Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH ghak90 V6 05/10] audit: add contid support for signalling the audit daemon, (continued)
- [PATCH ghak90 V6 06/10] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
- [PATCH ghak90 V6 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Richard Guy Briggs
- [PATCH ghak90 V6 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
  - Re: [PATCH ghak90 V6 09/10] audit: add support for containerid to network namespaces, Paul Moore
    - Re: [PATCH ghak90 V6 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
      - Re: [PATCH ghak90 V6 09/10] audit: add support for containerid to network namespaces, Paul Moore
- [PATCH ghak90 V6 08/10] audit: add containerid filtering, Richard Guy Briggs
  - Re: [PATCH ghak90 V6 08/10] audit: add containerid filtering, Paul Moore
    - Re: [PATCH ghak90 V6 08/10] audit: add containerid filtering, Richard Guy Briggs
      - Re: [PATCH ghak90 V6 08/10] audit: add containerid filtering, Paul Moore
        
        Re: [PATCH ghak90 V6 08/10] audit: add containerid filtering, Richard Guy Briggs
        
        Re: [PATCH ghak90 V6 08/10] audit: add containerid filtering, Paul Moore
        
        Re: [PATCH ghak90 V6 08/10] audit: add containerid filtering, Richard Guy Briggs
- [PATCH ghak90 V6 07/10] audit: add containerid support for user records, Richard Guy Briggs
- Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Richard Guy Briggs
- Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Neil Horman
  - Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Paul Moore
    - Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Neil Horman
    - Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Daniel Walsh
      - Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Richard Guy Briggs
      - Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Paul Moore
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Steve Grubb
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Richard Guy Briggs
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Daniel Walsh
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Paul Moore
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Daniel Walsh
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Paul Moore
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Paul Moore
    - Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Paul Moore
      - Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Steve Grubb
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Paul Moore
        
