Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH 23/31] netfilter: nf_tables_offload: add nft_flow_block_chain(), (continued)
- [PATCH 23/31] netfilter: nf_tables_offload: add nft_flow_block_chain(), Pablo Neira Ayuso
- [PATCH 22/31] netfilter: nf_tables: increase maximum devices number per flowtable, Pablo Neira Ayuso
- [PATCH 21/31] netfilter: nf_tables: allow netdevice to be used only once per flowtable, Pablo Neira Ayuso
- [PATCH 19/31] netfilter: nf_flow_table: move priority to struct nf_flowtable, Pablo Neira Ayuso
- [PATCH 16/31] netfilter: conntrack: free extension area immediately, Pablo Neira Ayuso
- [PATCH 11/31] selftests: netfilter: add ipvs test script, Pablo Neira Ayuso
- [PATCH 12/31] selftests: netfilter: add ipvs nat test case, Pablo Neira Ayuso
- [PATCH 10/31] ipvs: batch __ip_vs_dev_cleanup, Pablo Neira Ayuso
- [PATCH 08/31] ipvs: no need to update skb route entry for local destination packets., Pablo Neira Ayuso
- [PATCH 04/31] netfilter: ipset: move functions to ip_set_core.c., Pablo Neira Ayuso
- [PATCH 02/31] netfilter: ipset: remove inline from static functions in .c files., Pablo Neira Ayuso
- [PATCH 06/31] netfilter: ipset: move function to ip_set_bitmap_ip.c., Pablo Neira Ayuso
- Re: [PATCH 00/31] Netfilter/IPVS updates for net-next, David Miller
- [PATCH nft] mnl: remove artifical cap on 8 devices per flowtable, Pablo Neira Ayuso
- [PATCH nft,v3] src: add multidevice support for netdev chain, Pablo Neira Ayuso
- [PATCH nft,v2] src: add multidevice support for netdev chain,
Pablo Neira Ayuso
- [PATCH libnftnl,v2] chain: multi-device support, Pablo Neira Ayuso
- [PATCH libnftnl,v2] flowtable: device array dynamic allocation, Pablo Neira Ayuso
- [iptables PATCH] xtables-arp: Use xtables_ipparse_multiple(),
Phil Sutter
- [PATCH AUTOSEL 5.3 11/33] netfilter: conntrack: avoid possible false sharing, Sasha Levin
- [PATCH AUTOSEL 5.3 16/33] netfilter: connlabels: prefer static lock initialiser, Sasha Levin
- [GIT PULL] IPVS fixes for v5.4,
Simon Horman
- [PATCH nf-next] netfilter: nf_tables_offload: support offload iif types meta offload,
wenxu
- [iptables PATCH v3 0/7] Improve xtables-restore performance,
Phil Sutter
- [PATCH trivial] net: Fix various misspellings of "connect",
Geert Uytterhoeven
- [PATCH nf-next 0/5] netfilter: nft_tunnel: support tunnel match expr offload,
wenxu
- [PATCH nf-next 1/3] netfilter: nf_tables_offload: add nft_chain_offload_cmd(),
Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_payload: fix check the match len for offload to hw,
wenxu
- [PATCH nf-next] netfilter: nf_tables_offload: Fix unbind devices when subsequent device bind failed,
wenxu
- [nft PATCH] Revert "main: Fix for misleading error with negative chain priority", Phil Sutter
- [PATCH net-next] netfilter: nf_conntrack: introduce conntrack limit per-zone,
xiangxia . m . yue
- [PATCH nft 0/4] Output Flag Fixes,
Jeremy Sowden
- [PATCH tip/core/rcu 08/10] net/netfilter: Replace rcu_swap_protected() with rcu_replace(), paulmck
- [PATCH nf-next] netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks,
Florian Westphal
- nftables: secmark support,
Christian Göttsche
- [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support,
Pablo Neira Ayuso
- KASAN: use-after-free Read in nf_ct_deliver_cached_events,
syzbot
- How to implement transparent proxy in bridge through nftables,
Ttttabcd
- [iptables PATCH] xtables-restore: Unbreak *tables-restore,
Phil Sutter
- [PATCH nft v3 0/2] Add option to omit sets elements from listings.,
Jeremy Sowden
- [nft PATCH] main: Fix for misleading error with negative chain priority,
Phil Sutter
