Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH nftables 0/3] Add Linenoise support to the CLI.,
Jeremy Sowden
- [PATCH 0/1] netfilter: bridge: build fix for 5.3,
Jeremy Sowden
- [PATCH libmnl, v3] Enable doxygen to generate Function Documentation, Duncan Roe
- [PATCH libmnl, v2] Enable doxygen to generate Function Documentation, Duncan Roe
- [iptables PATCH] xtables-restore: Fix --table parameter check,
Phil Sutter
- [PATCH nft] mnl: do not cache sender buffer size,
Pablo Neira Ayuso
- [PATCH conntrack-tools,v2 1/2] conntrackd: Fix "Address Accept" filter case,
Pablo Neira Ayuso
- [PATCH conntrack-tools 1/2] conntrackd: Fix "Address Accept" filter case,
Pablo Neira Ayuso
- [iptables PATCH] nft: Fix add_bitwise_u16() on Big Endian,
Phil Sutter
- [BUG] nft: "XT target TCPMSS not found" when TCPMSS clamp to PMTU rule is added for *both* ip and ip6, Timo Sigurdsson
- netfilter.org HTTPS certificate expired today (Sept 19), Dan Williams
- [PATCH nf] netfilter: nf_tables: allow lookups in dynamic sets,
Florian Westphal
- Contributing to the Netfilter Project.,
Wambui Karuga
- [PATCH nft] src: meter: avoid double-space in list ruleset output,
Florian Westphal
- [PATCH ghak90 V7 00/21] audit: implement container identifier,
Richard Guy Briggs
- [PATCH ghak90 V7 01/21] audit: collect audit task parameters, Richard Guy Briggs
- [PATCH ghak90 V7 02/21] audit: add container id, Richard Guy Briggs
- [PATCH ghak90 V7 03/21] audit: read container ID of a process, Richard Guy Briggs
- [PATCH ghak90 V7 04/21] audit: convert to contid list to check for orch/engine ownership, Richard Guy Briggs
- [PATCH ghak90 V7 05/21] audit: log drop of contid on exit of last task, Richard Guy Briggs
- [PATCH ghak90 V7 06/21] audit: contid limit of 32k imposed to avoid DoS, Richard Guy Briggs
- [PATCH ghak90 V7 07/21] audit: log container info of syscalls, Richard Guy Briggs
- [PATCH ghak90 V7 08/21] audit: add contid support for signalling the audit daemon, Richard Guy Briggs
- [PATCH ghak90 V7 09/21] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
- [PATCH ghak90 V7 10/21] audit: add containerid support for user records, Richard Guy Briggs
- [PATCH ghak90 V7 11/21] audit: add containerid filtering, Richard Guy Briggs
- [PATCH ghak90 V7 12/21] audit: add support for containerid to network namespaces, Richard Guy Briggs
- [PATCH ghak90 V7 13/21] audit: NETFILTER_PKT: record each container ID associated with a netNS, Richard Guy Briggs
- [PATCH ghak90 V7 14/21] audit: contid check descendancy and nesting, Richard Guy Briggs
- [PATCH ghak90 V7 15/21] sched: pull task_is_descendant into kernel/sched/core.c, Richard Guy Briggs
- [PATCH ghak90 V7 16/21] audit: add support for contid set/get by netlink, Richard Guy Briggs
- [PATCH ghak90 V7 17/21] audit: add support for loginuid/sessionid set/get by netlink, Richard Guy Briggs
- [PATCH ghak90 V7 18/21] audit: track container nesting, Richard Guy Briggs
- [PATCH ghak90 V7 19/21] audit: check cont depth, Richard Guy Briggs
- [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns, Richard Guy Briggs
- [PATCH ghak90 V7 21/21] audit: add proc interface for capcontid, Richard Guy Briggs
