caskd
- Speedup patch ping,
Duncan Roe
- [iptables PATCH] extensions: recent: New kernels support 999 hits,
Phil Sutter
- [PATCH nf] netfilter: nft_set_pipapo_avx2: disable softinterrupts,
Florian Westphal
- [PATCH nft] optimize: skip variables in nat statements, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: move nf_ct_netns_get out of nf_conncount_init,
Xin Long
- [PATCH net 0/4] Netfilter/IPVS fixes for net,
Pablo Neira Ayuso
- [iptables PATCH] nft: Fix for zeroing non-existent builtin chains,
Phil Sutter
- [ANNOUNCE] nftables 1.1.0 release, Pablo Neira Ayuso
- Transparent SNAT bridge with physdev module, Matt Ayre
- Are there Any Side Effects when net.netfilter.nf_conntrack_tcp_be_liberal is set to 1?, renmingshuai
- [iptables PATCH 0/8] Fix xtables-monitor rule printing, partially RFC,
Phil Sutter
- [iptables PATCH 2/8] xtables-monitor: Flush stdout after all lines of output, Phil Sutter
- [iptables PATCH 5/8] tests: shell: New xtables-monitor test, Phil Sutter
- [iptables PATCH 6/8] xtables-monitor: Fix for ebtables rule events, Phil Sutter
- [iptables PATCH 7/8] xtables-monitor: Ignore ebtables policy rules unless tracing, Phil Sutter
- [iptables PATCH 1/8] xtables-monitor: Proper re-init for rule's family, Phil Sutter
- [RFC iptables PATCH 8/8] xtables-monitor: Print commands instead of -4/-6/-0 flags, Phil Sutter
- [iptables PATCH 4/8] xtables-monitor: Support arptables chain events, Phil Sutter
- [iptables PATCH 3/8] xtables-monitor: Align builtin chain and table output, Phil Sutter
- Re: [iptables PATCH 0/8] Fix xtables-monitor rule printing, partially RFC, Phil Sutter
- [PATCH nf] netfilter: ctnetlink: use helper function to calculate expect ID, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_tables: do not remove elements if set backend implements .abort,
Pablo Neira Ayuso
- [PATCH net] net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE,
Pablo Neira Ayuso
- [PATCH] conntrack: tcp: fix parsing of tuple-port-src and tuple-port-dst,
Stephan Brunner
- [ANNOUNCE] libnftnl 1.2.7 release, Phil Sutter
- [PATCH nf] selftests: netfilter: add test case for recent mismatch bug,
Florian Westphal
- [PATCH nf] netfilter: nf_set_pipapo: fix initial map fill,
Florian Westphal
- [PATCH] configure: Add option for building with musl,
Joshua Lant
- [PATCH ulogd2] README: update project homepage and mailing list addresses,
Harald Welte
- [PATCH nf] netfilter: nf_tables: prefer nft_chain_validate, Florian Westphal
- [PATCH nft 1/3] tests: add more ruleset validation test cases,
Florian Westphal
- [libnftnl PATCH 1/2] chain: Support unsetting NFTNL_CHAIN_USERDATA attribute,
Phil Sutter
- [PATCH nft] libnftables: fix crash when freeing non-malloc'd address,
Florian Westphal
- [PATCH nf-next] netfilter: nf_tables: store new sets in dedicated list,
Florian Westphal
- [PATCH nft 1/2] parser_json: use stdin buffer if available,
Pablo Neira Ayuso
- [PATCH] xtables: Fix compilation error with musl-libc,
Joshua Lant
- [linux-next:master] [selftests] 742ad979f5: WARNING:at_net/netfilter/nfnetlink_queue.c:#nf_reinject[nfnetlink_queue],
kernel test robot
- [PATCH libnftnl] expr: use NFTA_* netlink attributes to build fields, not NFTNL_EXPR_*, Pablo Neira Ayuso
- [PATCH nft] optimize: clone counter before insertion into set element, Pablo Neira Ayuso
- iptables- accessing unallocated memory,
josh lant
- [PATCH] netfilter: conntrack: tcp: do not lower timeout to CLOSE for in-window RSTs,
yyxRoy
- [PATCH nft] parser_bison: recursive table declaration in deprecated meter statement, Pablo Neira Ayuso
- [PATCH nft] parser_bison: remove deprecated flow statement, Pablo Neira Ayuso
- [PATCH nft 0/4] unbreak element deletion in map with ranges,
Pablo Neira Ayuso
- iptables: reverting 34f085b16073 ("Revert "xshared: Print protocol numbers if --numeric was given""),
Jeremy Sowden
- [PATCH nf-next] selftests: netfilter: nft_queue.sh: sctp coverage,
Florian Westphal