        Re: [PATCH ghak90 V6 00/10] audit: implement container identifier, Richard Guy Briggs
5.0.7: WARNING: CPU: 1 PID: 169 at net/netfilter/nft_compat.c:82 and genreal protection fault, Frederik Himpe
- Re: 5.0.7: WARNING: CPU: 1 PID: 169 at net/netfilter/nft_compat.c:82 and genreal protection fault, Florian Westphal
  - Re: 5.0.7: WARNING: CPU: 1 PID: 169 at net/netfilter/nft_compat.c:82 and genreal protection fault, Frederik Himpe
[PATCH nf-next] netfilter: nf_conntrack: restrict conntrack_buckets value, Taehee Yoo
- Re: [PATCH nf-next] netfilter: nf_conntrack: restrict conntrack_buckets value, Florian Westphal
  - Re: [PATCH nf-next] netfilter: nf_conntrack: restrict conntrack_buckets value, Taehee Yoo
[PATCH nft v2] doc: update nft list plural form parameters, Fernando Fernandez Mancera
- Re: [PATCH nft v2] doc: update nft list plural form parameters, Pablo Neira Ayuso
[PATCH nft] src: missing destroy function in statement definitions, Pablo Neira Ayuso
[PATCH nft] parser_bison: type_identifier string memleak, Pablo Neira Ayuso
nft - Extracting the value from a variable_expr, Fernando Fernandez Mancera
[PATCH nft] doc: update nft list plural form parameters, Fernando Fernandez Mancera
- Re: [PATCH nft] doc: update nft list plural form parameters, Pablo Neira Ayuso
  - Re: [PATCH nft] doc: update nft list plural form parameters, Fernando Fernandez Mancera
    - Re: [PATCH nft] doc: update nft list plural form parameters, Pablo Neira Ayuso
  - Re: [PATCH nft] doc: update nft list plural form parameters, Duncan Roe
    - Re: [PATCH nft] doc: update nft list plural form parameters, Pablo Neira Ayuso
[PATCH nft 1/2,v2] parser_bison: missing tproxy syntax with port only for inet family, Pablo Neira Ayuso
- [PATCH nft 2/2] evaluate: improve error reporting in tproxy with inet family, Pablo Neira Ayuso
[PATCH nf-next] netfilter: make two functions static, Florian Westphal
- Re: [PATCH nf-next] netfilter: make two functions static, Pablo Neira Ayuso
[PATCH nft] parser_bison: missing tproxy syntax with port only for inet family, Pablo Neira Ayuso
[PATCH net-next,RFC 0/8] connection tracking support for bridge, Pablo Neira Ayuso
- [PATCH net-next,RFC 2/8] net: ipv4: add skbuff fraglist split iterator, Pablo Neira Ayuso
- [PATCH net-next,RFC 3/8] net: ipv6: add skbuff fraglist split iterator, Pablo Neira Ayuso
- [PATCH net-next,RFC 8/8] netfilter: bridge: add basic conntrack support, Pablo Neira Ayuso
- [PATCH net-next,RFC 6/8] net: ipv4: place cb handling away from fraglist iterator, Pablo Neira Ayuso
- [PATCH net-next,RFC 7/8] net: ipv4: place cb handling away from fragment transformer, Pablo Neira Ayuso
- [PATCH net-next,RFC 4/8] net: ipv4: split skbuff into fragments transformer, Pablo Neira Ayuso
- [PATCH net-next,RFC 5/8] net: ipv6: split skbuff into fragments transformer, Pablo Neira Ayuso
- [PATCH net-next,RFC 1/8] net: use kfree_skb_list() from ip_do_fragment(), Pablo Neira Ayuso
  - Re: [PATCH net-next,RFC 1/8] net: use kfree_skb_list() from ip_do_fragment(), Florian Westphal
[no subject], H Craig
[nft PATCH] man: nft.8: Add minimal description of (v)map statements, Phil Sutter
- Re: [nft PATCH] man: nft.8: Add minimal description of (v)map statements, Pablo Neira Ayuso
[nft PATCH] parser_json: Rewrite echo support, Phil Sutter
- Re: [nft PATCH] parser_json: Rewrite echo support, Pablo Neira Ayuso
[PATCH] netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook(), Dan Carpenter
- Re: [PATCH] netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook(), Dan Carpenter
  - Re: [PATCH] netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook(), Florian Westphal
- [PATCH v2] netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook(), Dan Carpenter
  - Re: [PATCH v2] netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook(), Pablo Neira Ayuso
[PATCH] netfilter:bridge: Hold bridge dev for fake_rtable to avoid the dangling pointer, Rundong Ge
- Re: [PATCH] netfilter:bridge: Hold bridge dev for fake_rtable to avoid the dangling pointer, Pablo Neira Ayuso
  - Re: [PATCH] netfilter:bridge: Hold bridge dev for fake_rtable to avoid the dangling pointer, Rundong Ge
    - Re: [PATCH] netfilter:bridge: Hold bridge dev for fake_rtable to avoid the dangling pointer, Rundong Ge
[PATCH] IPFIX output plugin, Ander Juaristi
- Re: [PATCH] IPFIX output plugin, Pablo Neira Ayuso
  - Re: [PATCH] IPFIX output plugin, Ander Juaristi
    - Re: [PATCH] IPFIX output plugin, Pablo Neira Ayuso
      - Re: [PATCH] IPFIX output plugin, Pablo Neira Ayuso
      - Re: [PATCH] IPFIX output plugin, Pablo Neira Ayuso
        