- [PATCH nft v2] src: extend --stateless to suppress output of non-dynamic set elements.,
Jeremy Sowden
- [PATCH nft] main: misleading error reporting in chain definitions,
Pablo Neira Ayuso
- [nft PATCH] parser_json: Fix checking of parse_policy() return code,
Phil Sutter
- [nft PATCH] tproxy: Add missing error checking when parsing from netlink,
Phil Sutter
- [iptables PATCH v2] xtables-restore: Fix --table parameter check,
Phil Sutter
- [PATCH nft] src: extend --stateless to suppress output of non-dynamic set elements.,
Jeremy Sowden
- CFS for Netdev 0x14 open!, Jamal Hadi Salim
- xtables-addons akmods Builds Failing on Linux Kernel 5.3.6 - Log Sample - xt_DHCPMAC.c,
Matt Olson
- [PATCH nf-next,v2 5/5] netfilter: nf_tables: support for multiple devices per netdev hook, Pablo Neira Ayuso
- [PATCH nf v2] ipvs: don't ignore errors in case refcounting ip_vs module fails,
Davide Caratti
- [PATCH AUTOSEL 4.19 016/100] netfilter: ipset: Make invalid MAC address checks consistent, Sasha Levin
- [iptables PATCH 1/2] iptables-xml: Use add_param_to_argv(),
Phil Sutter
- [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror(),
Phil Sutter
- [PATCH nf] netfilter: nf_tables_offload: restore basechain deletion, Pablo Neira Ayuso
- [PATCH nf-next v2] netfilter: nf_tables: add vlan support,
wenxu
- [PATCH nf-next] netfilter: nf_tables: add vlan support,
wenxu
- [PATCH nft] src: add multidevice support for netdev chain, Pablo Neira Ayuso
- [PATCH libnftnl 1/2] flowtable: device array dynamic allocation,
Pablo Neira Ayuso
- [iptables PATCH 0/8] A bit of *tables-restore review fallout,
Phil Sutter
- [PATCH nft,v2] src: restore --echo with anonymous sets,
Pablo Neira Ayuso
- [PATCH nft] src: restore --echo with anonymous sets,
Pablo Neira Ayuso
- [PATCH nft 1/2] src: define flowtable device compound as a list,
Pablo Neira Ayuso
- [nft PATCH 0/4] A bunch of fixes for --echo option,
Phil Sutter
- [libnftnl PATCH] obj/ct_timeout: Fix NFTA_CT_TIMEOUT_DATA parser,
Phil Sutter
- feature request, way to check specific IP/port/protocol/etc, Dmitri Seletski
- [PATCH nf-next 0/5] Hook multiple netdevices to basechain,
Pablo Neira Ayuso
- [PATCH nf-next 0/4] flowtable updates,
Pablo Neira Ayuso
- [PATCH] nfnetlink_cthelper: make userspace conntrack helpers with priv data work again, a_hungrig
- [libnftnl PATCH v2] set_elem: Validate nftnl_set_elem_set() parameters,
Phil Sutter
- [nft PATCH] mnl: Don't use nftnl_set_set(),
Phil Sutter
- [libnftnl PATCH 0/6] A series of covscan-indicated fixes,
Phil Sutter
- [PATCH nft] flowtable: fix memleak in exit path, Eric Jallot
- [PATCH nft] rule: fix flowtable memleaks, Pablo Neira Ayuso
- [PATCH v2 nf-next 0/2] netfilter: conntrack: free extension area immediately,
Florian Westphal
- [iptables PATCH v4 0/8] Improve iptables-nft performance with large rulesets,
Phil Sutter
- [PATCH 0/6] [GIT PULL ipvs-next] IPVS updates for v5.5,
Simon Horman
- [PATCH net-next,v5 0/4] flow_offload: update mangle action representation,
Pablo Neira Ayuso
- [PATCH net-next,v4 0/4] flow_offload: update mangle action representation,
Pablo Neira Ayuso
- [PATCH net-next,v4 1/4] net: flow_offload: bitwise AND on mangle action value field, Pablo Neira Ayuso
- [PATCH net-next,v4 3/4] netfilter: nft_payload: packet mangling offload support, Pablo Neira Ayuso
- [PATCH net-next,v4 4/4] net: flow_offload: add flow_rule_print(), Pablo Neira Ayuso
- [PATCH net-next,v4 2/4] net: flow_offload: mangle action at byte level, Pablo Neira Ayuso
- Re: [PATCH net-next,v4 0/4] flow_offload: update mangle action representation, Pablo Neira Ayuso
- First Contribution,
UDAY MEWADA
- xtables-addons GEOIP not matching chain, Marco Sommella