- What is 'dynamic' set flag supposed to mean?,
Florian Westphal
- icmp_hdr is wrong on CentOS 6 kernels (2.6.32-754.12.1), Olivia Nelson
- [PATCH] extensions: fix iptables-{nft,translate} with conntrack EXPECTED,
Quentin Armitage
- [iptables PATCH 00/14] Improve iptables-nft performance with large rulesets,
Phil Sutter
- [iptables PATCH 12/14] nft: Support fetching rules for a single chain only, Phil Sutter
- [iptables PATCH 01/14] tests/shell: Make ebtables-basic test more verbose, Phil Sutter
- [iptables PATCH 03/14] DEBUG: Print to stderr to not disturb iptables-save, Phil Sutter
- [iptables PATCH 13/14] nft: Optimize flushing all chains of a table, Phil Sutter
- [iptables PATCH 04/14] nft: Use nftnl_*_set_str() functions, Phil Sutter
- [iptables PATCH 06/14] nft: Fix for add and delete of same rule in single batch, Phil Sutter
- [iptables PATCH 02/14] tests/shell: Speed up ipt-restore/0004-restore-race_0, Phil Sutter
- [iptables PATCH 10/14] nft: Fetch rule cache only if needed, Phil Sutter
- [iptables PATCH 05/14] nft: Introduce nft_bridge_commit(), Phil Sutter
- [iptables PATCH 11/14] nft: Allow to fetch only a specific chain from kernel, Phil Sutter
- [iptables PATCH 09/14] nft: Rename have_cache into have_chain_cache, Phil Sutter
- [iptables PATCH 08/14] xtables-restore: Avoid cache population when flushing, Phil Sutter
- [iptables PATCH 14/14] nft: Reduce impact of nft_chain_builtin_init(), Phil Sutter
- [iptables PATCH 07/14] nft Increase mnl_talk() receive buffer size, Phil Sutter
- [PATCH nf 1/2] netfilter: nf_tables: add NFT_CHAIN_POLICY_UNSET and use it,
Pablo Neira Ayuso
- [PATCH nft v2] src: parser_json: fix crash while restoring secmark object, Eric Jallot
- [PATCH nft] src: parser_json: fix crash while restoring secmark object,
Eric Jallot
- [PATCH] nftables: don't crash in 'list ruleset' if policy is not set,
Sergei Trofimovich
- [PATCH] netfilter: bridge: drop a broken include,
Adam Borowski
- [nf-next:master 7/27] net/netfilter/nf_tables_offload.c:316 nft_flow_offload_chain() warn: always true condition '(policy != -1) => (0-255 != (-1))', kbuild test robot
- [PATCH nft] json: tests: fix typo in ct expectation json test,
Fernando Fernandez Mancera
- [iptables PATCH] iptables-test: Support testing host binaries,
Phil Sutter
- [nft PATCH v2] parser_bison: Fix 'exists' keyword on Big Endian,
Phil Sutter
- [nft PATCH] parser_bison: Fix 'exists' keyword on Big Endian,
Phil Sutter
- [PATCH nft] json: fix type mismatch on "ct expect" json exporting,
Fernando Fernandez Mancera
- [PATCH nf-next v3 00/18] Remove config option checks from netfilter headers.,
Jeremy Sowden
- [PATCH nf-next v3 07/18] netfilter: move inline function to a more appropriate header., Jeremy Sowden
- [PATCH nf-next v3 08/18] netfilter: move code between synproxy headers., Jeremy Sowden
- [PATCH nf-next v3 05/18] netfilter: update include directives., Jeremy Sowden
- [PATCH nf-next v3 04/18] netfilter: inline three headers., Jeremy Sowden
- [PATCH nf-next v3 03/18] netfilter: remove unused function declarations., Jeremy Sowden
- [PATCH nf-next v3 02/18] netfilter: fix coding-style errors., Jeremy Sowden