- [syzbot] [netfilter?] KASAN: slab-use-after-free Read in nf_tables_trans_destroy_work,
syzbot
- [PATCH] netfilter: remove unnecessary assignment in translate_table,
Liu Jing
- linux-next: duplicate patch in the ipvs-next tree,
Stephen Rothwell
- [PATCH v6 bpf-next 0/3] netfilter: Add the capability to offload flowtable in XDP layer,
Lorenzo Bianconi
- [syzbot] [netfilter?] bpf test error: WARNING: suspicious RCU usage in corrupted, syzbot
- [PATCH net-next 00/17] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH net-next 03/17] netfilter: nf_tables: compact chain+ft transaction objects, Pablo Neira Ayuso
- [PATCH net-next 04/17] netfilter: nf_tables: reduce trans->ctx.table references, Pablo Neira Ayuso
- [PATCH net-next 01/17] netfilter: nf_tables: make struct nft_trans first member of derived subtypes, Pablo Neira Ayuso
- [PATCH net-next 02/17] netfilter: nf_tables: move bind list_head into relevant subtypes, Pablo Neira Ayuso
- [PATCH net-next 06/17] netfilter: nf_tables: pass more specific nft_trans_chain where possible, Pablo Neira Ayuso
- [PATCH net-next 07/17] netfilter: nf_tables: avoid usage of embedded nft_ctx, Pablo Neira Ayuso
- [PATCH net-next 08/17] netfilter: nf_tables: store chain pointer in rule transaction, Pablo Neira Ayuso
- [PATCH net-next 09/17] netfilter: nf_tables: reduce trans->ctx.chain references, Pablo Neira Ayuso
- [PATCH net-next 12/17] ipvs: Avoid unnecessary calls to skb_is_gso_sctp, Pablo Neira Ayuso
- [PATCH net-next 13/17] netfilter: nf_conncount: fix wrong variable type, Pablo Neira Ayuso
- [PATCH net-next 14/17] netfilter: cttimeout: remove 'l3num' attr check, Pablo Neira Ayuso
- [PATCH net-next 05/17] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx, Pablo Neira Ayuso
- [PATCH net-next 10/17] netfilter: nf_tables: pass nft_table to destroy function, Pablo Neira Ayuso
- [PATCH net-next 16/17] selftests: netfilter: nft_queue.sh: add test for disappearing listener, Pablo Neira Ayuso
- [PATCH net-next 17/17] netfilter: xt_recent: Lift restrictions on max hitcount value, Pablo Neira Ayuso
- [PATCH net-next 15/17] netfilter: nf_tables: rise cap on SELinux secmark context, Pablo Neira Ayuso
- [PATCH net-next 11/17] netfilter: nf_tables: do not store nft_ctx in transaction objects, Pablo Neira Ayuso
- [PATCH libnetfilter_queue] build: Speed up build_man.sh, Duncan Roe
- [RFC nf-next 0/4] nf_tables: remove explicit register zeroing,
Florian Westphal
- [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH nf-next 01/19] netfilter: nf_tables: make struct nft_trans first member of derived subtypes, Pablo Neira Ayuso
- [PATCH nf-next 03/19] netfilter: nf_tables: compact chain+ft transaction objects, Pablo Neira Ayuso
- [PATCH nf-next 02/19] netfilter: nf_tables: move bind list_head into relevant subtypes, Pablo Neira Ayuso
- [PATCH nf-next 04/19] netfilter: nf_tables: reduce trans->ctx.table references, Pablo Neira Ayuso
- [PATCH nf-next 05/19] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx, Pablo Neira Ayuso
- [PATCH nf-next 06/19] netfilter: nf_tables: pass more specific nft_trans_chain where possible, Pablo Neira Ayuso
- [PATCH nf-next 07/19] netfilter: nf_tables: avoid usage of embedded nft_ctx, Pablo Neira Ayuso
- [PATCH nf-next 09/19] netfilter: nf_tables: reduce trans->ctx.chain references, Pablo Neira Ayuso
- [PATCH nf-next 08/19] netfilter: nf_tables: store chain pointer in rule transaction, Pablo Neira Ayuso
- [PATCH nf-next 10/19] netfilter: nf_tables: pass nft_table to destroy function, Pablo Neira Ayuso
- [PATCH nf-next 11/19] netfilter: nf_tables: do not store nft_ctx in transaction objects, Pablo Neira Ayuso
- [PATCH nf-next 12/19] ipvs: Avoid unnecessary calls to skb_is_gso_sctp, Pablo Neira Ayuso
- [PATCH nf-next 13/19] netfilter: nf_conncount: fix wrong variable type, Pablo Neira Ayuso
- [PATCH nf-next 14/19] netfilter: cttimeout: remove 'l3num' attr check, Pablo Neira Ayuso