- [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks,
Florian Westphal
- [PATCH libmnl] include: add MNL_SOCKET_DUMP_SIZE definition, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_flow_table: set timeout before insertion into hashes, Pablo Neira Ayuso
- [PATCH libnfnetlink 0/1] Minimally resurrect doxygen documentation,
Duncan Roe
- [PATCH nf-next] netfilter: ecache: document extension area access rules,
Florian Westphal
- [PATCH trivial] netfilter: nft_tproxy: Fix typo in IPv6 module description.,
Norman Rasmussen
- [PATCH nft] expression: extend 'nft describe' to allow listing data types,
Florian Westphal
- [PATCH nf] ipvs: don't ignore errors in case refcounting ip_vs module fails,
Davide Caratti
- [PATCH v2 nf-next] netfilter: add and use nf_hook_slow_list(),
Florian Westphal
- [PATCH] ipset: Copy the right MAC address in hash:ip,mac IPv6 sets,
Stefano Brivio
- [PATCH v6 0/3] selftests: netfilter: introduce test cases for ipvs,
Haishuang Yan
- [PATCH nft,v2] datatype: display description for header field < 8 bits, Pablo Neira Ayuso
- [PATCH nft] datatype: display description for header field < 8 bits, Pablo Neira Ayuso
- [PATCH AUTOSEL 4.19 18/26] netfilter: nft_connlimit: disable bh on garbage collection, Sasha Levin
- [PATCH net] netfilter: conntrack: avoid possible false sharing,
Eric Dumazet
- [PATCH nf-next] netfilter: add and use nf_hook_slow_list(),
Florian Westphal
- [PATCH v5 0/3] selftests: netfilter: introduce test cases for ipvs,
Haishuang Yan
- [PATCH nft] segtree: always close interval in non-anonymous sets, Pablo Neira Ayuso
- [libnftnl PATCH v2] set: Export nftnl_set_list_lookup_byname(),
Phil Sutter
- [PATCH nft] tests: shell: fix failed tests due to missing quotes,
Eric Jallot
- [iptables PATCH v3 00/11] Improve iptables-nft performance with large rulesets,
Phil Sutter
- [iptables PATCH v3 02/11] nft: Avoid nested cache fetching, Phil Sutter
- [iptables PATCH v3 05/11] nft-cache: Fetch only chains in nft_chain_list_get(), Phil Sutter
- [iptables PATCH v3 04/11] nft-cache: Introduce cache levels, Phil Sutter
- [iptables PATCH v3 08/11] nft-cache: Support partial rule cache per chain, Phil Sutter
- [iptables PATCH v3 10/11] nft: Support nft_is_table_compatible() per chain, Phil Sutter
- [iptables PATCH v3 07/11] nft-cache: Support partial cache per table, Phil Sutter
- [iptables PATCH v3 09/11] nft: Reduce cache overhead of nft_chain_builtin_init(), Phil Sutter
- [iptables PATCH v3 11/11] nft: Optimize flushing all chains of a table, Phil Sutter
- [iptables PATCH v3 01/11] nft: Pass nft_handle to flush_cache(), Phil Sutter
- [iptables PATCH v3 06/11] nft-cache: Cover for multiple fetcher invocation, Phil Sutter
- [iptables PATCH v3 03/11] nft: Extract cache routines into nft-cache.c, Phil Sutter
- [PATCH nft] src: obj: fix memleak in parser_bison.y,
Eric Jallot
- [PATCH] checksum: Fix TCP/UDP checksum computation on big endian arches,
Alin Nastac
- [PATCH libnetfilter_queue 0/5] clang and documentation updates,
Duncan Roe
- [PATCH] libmnl: doxygen: remove EXPORT_SYMBOL from the output,
Pablo Neira Ayuso
- [PATCH v4 0/3] selftests: netfilter: introduce test cases for ipvs,
Haishuang Yan
- [PATCH net-next] net, uapi: fix -Wpointer-arith warnings,
Alexey Dobriyan
- [PATCH nf-next 0/7] ipset: remove static inline functions,
Jeremy Sowden
- [PATCH tip/core/rcu 8/9] net/netfilter: Replace rcu_swap_protected() with rcu_replace(),
paulmck
- [PATCH nf] ipvs: more robust refcounting when sync thread starts,
Davide Caratti
- [PATCH] Fix a missing doxygen section trailer in nlmsg.c,
Duncan Roe
