Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

KASAN: use-after-free Read in seccomp_notify_release (2), syzbot
- Re: KASAN: use-after-free Read in seccomp_notify_release (2), Kees Cook
  - Re: KASAN: use-after-free Read in seccomp_notify_release (2), Tycho Andersen
    - Re: KASAN: use-after-free Read in seccomp_notify_release (2), Kees Cook
[RFC PATCH 0/1] netfilter: xt_connmark: add savedscp-mark action, Kevin 'ldir' Darbyshire-Bryant
- [PATCH 1/1] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
  - Re: [PATCH 1/1] netfilter: connmark: introduce savedscp, Pablo Neira Ayuso
    - Re: [PATCH 1/1] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
      - [RFC nf-next v2 0/2] xt_connmark: add savedscp-mark action, Kevin 'ldir' Darbyshire-Bryant
        
        [RFC nf-next v2 1/2] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
        
        Re: [RFC nf-next v2 1/2] netfilter: connmark: introduce savedscp, Pablo Neira Ayuso
        
        Re: [RFC nf-next v2 1/2] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
        
        [RFC nf-next 2/2] iptables: connmark - add savedscp option, Kevin 'ldir' Darbyshire-Bryant
[iptables PATCH] extensions: Install symlinks as such, Phil Sutter
- Re: [iptables PATCH] extensions: Install symlinks as such, Pablo Neira Ayuso
Typo in extensions/libxt_osf.man, Sam Banks
- Re: Typo in extensions/libxt_osf.man, Pablo Neira Ayuso
[PATCH net-next] openvswitch: add seqadj extension when NAT is used., Flavio Leitner
- Re: [PATCH net-next] openvswitch: add seqadj extension when NAT is used., Pravin Shelar
  - Re: [PATCH net-next] openvswitch: add seqadj extension when NAT is used., Flavio Leitner
[PATCH] build: adjust configure for postgresql 11, Jan Engelhardt
- [PATCH] build: adjust configure for postgresql 10/11, Jan Engelhardt
- Re: [PATCH] build: adjust configure for postgresql 11, Arturo Borrero Gonzalez
  - Re: [PATCH] build: adjust configure for postgresql 11, Jan Engelhardt
    - Re: [PATCH] build: adjust configure for postgresql 11, Christoph Berg
      - Re: [PATCH] build: adjust configure for postgresql 11, Pablo Neira Ayuso
Implementing Deletion of Set Elements in Rulesets, Karuna Grewal
- Re: Implementing Deletion of Set Elements in Rulesets, Phil Sutter
  - Re: Implementing Deletion of Set Elements in Rulesets, Florian Westphal
- Re: Implementing Deletion of Set Elements in Rulesets, Phil Sutter
  - Re: Implementing Deletion of Set Elements in Rulesets, Karuna Grewal
  - Message not available
    - Re: Implementing Deletion of Set Elements in Rulesets, Phil Sutter
[PATCH nft,v2 1/2] src: use 'flow add' syntax, Pablo Neira Ayuso
[PATCH nft 1/2] src: use 'flow add' syntax, Pablo Neira Ayuso
- [PATCH nft 2/2] build: missing misspell.h in Makefile.am, Pablo Neira Ayuso
a2x - unsupported parameter, Václav Zindulka
[PATCH nf-next] netfilter: nf_flowtable: skip device lookup from interface index, Pablo Neira Ayuso
[PATCH conntrack-tools] Allow protocol number zero, Brian Haley
- Re: [PATCH conntrack-tools] Allow protocol number zero, Pablo Neira Ayuso
[ebtables PATCH 0/3] Misc items found in Fedora package, Phil Sutter
- [ebtables PATCH 3/3] extensions: Add AUDIT target, Phil Sutter
  - Re: [ebtables PATCH 3/3] extensions: Add AUDIT target, Jan Engelhardt
    - Re: [ebtables PATCH 3/3] extensions: Add AUDIT target, Phil Sutter
- [ebtables PATCH 2/3] Allow customizing lockfile location at configure time, Phil Sutter
- [ebtables PATCH 1/3] extensions: Drop Makefile, Phil Sutter
- Re: [ebtables PATCH 0/3] Misc items found in Fedora package, Pablo Neira Ayuso
[PATCH net-next] netfilter: nft_redir: Make nft_redir_dump static, Yue Haibing
- Re: [PATCH net-next] netfilter: nft_redir: Make nft_redir_dump static, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_flowtable: remove duplicated transition in diagram, Pablo Neira Ayuso
[nftables,v2] tests/py: Add Test for `meta time`, Karuna Grewal
[PATCH v5] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
- Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Simon Horman
  - Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Jacky Hu
    - Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Simon Horman
[PATCH nf] netfilter: nf_tables: add missing ->release_ops() in error path of newrule(), Taehee Yoo
- Re: [PATCH nf] netfilter: nf_tables: add missing ->release_ops() in error path of newrule(), Pablo Neira Ayuso
[ANNOUNCE] nftlb 0.4 release, Laura Garcia
[nftables] tests/py: Add Test for `meta time`, Karuna Grewal
- Message not available
  - Message not available
    - Message not available
      - Message not available
        