- [PATCH nf-next 15/19] netfilter: nf_tables: rise cap on SELinux secmark context, Pablo Neira Ayuso
- [PATCH nf-next 16/19] netfilter: nfnetlink_queue: unbreak SCTP traffic, Pablo Neira Ayuso
- [PATCH nf-next 17/19] selftests: netfilter: nft_queue.sh: sctp coverage, Pablo Neira Ayuso
- [PATCH nf-next 18/19] selftests: netfilter: nft_queue.sh: add test for disappearing listener, Pablo Neira Ayuso
- [PATCH nf-next 19/19] netfilter: xt_recent: Lift restrictions on max hitcount value, Pablo Neira Ayuso
- Re: [PATCH nf-next 00/19] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [ipset PATCH 0/3] Two fixes and fallout,
Phil Sutter
- [PATCH net-next v2] ipvs: properly dereference pe in ip_vs_add_service,
Chen Hanxiao
- [PATCH nft] tests: shell: check for removing table via handle with incorrect family, Pablo Neira Ayuso
- [PATCH -stable,4.19.x] netfilter: nf_tables: validate family when identifying table via handle,
Pablo Neira Ayuso
- [PATCH -stable,6.1.x] netfilter: nf_tables: use timestamp to check for set element timeout,
Pablo Neira Ayuso
- [nf-next PATCH v2] netfilter: xt_recent: Lift restrictions on max hitcount value, Phil Sutter
- [PATCH net-next] ipvs: properly dereference pe in ip_vs_add_service,
Chen Hanxiao
- [syzbot] [lvs?] possible deadlock in start_sync_thread,
syzbot
- [PROBLEM] make randconfig: net/netfilter/core.c:830: undefined reference to `netfilter_lwtunnel_fini',
Mirsad Todorovac
- Re: [PATCH] netfilter: fix undefined reference to 'netfilter_lwtunnel_*' when CONFIG_SYSCTL=n, Pablo Neira Ayuso
- [syzbot] [netfilter?] [usb?] INFO: rcu detected stall in NF_HOOK,
syzbot
- [PATCH v9 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage., Sebastian Andrzej Siewior
- [no subject], Unknown
- [PATCH] netfilter: ctnetlink: support CTA_FILTER for flush,
Changliang Wu
- [PATCH nf-next] selftests: netfilter: nft_queue.sh: add test for disappearing listener, Florian Westphal
- [no subject], Unknown
- [PATCH nft] src: add string preprocessor and use it for log prefix string, Pablo Neira Ayuso
- [no subject], Unknown
- [PATCH v8 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage., Sebastian Andrzej Siewior
- [syzbot] [netfilter?] net-next test error: WARNING: suspicious RCU usage in corrupted, syzbot
- [PATCH nft] tests: py: drop redundant JSON outputs, Pablo Neira Ayuso
- [PATCH v7 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage., Sebastian Andrzej Siewior
- [PATCH nft 0/2] nft include path updates,
Pablo Neira Ayuso
- [PATCH v5 bpf-next 0/3] netfilter: Add the capability to offload flowtable in XDP layer,
Lorenzo Bianconi
- [nf-next PATCH v2 0/2] netfilter: xt_recent: Allow for larger hitcount values,
Phil Sutter
- [syzbot] [netfilter?] upstream test error: WARNING: suspicious RCU usage in _destroy_all_sets, syzbot
- [syzbot] [netfilter?] net test error: WARNING: suspicious RCU usage in _destroy_all_sets, syzbot
- [syzbot] [netfilter?] net-next test error: WARNING: suspicious RCU usage in _destroy_all_sets, syzbot
- [linus:master] [netfilter] 4e7aaa6b82: WARNING:suspicious_RCU_usage, kernel test robot
- [PATCH -stable,5.4] netfilter: nftables: exthdr: fix 4-byte stack OOB write,
Pablo Neira Ayuso
- [nf-next PATCH 0/2] netfilter: xt_recent: Allow for much larger hitcount values,
Phil Sutter
- [PATCH 4.19 179/213] netfilter: nf_tables: unregister flowtable hooks on netns exit, Greg Kroah-Hartman
- [PATCH 4.19 188/213] netfilter: nft_dynset: relax superfluous check on set updates, Greg Kroah-Hartman
- [PATCH 4.19 187/213] netfilter: nft_dynset: report EOPNOTSUPP on missing set feature, Greg Kroah-Hartman
- [PATCH 4.19 186/213] netfilter: nftables: exthdr: fix 4-byte stack OOB write, Greg Kroah-Hartman
- [PATCH 4.19 185/213] netfilter: nft_dynset: fix timeouts later than 23 days, Greg Kroah-Hartman
- [PATCH 4.19 184/213] netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 4.19), Greg Kroah-Hartman
- [PATCH 4.19 183/213] netfilter: nf_tables: disable toggling dormant table state more than once, Greg Kroah-Hartman