- [PATCH nf-next v3 09/18] netfilter: move struct definition function to a more appropriate header., Jeremy Sowden
- [PATCH nf-next v3 01/18] netfilter: fix include guards., Jeremy Sowden
- [PATCH nf-next v3 06/18] netfilter: remove nf_conntrack_icmpv6.h header., Jeremy Sowden
- [PATCH nf-next v3 18/18] netfilter: remove two unused functions from nf_conntrack_timestamp.h., Jeremy Sowden
- [PATCH nf-next v3 13/18] netfilter: update stub br_nf_pre_routing_ipv6 parameter to `void *priv`., Jeremy Sowden
- [PATCH nf-next v3 17/18] netfilter: remove CONFIG_NF_CONNTRACK checks from nf_conntrack_zones.h., Jeremy Sowden
- [PATCH nf-next v3 16/18] netfilter: remove CONFIG_NETFILTER checks from headers., Jeremy Sowden
- [PATCH nf-next v3 15/18] netfilter: remove CONFIG_NF_CONNTRACK check from nf_conntrack_acct.h., Jeremy Sowden
- [PATCH nf-next v3 11/18] netfilter: replace defined(CONFIG...) || defined(CONFIG...MODULE) with IS_ENABLED(CONFIG...)., Jeremy Sowden
- [PATCH nf-next v3 14/18] netfilter: move nf_conntrack code to linux/nf_conntrack_common.h., Jeremy Sowden
- [PATCH nf-next v3 10/18] netfilter: use consistent style when defining inline functions in nf_conntrack_ecache.h., Jeremy Sowden
- [PATCH nf-next v3 12/18] netfilter: wrap two inline functions in config checks., Jeremy Sowden
- Re: [PATCH nf-next v3 00/18] Remove config option checks from netfilter headers., Pablo Neira Ayuso
- Re: [PATCH nf-next v3 00/18] Remove config option checks from netfilter headers., Pablo Neira Ayuso
- [PATCH nft v5] src: add synproxy stateful object support,
Fernando Fernandez Mancera
- [PATCH nft v4] src: add synproxy stateful object support,
Fernando Fernandez Mancera
- [PATCH nft] libnftables: use-after-free in exit path, Pablo Neira Ayuso
- [PATCH nf-next v6 0/4] netfilter: nf_tables_offload: clean offload things when the device unregister,
wenxu
- [PATCH ebtables-nft] ebtables: fix over-eager -o checks on custom chains,
Florian Westphal
- [PATCH iptables] netfilter: hashlimit: prefer PRIu64 to avoid warnings on 32bit platforms,
Florian Westphal
- iptables release,
Fabio Pedretti
- [PATCH nft] parser_json: fix crash on insert rule to bad references,
Eric Garver
- [PATCH nft 1/3] tests: shell: verify huge transaction returns expected number of rules,
Eric Garver
- [conntrack-tools PATCH] nfct: helper: Fix NFCTH_ATTR_PROTO_L4NUM size,
Phil Sutter
- [PATCH nft] src: mnl: fix --echo buffer size -- again,
Florian Westphal
- [PATCH nft] netlink_delinearize: fix wrong conversion to "list" in ct mark,
Fernando Fernandez Mancera
- [PATCH nf-next v5 0/4] netfilter: nf_tables_offload: clean offload things when the device unregister,
wenxu
- [PATCH nft v3] src: add synproxy stateful object support,
Fernando Fernandez Mancera
- [PATCH nf-next] netfilter: nft_{fwd,dup}_netdev: add offload support,
Pablo Neira Ayuso
- [PATCH nf-next v6 0/8] netfilter: nf_tables_offload: support tunnel offload,
wenxu
- [PATCH nf-next v6 4/8] netfilter: nft_tunnel: support NFT_TUNNEL_IP6_SRC/DST match, wenxu
- [PATCH nf-next v6 6/8] netfilter: nft_tunnel: add NFTA_TUNNEL_KEY_RELEASE action, wenxu
- [PATCH nf-next v6 3/8] netfilter: nft_tunnel: add ipv6 check in nft_tunnel_mode_validate, wenxu