- [PATCH AUTOSEL 5.2 17/63] netfilter: nf_tables: allow lookups in dynamic sets, Sasha Levin
- [PATCH AUTOSEL 4.19 12/43] netfilter: nf_tables: allow lookups in dynamic sets, Sasha Levin
- [PATCH AUTOSEL 4.14 09/29] netfilter: nf_tables: allow lookups in dynamic sets, Sasha Levin
- [PATCH AUTOSEL 5.3 18/71] netfilter: nf_tables: allow lookups in dynamic sets, Sasha Levin
- [PATCH v3 0/3] selftests: netfilter: introduce test cases for ipvs,
Haishuang Yan
[PATCH] netfilter:get_next_corpse():No need to double check the *bucket,
wh_bin
[PATCH iptables] extensions: add libxt_SYNPROXY xlate method,
Jose M. Guisado Gomez
Re: [PATCH] ipvs: no need to update skb route entry for local destination packets.,
Julian Anastasov
[PATCH libnetfilter_queue] checksum: Fix UDP checksum calculation,
Pablo Neira Ayuso
[PATCH nf] netfilter: nft_connlimit: disable bh on garbage collection,
Pablo Neira Ayuso
[PATCH nft] src: obj: fix memleak in handle_free(),
Eric Jallot
[PATCH net] netfilter: drop bridge nf reset from nf_reset,
Florian Westphal
Please add Bridge NAT in nftables,
Ttttabcd
[iptables PATCH v2 00/12] Implement among match support,
Phil Sutter
- [iptables PATCH v2 04/12] nft: family_ops: Pass nft_handle to 'rule_to_cs' callback, Phil Sutter
- [iptables PATCH v2 03/12] nft: family_ops: Pass nft_handle to 'print_rule' callback, Phil Sutter
- [iptables PATCH v2 06/12] nft: Eliminate pointless calls to nft_family_ops_lookup(), Phil Sutter
- [iptables PATCH v2 07/12] nft: Fetch sets when updating rule cache, Phil Sutter
- [iptables PATCH v2 11/12] nft: Support parsing lookup expression, Phil Sutter
- [iptables PATCH v2 08/12] nft: Support NFT_COMPAT_SET_ADD, Phil Sutter
- [iptables PATCH v2 10/12] nft: Embed rule's table name in nft_xt_ctx, Phil Sutter
- [iptables PATCH v2 02/12] nft: family_ops: Pass nft_handle to 'rule_find' callback, Phil Sutter
- [iptables PATCH v2 01/12] nft: family_ops: Pass nft_handle to 'add' callback, Phil Sutter
- [iptables PATCH v2 05/12] nft: Keep nft_handle pointer in nft_xt_ctx, Phil Sutter
- [iptables PATCH v2 09/12] nft: Bore up nft_parse_payload(), Phil Sutter
- [iptables PATCH v2 12/12] nft: bridge: Rudimental among extension support, Phil Sutter
[iptables PATCH] iptables-test: Run tests in lexical order,
Phil Sutter
[PATCH libnetfilter_queue] BUG: src: Update UDP header length field after mangling,
Duncan Roe
[libnftnl PATCH] set: Export nftnl_set_list_lookup_byname(),
Phil Sutter
[PATCH libnetfilter_queue] BUG: src: Fix UDP checksum calculation,
Duncan Roe
[PATCH nft,v2] libnftables: memleak when list of commands is empty,
Pablo Neira Ayuso
[PATCH nft] libnftables: memleak when no batch commands in list, Pablo Neira Ayuso
[PATCH v2 0/3] selftests: netfilter: introduce test cases for ipvs,
Haishuang Yan
[PATCH v2 0/2] ipvs: speedup ipvs netns dismantle,
Haishuang Yan
[PATCH] ipset: Add wildcard support to net,iface,
Kristian Evensen
[iptables PATCH v2 00/24] Improve iptables-nft performance with large rulesets,
Phil Sutter
- [iptables PATCH v2 13/24] nft: Reduce cache overhead of nft_chain_builtin_init(), Phil Sutter
- [iptables PATCH v2 15/24] nft: Optimize flushing all chains of a table, Phil Sutter
- [iptables PATCH v2 11/24] nft: Support nft_chain_list_get() per chain, Phil Sutter
- [iptables PATCH v2 17/24] xtables-restore: Carry in_table in struct nft_xt_restore_parse, Phil Sutter
- [iptables PATCH v2 22/24] xtables-restore: Remove some pointless linebreaks, Phil Sutter
- [iptables PATCH v2 24/24] xtables-restore: Improve performance of --noflush operation, Phil Sutter
- [iptables PATCH v2 08/24] nft: Fetch only chains in nft_chain_list_get(), Phil Sutter