- [PATCH 4.19 182/213] netfilter: nf_tables: fix table flag updates, Greg Kroah-Hartman
- [PATCH 4.19 181/213] netfilter: nftables: update table flags from the commit phase, Greg Kroah-Hartman
- [PATCH 4.19 198/213] netfilter: nf_tables: discard table flag update with pending basechain deletion, Greg Kroah-Hartman
- [PATCH 4.19 197/213] netfilter: nf_tables: reject new basechain after table flag update, Greg Kroah-Hartman
- [PATCH 4.19 196/213] netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout, Greg Kroah-Hartman
- [PATCH 4.19 195/213] netfilter: nf_tables: do not compare internal table flags on updates, Greg Kroah-Hartman
- [PATCH 4.19 194/213] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate(), Greg Kroah-Hartman
- [PATCH 4.19 193/213] netfilter: nf_tables: set dormant flag on hook register failure, Greg Kroah-Hartman
- [PATCH 4.19 192/213] netfilter: nft_set_rbtree: skip end interval element from gc, Greg Kroah-Hartman
- [PATCH 4.19 191/213] netfilter: nf_tables: validate NFPROTO_* family, Greg Kroah-Hartman
- [PATCH 4.19 190/213] netfilter: nf_tables: skip dead set elements in netlink dump, Greg Kroah-Hartman
- [PATCH 4.19 189/213] netfilter: nf_tables: mark newset as dead on transaction abort, Greg Kroah-Hartman
- [PATCH 4.19 180/213] netfilter: nf_tables: double hook unregistration in netns path, Greg Kroah-Hartman
- [PATCH 4.19 178/213] netfilter: nf_tables: fix memleak when more than 255 elements expired, Greg Kroah-Hartman
- [PATCH 4.19 177/213] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration, Greg Kroah-Hartman
- [PATCH 4.19 176/213] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention, Greg Kroah-Hartman
- [PATCH 4.19 175/213] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction, Greg Kroah-Hartman
- [PATCH 4.19 173/213] netfilter: nf_tables: GC transaction race with abort path, Greg Kroah-Hartman
- [PATCH 4.19 174/213] netfilter: nf_tables: defer gc run if previous batch is still pending, Greg Kroah-Hartman
- [PATCH 4.19 172/213] netfilter: nf_tables: GC transaction race with netns dismantle, Greg Kroah-Hartman
- [PATCH 4.19 171/213] netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path, Greg Kroah-Hartman
- [PATCH 4.19 170/213] netfilter: nf_tables: remove busy mark and gc batch API, Greg Kroah-Hartman
- [PATCH 4.19 169/213] netfilter: nf_tables: adapt set backend to use GC transaction API, Greg Kroah-Hartman
- [PATCH 4.19 168/213] netfilter: nf_tables: GC transaction API to avoid race with control plane, Greg Kroah-Hartman
- [PATCH 4.19 167/213] netfilter: nf_tables: dont skip expired elements during walk, Greg Kroah-Hartman
- [PATCH 4.19 166/213] netfilter: nft_set_rbtree: fix overlap expiration walk, Greg Kroah-Hartman
- [PATCH 4.19 165/213] netfilter: nft_set_rbtree: fix null deref on element insertion, Greg Kroah-Hartman
- [PATCH 4.19 164/213] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection,
Greg Kroah-Hartman
- [PATCH 4.19 163/213] netfilter: nft_set_rbtree: Add missing expired checks, Greg Kroah-Hartman
- [PATCH 4.19 162/213] netfilter: nft_set_rbtree: allow loose matching of closing element in interval, Greg Kroah-Hartman
- [PATCH 4.19 161/213] netfilter: nf_tables: drop map element references from preparation phase, Greg Kroah-Hartman
- [PATCH 4.19 160/213] netfilter: nftables: rename set element data activation/deactivation functions, Greg Kroah-Hartman
- [PATCH 4.19 159/213] netfilter: nf_tables: pass context to nft_set_destroy(), Greg Kroah-Hartman
- [no subject], Unknown
- [PATCH -stable,4.19.x 00/40] Netfilter fixes for -stable,
Pablo Neira Ayuso
- [PATCH -stable,4.19.x 01/40] netfilter: nf_tables: pass context to nft_set_destroy(), Pablo Neira Ayuso