- [PATCH nf-next v6 2/8] netfilter: nft_tunnel: support NFT_TUNNEL_IP_SRC/DST match, wenxu
- [PATCH nf-next v6 8/8] netfilter: nft_tunnel: support nft_tunnel_obj offload, wenxu
- [PATCH nf-next v6 1/8] netfilter: nft_tunnel: add nft_tunnel_mode_validate function, wenxu
- [PATCH nf-next v6 5/8] netfilter: nft_tunnel: support tunnel meta match offload, wenxu
- [PATCH nf-next v6 7/8] netfilter: nft_objref: add nft_objref_type offload, wenxu
- Re: [PATCH nf-next v6 0/8] netfilter: nf_tables_offload: support tunnel offload, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH nf-next v6 0/8] netfilter: nf_tables_offload: support tunnel offload, wenxu
- [PATCH nf-next v6 4/8] netfilter: nft_tunnel: support NFT_TUNNEL_IP6_SRC/DST match, wenxu
- [PATCH nf-next v6 3/8] netfilter: nft_tunnel: add ipv6 check in nft_tunnel_mode_validate, wenxu
- [PATCH nf-next v6 1/8] netfilter: nft_tunnel: add nft_tunnel_mode_validate function, wenxu
- [PATCH nf-next v6 2/8] netfilter: nft_tunnel: support NFT_TUNNEL_IP_SRC/DST match, wenxu
- [PATCH nf-next v6 8/8] netfilter: nft_tunnel: support nft_tunnel_obj offload, wenxu
- [PATCH nf-next v6 7/8] netfilter: nft_objref: add nft_objref_type offload, wenxu
- [PATCH nf-next v6 6/8] netfilter: nft_tunnel: add NFTA_TUNNEL_KEY_RELEASE action, wenxu
- [PATCH nf-next v6 5/8] netfilter: nft_tunnel: support tunnel meta match offload, wenxu
- Re: [PATCH nf-next v6 0/8] netfilter: nf_tables_offload: support tunnel offload, wenxu
- Re: [PATCH nf-next v6 0/8] netfilter: nf_tables_offload: support tunnel offload, wenxu
- [PATCH nf-next v4 0/4] netfilter: nf_tables_offload: clean offload things when the device unregister,
wenxu
- [PATCH] src: Enable doxygen to generate Function Documentation,
Duncan Roe
- [PATCH nft v2] src: add synproxy stateful object support,
Fernando Fernandez Mancera
- [PATCH nft] src: add synproxy stateful object support, Fernando Fernandez Mancera
- [PATCH libnftnl] src: synproxy stateful object support,
Fernando Fernandez Mancera
- [PATCH nf-next] netfilter: nft_synproxy: add synproxy stateful object support,
Fernando Fernandez Mancera
- [PATCH net-next] netfilter: nf_tables: avoid excessive stack usage,
Arnd Bergmann
- [PATCH nft] evaluate: flag fwd and queue statements as terminal,
Florian Westphal
- [PATCH] netfilter: nf_tables: Fix an Oops in nf_tables_updobj() error handling,
Dan Carpenter
- [PATCH 1/2] cache: fix --echo with index/position,
Eric Garver
- [PATCH net-next,v3 0/4] flow_offload: update mangle action representation,
Pablo Neira Ayuso
- [PATCH net-next,v3 1/4] net: flow_offload: flip mangle action mask, Pablo Neira Ayuso
- [PATCH net-next,v3 2/4] net: flow_offload: bitwise AND on mangle action value field, Pablo Neira Ayuso
- [PATCH net-next,v3 3/4] net: flow_offload: mangle action at byte level, Pablo Neira Ayuso
- [PATCH net-next,v3 4/4] netfilter: nft_payload: packet mangling offload support, Pablo Neira Ayuso
- Re: [PATCH net-next,v3 0/4] flow_offload: update mangle action representation, Edward Cree
- [PATCH nft] cache: fix --echo with index/position,
Pablo Neira Ayuso