        Re: [nftables] tests/py: Add Test for `meta time`, Karuna Grewal
        
        Re: [nftables] tests/py: Add Test for `meta time`, Florian Westphal
        
        Re: [nftables] tests/py: Add Test for `meta time`, Karuna Grewal
        
        Re: [nftables] tests/py: Add Test for `meta time`, Florian Westphal
- Re: [nftables] tests/py: Add Test for `meta time`, Pablo Neira Ayuso
[PATCH nft 2/2 v2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, s/==/=/, Luis Ressel
- Re: [PATCH nft 2/2 v2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, s/==/=/, Pablo Neira Ayuso
[PATCH nft 1/2] configure.ac: Fix a2x check, Luis Ressel
- [PATCH nft 2/2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, Luis Ressel
  - Re: [PATCH nft 2/2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, Jan Engelhardt
    - Re: [PATCH nft 2/2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, Luis Ressel
- Re: [PATCH nft 1/2] configure.ac: Fix a2x check, Pablo Neira Ayuso
[PATCH] netfilter: nf_tables: remove unused parameter ctx, Colin King
- Re: [PATCH] netfilter: nf_tables: remove unused parameter ctx, Pablo Neira Ayuso
[PATCH v4] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, kbuild test robot
  - Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, Jacky Hu
    - Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
      - Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, Jacky Hu
[PATCH v3] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v3] ipvs: allow tunneling with gue encapsulation, Pablo Neira Ayuso
  - Re: [PATCH v3] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v3] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
[PATCH v2] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v2] ipvs: allow tunneling with gue encapsulation, kbuild test robot
[PATCH ghak90 V5 00/10] audit: implement container identifier, Richard Guy Briggs
- [PATCH ghak90 V5 01/10] audit: collect audit task parameters, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 01/10] audit: collect audit task parameters, Neil Horman
  - Re: [PATCH ghak90 V5 01/10] audit: collect audit task parameters, Ondrej Mosnacek
- [PATCH ghak90 V5 02/10] audit: add container id, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 02/10] audit: add container id, Neil Horman
  - Re: [PATCH ghak90 V5 02/10] audit: add container id, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 02/10] audit: add container id, Richard Guy Briggs
- [PATCH ghak90 V5 03/10] audit: read container ID of a process, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Neil Horman
    - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Neil Horman
        
        Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Ondrej Mosnacek
- [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Neil Horman
    - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
- [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Neil Horman
  - Re: [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Richard Guy Briggs
- [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Neil Horman
  - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Ondrej Mosnacek
  - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Paul Moore
    - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Paul Moore
        
        Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
- [PATCH ghak90 V5 07/10] audit: add containerid support for user records, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 07/10] audit: add containerid support for user records, Neil Horman
  - Re: [PATCH ghak90 V5 07/10] audit: add containerid support for user records, Ondrej Mosnacek
- [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
  - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Ondrej Mosnacek
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
  - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
    - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
    - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
- [PATCH ghak90 V5 08/10] audit: add containerid filtering, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Ondrej Mosnacek
        
        Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Neil Horman
- [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Neil Horman
  - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Ondrej Mosnacek
  - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Paul Moore
    - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Richard Guy Briggs
- Re: [PATCH ghak90 V5 00/10] audit: implement container identifier, Richard Guy Briggs
[PATCH nft,v2] src: file descriptor leak in include_file(), Pablo Neira Ayuso
[PATCH] netfilter: nft_redir: module autoload with ip4, Pablo Neira Ayuso
[PATCH nft] src: file descriptor leak in include_file(), Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: bogus EBUSY in helper removal from transaction, Pablo Neira Ayuso
[PATCH nft] parser_bison: no need for statement separator for ct object commands, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH nft] parser_bison: no need for statement separator for ct object commands, Pablo Neira Ayuso
[PATCH nft] tests: shell: bogus EBUSY on helper deletion from transaction, Pablo Neira Ayuso
[PATCH] ipv6: ip6t_srh: fix NULL pointer dereferences, Kangjie Lu
- Re: [PATCH] ipv6: ip6t_srh: fix NULL pointer dereferences, Pablo Neira Ayuso
[PATCH v2] netfilter: nf_conntrack_sip: fix rtcp expectation clash, xiao ruizhu
- Re: [PATCH v2] netfilter: nf_conntrack_sip: fix rtcp expectation clash, Alin Năstac
- Re: [PATCH v2] netfilter: nf_conntrack_sip: fix rtcp expectation clash, Pablo Neira Ayuso
  - [PATCH v3] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
    - Re: [PATCH v3] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
      - Message not available
        
        Re: [PATCH v3] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v4] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        [PATCH v5] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v5] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v6] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v6] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v7] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v7] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v8] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v8] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
[PATCH] [v2] netfilter: fix NETFILTER_XT_TARGET_TEE dependencies, Arnd Bergmann
- Re: [PATCH] [v2] netfilter: fix NETFILTER_XT_TARGET_TEE dependencies, Pablo Neira Ayuso
[iptables PATCH 0/6] Man pages for arptables and ebtables, Phil Sutter
- [iptables PATCH 5/6] xtables-legacy.8: Remove stray colon, Phil Sutter
- [iptables PATCH 4/6] doc: Adjust ebtables man page, Phil Sutter
- [iptables PATCH 2/6] doc: Adjust arptables man pages, Phil Sutter
- [iptables PATCH 6/6] xtables-save: Point at existing man page in help text, Phil Sutter
- [iptables PATCH 1/6] doc: Add arptables-nft man pages, Phil Sutter
- [iptables PATCH 3/6] doc: Add ebtables man page, Phil Sutter
- Re: [iptables PATCH 0/6] Man pages for arptables and ebtables, Florian Westphal
[PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Xin Long
- Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Neil Horman
  - Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Florian Westphal
    - Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Pablo Neira Ayuso
      - Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Xin Long
        
        Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Neil Horman
        
        Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Xin Long
- Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Pablo Neira Ayuso
[PATCH] netfilter: nf_conntrack_sip: fix rtcp expectation clash, xiao ruizhu
[ebtables PATCH] Adjust .gitignore to renamed files, Phil Sutter
- Re: [ebtables PATCH] Adjust .gitignore to renamed files, Pablo Neira Ayuso
[PATCH nft] tests: shell: bogus ENOENT on element deletion in interval set, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_set_rbtree: check for inactive element after flag mismatch, Pablo Neira Ayuso
[PATCH] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- <Possible follow-ups>
- [PATCH] ipvs: allow tunneling with gue encapsulation, Jacky Hu
  - Re: [PATCH] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
[PATCH] netfilter: ip6t_srh: Fix potential NULL pointer dereference, Aditya Pakki
- Re: [PATCH] netfilter: ip6t_srh: Fix potential NULL pointer dereference, Pablo Neira Ayuso
[PATCH AUTOSEL 4.20 31/52] netfilter: compat: initialize all fields in xt_init, Sasha Levin
[PATCH AUTOSEL 4.20 33/52] ipvs: fix dependency on nf_defrag_ipv6, Sasha Levin
[PATCH AUTOSEL 4.19 28/44] netfilter: compat: initialize all fields in xt_init, Sasha Levin
[PATCH AUTOSEL 4.19 30/44] ipvs: fix dependency on nf_defrag_ipv6, Sasha Levin
[PATCH AUTOSEL 4.14 17/27] ipvs: fix dependency on nf_defrag_ipv6, Sasha Levin
[PATCH] netfilter: nf_conntrack_sip: remove direct dependency on IPv6, Alin Nastac
- Re: [PATCH] netfilter: nf_conntrack_sip: remove direct dependency on IPv6, Pablo Neira Ayuso
[PATCH nf-next v2] netfilter: nft_osf: Add version option support, Fernando Fernandez Mancera
[PATCH libnftnl v2] expr: osf: add version option support, Fernando Fernandez Mancera
[PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
- [PATCH nft v2 2/6] json: osf: add version json support, Fernando Fernandez Mancera
- [PATCH nft v2 3/6] tests: py: add osf tests with versions, Fernando Fernandez Mancera
- [PATCH nft v2 4/6] doc: add osf version option to man page, Fernando Fernandez Mancera
- [PATCH nft v2 5/6] files: osf: update pf.os with newer OS fingerprints, Fernando Fernandez Mancera
- [PATCH nft v2 6/6] files: pf.os: merge the signatures spllited by version, Fernando Fernandez Mancera
- Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
  - Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
    - Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
      - Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint supportg, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: use-after-free in dynamic operations, Pablo Neira Ayuso
[PATCH nf,v4] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH 4.19 1/2] netfilter: xt_TEE: fix wrong interface selection, Subash Abhinov Kasiviswanathan
- [PATCH 4.19 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry., Subash Abhinov Kasiviswanathan
  - Re: [PATCH 4.19 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry., Pablo Neira Ayuso
    - Re: [PATCH 4.19 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry., Sasha Levin
[PATCH nftables] meta: Add support for `time`, Karuna Grewal
- Re: [PATCH nftables] meta: Add support for `time`, Pablo Neira Ayuso
[PATCHv3] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
[PATCH] xtables-legacy: add missing config.h include, Lucas Stach
- Re: [PATCH] xtables-legacy: add missing config.h include, Pablo Neira Ayuso
  - Re: [PATCH] xtables-legacy: add missing config.h include, Lucas Stach
    - Re: [PATCH] xtables-legacy: add missing config.h include, Pablo Neira Ayuso
[PATCH nf,v3] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH nf,v2] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH nft] tests: shell: bogus EBUSY in set deletion after flush, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH nf,v2] netfilter: nf_tables: fix set double-free in abort path, Pablo Neira Ayuso
- Re: [PATCH nf,v2] netfilter: nf_tables: fix set double-free in abort path, Florian Westphal
NULL pointer dereference in nft_set_elem_destroy(), Dmitrii Tcvetkov
- Re: NULL pointer dereference in nft_set_elem_destroy(), Florian Westphal
  - Re: NULL pointer dereference in nft_set_elem_destroy(), Dmitrii Tcvetkov
Backport of iptables TEE target fixes to 4.19, Subash Abhinov Kasiviswanathan
- Re: Backport of iptables TEE target fixes to 4.19, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: return immediately on empty commit, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: return immediately on empty commit, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_tables: return immediately on empty commit, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: return immediately on empty commit, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path,
- Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Florian Westphal
    - Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Pablo Neira Ayuso
[PATCH libnftnl] src: libnftnl: export genid functions again, Florian Westphal
- Re: [PATCH libnftnl] src: libnftnl: export genid functions again, Pablo Neira Ayuso
Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Pablo Neira Ayuso
- Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Fernando Fernandez Mancera
  - Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Fernando Fernandez Mancera
    - Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Pablo Neira Ayuso
  - Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Pablo Neira Ayuso
[PATCH v2 nf] netfilter: nat: don't register device notifier twice, Florian Westphal
- Re: [PATCH v2 nf] netfilter: nat: don't register device notifier twice, Pablo Neira Ayuso
[PATCH nft] evaluate: misleading error reporting, Pablo Neira Ayuso
- Re: [PATCH nft] evaluate: misleading error reporting, Florian Westphal
[PATCH nft 1/2,v2] segtree: remove dummy debug_octx, Pablo Neira Ayuso
Netfilter, satya phanisree
[PATCH nft 1/2] segtree: remove dummy debug_octx, Pablo Neira Ayuso
- [PATCH nft 2/2] segtree: add missing non-matching segment to set in flat representation, Pablo Neira Ayuso
[bug report] netfilter: nft_compat: use .release_ops and remove list of extension, Dan Carpenter
[PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Arnd Bergmann
- Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Alin Năstac
    - Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Arnd Bergmann
      - Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Arnd Bergmann
xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", PGNet Dev
- Re: xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", PGNet Dev
  - Re: xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", PGNet Dev
    - Re: xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", Jan Engelhardt
[PATCH v4 2/2] xtables-save: implement showing zeroed chain counters when saving rulesets, Alban Vidal
[PATCH v4 1/2] iptables-save: add option to show zeroed counters when saving rulesets, Alban Vidal
- Re: [PATCH v4 1/2] iptables-save: add option to show zeroed counters when saving rulesets, Pablo Neira Ayuso
  - Re: [PATCH v4 1/2] iptables-save: add option to show zeroed counters when saving rulesets, Alban Vidal
[PATCH v4 0/2] iptables-save,xtables-save: add option to show zeroed counters when saving rulesets, Alban Vidal
[PATCH nf-next] netfilter: nat: don't use same refcount for notifiers, Florian Westphal
[PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
- Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Pablo Neira Ayuso
  - Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
    - Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Florian Westphal
      - Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Neil Horman
        
        Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
        
        Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Pablo Neira Ayuso
        
        Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
[PATCH 20/29] netfilter: nft_tunnel: Add dst_cache support, Pablo Neira Ayuso
- [PATCH 21/29] netfilter: convert the proto argument from u8 to u16, Pablo Neira Ayuso
- [PATCH 24/29] netfilter: nf_tables: check the result of dereferencing base_chain->stats, Pablo Neira Ayuso
- [PATCH 27/29] netfilter: nf_tables: nat: merge nft_redir protocol specific modules, Pablo Neira Ayuso
- [PATCH 29/29] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types, Pablo Neira Ayuso
  - Re: [PATCH 29/29] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types, Reindl Harald
- [PATCH 26/29] netfilter: xt_IDLETIMER: fix sysfs callback function type, Pablo Neira Ayuso
- [PATCH 28/29] netfilter: nf_tables: nat: merge nft_masq protocol specific modules, Pablo Neira Ayuso
- [PATCH 25/29] netfilter: nf_conntrack: ensure that CONNTRACK_LOCKS is power of 2, Pablo Neira Ayuso
  - Re: [PATCH 25/29] netfilter: nf_conntrack: ensure that CONNTRACK_LOCKS is power of 2, Sergei Shtylyov
- [PATCH 22/29] ipvs: get sctphdr by sctphoff in sctp_csum_check, Pablo Neira Ayuso
- [PATCH 23/29] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave, Pablo Neira Ayuso
[PATCH 10/29] netfilter: nat: remove csum_recalc hook, Pablo Neira Ayuso
- [PATCH 11/29] netfilter: nat: remove l3proto struct, Pablo Neira Ayuso
- [PATCH 12/29] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h, Pablo Neira Ayuso
- [PATCH 16/29] netfilter: nft_set_hash: bogus element self comparison from deactivation path, Pablo Neira Ayuso
- [PATCH 18/29] ipvs: change some data types from int to bool, Pablo Neira Ayuso
- [PATCH 17/29] netfilter: nft_set_hash: remove nft_hash_key(), Pablo Neira Ayuso
- [PATCH 19/29] netfilter: conntrack: tcp: only close if RST matches exact sequence, Pablo Neira Ayuso
- [PATCH 15/29] netfilter: nft_set_hash: fix lookups with fixed size hash on big endian, Pablo Neira Ayuso
- [PATCH 14/29] netfilter: remove unneeded switch fall-through, Pablo Neira Ayuso
- [PATCH 13/29] netfilter: conntrack: avoid same-timeout update, Pablo Neira Ayuso
[PATCH 00/29] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 01/29] netfilter: nft_compat: use .release_ops and remove list of extension, Pablo Neira Ayuso
- [PATCH 02/29] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
- [PATCH 04/29] netfilter: nat: merge ipv4 and ipv6 masquerade functionality, Pablo Neira Ayuso
- [PATCH 07/29] netfilter: nat: remove nf_nat_l4proto.h, Pablo Neira Ayuso
- [PATCH 08/29] netfilter: nat: remove l3 manip_pkt hook, Pablo Neira Ayuso
- [PATCH 06/29] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Pablo Neira Ayuso
- [PATCH 03/29] netfilter: ebtables: remove BUGPRINT messages, Pablo Neira Ayuso
- [PATCH 05/29] netfilter: nat: move nlattr parse and xfrm session decode to core, Pablo Neira Ayuso
- [PATCH 09/29] netfilter: nat: remove csum_update hook, Pablo Neira Ayuso
- Re: [PATCH 00/29] Netfilter/IPVS updates for net-next, David Miller
[PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
- Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
- Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Dan Carpenter
- <Possible follow-ups>
- [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
  - Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Florian Westphal
    - Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
      - Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Florian Westphal
        
        Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
        
        Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
[PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Su Yanjun
- Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Sergei Shtylyov
  - Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>
[PATCH AUTOSEL 4.20 59/81] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH AUTOSEL 4.19 46/64] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH AUTOSEL 4.14 27/36] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH AUTOSEL 4.9 13/19] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH nf-next 0/3] netfilter: nf_tables: merge remaining nat related modules, Florian Westphal
- [PATCH nf-next 1/3] netfilter: nf_tables: nat: merge nft_redir protocol specific modules, Florian Westphal
- [PATCH nf-next 2/3] netfilter: nf_tables: nat: merge nft_masq protocol specific modules, Florian Westphal
- [PATCH nf-next 3/3] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types, Florian Westphal
- Re: [PATCH nf-next 0/3] netfilter: nf_tables: merge remaining nat related modules, Pablo Neira Ayuso
[PATCH][v2] time: Introduce jiffies64_to_msecs(), Li RongQing
- Re: [PATCH][v2] time: Introduce jiffies64_to_msecs(), Pablo Neira Ayuso
  - Re: [PATCH][v2] time: Introduce jiffies64_to_msecs(), John Stultz
    - Re: [PATCH][v2] time: Introduce jiffies64_to_msecs(), Pablo Neira Ayuso
[PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type, Sami Tolvanen
- Re: [PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type, Pablo Neira Ayuso
[PATCH] time: Introduce jiffies64_to_msecs(), Li RongQing
- Re: [PATCH] time: Introduce jiffies64_to_msecs(), Thomas Gleixner
  - 答复: [PATCH] time: Introduce jiffies64_to_msecs(), Li,Rongqing
[nft PATCH 0/5] Some fixes for JSON support, Phil Sutter
- [nft PATCH 5/5] parser_json: Respect base chain priority, Phil Sutter
- [nft PATCH 1/5] libnftables: Print errors before freeing commands, Phil Sutter
- [nft PATCH 2/5] parser_json: Duplicate chain name when parsing jump verdict, Phil Sutter
- [nft PATCH 4/5] json: Fix memleaks in echo support, Phil Sutter
  - Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Pablo Neira Ayuso
    - Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Phil Sutter
      - Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Pablo Neira Ayuso
        
        Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Phil Sutter
        
        Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Pablo Neira Ayuso
- [nft PATCH 3/5] parser_json: Use xstrdup() when parsing rule comment, Phil Sutter
- Re: [nft PATCH 0/5] Some fixes for JSON support, Pablo Neira Ayuso
[PATCH] netfilter: conntrack: limit sysctl setting for boolean options, xiangxia . m . yue
- <Possible follow-ups>
- [PATCH] netfilter: conntrack: limit sysctl setting for boolean options, xiangxia . m . yue
  - Re: [PATCH] netfilter: conntrack: limit sysctl setting for boolean options, Pablo Neira Ayuso
[PATCH][v2] netfilter: ensure that CONNTRACK_LOCKS is power of 2, Li RongQing
- Re: [PATCH][v2] netfilter: ensure that CONNTRACK_LOCKS is power of 2, Pablo Neira Ayuso
[PATCH][v2] netfilter: check the result of dereferencing base_chain->stats, Li RongQing
- Re: [PATCH][v2] netfilter: check the result of dereferencing base_chain->stats, Pablo Neira Ayuso
[PATCH net] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave, David Ahern
- Re: [PATCH net] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave, Pablo Neira Ayuso
[PATCH nf-next] netfilter: ctnetlink: do not bail out with EBUSY on unchangeable bits, Pablo Neira Ayuso
[PATCH nf 1/3] netfilter: nft_set_hash: fix lookups with fixed size hash on big endian, Pablo Neira Ayuso
- [PATCH nf 2/3] netfilter: nft_set_hash: bogus element self comparison from deactivation path, Pablo Neira Ayuso
- [PATCH nf 3/3] netfilter: nft_set_hash: remove nft_hash_key(), Pablo Neira Ayuso
[PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Xin Long
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Marcelo Ricardo Leitner
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Julian Anastasov
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Simon Horman
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Pablo Neira Ayuso
[PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li RongQing
- Re: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Florian Westphal
  - 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li,Rongqing
    - Re: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Florian Westphal
      - 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li,Rongqing
        
        Re: 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Florian Westphal
        
        答复: 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li,Rongqing
[PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data, Li RongQing
- Re: [PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data, Eric Dumazet
  - 答复: [PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data, Li,Rongqing
[PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li RongQing
- Re: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
  - 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li,Rongqing
    - Re: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
      - 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li,Rongqing
        
        Re: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
        
        答复: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li,Rongqing
        
        Re: 答复: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
[PATCH AUTOSEL 4.20 05/72] netfilter: nft_compat: use refcnt_t type for nft_xt reference count, Sasha Levin
[PATCH AUTOSEL 4.20 06/72] netfilter: nft_compat: make lists per netns, Sasha Levin
[PATCH AUTOSEL 4.20 17/72] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.20 38/72] netfilter: nfnetlink_osf: add missing fmatch check, Sasha Levin
[PATCH AUTOSEL 4.20 37/72] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Sasha Levin
[PATCH AUTOSEL 4.19 04/65] netfilter: nft_compat: use refcnt_t type for nft_xt reference count, Sasha Levin
[PATCH AUTOSEL 4.19 05/65] netfilter: nft_compat: make lists per netns, Sasha Levin
[PATCH AUTOSEL 4.19 14/65] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.19 34/65] netfilter: nfnetlink_osf: add missing fmatch check, Sasha Levin
[PATCH AUTOSEL 4.14 08/45] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.14 21/45] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Sasha Levin
[PATCH AUTOSEL 4.9 08/32] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.4 05/26] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 3.18 04/18] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.19 33/65] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Sasha Levin
[PATCH AUTOSEL 4.20 07/72] netfilter: nft_compat: destroy function must not have side effects, Sasha Levin
WARNING in xt_compat_add_offset, syzbot
- Re: WARNING in xt_compat_add_offset, syzbot
- Re: WARNING in xt_compat_add_offset, syzbot
  - [PATCH nf] netfilter: ebtables: also count base chain policies, Florian Westphal
    - Re: [PATCH nf] netfilter: ebtables: also count base chain policies, Pablo Neira Ayuso
[PATCH nft] doc: update goto/jump help text, Florian Westphal
- Re: [PATCH nft] doc: update goto/jump help text, Pablo Neira Ayuso
[PATCH][nf-next][v2] netfilter: convert the proto argument from u8 to u16, Li RongQing
- Re: [PATCH][nf-next][v2] netfilter: convert the proto argument from u8 to u16, Pablo Neira Ayuso
[PATCH iptables] arptables-nft: fix decoding of hlen on bigendian platforms, Florian Westphal
- Re: [PATCH iptables] arptables-nft: fix decoding of hlen on bigendian platforms, Phil Sutter
[PATCH net-next] netfilter: nft_tunnel: Add dst_cache support, wenxu
- Re: [PATCH net-next] netfilter: nft_tunnel: Add dst_cache support, Pablo Neira Ayuso
[PATCH][nf-next] netfilter: convert the proto argument from u8 to u16, Li RongQing
- Re: [PATCH][nf-next] netfilter: convert the proto argument from u8 to u16, Florian Westphal
[PATCH][nf-next] netfilter: remove unneeded switch fall-through, Li RongQing
- Re: [PATCH][nf-next] netfilter: remove unneeded switch fall-through, Pablo Neira Ayuso
[iptables PATCH 1/3] extensions: Fix ipvs vproto parsing, Phil Sutter
- [iptables PATCH 2/3] extensions: Fix ipvs vproto option printing, Phil Sutter
- [iptables PATCH 3/3] extensions: Add testcase for libxt_ipvs, Phil Sutter
- Re: [iptables PATCH 1/3] extensions: Fix ipvs vproto parsing, Julian Anastasov
[PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence, Florian Westphal
- Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence, Pablo Neira Ayuso
  - Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence, Jozsef Kadlecsik
    - Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence, Florian Westphal
      - Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence, Jozsef Kadlecsik
        
        Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence, Florian Westphal
        
        Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence, Jozsef Kadlecsik
[PATCH nf-next] netfilter: conntrack: avoid same-timeout update, Florian Westphal
- Re: [PATCH nf-next] netfilter: conntrack: avoid same-timeout update, Phil Sutter
  - Re: [PATCH nf-next] netfilter: conntrack: avoid same-timeout update, Florian Westphal
- Re: [PATCH nf-next] netfilter: conntrack: avoid same-timeout update, Pablo Neira Ayuso
[iptables PATCH] extensions: AUDIT: Document ineffective --type option, Phil Sutter
[PATCH conntrack-tools 1/3] conntrack: extend nfct_mnl_socket_open() to use it to handle events, Pablo Neira Ayuso
- [PATCH conntrack-tools 2/3] conntrack: use libmnl for conntrack events, Pablo Neira Ayuso
- [PATCH conntrack-tools 3/3] conntrack: add -o userspace option to tag user-triggered events, Pablo Neira Ayuso
update on netdev 0x13 conference, Jamal Hadi Salim
[iptables PATCH] doc: Install ip{6,}tables-translate.8 manpages, Phil Sutter
[ANNOUNCE] 15th Netfilter Workshop in Malaga, Spain, Pablo Neira Ayuso
[PATCH] ipset: fix spelling error in libipset.3 manpage, Neutron Soutmun
[iptables PATCH 0/5] Make testsuites a bit more versatile, Phil Sutter
- [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, Phil Sutter
  - Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, Florian Westphal
    - Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, Phil Sutter
      - Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, Pablo Neira Ayuso
        
        Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, Phil Sutter
        
        Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, Florian Westphal
        
        [iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf, Phil Sutter
        
        Re: [iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf, Florian Westphal
        
        Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, Pablo Neira Ayuso
        
        [libnetfilter_conntrack PATCH] Rename 'qa' directory to 'tests', Phil Sutter
        
        [libnetfilter_conntrack PATCH v2] Rename 'qa' directory to 'tests', Phil Sutter
        
        Re: [libnetfilter_conntrack PATCH v2] Rename 'qa' directory to 'tests', Pablo Neira Ayuso
- [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override, Phil Sutter
  - Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override, Pablo Neira Ayuso
    - Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override, Phil Sutter
- [iptables PATCH 4/5] xlate-test: Add and use a connlabel.conf for testing, Phil Sutter
- [iptables PATCH 1/5] xlate-test: Support testing host binaries, Phil Sutter
- [iptables PATCH 2/5] tests/shell: Support testing host binaries, Phil Sutter
[PATCH v4 nf-next 0/9] netfilter: nat: merge ipv4 and ipv6 nat modules, Florian Westphal
- [PATCH nf-next v4 1/9] netfilter: nat: merge ipv4 and ipv6 masquerade functionality, Florian Westphal
- [PATCH nf-next v4 2/9] netfilter: nat: move nlattr parse and xfrm session decode to core, Florian Westphal
- [PATCH nf-next v4 4/9] netfilter: nat: remove nf_nat_l4proto.h, Florian Westphal
- [PATCH nf-next v4 3/9] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Florian Westphal
- [PATCH nf-next v4 5/9] netfilter: nat: remove l3 manip_pkt hook, Florian Westphal
- [PATCH nf-next v4 6/9] netfilter: nat: remove csum_update hook, Florian Westphal
- [PATCH nf-next v4 7/9] netfilter: nat: remove csum_recalc hook, Florian Westphal
- [PATCH nf-next v4 8/9] netfilter: nat: remove l3proto struct, Florian Westphal
- [PATCH nf-next v4 9/9] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h, Florian Westphal
- Re: [PATCH v4 nf-next 0/9] netfilter: nat: merge ipv4 and ipv6 nat modules, Pablo Neira Ayuso
[PATCH nf] netfilter: ebtables: remove BUGPRINT messages, Florian Westphal
- Re: [PATCH nf] netfilter: ebtables: remove BUGPRINT messages, Pablo Neira Ayuso
Network interface switch features, hh h
[PATCH v2] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
- Re: [PATCH v2] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
Re: INFO: rcu detected stall in netlink_sendmsg, syzbot
[PATCH 00/11] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 06/11] ipvs: Use struct_size() helper, Pablo Neira Ayuso
- [PATCH 05/11] netfilter: conntrack: fix indentation issue, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: nf_conntrack_sip: add sip_external_media logic, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: nft_tunnel: Add NFTA_TUNNEL_MODE options, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: xt_recent: Use struct_size() in kvzalloc(), Pablo Neira Ayuso
- [PATCH 10/11] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static, Pablo Neira Ayuso
- [PATCH 01/11] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: nat: remove module dependency on ipv6 core, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter/IPVS updates for net-next, David Miller
[PATCH] netfilter/ipvs: Fix unused variable warning, Borislav Petkov
- Re: [PATCH] netfilter/ipvs: Fix unused variable warning, Pablo Neira Ayuso
[PATCH nf-next] ipvs: change some data types from int to bool, Andrea Claudi
- Re: [PATCH nf-next] ipvs: change some data types from int to bool, Julian Anastasov
- Re: [PATCH nf-next] ipvs: change some data types from int to bool, Simon Horman
- Re: [PATCH nf-next] ipvs: change some data types from int to bool, Pablo Neira Ayuso
[PATCH net-next] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static, Wei Yongjun
- Re: [PATCH net-next] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static, Pablo Neira Ayuso
[PATCH nf] ipvs: fix warning on unused variable, Andrea Claudi
- Re: [PATCH nf] ipvs: fix warning on unused variable, Pablo Neira Ayuso
[iptables PATCH] arptables: Print space before comma and counters, Phil Sutter
- Re: [iptables PATCH] arptables: Print space before comma and counters, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: fix flush after rule deletion in the same batch, Pablo Neira Ayuso
[PATCH] tests: shell: flush after rule deletion, Pablo Neira Ayuso
RFC: nftables does not allow to delete a rule twice, Phil Sutter
- Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
  - Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
    - Re: RFC: nftables does not allow to delete a rule twice, Phil Sutter
      - Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
        