- [PATCH -stable,4.19.x 02/40] netfilter: nftables: rename set element data activation/deactivation functions, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 04/40] netfilter: nft_set_rbtree: allow loose matching of closing element in interval, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 03/40] netfilter: nf_tables: drop map element references from preparation phase, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 05/40] netfilter: nft_set_rbtree: Add missing expired checks, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 06/40] netfilter: nft_set_rbtree: Switch to node list walk for overlap detection, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 07/40] netfilter: nft_set_rbtree: fix null deref on element insertion, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 08/40] netfilter: nft_set_rbtree: fix overlap expiration walk, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 09/40] netfilter: nf_tables: don't skip expired elements during walk, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 11/40] netfilter: nf_tables: adapt set backend to use GC transaction API, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 12/40] netfilter: nf_tables: remove busy mark and gc batch API, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 13/40] netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 15/40] netfilter: nf_tables: GC transaction race with abort path, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 14/40] netfilter: nf_tables: GC transaction race with netns dismantle, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 17/40] netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 16/40] netfilter: nf_tables: defer gc run if previous batch is still pending, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 10/40] netfilter: nf_tables: GC transaction API to avoid race with control plane, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 19/40] netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 18/40] netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 20/40] netfilter: nf_tables: fix memleak when more than 255 elements expired, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 21/40] netfilter: nf_tables: unregister flowtable hooks on netns exit, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 22/40] netfilter: nf_tables: double hook unregistration in netns path, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 23/40] netfilter: nftables: update table flags from the commit phase, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 25/40] netfilter: nf_tables: disable toggling dormant table state more than once, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 24/40] netfilter: nf_tables: fix table flag updates, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 26/40] netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 4.19), Pablo Neira Ayuso
- [PATCH -stable,4.19.x 27/40] netfilter: nft_dynset: fix timeouts later than 23 days, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 28/40] netfilter: nftables: exthdr: fix 4-byte stack OOB write, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 29/40] netfilter: nft_dynset: report EOPNOTSUPP on missing set feature, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 30/40] netfilter: nft_dynset: relax superfluous check on set updates, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 31/40] netfilter: nf_tables: mark newset as dead on transaction abort, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 32/40] netfilter: nf_tables: skip dead set elements in netlink dump, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 34/40] netfilter: nft_set_rbtree: skip end interval element from gc, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 33/40] netfilter: nf_tables: validate NFPROTO_* family, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 35/40] netfilter: nf_tables: set dormant flag on hook register failure, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 36/40] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate(), Pablo Neira Ayuso