- [PATCH nf-next v3 0/4] netfilter: nf_tables_offload: clean offload things when the device unregister,
wenxu
- [PATCH AUTOSEL 5.2 24/94] netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info, Sasha Levin
- [PATCH AUTOSEL 5.2 78/94] netfilter: nf_flow_table: clear skb tstamp before xmit, Sasha Levin
- [PATCH AUTOSEL 4.19 16/52] netfilter: ebtables: Fix argument order to ADD_COUNTER, Sasha Levin
- [PATCH AUTOSEL 4.19 32/52] netfilter: nf_conntrack_ftp: Fix debug output, Sasha Levin
- [PATCH AUTOSEL 4.14 08/36] netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info, Sasha Levin
- [PATCH AUTOSEL 4.4 10/20] netfilter: nf_conntrack_ftp: Fix debug output, Sasha Levin
- [PATCH AUTOSEL 4.9 15/27] netfilter: nf_conntrack_ftp: Fix debug output, Sasha Levin
- [PATCH AUTOSEL 4.14 19/36] netfilter: nf_conntrack_ftp: Fix debug output, Sasha Levin
- [PATCH AUTOSEL 4.19 31/52] netfilter: xt_physdev: Fix spurious error message in physdev_mt_check, Sasha Levin
- [PATCH AUTOSEL 4.19 18/52] netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info, Sasha Levin
- [PATCH AUTOSEL 4.19 17/52] netfilter: nft_flow_offload: missing netlink attribute policy, Sasha Levin
- [PATCH AUTOSEL 5.2 77/94] netfilter: nf_flow_table: fix offload for flows that are subject to xfrm, Sasha Levin
- [PATCH AUTOSEL 5.2 57/94] netfilter: conntrack: make sysctls per-namespace again, Sasha Levin
- [PATCH AUTOSEL 5.2 52/94] netfilter: nf_conntrack_ftp: Fix debug output, Sasha Levin
- [PATCH AUTOSEL 5.2 51/94] netfilter: xt_physdev: Fix spurious error message in physdev_mt_check, Sasha Levin
- [PATCH AUTOSEL 5.2 23/94] netfilter: nft_flow_offload: missing netlink attribute policy, Sasha Levin
- [PATCH AUTOSEL 5.2 22/94] netfilter: ebtables: Fix argument order to ADD_COUNTER, Sasha Levin
- [PATCH nf-next v2] netfilter: nf_tables: fix possible null-pointer dereference in object update,
Fernando Fernandez Mancera
- [conntrack-tools PATCH v2] conntrack: Fix CIDR to mask conversion on Big Endian,
Phil Sutter
- [PATCH nf-next v2 0/3] netfilter: nf_tables_offload: clean offload things when the device unregister,
wenxu
- [PATCH nf-next] netfilter: nf_table_offload: Fix check the offload flags in nft_indr_block_cb, wenxu
- [PATCH nft] tests: shell: check that rule add with index works with echo,
Eric Garver
- [PATCH nf] netfilter: nf_tables: fix possible null-pointer dereference in object update,
Fernando Fernandez Mancera
- [PATCH net-next,v2 0/4] flow_offload: update mangle action representation,
Pablo Neira Ayuso
- [PATCH nf-next v3] netfilter: nf_table_offload: Fix the incorrect rcu usage in nft_indr_block_cb,
wenxu
- [PATCH nf-next v2 00/30] Add config option checks to netfilter headers.,
Jeremy Sowden
- [PATCH nf-next v2 07/30] netfilter: remove stray semicolons., Jeremy Sowden
- [PATCH nf-next v2 01/30] netfilter: add include guard to nf_conntrack_h323_types.h, Jeremy Sowden
- [PATCH nf-next v2 02/30] netfilter: add include guard to nf_conntrack_labels.h., Jeremy Sowden
- [PATCH nf-next v2 09/30] netfilter: remove unused includes., Jeremy Sowden
- [PATCH nf-next v2 08/30] netfilter: remove unused function declarations., Jeremy Sowden
