Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf, (continued)
- [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override, Phil Sutter
  - Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override, Pablo Neira Ayuso
    - Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override, Phil Sutter
- [iptables PATCH 4/5] xlate-test: Add and use a connlabel.conf for testing, Phil Sutter
- [iptables PATCH 1/5] xlate-test: Support testing host binaries, Phil Sutter
- [iptables PATCH 2/5] tests/shell: Support testing host binaries, Phil Sutter
[PATCH v4 nf-next 0/9] netfilter: nat: merge ipv4 and ipv6 nat modules, Florian Westphal
- [PATCH nf-next v4 1/9] netfilter: nat: merge ipv4 and ipv6 masquerade functionality, Florian Westphal
- [PATCH nf-next v4 2/9] netfilter: nat: move nlattr parse and xfrm session decode to core, Florian Westphal
- [PATCH nf-next v4 4/9] netfilter: nat: remove nf_nat_l4proto.h, Florian Westphal
- [PATCH nf-next v4 3/9] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Florian Westphal
- [PATCH nf-next v4 5/9] netfilter: nat: remove l3 manip_pkt hook, Florian Westphal
- [PATCH nf-next v4 6/9] netfilter: nat: remove csum_update hook, Florian Westphal
- [PATCH nf-next v4 7/9] netfilter: nat: remove csum_recalc hook, Florian Westphal
- [PATCH nf-next v4 8/9] netfilter: nat: remove l3proto struct, Florian Westphal
- [PATCH nf-next v4 9/9] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h, Florian Westphal
- Re: [PATCH v4 nf-next 0/9] netfilter: nat: merge ipv4 and ipv6 nat modules, Pablo Neira Ayuso
[PATCH nf] netfilter: ebtables: remove BUGPRINT messages, Florian Westphal
- Re: [PATCH nf] netfilter: ebtables: remove BUGPRINT messages, Pablo Neira Ayuso
Network interface switch features, hh h
[PATCH v2] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
- Re: [PATCH v2] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
Re: INFO: rcu detected stall in netlink_sendmsg, syzbot
[PATCH 00/11] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 06/11] ipvs: Use struct_size() helper, Pablo Neira Ayuso
- [PATCH 05/11] netfilter: conntrack: fix indentation issue, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: nf_conntrack_sip: add sip_external_media logic, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: nft_tunnel: Add NFTA_TUNNEL_MODE options, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: xt_recent: Use struct_size() in kvzalloc(), Pablo Neira Ayuso
- [PATCH 10/11] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static, Pablo Neira Ayuso
- [PATCH 01/11] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: nat: remove module dependency on ipv6 core, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter/IPVS updates for net-next, David Miller
[PATCH] netfilter/ipvs: Fix unused variable warning, Borislav Petkov
- Re: [PATCH] netfilter/ipvs: Fix unused variable warning, Pablo Neira Ayuso
[PATCH nf-next] ipvs: change some data types from int to bool, Andrea Claudi
- Re: [PATCH nf-next] ipvs: change some data types from int to bool, Julian Anastasov
- Re: [PATCH nf-next] ipvs: change some data types from int to bool, Simon Horman
- Re: [PATCH nf-next] ipvs: change some data types from int to bool, Pablo Neira Ayuso
[PATCH net-next] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static, Wei Yongjun
- Re: [PATCH net-next] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static, Pablo Neira Ayuso
[PATCH nf] ipvs: fix warning on unused variable, Andrea Claudi
- Re: [PATCH nf] ipvs: fix warning on unused variable, Pablo Neira Ayuso
[iptables PATCH] arptables: Print space before comma and counters, Phil Sutter
- Re: [iptables PATCH] arptables: Print space before comma and counters, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: fix flush after rule deletion in the same batch, Pablo Neira Ayuso
[PATCH] tests: shell: flush after rule deletion, Pablo Neira Ayuso
RFC: nftables does not allow to delete a rule twice, Phil Sutter
- Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
  - Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
    - Re: RFC: nftables does not allow to delete a rule twice, Phil Sutter
      - Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
        
        Re: RFC: nftables does not allow to delete a rule twice, Phil Sutter
        
        Re: RFC: nftables does not allow to delete a rule twice, Pablo Neira Ayuso
[PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
- Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
    - Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
      - Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Florian Tham
        
        Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
Re: Englobe interfaces, Pablo Neira Ayuso
[PATCH 1/2 nf] netfilter: nft_compat: use-after-free when deleting targets, Pablo Neira Ayuso
- [PATCH 2/2 nf-next] netfilter: nft_compat: use .release_ops and remove list of extension, Pablo Neira Ayuso
[iptables PATCH 0/5] Align iptables-nft error messages with legacy, Phil Sutter
- [iptables PATCH 2/5] xtables: Move new chain check to where it belongs, Phil Sutter
- [iptables PATCH 1/5] xtables: Fix error message when zeroing a non-existent chain, Phil Sutter
- [iptables PATCH 5/5] tests: Extend return codes check by error messages, Phil Sutter
- [iptables PATCH 4/5] xtables: Fix error message for chain renaming, Phil Sutter
- [iptables PATCH 3/5] xtables: Fix error messages in commands with rule number, Phil Sutter
- Re: [iptables PATCH 0/5] Align iptables-nft error messages with legacy, Pablo Neira Ayuso
[PATCH v3] netfilter: reject: skip csum verification for protocols that don't support it, Alin Nastac
- Re: [PATCH v3] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
[PATCH AUTOSEL 4.20 038/105] netfilter: nf_tables: fix leaking object reference count, Sasha Levin
[PATCH AUTOSEL 4.20 043/105] netfilter: nft_flow_offload: Fix reverse route lookup, Sasha Levin
[PATCH AUTOSEL 4.20 049/105] netfilter: nft_flow_offload: fix interaction with vrf slave device, Sasha Levin
[PATCH AUTOSEL 4.20 065/105] netfilter: nft_flow_offload: fix checking method of conntrack helper, Sasha Levin
[PATCH AUTOSEL 4.19 32/83] netfilter: nf_tables: fix leaking object reference count, Sasha Levin
[PATCH AUTOSEL 4.19 37/83] netfilter: nft_flow_offload: Fix reverse route lookup, Sasha Levin
[PATCH AUTOSEL 4.19 41/83] netfilter: nft_flow_offload: fix interaction with vrf slave device, Sasha Levin
[nf-next:master 9/9] ipt_REJECT.c:(.text+0x120): multiple definition of `nf_reject_verify_csum'; net/ipv4/netfilter/nf_reject_ipv4.o:nf_reject_ipv4.c:(.text+0x470): first defined here, kbuild test robot
[PATCH AUTOSEL 4.19 56/83] netfilter: nft_flow_offload: fix checking method of conntrack helper, Sasha Levin
[PATCH AUTOSEL 4.14 17/34] netfilter: nf_tables: fix leaking object reference count, Sasha Levin
[nf-next:master 9/9] include/net/netfilter/nf_reject.h:5: multiple definition of `nf_reject_verify_csum'; net/ipv4/netfilter/nf_reject_ipv4.o:include/net/netfilter/nf_reject.h:5: first defined here, kbuild test robot
conntrack --ignore-error proposal to fix delete races, William Ahern
[conntrack-tools PATCH v2] Support compiling against libtirpc, Phil Sutter
- Re: [conntrack-tools PATCH v2] Support compiling against libtirpc, Pablo Neira Ayuso
[conntrack-tools PATCH] Support compiling against libtirpc, Phil Sutter
- Re: [conntrack-tools PATCH] Support compiling against libtirpc, Jan Engelhardt
  - Re: [conntrack-tools PATCH] Support compiling against libtirpc, Phil Sutter
[conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Phil Sutter
- Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Pablo Neira Ayuso
  - Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Phil Sutter
    - Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings, Pablo Neira Ayuso
[conntrack-tools PATCH] nfct: Drop dead code in nfct_timeout_parse_params(), Phil Sutter
- Re: [conntrack-tools PATCH] nfct: Drop dead code in nfct_timeout_parse_params(), Pablo Neira Ayuso
[ebtables PATCH] Print IPv6 prefixes in CIDR notation, Phil Sutter
- Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation, Pablo Neira Ayuso
  - Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation, Phil Sutter
    - Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation, Pablo Neira Ayuso
[PATCH nf-next,RFC,v2] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Pablo Neira Ayuso
- Re: [PATCH nf-next,RFC,v2] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Pablo Neira Ayuso
[PATCH v2] netfilter: reject: skip csum verification for protocols that don't support it, Alin Nastac
- Re: [PATCH v2] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
[conntrack-tools PATCH] conntrackd: helpers: dhcpv6: Fix potential array overrun, Phil Sutter
- Re: [conntrack-tools PATCH] conntrackd: helpers: dhcpv6: Fix potential array overrun, Pablo Neira Ayuso
[PATCH nf-next,RFC] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Pablo Neira Ayuso
- Re: [PATCH nf-next,RFC] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it, Florian Westphal
[PATCH nf-next,v2] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Pablo Neira Ayuso
- Re: [PATCH nf-next,v2] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Chieh-Min Wang
[PATCH nf] netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs, Pablo Neira Ayuso
Netfilter conntrack table query., satya phanisree
[PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Andrea Claudi
- Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Julian Anastasov
- Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Simon Horman
- Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6, Pablo Neira Ayuso
[PATCH nf v2] netfilter: compat: initialize all fields in xt_init, Francesco Ruggeri
- Re: [PATCH nf v2] netfilter: compat: initialize all fields in xt_init, Florian Westphal
- Re: [PATCH nf v2] netfilter: compat: initialize all fields in xt_init, Pablo Neira Ayuso
[PATCH nf] netfilter: compat: initialize all fields in xt_init, Francesco Ruggeri
- Re: [PATCH nf] netfilter: compat: initialize all fields in xt_init, Florian Westphal
[PATCH libnftnl,v3] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
- Re: [PATCH libnftnl,v3] udata: add NFTNL_UDATA_* definitions, Phil Sutter
[PATCH] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
[PATCH libnftnl] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
- Re: [PATCH libnftnl] udata: add NFTNL_UDATA_* definitions, Phil Sutter
  - Re: [PATCH libnftnl] udata: add NFTNL_UDATA_* definitions, Pablo Neira Ayuso
[PATCH nft 0/5] src: expr: reduce size of struct expr, Florian Westphal
- [PATCH nft 1/5] src: expr: add and use expr_name helper, Florian Westphal
  - Re: [PATCH nft 1/5] src: expr: add and use expr_name helper, Pablo Neira Ayuso
- [PATCH nft 2/5] src: payload: export and use payload_expr_cmp, Florian Westphal
  - Re: [PATCH nft 2/5] src: payload: export and use payload_expr_cmp, Pablo Neira Ayuso
- [PATCH nft 3/5] src: expr: add and use internal expr_ops helper, Florian Westphal
  - Re: [PATCH nft 3/5] src: expr: add and use internal expr_ops helper, Pablo Neira Ayuso
- [PATCH nft 4/5] src: expr: add expression etype, Florian Westphal
  - Re: [PATCH nft 4/5] src: expr: add expression etype, Pablo Neira Ayuso
    - Re: [PATCH nft 4/5] src: expr: add expression etype, Florian Westphal
      - Re: [PATCH nft 4/5] src: expr: add expression etype, Pablo Neira Ayuso
- [PATCH nft 5/5] src: expr: remove expr_ops from struct expr, Florian Westphal
  - Re: [PATCH nft 5/5] src: expr: remove expr_ops from struct expr, Pablo Neira Ayuso
    - Re: [PATCH nft 5/5] src: expr: remove expr_ops from struct expr, Florian Westphal
[PATCH nf] netfilter: nat: fix spurious connection timeouts, Florian Westphal
- Re: [PATCH nf] netfilter: nat: fix spurious connection timeouts, Pablo Neira Ayuso
Update pf.os with newer OS fingerprints, Fernando Fernandez Mancera
- Re: Update pf.os with newer OS fingerprints, Pablo Neira Ayuso
  - Re: Update pf.os with newer OS fingerprints, Fernando Fernandez Mancera
    - Re: Update pf.os with newer OS fingerprints, Pablo Neira Ayuso
[PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Nastac
- Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Florian Westphal
- Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
    - Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Năstac
      - Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Năstac
        
        Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it, Alin Năstac
[PATCH net-next] netfilter: xt_recent: Use struct_size() in kvzalloc(), Gustavo A. R. Silva
- Re: [PATCH net-next] netfilter: xt_recent: Use struct_size() in kvzalloc(), Pablo Neira Ayuso
[PATCH net-next] ipvs: Use struct_size() helper, Gustavo A. R. Silva
- Re: [PATCH net-next] ipvs: Use struct_size() helper, Simon Horman
  - Re: [PATCH net-next] ipvs: Use struct_size() helper, Pablo Neira Ayuso
    - Re: [PATCH net-next] ipvs: Use struct_size() helper, Gustavo A. R. Silva
[iptables PATCH] xtables-save: Fix table not found error message, Phil Sutter
[iptables PATCH v3 1/3] nft: Don't assume NFTNL_RULE_USERDATA holds a comment, Phil Sutter
- [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY, Phil Sutter
  - Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY, Florian Westphal
    - Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY, Phil Sutter
      - Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY, Florian Westphal
        
        Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY, Pablo Neira Ayuso
      - Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY, Pablo Neira Ayuso
- [iptables PATCH v3 3/3] ebtables-nft: Support user-defined chain policies, Phil Sutter
  - Re: [iptables PATCH v3 3/3] ebtables-nft: Support user-defined chain policies, Florian Westphal
    - Re: [iptables PATCH v3 3/3] ebtables-nft: Support user-defined chain policies, Pablo Neira Ayuso
[iptables PATCH v2] ebtables-nft: Support user-defined chain policies, Phil Sutter
[PATCH nf] ipvs: fix dependency on nf_defrag_ipv6, Andrea Claudi
- Re: [PATCH nf] ipvs: fix dependency on nf_defrag_ipv6, Julian Anastasov
  - Re: [PATCH nf] ipvs: fix dependency on nf_defrag_ipv6, Andrea Claudi
[PATCH] netfilter: conntrack: fix indentation issue, Colin King
- Re: [PATCH] netfilter: conntrack: fix indentation issue, Pablo Neira Ayuso
[PATCH] ipv6: fix icmp6_send() route lookup, Alin Nastac
- Re: [PATCH] ipv6: fix icmp6_send() route lookup, Pablo Neira Ayuso
[iptables PATCH] nft: Eliminate dead code in __nft_rule_list, Phil Sutter
[iptables PATCH v2] Revert "ebtables: use extrapositioned negation consistently", Phil Sutter
- Re: [iptables PATCH v2] Revert "ebtables: use extrapositioned negation consistently", Florian Westphal
[iptables PATCH 0/2] ebtables-nft: Support user-defined chain policies, Phil Sutter
- [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Phil Sutter
  - Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Pablo Neira Ayuso
    - Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Pablo Neira Ayuso
  - Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Florian Westphal
    - Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Phil Sutter
      - Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Florian Westphal
        
        Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Phil Sutter
        
        Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Florian Westphal
        
        Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Pablo Neira Ayuso
        
        Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Phil Sutter
        
        Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Pablo Neira Ayuso
        
        Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies, Phil Sutter
- [iptables PATCH 1/2] xshared: Explicitly pass target to command_jump(), Phil Sutter
- Re: [iptables PATCH 0/2] ebtables-nft: Support user-defined chain policies, Florian Westphal
[PATCH nf v2] netfilter: nft_compat: don't use refcount_inc on newly allocated entry, Florian Westphal
- Re: [PATCH nf v2] netfilter: nft_compat: don't use refcount_inc on newly allocated entry, Pablo Neira Ayuso
[iptables PATCH v3] xtables: Fix for false-positive rule matching, Phil Sutter
- Re: [iptables PATCH v3] xtables: Fix for false-positive rule matching, Florian Westphal
[nf:master 4/4] net//netfilter/nft_compat.c:852:28: warning: assignment from incompatible pointer type, kbuild test robot
[nf:master 4/4] net//netfilter/nft_compat.c:852:28: error: assignment from incompatible pointer type, kbuild test robot
[PATCH nf 1/2] netfilter: nft_compat: fix build, Florian Westphal
- [PATCH nft 2/2] netfilter: nft_compat: don't use refcount_inc on newly allocated entry, Florian Westphal
- Re: [PATCH nf 1/2] netfilter: nft_compat: fix build, Pablo Neira Ayuso
  - Re: [PATCH nf 1/2] netfilter: nft_compat: fix build, Florian Westphal
    - Re: [PATCH nf 1/2] netfilter: nft_compat: fix build, Pablo Neira Ayuso
      - Re: [PATCH nf 1/2] netfilter: nft_compat: fix build, Florian Westphal
        