        Re: RFC: nftables does not allow to delete a rule twice, Phil Sutter
        
        Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
[PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
- Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
    - Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
      - Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
Re: Englobe interfaces, Pablo Neira Ayuso
[PATCH 1/2 nf] netfilter: nft_compat: use-after-free when deleting targets, Pablo Neira Ayuso
- [PATCH 2/2 nf-next] netfilter: nft_compat: use .release_ops and remove list of extension, Pablo Neira Ayuso
[iptables PATCH 0/5] Align iptables-nft error messages with legacy, Phil Sutter
- [iptables PATCH 2/5] xtables: Move new chain check to where it belongs, Phil Sutter
- [iptables PATCH 1/5] xtables: Fix error message when zeroing a non-existent chain, Phil Sutter
- [iptables PATCH 5/5] tests: Extend return codes check by error messages, Phil Sutter
- [iptables PATCH 4/5] xtables: Fix error message for chain renaming, Phil Sutter
- [iptables PATCH 3/5] xtables: Fix error messages in commands with rule number, Phil Sutter
- Re: [iptables PATCH 0/5] Align iptables-nft error messages with legacy, Pablo Neira Ayuso
[PATCH v3] netfilter: reject: skip csum verification for protocols that don't support it, Alin Nastac
- Re: [PATCH v3] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
[PATCH AUTOSEL 4.20 038/105] netfilter: nf_tables: fix leaking object reference count, Sasha Levin
[PATCH AUTOSEL 4.20 043/105] netfilter: nft_flow_offload: Fix reverse route lookup, Sasha Levin
[PATCH AUTOSEL 4.20 049/105] netfilter: nft_flow_offload: fix interaction with vrf slave device, Sasha Levin
[PATCH AUTOSEL 4.20 065/105] netfilter: nft_flow_offload: fix checking method of conntrack helper, Sasha Levin
[PATCH AUTOSEL 4.19 32/83] netfilter: nf_tables: fix leaking object reference count, Sasha Levin
[PATCH AUTOSEL 4.19 37/83] netfilter: nft_flow_offload: Fix reverse route lookup, Sasha Levin
[PATCH AUTOSEL 4.19 41/83] netfilter: nft_flow_offload: fix interaction with vrf slave device, Sasha Levin
[nf-next:master 9/9] ipt_REJECT.c:(.text+0x120): multiple definition of `nf_reject_verify_csum'; net/ipv4/netfilter/nf_reject_ipv4.o:nf_reject_ipv4.c:(.text+0x470): first defined here, kbuild test robot
[PATCH AUTOSEL 4.19 56/83] netfilter: nft_flow_offload: fix checking method of conntrack helper, Sasha Levin
[PATCH AUTOSEL 4.14 17/34] netfilter: nf_tables: fix leaking object reference count, Sasha Levin
[nf-next:master 9/9] include/net/netfilter/nf_reject.h:5: multiple definition of `nf_reject_verify_csum'; net/ipv4/netfilter/nf_reject_ipv4.o:include/net/netfilter/nf_reject.h:5: first defined here, kbuild test robot
conntrack --ignore-error proposal to fix delete races, William Ahern
[conntrack-tools PATCH v2] Support compiling against libtirpc, Phil Sutter
- Re: [conntrack-tools PATCH v2] Support compiling against libtirpc, Pablo Neira Ayuso
[conntrack-tools PATCH] Support compiling against libtirpc, Phil Sutter
- Re: [conntrack-tools PATCH] Support compiling against libtirpc, Jan Engelhardt
  - Re: [conntrack-tools PATCH] Support compiling against libtirpc, Phil Sutter
[conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Phil Sutter
- Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Pablo Neira Ayuso
  - Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Phil Sutter
    - Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Pablo Neira Ayuso
[conntrack-tools PATCH] nfct: Drop dead code in nfct_timeout_parse_params(), Phil Sutter
- Re: [conntrack-tools PATCH] nfct: Drop dead code in nfct_timeout_parse_params(), Pablo Neira Ayuso
[ebtables PATCH] Print IPv6 prefixes in CIDR notation, Phil Sutter
- Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation, Pablo Neira Ayuso
  - Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation, Phil Sutter
    - Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation, Pablo Neira Ayuso
[PATCH nf-next,RFC,v2] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Pablo Neira Ayuso
- Re: [PATCH nf-next,RFC,v2] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Pablo Neira Ayuso
[PATCH v2] netfilter: reject: skip csum verification for protocols that don't support it, Alin Nastac
- Re: [PATCH v2] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
[conntrack-tools PATCH] conntrackd: helpers: dhcpv6: Fix potential array overrun, Phil Sutter
- Re: [conntrack-tools PATCH] conntrackd: helpers: dhcpv6: Fix potential array overrun, Pablo Neira Ayuso
[PATCH nf-next,RFC] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Pablo Neira Ayuso
- Re: [PATCH nf-next,RFC] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Florian Westphal
[PATCH nf-next,v2] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Pablo Neira Ayuso
- Re: [PATCH nf-next,v2] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Chieh-Min Wang
[PATCH nf] netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs, Pablo Neira Ayuso
Netfilter conntrack table query., satya phanisree
[PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Andrea Claudi
- Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Julian Anastasov
- Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Simon Horman
- Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Pablo Neira Ayuso
[PATCH nf v2] netfilter: compat: initialize all fields in xt_init, Francesco Ruggeri
- Re: [PATCH nf v2] netfilter: compat: initialize all fields in xt_init, Florian Westphal
- Re: [PATCH nf v2] netfilter: compat: initialize all fields in xt_init, Pablo Neira Ayuso
[PATCH nf] netfilter: compat: initialize all fields in xt_init, Francesco Ruggeri
- Re: [PATCH nf] netfilter: compat: initialize all fields in xt_init, Florian Westphal
[PATCH libnftnl,v3] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
- Re: [PATCH libnftnl,v3] udata: add NFTNL_UDATA_* definitions, Phil Sutter
[PATCH] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
[PATCH libnftnl] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
- Re: [PATCH libnftnl] udata: add NFTNL_UDATA_* definitions, Phil Sutter
  - Re: [PATCH libnftnl] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
[PATCH nft 0/5] src: expr: reduce size of struct expr, Florian Westphal
- [PATCH nft 1/5] src: expr: add and use expr_name helper, Florian Westphal
  - Re: [PATCH nft 1/5] src: expr: add and use expr_name helper, Pablo Neira Ayuso
- [PATCH nft 2/5] src: payload: export and use payload_expr_cmp, Florian Westphal
  - Re: [PATCH nft 2/5] src: payload: export and use payload_expr_cmp, Pablo Neira Ayuso
- [PATCH nft 3/5] src: expr: add and use internal expr_ops helper, Florian Westphal
  - Re: [PATCH nft 3/5] src: expr: add and use internal expr_ops helper, Pablo Neira Ayuso
- [PATCH nft 4/5] src: expr: add expression etype, Florian Westphal
  - Re: [PATCH nft 4/5] src: expr: add expression etype, Pablo Neira Ayuso
    - Re: [PATCH nft 4/5] src: expr: add expression etype, Florian Westphal
      - Re: [PATCH nft 4/5] src: expr: add expression etype, Pablo Neira Ayuso
- [PATCH nft 5/5] src: expr: remove expr_ops from struct expr, Florian Westphal
  - Re: [PATCH nft 5/5] src: expr: remove expr_ops from struct expr, Pablo Neira Ayuso
    - Re: [PATCH nft 5/5] src: expr: remove expr_ops from struct expr, Florian Westphal
[PATCH nf] netfilter: nat: fix spurious connection timeouts, Florian Westphal
- Re: [PATCH nf] netfilter: nat: fix spurious connection timeouts, Pablo Neira Ayuso
Update pf.os with newer OS fingerprints, Fernando Fernandez Mancera
- Re: Update pf.os with newer OS fingerprints, Pablo Neira Ayuso
  - Re: Update pf.os with newer OS fingerprints, Fernando Fernandez Mancera
    - Re: Update pf.os with newer OS fingerprints, Pablo Neira Ayuso
[PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Nastac
- Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Florian Westphal
- Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
    - Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Năstac
      - Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Năstac
        
        Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Năstac
[PATCH net-next] netfilter: xt_recent: Use struct_size() in kvzalloc(), Gustavo A. R. Silva
- Re: [PATCH net-next] netfilter: xt_recent: Use struct_size() in kvzalloc(), Pablo Neira Ayuso
[PATCH net-next] ipvs: Use struct_size() helper, Gustavo A. R. Silva
- Re: [PATCH net-next] ipvs: Use struct_size() helper, Simon Horman
  - Re: [PATCH net-next] ipvs: Use struct_size() helper, Pablo Neira Ayuso
    - Re: [PATCH net-next] ipvs: Use struct_size() helper, Gustavo A. R. Silva
[iptables PATCH] xtables-save: Fix table not found error message, Phil Sutter
[iptables PATCH v3 1/3] nft: Don't assume NFTNL_RULE_USERDATA holds a comment, Phil Sutter

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]