- [PATCH nf-next v2 05/30] netfilter: remove trailing white-space., Jeremy Sowden
- [PATCH nf-next v2 03/30] netfilter: fix include guard comment., Jeremy Sowden
- [PATCH nf-next v2 04/30] netfilter: add GPL-2.0 SPDX ID's to a couple of headers., Jeremy Sowden
- [PATCH nf-next v2 06/30] netfilter: fix Kconfig formatting error., Jeremy Sowden
- [PATCH nf-next v2 13/30] netfilter: inline three headers., Jeremy Sowden
- [PATCH nf-next v2 26/30] netfilter: add CONFIG_NETFILTER check to linux/netfilter.h., Jeremy Sowden
- [PATCH nf-next v2 16/30] netfilter: move code between synproxy headers., Jeremy Sowden
- [PATCH nf-next v2 28/30] netfilter: add IP_SET_BITMAP config option., Jeremy Sowden
- [PATCH nf-next v2 30/30] netfilter: wrap headers in CONFIG checks., Jeremy Sowden
- [PATCH nf-next v2 19/30] netfilter: replace defined(CONFIG...) || defined(CONFIG...MODULE) with IS_ENABLED(CONFIG...)., Jeremy Sowden
- [PATCH nf-next v2 11/30] netfilter: fix inclusions of <linux/netfilter/nf_nat.h>., Jeremy Sowden
- [PATCH nf-next v2 29/30] netfilter: add IP_SET_HASH config option., Jeremy Sowden
- [PATCH nf-next v2 15/30] netfilter: move inline function to a more appropriate header., Jeremy Sowden
- [PATCH nf-next v2 21/30] netfilter: wrap inline synproxy function in CONFIG_NETFILTER_SYNPROXY check., Jeremy Sowden
- [PATCH nf-next v2 17/30] netfilter: move struct definition function to a more appropriate header., Jeremy Sowden
- [PATCH nf-next v2 14/30] netfilter: remove superfluous header., Jeremy Sowden
- [PATCH nf-next v2 12/30] netfilter: added missing includes., Jeremy Sowden
- [PATCH nf-next v2 25/30] netfilter: wrap some conntrack code in a CONFIG_NF_CONNTRACK check., Jeremy Sowden
- [PATCH nf-next v2 24/30] netfilter: wrap some ipv6 tables code in a CONFIG_NF_TABLES_IPV6 check., Jeremy Sowden
- [PATCH nf-next v2 22/30] netfilter: wrap inline timeout function in CONFIG_NETFILTER_TIMEOUT check., Jeremy Sowden
- [PATCH nf-next v2 27/30] netfilter: add NF_TPROXY config option., Jeremy Sowden
- [PATCH nf-next v2 18/30] netfilter: use consistent style when defining inline functions in nf_conntrack_ecache.h., Jeremy Sowden
- [PATCH nf-next v2 10/30] netfilter: include the right header in nf_conntrack_zones.h., Jeremy Sowden
- [PATCH nf-next v2 20/30] netfilter: wrap union nf_conntrack_proto members in CONFIG_NF_CT_PROTO_* check., Jeremy Sowden
- [PATCH nf-next v2 23/30] netfilter: wrap some nat-related conntrack code in a CONFIG_NF_NAT check., Jeremy Sowden
- Re: [PATCH nf-next v2 00/30] Add config option checks to netfilter headers., Pablo Neira Ayuso
- [PATCH nf-next 1/2] netfilter: nf_tables_offload: move indirect flow_block callback logic to core,
Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: ctnetlink: honor IPS_OFFLOAD flag,
Pablo Neira Ayuso
- [conntrack-tools PATCH] conntrack: Fix CIDR to mask conversion on Big Endian,
Phil Sutter
- [PATCH nf-next 00/29] Add config option checks to netfilter headers.,
Jeremy Sowden
- [PATCH nf-next 09/29] netfilter: remove unused includes., Jeremy Sowden
- [PATCH nf-next 01/29] netfilter: add include guard to nf_conntrack_h323_types.h, Jeremy Sowden