- [iptables PATCH v2 05/24] nft: Make nftnl_table_list_get() fetch only tables, Phil Sutter
- [iptables PATCH v2 18/24] xtables-restore: Use xt_params->program_name, Phil Sutter
- [iptables PATCH v2 12/24] nft: Reduce cache overhead of adding a custom chain, Phil Sutter
- [iptables PATCH v2 14/24] nft: Support nft_is_table_compatible() per chain, Phil Sutter
- [iptables PATCH v2 07/24] nft: Support fetch_rule_cache() per chain, Phil Sutter
- [iptables PATCH v2 09/24] nft: Support fetch_chain_cache() per table, Phil Sutter
- [iptables PATCH v2 10/24] nft: Support fetch_chain_cache() per chain, Phil Sutter
- [iptables PATCH v2 01/24] xtables_error() does not return, Phil Sutter
- [iptables PATCH v2 04/24] nft: Fix for add and delete of same rule in single batch, Phil Sutter
- [iptables PATCH v2 23/24] xtables-restore: Allow lines without trailing newline character, Phil Sutter
- [iptables PATCH v2 16/24] xtables-restore: Introduce rule counter tokenizer function, Phil Sutter
- [iptables PATCH v2 02/24] tests/shell: Speed up ipt-restore/0004-restore-race_0, Phil Sutter
- [iptables PATCH v2 21/24] tests: shell: Add ipt-restore/0007-flush-noflush_0, Phil Sutter
- [iptables PATCH v2 03/24] tests: shell: Support running for legacy/nft only, Phil Sutter
- [iptables PATCH v2 06/24] xtables-restore: Minimize caching when flushing, Phil Sutter
- [iptables PATCH v2 20/24] xtables-restore: Introduce line parsing function, Phil Sutter
- [iptables PATCH v2 19/24] xtables-restore: Carry curtable in struct nft_xt_restore_parse, Phil Sutter
[PATCH libmnl] src: fix doxygen function documentation,
Fernando Fernandez Mancera
[PATCH nft] tests: shell: delete flowtable after flush chain, Pablo Neira Ayuso
[RFC] ipset: Add wildcard support to net,iface,
Kristian Evensen
[PATCH v2 nf] netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush,
Laura Garcia Liebana
[PATCH nf] netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush, Laura Garcia Liebana
[PATCH nftables v2 0/2] Add Linenoise support to the CLI.,
Jeremy Sowden
[PATCH v2] netfilter: use __u8 instead of uint8_t in uapi header,
Masahiro Yamada
[PATCH trivial 1/2] net: Fix Kconfig indentation,
Krzysztof Kozlowski
[PATCH nft,v2] mnl: do not cache sender buffer size, Pablo Neira Ayuso
[PATCH libnetfilter_queue] src: Enable clang build,
Duncan Roe
[PATCH] netfilter: use __u8 instead of uint8_t in uapi header,
Masahiro Yamada
[PATCH nftables 0/3] Add Linenoise support to the CLI.,
Jeremy Sowden
[PATCH 0/1] netfilter: bridge: build fix for 5.3,
Jeremy Sowden
[PATCH libmnl, v3] Enable doxygen to generate Function Documentation, Duncan Roe
[PATCH libmnl, v2] Enable doxygen to generate Function Documentation, Duncan Roe
[iptables PATCH] xtables-restore: Fix --table parameter check,
Phil Sutter
[PATCH nft] mnl: do not cache sender buffer size,
Pablo Neira Ayuso
[PATCH conntrack-tools,v2 1/2] conntrackd: Fix "Address Accept" filter case,
Pablo Neira Ayuso
[PATCH conntrack-tools 1/2] conntrackd: Fix "Address Accept" filter case,
Pablo Neira Ayuso
[iptables PATCH] nft: Fix add_bitwise_u16() on Big Endian,
Phil Sutter
[BUG] nft: "XT target TCPMSS not found" when TCPMSS clamp to PMTU rule is added for *both* ip and ip6, Timo Sigurdsson
netfilter.org HTTPS certificate expired today (Sept 19), Dan Williams
[PATCH nf] netfilter: nf_tables: allow lookups in dynamic sets,
Florian Westphal
Contributing to the Netfilter Project.,
Wambui Karuga
[PATCH nft] src: meter: avoid double-space in list ruleset output,
Florian Westphal
[PATCH ghak90 V7 00/21] audit: implement container identifier,
Richard Guy Briggs
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