        Re: [PATCH] IPFIX output plugin, Pablo Neira Ayuso
[nftables v1] Add support for https://www.ietf.org/id/draft-ietf-tsvwg-le-phb-10.txt which is close to being published as an RFC., Loganaden Velvindron
- Re: [nftables v1] Add support for https://www.ietf.org/id/draft-ietf-tsvwg-le-phb-10.txt which is close to being published as an RFC., Pablo Neira Ayuso
[PATCH nf] netfilter: ctnetlink: don't use conntrack/expect object addresses as id, Florian Westphal
- Re: [PATCH nf] netfilter: ctnetlink: don't use conntrack/expect object addresses as id, Pablo Neira Ayuso
[PATCH net-next 0/3] Add UDP tunnel support for ICMP errors in IPVS, Julian Anastasov
- [PATCH net-next 1/3] ipvs: allow rs_table to contain different real server types, Julian Anastasov
  - Re: [PATCH net-next 1/3] ipvs: allow rs_table to contain different real server types, Simon Horman
- [PATCH net-next 2/3] ipvs: add function to find tunnels, Julian Anastasov
  - Re: [PATCH net-next 2/3] ipvs: add function to find tunnels, Simon Horman
    - Re: [PATCH net-next 2/3] ipvs: add function to find tunnels, Julian Anastasov
      - Re: [PATCH net-next 2/3] ipvs: add function to find tunnels, Simon Horman
- [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Julian Anastasov
  - Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Simon Horman
    - Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Julian Anastasov
      - Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Simon Horman
        
        Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Julian Anastasov
        
        Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Simon Horman
        
        Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Simon Horman
        
        Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Julian Anastasov
        
        Re: [PATCH net-next 3/3] ipvs: strip udp tunnel headers from icmp errors, Simon Horman
[PATCH net] ipvs: do not schedule icmp errors from tunnels, Julian Anastasov
- Re: [PATCH net] ipvs: do not schedule icmp errors from tunnels, Simon Horman
  - Re: [PATCH net] ipvs: do not schedule icmp errors from tunnels, Julian Anastasov
- Re: [PATCH net] ipvs: do not schedule icmp errors from tunnels, Pablo Neira Ayuso
[nf-next:nft-bridge5 5/8] net/ipv6/ip6_output.c:755:16: sparse: Using plain integer as NULL pointer, kbuild test robot
[PATCH AUTOSEL 4.19 09/57] netfilter: xt_cgroup: shrink size of v2 path, Sasha Levin
[PATCH AUTOSEL 4.19 22/57] netfilter: nf_flow_table: remove flowtable hook flush routine in netns exit routine, Sasha Levin
[PATCH AUTOSEL 4.14 06/37] netfilter: xt_cgroup: shrink size of v2 path, Sasha Levin
dict: A netfilter expression for dictionary lookups, Brett Mastbergen
- Re: dict: A netfilter expression for dictionary lookups, Florian Westphal
  - Re: dict: A netfilter expression for dictionary lookups, Brett Mastbergen
    - Re: dict: A netfilter expression for dictionary lookups, Florian Westphal
      - Re: dict: A netfilter expression for dictionary lookups, Brett Mastbergen
        