- [PATCH nf-next 06/29] netfilter: fix Kconfig formatting error., Jeremy Sowden
- [PATCH nf-next 03/29] netfilter: fix include guard comment., Jeremy Sowden
- [PATCH nf-next 08/29] netfilter: remove unused function declarations., Jeremy Sowden
- [PATCH nf-next 05/29] netfilter: remove trailing white-space., Jeremy Sowden
- [PATCH nf-next 07/29] netfilter: remove stray semicolons., Jeremy Sowden
- [PATCH nf-next 04/29] netfilter: add GPL-2.0 SPDX ID's to a couple of headers., Jeremy Sowden
- [PATCH nf-next 02/29] netfilter: add include guard to nf_conntrack_labels.h., Jeremy Sowden
- [PATCH nf-next 12/29] netfilter: inline three headers., Jeremy Sowden
- [PATCH nf-next 25/29] netfilter: add CONFIG_NETFILTER check to linux/netfilter.h., Jeremy Sowden
- [PATCH nf-next 15/29] netfilter: move code between synproxy headers., Jeremy Sowden
- [PATCH nf-next 24/29] netfilter: wrap some conntrack code in a CONFIG_NF_CONNTRACK check., Jeremy Sowden
- [PATCH nf-next 11/29] netfilter: added missing includes., Jeremy Sowden
- [PATCH nf-next 22/29] netfilter: wrap some nat-related conntrack code in a CONFIG_NF_NAT check., Jeremy Sowden
- [PATCH nf-next 27/29] netfilter: add IP_SET_BITMAP config option., Jeremy Sowden
- [PATCH nf-next 10/29] netfilter: include the right header in nf_conntrack_zones.h., Jeremy Sowden
- [PATCH nf-next 23/29] netfilter: wrap some ipv6 tables code in a CONFIG_NF_TABLES_IPV6 check., Jeremy Sowden
- [PATCH nf-next 17/29] netfilter: use consistent style when defining inline functions in nf_conntrack_ecache.h., Jeremy Sowden
- [PATCH nf-next 19/29] netfilter: wrap union nf_conntrack_proto members in CONFIG_NF_CT_PROTO_* check., Jeremy Sowden
- [PATCH nf-next 21/29] netfilter: wrap inline timeout function in CONFIG_NETFILTER_TIMEOUT check., Jeremy Sowden
- [PATCH nf-next 28/29] netfilter: add IP_SET_HASH config option., Jeremy Sowden
- [PATCH nf-next 16/29] netfilter: move struct definition function to a more appropriate header., Jeremy Sowden
- [PATCH nf-next 29/29] netfilter: wrap headers in CONFIG checks., Jeremy Sowden
- [PATCH nf-next 26/29] netfilter: add NF_TPROXY config option., Jeremy Sowden
- [PATCH nf-next 14/29] netfilter: move inline function to a more appropriate header., Jeremy Sowden
- [PATCH nf-next 20/29] netfilter: wrap inline synproxy function in CONFIG_NETFILTER_SYNPROXY check., Jeremy Sowden
- [PATCH nf-next 18/29] netfilter: replace defined(CONFIG...) || defined(CONFIG...MODULE) with IS_ENABLED(CONFIG...)., Jeremy Sowden
- [PATCH nf-next 13/29] netfilter: remove superfluous header., Jeremy Sowden
- [PATCH nf-next v2] netfilter: nft_socket: fix erroneous socket assignment,
Fernando Fernandez Mancera
- [PATCH nf-next] netfilter: nft_socket: fix erroneous socket assignment,
Fernando Fernandez Mancera
- [PATCH v5 1/1] net: br_netfiler_hooks: Drops IPv6 packets if IPv6 module is not loaded,
Leonardo Bras
- [PATCH v4 0/2] Drop IPV6 packets if IPv6 is disabled on boot,
Leonardo Bras
- [PATCH nf-next v7 0/8] netfilter: Support the bridge family in flow table,
wenxu
- [PATCH nft v6] meta: add ibrpvid and ibrvproto support,
wenxu
- [PATCH 0/4 net-next] flow_offload: update mangle action representation,