        Re: [PATCH nf 1/2] netfilter: nft_compat: fix build, Pablo Neira Ayuso
        
        Re: [PATCH nf 1/2] netfilter: nft_compat: fix build, Florian Westphal
        
        Re: [PATCH nf 1/2] netfilter: nft_compat: fix build, Pablo Neira Ayuso
ebtables RCU patch?, Nikolay Nikolay
- Re: ebtables RCU patch?, Florian Westphal
  - Re: ebtables RCU patch?, Nikolay Nikolay
[BUG] refcount_t: underflow; use-after-free in Linux 5.0rc5, Jordan Glover
- Re: [BUG] refcount_t: underflow; use-after-free in Linux 5.0rc5, Florian Westphal
  - Re: [BUG] refcount_t: underflow; use-after-free in Linux 5.0rc5, Jordan Glover
[PATCH 00/12 net-next,v7] add flow_rule infrastructure, Pablo Neira Ayuso
- [PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions, Pablo Neira Ayuso
  - Re: [PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions, Tonghao Zhang
    - Re: [PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions, Or Gerlitz
    - Re: [PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions, Or Gerlitz
- [PATCH 03/12 net-next,v7] flow_offload: add flow action infrastructure, Pablo Neira Ayuso
- [PATCH 04/12 net-next,v7] cls_api: add translator to flow_action representation, Pablo Neira Ayuso
- [PATCH 05/12 net-next,v7] flow_offload: add statistics retrieval infrastructure and use it, Pablo Neira Ayuso
- [PATCH 07/12 net-next,v7] cls_flower: don't expose TC actions to drivers anymore, Pablo Neira Ayuso
- [PATCH 08/12 net-next,v7] flow_offload: add wake-up-on-lan and queue to flow_action, Pablo Neira Ayuso
- [PATCH 10/12 net-next,v7] dsa: bcm_sf2: use flow_rule infrastructure, Pablo Neira Ayuso
- [PATCH 09/12 net-next,v7] ethtool: add ethtool_rx_flow_spec to flow_rule structure translator, Pablo Neira Ayuso
- [PATCH 06/12 net-next,v7] drivers: net: use flow action infrastructure, Pablo Neira Ayuso
  - Re: [PATCH 06/12 net-next,v7] drivers: net: use flow action infrastructure, Jiri Pirko
- [PATCH 11/12 net-next,v7] qede: place ethtool_rx_flow_spec after code after TC flower codebase, Pablo Neira Ayuso
- [PATCH 01/12 net-next,v7] flow_offload: add flow_rule and flow_match structures and use them, Pablo Neira Ayuso
  - Re: [PATCH 01/12 net-next,v7] flow_offload: add flow_rule and flow_match structures and use them, Jiri Pirko
- [PATCH 12/12 net-next,v7] qede: use ethtool_rx_flow_rule() to remove duplicated parser code, Pablo Neira Ayuso
- Re: [PATCH 00/12 net-next,v7] add flow_rule infrastructure, David Miller
  - Re: [PATCH 00/12 net-next,v7] add flow_rule infrastructure, Florian Fainelli
[PATCH nf-next] netfilter: nf_tables: don't break when vmap lookup yields no result, Florian Westphal
- Re: [PATCH nf-next] netfilter: nf_tables: don't break when vmap lookup yields no result, Pablo Neira Ayuso
[PATCH nf,v4] netfilter: nf_tables: unbind set in rule from commit path, Pablo Neira Ayuso
[PATCH v4 nf-next 01/02] netfilter: nat: remove module dependency on ipv6 core, Florian Westphal
- [PATCH v4 nf-next 02/02] netfilter: ipv6: avoid indirect calls for IPV6=y case, Florian Westphal
  - Re: [PATCH v4 nf-next 02/02] netfilter: ipv6: avoid indirect calls for IPV6=y case, Pablo Neira Ayuso
- Re: [PATCH v4 nf-next 01/02] netfilter: nat: remove module dependency on ipv6 core, Pablo Neira Ayuso
[PATCH nft] tests: shell: exercise abort path with anonymous set that is bound to rule, Pablo Neira Ayuso
[PATCH nf,v3] netfilter: nf_tables: unbind set in rule from commit path, Pablo Neira Ayuso
[iptables PATCH v2 0/2] xtables: Fix multiple issues in rule matching code, Phil Sutter
- [iptables PATCH v2 1/2] xtables: Fix for crash when comparing rules with standard target, Phil Sutter
- [iptables PATCH v2 2/2] xtables: Fix for false-positive rule matching, Phil Sutter
  - Re: [iptables PATCH v2 2/2] xtables: Fix for false-positive rule matching, Florian Westphal
    - Re: [iptables PATCH v2 2/2] xtables: Fix for false-positive rule matching, Phil Sutter
[PATCH nf,v2] netfilter: nf_tables: unbind set in rule from commit path, Pablo Neira Ayuso
- Re: [PATCH nf,v2] netfilter: nf_tables: unbind set in rule from commit path, Florian Westphal
  - Re: [PATCH nf,v2] netfilter: nf_tables: unbind set in rule from commit path, Pablo Neira Ayuso
netfilter: nat: merge ipv4 and ipv6 nat modules, Florian Westphal
- [PATCH v3 nf-next 01/11] netfilter: nat: remove module dependency on ipv6 core, Florian Westphal
- [PATCH v3 nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, Florian Westphal
  - Re: [PATCH v3 nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, kbuild test robot
- [PATCH v3 nf-next 03/11] netfilter: nat: merge ipv4 and ipv6 masquerade functionality, Florian Westphal
- [PATCH v3 nf-next 04/11] netfilter: nat: move nlattr parse and xfrm session decode to core, Florian Westphal
- [PATCH v3 nf-next 06/11] netfilter: nat: remove nf_nat_l4proto.h, Florian Westphal
- [PATCH v3 nf-next 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Florian Westphal
- [PATCH v3 nf-next 07/11] netfilter: nat: remove manip_pkt hook, Florian Westphal
- [PATCH v3 nf-next 08/11] netfilter: nat: remove csum_update hook, Florian Westphal
- [PATCH v3 nf-next 09/11] netfilter: nat: remove csum_recalc hook, Florian Westphal
- [PATCH v3 nf-next 10/11] netfilter: nat: remove l3proto struct, Florian Westphal
- [PATCH v3 nf-next 11/11] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h, Florian Westphal
[iptables PATCH 0/2] Follow-up on arptables output changes, Phil Sutter
- [iptables PATCH 2/2] extensions: Fix arptables extension tests, Phil Sutter
- [iptables PATCH 1/2] arptables-nft: Set h-type/h-length masks by default, too, Phil Sutter
- Re: [iptables PATCH 0/2] Follow-up on arptables output changes, Florian Westphal
[PATCH nf-next v2 00/11] netfilter: nat: remove module dependency on, Florian Westphal
- [PATCH nf-next v2 01/11] netfilter: nat: remove module dependency on ipv6 core, Florian Westphal
- [PATCH nf-next v2 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, Florian Westphal
- [PATCH nf-next v2 03/11] netfilter: nat: merge ipv4 and ipv6 masquerade functionality, Florian Westphal
- [PATCH nf-next v2 04/11] netfilter: nat: move nlattr parse and xfrm session decode to core, Florian Westphal
- [PATCH nf-next v2 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Florian Westphal
  - Re: [PATCH nf-next v2 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Florian Westphal
- [PATCH nf-next v2 06/11] netfilter: nat: remove nf_nat_l4proto.h, Florian Westphal
- [PATCH nf-next v2 07/11] netfilter: nat: remove manip_pkt hook, Florian Westphal
- [PATCH nf-next v2 08/11] netfilter: nat: remove csum_update hook, Florian Westphal
- [PATCH nf-next v2 09/11] netfilter: nat: remove csum_recalc hook, Florian Westphal
- [PATCH nf-next v2 10/11] netfilter: nat: remove l3proto struct, Florian Westphal
- [PATCH nf-next v2 11/11] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h, Florian Westphal
[PATCH nf] netfilter: nf_tables: unbind set in rule from commit path, Pablo Neira Ayuso
[iptables PATCH 0/7] Align arptables-nft output with legacy, Phil Sutter
- [iptables PATCH 6/7] arptables-nft: Don't print default h-len/h-type values, Phil Sutter
- [iptables PATCH 7/7] tests: shell: Add arptables-nft verbose output test, Phil Sutter
- [iptables PATCH 1/7] arptables-nft: Fix listing rules without target, Phil Sutter
- [iptables PATCH 2/7] arptables-nft: Fix MARK target parsing and printing, Phil Sutter
- [iptables PATCH 5/7] arptables-nft-save: Fix position of -j option, Phil Sutter
- [iptables PATCH 4/7] arptables-nft: Remove space between *cnt= and value, Phil Sutter
- [iptables PATCH 3/7] arptables-nft: Fix CLASSIFY target printing, Phil Sutter
- Re: [iptables PATCH 0/7] Align arptables-nft output with legacy, Florian Westphal
  - Re: [iptables PATCH 0/7] Align arptables-nft output with legacy, Phil Sutter
[PATCH nf-next 00/11] netfilter: nat: merge ipv4 and ipv6 nat modules, Florian Westphal
- [PATCH nf-next 01/11] netfilter: nat: remove module dependency on ipv6 core, Florian Westphal
- [PATCH nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, Florian Westphal
  - Re: [PATCH nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, kbuild test robot
  - Re: [PATCH nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case, kbuild test robot
- [PATCH nf-next 03/11] netfilter: nat: merge ipv4 and ipv6 masquerade functionality, Florian Westphal
- [PATCH nf-next 04/11] netfilter: nat: move nlattr parse and xfrm session decode to core, Florian Westphal
- [PATCH nf-next 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Florian Westphal
- [PATCH nf-next 06/11] netfilter: nat: remove nf_nat_l4proto.h, Florian Westphal
- [PATCH nf-next 07/11] netfilter: nat: remove manip_pkt hook, Florian Westphal
- [PATCH nf-next 08/11] netfilter: nat: remove csum_update hook, Florian Westphal
  - Re: [PATCH nf-next 08/11] netfilter: nat: remove csum_update hook, kbuild test robot
  - Re: [PATCH nf-next 08/11] netfilter: nat: remove csum_update hook, kbuild test robot
- [PATCH nf-next 09/11] netfilter: nat: remove csum_recalc hook, Florian Westphal
- [PATCH nf-next 10/11] netfilter: nat: remove l3proto struct, Florian Westphal
- [PATCH nf-next 11/11] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h, Florian Westphal
[PATCH nf] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Florian Westphal
- Re: [PATCH nf] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Pablo Neira Ayuso
[PATCH nf] selftests: netfilter: add simple masq/redirect test cases, Florian Westphal
- Re: [PATCH nf] selftests: netfilter: add simple masq/redirect test cases, Pablo Neira Ayuso
Fwd: Re: How to port "-m multiport ! --sports 80,443" to nftables?, Florian Westphal
- Re: Fwd: Re: How to port "-m multiport ! --sports 80,443" to nftables?, Jan Engelhardt
  - Re: Fwd: Re: How to port "-m multiport ! --sports 80,443" to nftables?, Florian Westphal
[PATCH nf-next] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy, Florian Westphal
- Re: [PATCH nf-next] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy, Phil Sutter
- Re: [PATCH nf-next] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy, Pablo Neira Ayuso
[PATCH] netfilter: nft_tunnel: Add NFTA_TUNNEL_MODE options, wenxu
- Re: [PATCH] netfilter: nft_tunnel: Add NFTA_TUNNEL_MODE options, Pablo Neira Ayuso
[PATCH] selftests/netfilter: fix config fragment CONFIG_NF_TABLES_INET, Naresh Kamboju
- Re: [PATCH] selftests/netfilter: fix config fragment CONFIG_NF_TABLES_INET, Florian Westphal
- Re: [PATCH] selftests/netfilter: fix config fragment CONFIG_NF_TABLES_INET, Pablo Neira Ayuso
[PATCH 00/33] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 04/33] netfilter: conntrack: remove helper hook again, Pablo Neira Ayuso
- [PATCH 12/33] netfilter: conntrack: remove pkt_to_tuple callback, Pablo Neira Ayuso
- [PATCH 15/33] netfilter: conntrack: remove remaining l4proto indirect packet calls, Pablo Neira Ayuso
- [PATCH 19/33] netfilter: conntrack: remove sysctl registration helpers, Pablo Neira Ayuso
- [PATCH 25/33] netfilter: nat: un-export nf_nat_used_tuple, Pablo Neira Ayuso
- [PATCH 31/33] netfilter: nft_counter: remove wrong __percpu of nft_counter_resest()'s arg, Pablo Neira Ayuso
- [PATCH 27/33] netfilter: conntrack: fix IPV6=n builds, Pablo Neira Ayuso
- [PATCH 33/33] netfilter: ipv4: remove useless export_symbol, Pablo Neira Ayuso
- [PATCH 32/33] netfilter: conntrack: fix error path in nf_conntrack_pernet_init(), Pablo Neira Ayuso
- [PATCH 29/33] ipvs: avoid indirect calls when calculating checksums, Pablo Neira Ayuso
- [PATCH 30/33] ipvs: use indirect call wrappers, Pablo Neira Ayuso
- [PATCH 26/33] Revert "netfilter: nft_hash: add map lookups for hashing operations", Pablo Neira Ayuso
- [PATCH 20/33] netfilter: conntrack: remove l4proto init and get_net callbacks, Pablo Neira Ayuso
- [PATCH 22/33] netfilter: conntrack: remove nf_ct_l4proto_find_get, Pablo Neira Ayuso
- [PATCH 28/33] netfilter: conntrack: fix bogus port values for other l4 protocols, Pablo Neira Ayuso
- [PATCH 23/33] netfilter: nf_conntrack: provide modparam to always register conntrack hooks, Pablo Neira Ayuso
- [PATCH 18/33] netfilter: conntrack: unify sysctl handling, Pablo Neira Ayuso
- [PATCH 17/33] netfilter: conntrack: avoid unneeded nf_conntrack_l4proto lookups, Pablo Neira Ayuso
- [PATCH 24/33] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, Pablo Neira Ayuso
- [PATCH 21/33] netfilter: conntrack: remove l4proto destroy hook, Pablo Neira Ayuso
- [PATCH 16/33] netfilter: conntrack: remove pernet l4 proto register interface, Pablo Neira Ayuso
- [PATCH 07/33] netfilter: conntrack: handle builtin l4proto packet functions via direct calls, Pablo Neira Ayuso
- [PATCH 14/33] netfilter: conntrack: remove module owner field, Pablo Neira Ayuso
- [PATCH 08/33] netfilter: conntrack: handle icmp pkt_to_tuple helper via direct calls, Pablo Neira Ayuso
- [PATCH 10/33] netfilter: conntrack: gre: switch module to be built-in, Pablo Neira Ayuso
- [PATCH 13/33] netfilter: conntrack: remove invert_tuple callback, Pablo Neira Ayuso
- [PATCH 01/33] netfilter: nf_tables: prepare nft_object for lookups via hashtable, Pablo Neira Ayuso
- [PATCH 11/33] netfilter: conntrack: remove net_id, Pablo Neira Ayuso
- [PATCH 09/33] netfilter: conntrack: gre: convert rwlock to rcu, Pablo Neira Ayuso
- [PATCH 06/33] netfilter: nf_tables: Support RULE_ID reference in new rule, Pablo Neira Ayuso
  - Re: [PATCH 06/33] netfilter: nf_tables: Support RULE_ID reference in new rule, Cong Wang
    - Re: [PATCH 06/33] netfilter: nf_tables: Support RULE_ID reference in new rule, Florian Westphal
- [PATCH 05/33] netfilter: physdev: relax br_netfilter dependency, Pablo Neira Ayuso
- [PATCH 03/33] netfilter: nf_tables: add direct calls for all builtin expressions, Pablo Neira Ayuso
- [PATCH 02/33] netfilter: nf_tables: handle nft_object lookups via rhltable, Pablo Neira Ayuso
- Re: [PATCH 00/33] Netfilter/IPVS updates for net-next, David Miller
[PATCH nft] include: add cplusplus guards for extern, Pablo Neira Ayuso
- Re: [PATCH nft] include: add cplusplus guards for extern, Phil Sutter
"Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Linus Lüssing
- Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Florian Westphal
  - Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Chieh-Min Wang
    - Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Florian Westphal
      - Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Pablo Neira Ayuso
        
        Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Florian Westphal
        
        Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Chieh-Min Wang
        
        Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Florian Westphal
        
        Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Chieh-Min Wang
        
        Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Chieh-Min Wang
- Re: [B.A.T.M.A.N.] "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list", Linus Lüssing
[PATCH nf-next] netfilter: ipv4: remove useless export_symbol, Florian Westphal
- Re: [PATCH nf-next] netfilter: ipv4: remove useless export_symbol, Pablo Neira Ayuso
[conntrack-tools PATCH] conntrackd.conf.8: fix state filter example, Arturo Borrero Gonzalez
- Re: [conntrack-tools PATCH] conntrackd.conf.8: fix state filter example, Pablo Neira Ayuso
Historical keynote by Rusty Russell at linux.conf.au 2019, Harald Welte
[RFC nft] evaluate: kill anon sets with one element, Florian Westphal
- Re: [RFC nft] evaluate: kill anon sets with one element, Phil Sutter
Userspace Queue Payloads, dave madden
- Re: Userspace Queue Payloads, Muneyuki KAWATANI
[PATCH nft] meta: add iifkind and oifkind support, wenxu
- Re: [PATCH nft] meta: add iifkind and oifkind support, wenxu
  - Re: [PATCH nft] meta: add iifkind and oifkind support, Florian Westphal
    - Re: [PATCH nft] meta: add iifkind and oifkind support, wenxu
      - Re: [PATCH nft] meta: add iifkind and oifkind support, Florian Westphal
Re: [PATCH] ipvs: Fix signed integer overflow when setsockopt timeout, Pablo Neira Ayuso
[Patch nf-next] nf_conntrack: fix error path in nf_conntrack_pernet_init(), Cong Wang
- Re: [Patch nf-next] nf_conntrack: fix error path in nf_conntrack_pernet_init(), Florian Westphal
- Re: [Patch nf-next] nf_conntrack: fix error path in nf_conntrack_pernet_init(), Pablo Neira Ayuso
[PATCH] netfilter: ipt_CLUSTERIP: fix warning unused variable cn, Anders Roxell
- Re: [PATCH] netfilter: ipt_CLUSTERIP: fix warning unused variable cn, Pablo Neira Ayuso
general protection fault in nf_ct_gre_keymap_flush, syzbot
- Re: general protection fault in nf_ct_gre_keymap_flush, syzbot
- Re: general protection fault in nf_ct_gre_keymap_flush, syzbot
INFO: rcu detected stall in gc_worker, syzbot
[ebtables-legacy PATCH 1/2] ebtables: drop .spec file, Arturo Borrero Gonzalez
- [ebtables-legacy PATCH 2/2] ebtables: drop sysvinit script, Arturo Borrero Gonzalez
  - Re: [ebtables-legacy PATCH 2/2] ebtables: drop sysvinit script, Pablo Neira Ayuso
- Re: [ebtables-legacy PATCH 1/2] ebtables: drop .spec file, Pablo Neira Ayuso
[iptables PATCH 0/3] xtables: Fix multiple issues in rule matching code, Phil Sutter
- [iptables PATCH 1/3] nft: Fix potential memleaks in nft_*_rule_find(), Phil Sutter
- [iptables PATCH 2/3] xtables: Fix for crash when comparing rules with standard target, Phil Sutter
- [iptables PATCH 3/3] xtables: Fix for false-positive rule matching, Phil Sutter
EINVAL from ebtables -b broute -F BROUTING, Francesco Ruggeri
- [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Florian Westphal
  - Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Francesco Ruggeri
  - Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Pablo Neira Ayuso
    - Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Francesco Ruggeri
      - Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Florian Westphal
      - Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Florian Westphal
        
        Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Francesco Ruggeri
        
        Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Florian Westphal
        
        Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Francesco Ruggeri
        
        Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Florian Westphal
        
        Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Francesco Ruggeri
        
        Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Francesco Ruggeri
[iptables PATCH 0/2] ebtables-nft output fixes, Phil Sutter
- [iptables PATCH 1/2] ebtables: Fix rule listing with counters, Phil Sutter
- [iptables PATCH 2/2] Revert "ebtables: use extrapositioned negation consistently", Phil Sutter
  - Re: [iptables PATCH 2/2] Revert "ebtables: use extrapositioned negation consistently", Florian Westphal
    - Re: [iptables PATCH 2/2] Revert "ebtables: use extrapositioned negation consistently", Phil Sutter
      - Re: [iptables PATCH 2/2] Revert "ebtables: use extrapositioned negation consistently", Florian Westphal
[PATCH nf-next 0/2] netfilter: conntrack: fix indirect call removal fallout, Florian Westphal
- [PATCH nf-next 1/2] netfilter: conntrack: fix IPV6=n builds, Florian Westphal
  - Re: [PATCH nf-next 1/2] netfilter: conntrack: fix IPV6=n builds, Stephen Rothwell
    - Re: [PATCH nf-next 1/2] netfilter: conntrack: fix IPV6=n builds, Florian Westphal
      - Re: [PATCH nf-next 1/2] netfilter: conntrack: fix IPV6=n builds, Stephen Rothwell
- [PATCH nf-next 2/2] netfilter: conntrack: fix bogus port values for other l4 protocols, Florian Westphal
- Re: [PATCH nf-next 0/2] netfilter: conntrack: fix indirect call removal fallout, Stephen Rothwell
- Re: [PATCH nf-next 0/2] netfilter: conntrack: fix indirect call removal fallout, Pablo Neira Ayuso
[PATCH nf-next v2] netfilter: nfnetlink_osf: add missing fmatch check, Fernando Fernandez Mancera
[PATCH libnftnl 2/2] Revert "expr: add map lookups for hash statements", Laura Garcia Liebana
[PATCH libnftnl 1/2] Revert "expr: add map lookups for numgen statements", Laura Garcia Liebana
[PATCH libnftnl 0/2] Revert map lookups for expressions, Laura Garcia Liebana
- Re: [PATCH libnftnl 0/2] Revert map lookups for expressions, Pablo Neira Ayuso
[PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Eli Cooper
- Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Alin Năstac
  - Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Eli Cooper
    - Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Florian Westphal
      - Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Alin Năstac
        
        Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Alin Năstac
        
        Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Eli Cooper
        
        Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Alin Năstac
- Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, John Haxby
    - Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, Pablo Neira Ayuso
      - Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address, John Haxby
[PATCH nf-next] netfilter: nfnetlink_osf: add missing fmatch check, Fernando Fernandez Mancera
- Re: [PATCH nf-next] netfilter: nfnetlink_osf: add missing fmatch check, Pablo Neira Ayuso
[PATCH] nft_counter: remove wrong __percpu of nft_counter_resest()'s arg, Luc Van Oostenryck
- Re: [PATCH] nft_counter: remove wrong __percpu of nft_counter_resest()'s arg, Pablo Neira Ayuso
[PATCH ipvs-next] ipvs: use indirect call wrappers, Matteo Croce
- Re: [PATCH ipvs-next] ipvs: use indirect call wrappers, Julian Anastasov
  - Re: [PATCH ipvs-next] ipvs: use indirect call wrappers, Simon Horman
- Re: [PATCH ipvs-next] ipvs: use indirect call wrappers, kbuild test robot
[PATCH ipvs-next] ipvs: avoid indirect calls when calculating checksums, Matteo Croce
- Re: [PATCH ipvs-next] ipvs: avoid indirect calls when calculating checksums, Julian Anastasov
  - Re: [PATCH ipvs-next] ipvs: avoid indirect calls when calculating checksums, Simon Horman
[PATCH nf-next] Revert "netfilter: nft_hash: add map lookups for hashing operations", Laura Garcia Liebana
- Re: [PATCH nf-next] Revert "netfilter: nft_hash: add map lookups for hashing operations", Pablo Neira Ayuso
Re: 4.19.{12,[13],14}: RIP: 0010:nf_conncount_cache_free+0x26/0x2f [nf_conncount], Steffen Nurpmeso
- Re: 4.19.{12,[13],14}: RIP: 0010:nf_conncount_cache_free+0x26/0x2f [nf_conncount], Steffen Nurpmeso
stable fixes for nf_conncount 4.19.x, Pablo Neira Ayuso
- Re: stable fixes for nf_conncount 4.19.x, Greg Kroah-Hartman
  - Re: stable fixes for nf_conncount 4.19.x, Greg Kroah-Hartman
    - Re: stable fixes for nf_conncount 4.19.x, Reindl Harald
  - Re: stable fixes for nf_conncount 4.19.x, Pablo Neira Ayuso
Re: Deleting tables from included files causes a kernel BUG, Neal P. Murphy
- Re: Deleting tables from included files causes a kernel BUG, zrm
[PATCH nf-next] netfilter: nat: un-export nf_nat_used_tuple, Florian Westphal
- Re: [PATCH nf-next] netfilter: nat: un-export nf_nat_used_tuple, Pablo Neira Ayuso
[iptables PATCH] utils: Add a manpage for nfbpf_compile, Phil Sutter
- Re: [iptables PATCH] utils: Add a manpage for nfbpf_compile, Willem de Bruijn
  - Re: [iptables PATCH] utils: Add a manpage for nfbpf_compile, Phil Sutter
- Re: [iptables PATCH] utils: Add a manpage for nfbpf_compile, Pablo Neira Ayuso
[nft PATCH] src: Quote user-defined names, Phil Sutter
- Re: [nft PATCH] src: Quote user-defined names, Pablo Neira Ayuso
  - Re: [nft PATCH] src: Quote user-defined names, Phil Sutter
  - Re: [nft PATCH] src: Quote user-defined names, Pablo Neira Ayuso
    - Re: [nft PATCH] src: Quote user-defined names, Pablo Neira Ayuso
    - Re: [nft PATCH] src: Quote user-defined names, Phil Sutter
      - Re: [nft PATCH] src: Quote user-defined names, Phil Sutter
        
        Re: [nft PATCH] src: Quote user-defined names, Phil Sutter
- Re: [nft PATCH] src: Quote user-defined names, Florian Westphal
[PATCH nf-next,v2] netfilter: nf_conntrack: provide modparam to always register conntrack hooks, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_conntrack: provide modparam to always register conntrack hooks, Pablo Neira Ayuso
INFO: rcu detected stall in tipc_disc_timeout, syzbot
[PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, wenxu
- Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, Pablo Neira Ayuso
  - Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, David Ahern
    - Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, Pablo Neira Ayuso
  - Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, Florian Westphal
    - Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, Pablo Neira Ayuso
      - Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, wenxu
        
        Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, Florian Westphal
[iptables PATCH 0/3] xtables: Fix for inserting rule at wrong position, Phil Sutter
- [iptables PATCH 2/3] xtables: Fix position of replaced rules in cache, Phil Sutter
  - Re: [iptables PATCH 2/3] xtables: Fix position of replaced rules in cache, Pablo Neira Ayuso
- [iptables PATCH 3/3] xtables: Fix for inserting rule at wrong position, Phil Sutter
  - Re: [iptables PATCH 3/3] xtables: Fix for inserting rule at wrong position, Pablo Neira Ayuso
    - Re: [iptables PATCH 3/3] xtables: Fix for inserting rule at wrong position, Phil Sutter
- [iptables PATCH 1/3] nft: Add new builtin chains to cache immediately, Phil Sutter
  - Re: [iptables PATCH 1/3] nft: Add new builtin chains to cache immediately, Pablo Neira Ayuso
    - Re: [iptables PATCH 1/3] nft: Add new builtin chains to cache immediately, Phil Sutter
[PATCH nf-next 0/16] conntrack: remove indirect calls from packet path, Florian Westphal
- [PATCH nf-next 01/16] netfilter: conntrack: handle builtin l4proto packet functions via direct calls, Florian Westphal
- [PATCH nf-next 02/16] netfilter: conntrack: handle icmp pkt_to_tuple helper via direct calls, Florian Westphal
- [PATCH nf-next 03/16] netfilter: conntrack: gre: convert rwlock to rcu, Florian Westphal
- [PATCH nf-next 04/16] netfilter: conntrack: gre: switch module to be built-in, Florian Westphal
- [PATCH nf-next 05/16] netfilter: conntrack: remove net_id, Florian Westphal
- [PATCH nf-next 06/16] netfilter: conntrack: remove pkt_to_tuple callback, Florian Westphal
- [PATCH nf-next 07/16] netfilter: conntrack: remove invert_tuple callback, Florian Westphal
- [PATCH nf-next 08/16] netfilter: conntrack: remove module owner field, Florian Westphal
- [PATCH nf-next 09/16] netfilter: conntrack: remove remaining l4proto indirect packet calls, Florian Westphal
- [PATCH nf-next 10/16] netfilter: conntrack: remove pernet l4 proto register interface, Florian Westphal
- [PATCH nf-next 13/16] netfilter: conntrack: remove sysctl registration helpers, Florian Westphal
- [PATCH nf-next 14/16] netfilter: conntrack: remove l4proto init and get_net callbacks, Florian Westphal
- [PATCH nf-next 12/16] netfilter: conntrack: unify sysctl handling, Florian Westphal
- [PATCH nf-next 15/16] netfilter: conntrack: remove l4proto destroy hook, Florian Westphal
- [PATCH nf-next 11/16] netfilter: conntrack: avoid unneeded nf_conntrack_l4proto lookups, Florian Westphal
- [PATCH nf-next 16/16] netfilter: conntrack: remove nf_ct_l4proto_find_get, Florian Westphal
- Re: [PATCH nf-next 0/16] conntrack: remove indirect calls from packet path, Pablo Neira Ayuso
[libnftnl PATCH] src: rule: Support NFTA_RULE_POSITION_ID attribute, Phil Sutter
- Re: [libnftnl PATCH] src: rule: Support NFTA_RULE_POSITION_ID attribute, Pablo Neira Ayuso
[PATCH v2] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, wenxu
- Re: [PATCH v2] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type, Florian Westphal
Re: [REGRESSION] 5.0-rc2: iptables -nvL consumes 100% of CPU and hogs memory with kernel 5.0-rc2, Michal Kubecek
- Re: [REGRESSION] 5.0-rc2: iptables -nvL consumes 100% of CPU and hogs memory with kernel 5.0-rc2, Florian Westphal
  - Re: [REGRESSION] 5.0-rc2: iptables -nvL consumes 100% of CPU and hogs memory with kernel 5.0-rc2, Martin Steigerwald
[PATCH] netfilter: nft_meta: Add NFT_META_L3MASTER meta type, wenxu
- Re: [PATCH] netfilter: nft_meta: Add NFT_META_L3MASTER meta type, Florian Westphal
  - Re: [PATCH] netfilter: nft_meta: Add NFT_META_L3MASTER meta type, wenxu
[PATCH] netfilter: nf_tables: Support RULE_ID reference in new rule, Phil Sutter
- Re: [PATCH] netfilter: nf_tables: Support RULE_ID reference in new rule, Pablo Neira Ayuso
[libnftnl PATCH] src: chain: Fix nftnl_chain_rule_insert_at(), Phil Sutter
- Re: [libnftnl PATCH] src: chain: Fix nftnl_chain_rule_insert_at(), Pablo Neira Ayuso
[PATCH nf 0/3] netfilter: nft_compat: fix race conditions, Florian Westphal
- [PATCH nf 1/3] netfilter: nft_compat: use refcnt_t type for nft_xt reference count, Florian Westphal
- [PATCH nf 2/3] netfilter: nft_compat: make lists per netns, Florian Westphal
- [PATCH nf 3/3] netfilter: nft_compat: destroy function must not have side effects, Florian Westphal
- Re: [PATCH nf 0/3] netfilter: nft_compat: fix race conditions, Taehee Yoo
- Re: [PATCH nf 0/3] netfilter: nft_compat: fix race conditions, Pablo Neira Ayuso
[PATCH] netfilter: fix checking method of conntrack helper, Henry Yen
- Re: [PATCH] netfilter: fix checking method of conntrack helper, John Crispin
[PATCH v3] vrf: Fix conntrack-dnat conflict in vrf-device PREROUTING hook, wenxu
- Re: [PATCH v3] vrf: Fix conntrack-dnat conflict in vrf-device PREROUTING hook, Pablo Neira Ayuso
  - Re: [PATCH v3] vrf: Fix conntrack-dnat conflict in vrf-device PREROUTING hook, Florian Westphal
    - Re: [PATCH v3] vrf: Fix conntrack-dnat conflict in vrf-device PREROUTING hook, Pablo Neira Ayuso
ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12, Martin Kratochvíl
- Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12, Jozsef Kadlecsik
  - Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12, Martin Kratochvíl
    - Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12, Jozsef Kadlecsik
      - Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12, Martin Kratochvíl
      - Message not available
        