        Re: dict: A netfilter expression for dictionary lookups, Jozsef Kadlecsik
        
        Re: dict: A netfilter expression for dictionary lookups, Brett Mastbergen
      - Re: dict: A netfilter expression for dictionary lookups, Brett Mastbergen
[PATCH] netfilter: conntrack: initialize ct->timeout, Alexander Potapenko
- Re: [PATCH] netfilter: conntrack: initialize ct->timeout, Florian Westphal
- Re: [PATCH] netfilter: conntrack: initialize ct->timeout, Pablo Neira Ayuso
[PATCH AUTOSEL 5.0 020/262] netfilter: nf_tables: fix set double-free in abort path, Sasha Levin
[PATCH AUTOSEL 5.0 053/262] netfilter: nf_tables: check the result of dereferencing base_chain->stats, Sasha Levin
[PATCH AUTOSEL 5.0 055/262] netfilter: conntrack: tcp: only close if RST matches exact sequence, Sasha Levin
[PATCH AUTOSEL 5.0 153/262] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Sasha Levin
[PATCH AUTOSEL 5.0 233/262] netfilter: physdev: relax br_netfilter dependency, Sasha Levin
[PATCH AUTOSEL 4.19 041/192] netfilter: nf_tables: check the result of dereferencing base_chain->stats, Sasha Levin
[PATCH AUTOSEL 4.19 042/192] netfilter: conntrack: tcp: only close if RST matches exact sequence, Sasha Levin
[PATCH AUTOSEL 4.19 106/192] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Sasha Levin
[PATCH AUTOSEL 4.19 171/192] netfilter: physdev: relax br_netfilter dependency, Sasha Levin
[PATCH AUTOSEL 4.14 070/123] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm, Sasha Levin
[PATCH AUTOSEL 4.14 110/123] netfilter: physdev: relax br_netfilter dependency, Sasha Levin
[PATCH AUTOSEL 4.9 77/87] netfilter: physdev: relax br_netfilter dependency, Sasha Levin
[PATCH AUTOSEL 4.4 57/63] netfilter: physdev: relax br_netfilter dependency, Sasha Levin
[PATCH 1/6 nft v3] osf: add version fingerprint support, Fernando Fernandez Mancera
- [PATCH 2/6 nft v3] json: osf: add version json support, Fernando Fernandez Mancera
- [PATCH 3/6 nft v3] tests: py: add osf tests with versions, Fernando Fernandez Mancera
- [PATCH 4/6 nft v3] doc: add osf version option to man page, Fernando Fernandez Mancera
- [PATCH 5/6 nft v3] files: osf: update pf.os with newer OS fingerprints, Fernando Fernandez Mancera
- [PATCH 6/6 nft v3] files: pf.os: merge the signatures spllited by version, Fernando Fernandez Mancera
- Re: [PATCH 1/6 nft v3] osf: add version fingerprint support, Pablo Neira Ayuso
[PATCH libnftnl v3] expr: osf: add version option support, Fernando Fernandez Mancera
- Re: [PATCH libnftnl v3] expr: osf: add version option support, Pablo Neira Ayuso
[PATCH nf-next v3] netfilter: nft_osf: Add version option support, Fernando Fernandez Mancera
- Re: [PATCH nf-next v3] netfilter: nft_osf: Add version option support, Pablo Neira Ayuso
[PATCH nf-next 0/6] netfilter: nat: add inet family nat support, Florian Westphal
- [PATCH nf-next 1/6] netfilter: nat: add inet family nat support, Florian Westphal
- [PATCH nf-next 2/6] netfilter: nf_tables: merge route type into core, Florian Westphal
- [PATCH nf-next 3/6] netfilter: replace NF_NAT_NEEDED with IS_ENABLED(CONFIG_NF_NAT), Florian Westphal
- [PATCH nf-next 4/6] netfilter: nft_masq: add inet support, Florian Westphal
- [PATCH nf-next 5/6] netfilter: nft_redir: add inet support, Florian Westphal
- [PATCH nf-next 6/6] kselftests: extend nft_nat with inet family based nat hooks, Florian Westphal
- Re: [PATCH nf-next 0/6] netfilter: nat: add inet family nat support, Pablo Neira Ayuso
[PATCH nftables] src: add nat support for the inet family, Florian Westphal
- Re: [PATCH nftables] src: add nat support for the inet family, Pablo Neira Ayuso
Inability to IPVS DR with nft dnat since 9971a514ed26, Simon Kirby
- Re: Inability to IPVS DR with nft dnat since 9971a514ed26, Florian Westphal
  - Re: Inability to IPVS DR with nft dnat since 9971a514ed26, Simon Kirby
  - Re: Inability to IPVS DR with nft dnat since 9971a514ed26, Simon Kirby
    - Re: Inability to IPVS DR with nft dnat since 9971a514ed26, Pablo Neira Ayuso
    - Re: Inability to IPVS DR with nft dnat since 9971a514ed26, Julian Anastasov
netfilter: nf_tables: fix set double-free in abort path, Pablo Neira Ayuso
- Re: netfilter: nf_tables: fix set double-free in abort path, Sasha Levin
[PATCH tip/core/rcu 2/2] net/ipv4/netfilter: Update comment from call_rcu_bh() to call_rcu(), Paul E. McKenney
[PATCH net-next 0/8] openvswitch: load and reference the NAT helper., Flavio Leitner
- [PATCH net-next 1/8] netfilter: use macros to create module aliases., Flavio Leitner
  - Re: [PATCH net-next 1/8] netfilter: use macros to create module aliases., Pablo Neira Ayuso
    - Re: [PATCH net-next 1/8] netfilter: use macros to create module aliases., Flavio Leitner
- [PATCH net-next 2/8] netfilter: add API to manage NAT helpers., Flavio Leitner
  - Re: [PATCH net-next 2/8] netfilter: add API to manage NAT helpers., Pablo Neira Ayuso
    - Re: [PATCH net-next 2/8] netfilter: add API to manage NAT helpers., Flavio Leitner
  - Re: [PATCH net-next 2/8] netfilter: add API to manage NAT helpers., Pablo Neira Ayuso
- [PATCH net-next 3/8] netfilter: nf_nat: register amanda NAT helper., Flavio Leitner
- [PATCH net-next 4/8] netfilter: nf_nat: register ftp NAT helper., Flavio Leitner
- [PATCH net-next 5/8] netfilter: nf_nat: register irc NAT helper., Flavio Leitner
- [PATCH net-next 6/8] netfilter: nf_nat: register sip NAT helper., Flavio Leitner
- [PATCH net-next 7/8] netfilter: nf_nat: register tftp NAT helper., Flavio Leitner
- [PATCH net-next 8/8] openvswitch: load and reference the NAT helper., Flavio Leitner
- Re: [PATCH net-next 0/8] openvswitch: load and reference the NAT helper., David Miller
- Re: [PATCH net-next 0/8] openvswitch: load and reference the NAT helper., David Miller
[iptables PATCH] man: iptables-save: Add note about module autoloading, Phil Sutter
- Re: [iptables PATCH] man: iptables-save: Add note about module autoloading, Pablo Neira Ayuso
[PATCH nft] evaluate: skip binary transfer for named sets, Pablo Neira Ayuso
[PATCH][nf-next] netfilter: optimize nf_inet_addr_cmp, Li RongQing
- Re: [PATCH][nf-next] netfilter: optimize nf_inet_addr_cmp, Pablo Neira Ayuso
[PATCH v7] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
- Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Simon Horman
  - Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Jacky Hu
    - Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Simon Horman
      - Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Jacky Hu
        
        Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Simon Horman
        
        Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Jacky Hu
        
        Re: [PATCH v7] ipvs: allow tunneling with gue encapsulation, Pablo Neira Ayuso
[PATCH v6] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v6] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
[PATCH nf 1/2] selftests: netfilter: check icmp pkttoobig errors are set as related, Florian Westphal
- [PATCH nf 2/2] netfilter: conntrack: don't set related state for different outer address, Florian Westphal
  - Re: [PATCH nf 2/2] netfilter: conntrack: don't set related state for different outer address, Pablo Neira Ayuso
- Re: [PATCH nf 1/2] selftests: netfilter: check icmp pkttoobig errors are set as related, Pablo Neira Ayuso
[PATCH net-next v2] openvswitch: add seqadj extension when NAT is used., Flavio Leitner
- Re: [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used., Pravin Shelar
- Re: [PATCH net-next v2] openvswitch: add seqadj extension when NAT is used., David Miller
[PATCH] netfilter: nat: avoid unused-variable warning, Arnd Bergmann
- Re: [PATCH] netfilter: nat: avoid unused-variable warning, Pablo Neira Ayuso
KASAN: use-after-free Read in seccomp_notify_release (2), syzbot
- Re: KASAN: use-after-free Read in seccomp_notify_release (2), Kees Cook
  - Re: KASAN: use-after-free Read in seccomp_notify_release (2), Tycho Andersen
    - Re: KASAN: use-after-free Read in seccomp_notify_release (2), Kees Cook
[RFC PATCH 0/1] netfilter: xt_connmark: add savedscp-mark action, Kevin 'ldir' Darbyshire-Bryant
- [PATCH 1/1] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
  - Re: [PATCH 1/1] netfilter: connmark: introduce savedscp, Pablo Neira Ayuso
    - Re: [PATCH 1/1] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
      - [RFC nf-next v2 0/2] xt_connmark: add savedscp-mark action, Kevin 'ldir' Darbyshire-Bryant
        