Pablo Neira Ayuso
- [PATCH AUTOSEL 5.2 04/76] netfilter: nf_flow_table: fix offload for flows that are subject to xfrm, Sasha Levin
- [PATCH AUTOSEL 5.2 11/76] netfilter: nf_flow_table: conntrack picks up expired flows, Sasha Levin
- [PATCH AUTOSEL 5.2 12/76] netfilter: nf_flow_table: teardown flow timeout race, Sasha Levin
- [PATCH AUTOSEL 5.2 10/76] netfilter: nf_tables: use-after-free in failing rule with bound set, Sasha Levin
- [PATCH AUTOSEL 5.2 24/76] netfilter: nft_flow_offload: skip tcp rst and fin packets, Sasha Levin
- [PATCH AUTOSEL 4.19 02/45] netfilter: nf_tables: use-after-free in failing rule with bound set, Sasha Levin
- [PATCH AUTOSEL 4.19 11/45] netfilter: nft_flow_offload: skip tcp rst and fin packets, Sasha Levin
- [PATCH] netfilter: reject: fix ICMP csum verification,
Alin Nastac
- [PATCH nft 0/4] meta: introduce time/day/hour matching,
Florian Westphal
- [PATCH AUTOSEL 4.19 15/29] netfilter: nf_tables: use-after-free in failing rule with bound set, Sasha Levin
- [PATCH AUTOSEL 4.19 22/29] netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and hash:ip,mac sets, Sasha Levin
- [PATCH AUTOSEL 4.19 21/29] netfilter: ipset: Actually allow destination MAC address for hash:ip,mac sets too, Sasha Levin
- [PATCH nft] src: json: add support for element deletion,
Florian Westphal
- [PATCH nf] netfilter: nft_meta_bridge: Fix get NFT_META_BRI_IIFVPROTO in network byteorder,
wenxu
- [PATCH nf] netfilter: nf_flow_table: clear skb tstamp before xmit,
Florian Westphal
- [PATCH v3 1/1] netfilter: nf_tables: fib: Drop IPV6 packets if IPv6 is disabled on boot, Leonardo Bras
- [PATCH nf] netfilter: conntrack: make sysctls per-namespace again,
Florian Westphal
- [PATCH 1/2 nf-next v3] netfilter: nf_tables: Introduce stateful object update operation,
Fernando Fernandez Mancera
- Feature request: Add support for linenoise as alternative to readline,
Priebe, Sebastian
- [PATCH nft v9 1/2] evaluate: New internal helper __expr_evaluate_range,
Ander Juaristi
- [PATCH nft v5] meta: add ibrpvid and ibrvproto support,
wenxu
- [PATCH] netfilter: not mark a spinlock as __read_mostly,
Li RongQing
- [PATCH 1/2 nf-next v2] netfilter: nf_tables: Introduce stateful object update operation,
Fernando Fernandez Mancera
- nft equivalent of iptables command,
Serguei Bezverkhi (sbezverk)
- [PATCH 0/3] rework netlink skb allocation,
Jan Dakinevich
- [PATCH nft v1]files: add script to generate geoip.nft file,
Shekhar Sharma
- nftables matching gratuitous arp,
michael-dev
- [PATCH] netfilter: xt_physdev: Fix spurious error message in physdev_mt_check,
Todd Seidelmann
- [PATCH nft v8 1/2] evaluate: New internal helper __expr_evaluate_range,
Ander Juaristi
- [PATCH] netfilter: nf_conntrack_ftp: Fix debug output,
Thomas Jarosch
- [PATCH v2 1/1] netfilter: nf_tables: fib: Drop IPV6 packages if IPv6 is disabled on boot,
Leonardo Bras
- [PATCH nft v4] meta: add ibrpvid and ibrvproto support,
wenxu
- [PATCH 1/2 nf-next] netfilter: nf_tables: Introduce stateful object update operation,
Fernando Fernandez Mancera
- [iptables PATCH 00/14] Implement among match support,
Phil Sutter
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