        Re: ipset - destroy table hang in kernel as Dproccess on kernel 4.19.12, Jozsef Kadlecsik
[PATCH nf-next] netfilter: physdev: relax br_netfilter dependency, Florian Westphal
- Re: [PATCH nf-next] netfilter: physdev: relax br_netfilter dependency, Pablo Neira Ayuso
[PATCH v3] netfilter: nft_flow_offload: fix interaction with vrf slave device, wenxu
[PATCH nf 2/2] netfilter: nft_compat: protect lists between select_ops and init, Taehee Yoo
- Re: [PATCH nf 2/2] netfilter: nft_compat: protect lists between select_ops and init, Florian Westphal
  - Re: [PATCH nf 2/2] netfilter: nft_compat: protect lists between select_ops and init, Taehee Yoo
[PATCH nf 1/2] netfilter: nft_compat: fix a race condition in match/target list, Taehee Yoo
[PATCH nf 0/2] netfilter: nft_compat: fix a race condition in nft_compat module, Taehee Yoo
[PATCH] netfilter: nat: Update comment of get_unique_tuple, YueHaibing
- Re: [PATCH] netfilter: nat: Update comment of get_unique_tuple, YueHaibing
- Re: [PATCH] netfilter: nat: Update comment of get_unique_tuple, YueHaibing
[PATCH nft] payload: refine payload expr merging, Florian Westphal
- Re: [PATCH nft] payload: refine payload expr merging, Pablo Neira Ayuso
[PATCH v2] nft_flow_offload: Make flow offload work with vrf slave device correct, wenxu
- Re: [PATCH v2] nft_flow_offload: Make flow offload work with vrf slave device correct, Pablo Neira Ayuso
[PATCH v2] netfilter: x_tables: add xt_tunnel match, wenxu
- Re: [PATCH v2] netfilter: x_tables: add xt_tunnel match, Pablo Neira Ayuso
  - Re: [PATCH v2] netfilter: x_tables: add xt_tunnel match, wenxu
- Re: [PATCH v2] netfilter: x_tables: add xt_tunnel match, Pablo Neira Ayuso
  - Re: [PATCH v2] netfilter: x_tables: add xt_tunnel match, wenxu
IPtables v 1.8.2 patch, Nathan O.
- Re: IPtables v 1.8.2 patch, Pablo Neira Ayuso
  - Message not available
    - Re: IPtables v 1.8.2 patch, Pablo Neira Ayuso
[PATCH nft] src: fix netdev family device name parsing, Florian Westphal
- Re: [PATCH nft] src: fix netdev family device name parsing, Pablo Neira Ayuso
[PATCH nf-next] netfilter: conntrack: remove helper hook again, Florian Westphal
- Re: [PATCH nf-next] netfilter: conntrack: remove helper hook again, Pablo Neira Ayuso
  - Re: [PATCH nf-next] netfilter: conntrack: remove helper hook again, Pablo Neira Ayuso
- Re: [PATCH nf-next] netfilter: conntrack: remove helper hook again, Pablo Neira Ayuso
[PATCH RESEND] nft_flow_offload: Fix the peer route get from wrong daddr, wenxu
- Re: [PATCH RESEND] nft_flow_offload: Fix the peer route get from wrong daddr, Pablo Neira Ayuso
  - Re: [PATCH RESEND] nft_flow_offload: Fix the peer route get from wrong daddr, Pablo Neira Ayuso
[PATCH] netfilter: nf_tables: selective rule dump needs table to be specified, Pablo Neira Ayuso
[PATCH AUTOSEL 4.20 001/117] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets, Sasha Levin
- [PATCH AUTOSEL 4.20 086/117] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine, Sasha Levin
- [PATCH AUTOSEL 4.20 085/117] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine, Sasha Levin
- [PATCH AUTOSEL 4.20 084/117] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set, Sasha Levin
[PATCH AUTOSEL 4.19 01/97] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets, Sasha Levin
- [PATCH AUTOSEL 4.19 69/97] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine, Sasha Levin
- [PATCH AUTOSEL 4.19 70/97] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine, Sasha Levin
- [PATCH AUTOSEL 4.19 68/97] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set, Sasha Levin
[PATCH AUTOSEL 4.14 37/53] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set, Sasha Levin
[PATCH nf-next] netfilter: nf_tables: add direct calls for all builtin expressions, Florian Westphal
- Re: [PATCH nf-next] netfilter: nf_tables: add direct calls for all builtin expressions, Pablo Neira Ayuso
[PATCH nf-next 1/2] netfilter: nf_tables: prepare nft_object for lookups via hashtable, Florian Westphal
- [PATCH nf-next 2/2] netfilter: nf_tables: handle nft_object lookups via rhltable, Florian Westphal
  - Re: [PATCH nf-next 2/2] netfilter: nf_tables: handle nft_object lookups via rhltable, Pablo Neira Ayuso
- Re: [PATCH nf-next 1/2] netfilter: nf_tables: prepare nft_object for lookups via hashtable, Pablo Neira Ayuso
Re: [apparmor] Apparmor netfiter support?, John Johansen
Re: [nf-next] netfilter: Add support for inner IPv6 packet match, David R. Bild
[PATCH] [v2] netfilter: ipset: fix a missing check of nla_parse, Aditya Pakki
- Re: [PATCH] [v2] netfilter: ipset: fix a missing check of nla_parse, Kadlecsik József
[PATCH nft 0/4] tests: change test scripts to return 0, Florian Westphal
- [PATCH nft 1/4] tests: shell: add test case for leaking of stateful object refcount, Florian Westphal
- [PATCH nft 3/4] tests: shell: fix up redefine test case, Florian Westphal
- [PATCH nft 2/4] tests: shell: change all test scripts to return 0, Florian Westphal
- [PATCH nft 4/4] tests: shell: remove RETURNCODE_SEPARATOR, Florian Westphal
[PATCH nf] netfilter: nf_tables: fix leaking object reference count, Taehee Yoo
- Re: [PATCH nf] netfilter: nf_tables: fix leaking object reference count, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_tables: fix leaking object reference count, Pablo Neira Ayuso
    - Re: [PATCH nf] netfilter: nf_tables: fix leaking object reference count, Taehee Yoo
Selfnet: Possible Bugs found in nftables, Jann Haber
- Re: Selfnet: Possible Bugs found in nftables, Florian Westphal
  - Re: Selfnet: Possible Bugs found in nftables, Jann Haber
    - Re: Selfnet: Possible Bugs found in nftables, Florian Westphal
      - Re: Selfnet: Possible Bugs found in nftables, Florian Westphal
        
        Message not available
        
        Re: Selfnet: Possible Bugs found in nftables, Florian Westphal
        
        Re: Selfnet: Possible Bugs found in nftables, Florian Westphal
        
        Re: Selfnet: Possible Bugs found in nftables, Jann Haber
        
        Re: Selfnet: Possible Bugs found in nftables, Florian Westphal
[PATCH v2] netfilter: account ebt_table_info to kmemcg, Shakeel Butt
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, William Kucharski
  - Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, Shakeel Butt
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, Kirill Tkhai
  - Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, Kirill Tkhai
    - Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, Michal Hocko
      - Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, Kirill Tkhai
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, Pablo Neira Ayuso
- Re: [PATCH v2] netfilter: account ebt_table_info to kmemcg, Pablo Neira Ayuso
Re: [PATCH net-next] vrf: Add VRF_F_BYPASS_RCV_NF flag to vrf device, David Ahern
- Re: [PATCH net-next] vrf: Add VRF_F_BYPASS_RCV_NF flag to vrf device, Florian Westphal
[PATCH nft] rule: fix object listing when no table is given, Florian Westphal
[PATCH v2] net: nf_tables: Fix speedup of selective rule dumps, Phil Sutter
Re: [PATCH] netfilter: xt_connlimit: fix race in connection counting, Nivedita Singhvi
- Re: [PATCH] netfilter: xt_connlimit: fix race in connection counting, Nivedita Singhvi
[iptables PATCH v4 0/5] Separate rule cache per chain et al., Phil Sutter
- [iptables PATCH v4 3/5] xtables: Set errno in nft_rule_check() if chain not found, Phil Sutter
  - Re: [iptables PATCH v4 3/5] xtables: Set errno in nft_rule_check() if chain not found, Pablo Neira Ayuso

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]