- [PATCH -stable,4.19.x 37/40] netfilter: nf_tables: do not compare internal table flags on updates, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 39/40] netfilter: nf_tables: reject new basechain after table flag update, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 38/40] netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout, Pablo Neira Ayuso
- [PATCH -stable,4.19.x 40/40] netfilter: nf_tables: discard table flag update with pending basechain deletion, Pablo Neira Ayuso
- Re: [PATCH -stable,4.19.x 00/40] Netfilter fixes for -stable, Greg KH
- [PATCH nft 1/4] tests: shell: add dependencies to skip unsupported tests in older kernels,
Pablo Neira Ayuso
- [PATCH v6 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage., Sebastian Andrzej Siewior
- [iptables PATCH] man: recent: Adjust to changes around ip_pkt_list_tot parameter,
Phil Sutter
- [iptables PATCH] man: extensions: recent: Clarify default value of ip_list_hash_size,
Phil Sutter
- [iptables PATCH] ebtables: Include 'bitmask' value when comparing rules,
Phil Sutter
- let nftables indicate incomplete dissections,
Florian Westphal
- [PATCH nft,v2] monitor: too large shift exponent displaying payload expression, Pablo Neira Ayuso
- [PATCH nft,v2] cmd: skip variable set elements when collapsing commands, Pablo Neira Ayuso
- [PATCH nft] cmd: skip variable set elements when collapsing commands, Pablo Neira Ayuso
- [PATCH nf-next,v4 1/2] netfilter: nfnetlink_queue: unbreak SCTP traffic,
Pablo Neira Ayuso
- Testing stable backports for netfilter,
Harshit Mogalapalli
- [PATCH nft] cmd: provide better hint if chain is already declared with different type/hook/priority, Pablo Neira Ayuso
- [PATCH nft] monitor: too large shift exponent displaying payload expression, Pablo Neira Ayuso
- [PATCH 00/14] replace call_rcu by kfree_rcu for simple kmem_cache_free callback,
Julia Lawall
- [PATCH v6.1] netfilter: nf_tables: use timestamp to check for set element timeout,
Kuntal Nayak
- [PATCH 1/2 v5.10] netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV,
Kuntal Nayak
- [PATCH net-next 0/2] net: flow dissector: allow explicit passing of netns,
Florian Westphal
- [PATCH v5 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage., Sebastian Andrzej Siewior
- [PATCH nf] netfilter: Use flowlabel flow key when re-routing mangled packets,
Florian Westphal
- Re: [PATCH net v2 2/3] selftests: add selftest for the SRv6 End.DX4 behavior with netfilter,
Jakub Kicinski
- [PATCH nf-next] netfilter: nf_tables: missing objects with no memcg accounting, Pablo Neira Ayuso
- [PATCH nft] nf_tables: nft_inner: validate mandatory meta and payload netlink attributes, Davide Ornaghi
- [ANNOUNCE] ipset 7.22 released, Jozsef Kadlecsik
- [PATCH nft] Check for NULL netlink attributes,
Davide Ornaghi
- [PATCH nft] scanner: inet_pton() allows for broader IPv4-Mapped IPv6 addresses, Pablo Neira Ayuso
- [PATCH v4 net-next 06/14] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage., Sebastian Andrzej Siewior
- [PATCH nf] netfilter: restore default behavior for nf_conntrack_events,
Nicolas Dichtel
- [PATCH nf] netfilter: nf_reject: init skb->dev for reset packet,
Florian Westphal
[PATCH nftables] tests: shell: add test case for reset tcp warning, Florian Westphal
[PATCH nf-next] netfilter: nf_tables: rise cap on SELinux secmark context,
Pablo Neira Ayuso
Re: [syzbot] [netfilter?] [mm?] [usb?] INFO: rcu detected stall in addrconf_rs_timer (6), syzbot
[PATCH nf-next v2] netfilter: nf_conncount: fix wrong variable type,
Yunjian Wang
[PATCH net-next v1] netfilter: cttimeout: remove 'l3num' attr check,
Lin Ma
[syzbot] [fscrypt?] WARNING in fscrypt_fname_siphash,
syzbot
[PATCH v3 net-next 07/15] netfilter: br_netfilter: Use nested-BH locking for brnf_frag_data_storage., Sebastian Andrzej Siewior
[PATCH v4 bpf-next 0/3] netfilter: Add the capability to offload flowtable in XDP layer,
Lorenzo Bianconi
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