        [RFC nf-next v2 1/2] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
        
        Re: [RFC nf-next v2 1/2] netfilter: connmark: introduce savedscp, Pablo Neira Ayuso
        
        Re: [RFC nf-next v2 1/2] netfilter: connmark: introduce savedscp, Kevin 'ldir' Darbyshire-Bryant
        
        [RFC nf-next 2/2] iptables: connmark - add savedscp option, Kevin 'ldir' Darbyshire-Bryant
[iptables PATCH] extensions: Install symlinks as such, Phil Sutter
- Re: [iptables PATCH] extensions: Install symlinks as such, Pablo Neira Ayuso
Typo in extensions/libxt_osf.man, Sam Banks
- Re: Typo in extensions/libxt_osf.man, Pablo Neira Ayuso
[PATCH net-next] openvswitch: add seqadj extension when NAT is used., Flavio Leitner
- Re: [PATCH net-next] openvswitch: add seqadj extension when NAT is used., Pravin Shelar
  - Re: [PATCH net-next] openvswitch: add seqadj extension when NAT is used., Flavio Leitner
[PATCH] build: adjust configure for postgresql 11, Jan Engelhardt
- [PATCH] build: adjust configure for postgresql 10/11, Jan Engelhardt
- Re: [PATCH] build: adjust configure for postgresql 11, Arturo Borrero Gonzalez
  - Re: [PATCH] build: adjust configure for postgresql 11, Jan Engelhardt
    - Re: [PATCH] build: adjust configure for postgresql 11, Christoph Berg
      - Re: [PATCH] build: adjust configure for postgresql 11, Pablo Neira Ayuso
Implementing Deletion of Set Elements in Rulesets, Karuna Grewal
- Re: Implementing Deletion of Set Elements in Rulesets, Phil Sutter
  - Re: Implementing Deletion of Set Elements in Rulesets, Florian Westphal
- Re: Implementing Deletion of Set Elements in Rulesets, Phil Sutter
  - Re: Implementing Deletion of Set Elements in Rulesets, Karuna Grewal
  - Message not available
    - Re: Implementing Deletion of Set Elements in Rulesets, Phil Sutter
[PATCH nft,v2 1/2] src: use 'flow add' syntax, Pablo Neira Ayuso
[PATCH nft 1/2] src: use 'flow add' syntax, Pablo Neira Ayuso
- [PATCH nft 2/2] build: missing misspell.h in Makefile.am, Pablo Neira Ayuso
a2x - unsupported parameter, Václav Zindulka
[PATCH nf-next] netfilter: nf_flowtable: skip device lookup from interface index, Pablo Neira Ayuso
[PATCH conntrack-tools] Allow protocol number zero, Brian Haley
- Re: [PATCH conntrack-tools] Allow protocol number zero, Pablo Neira Ayuso
[ebtables PATCH 0/3] Misc items found in Fedora package, Phil Sutter
- [ebtables PATCH 3/3] extensions: Add AUDIT target, Phil Sutter
  - Re: [ebtables PATCH 3/3] extensions: Add AUDIT target, Jan Engelhardt
    - Re: [ebtables PATCH 3/3] extensions: Add AUDIT target, Phil Sutter
- [ebtables PATCH 2/3] Allow customizing lockfile location at configure time, Phil Sutter
- [ebtables PATCH 1/3] extensions: Drop Makefile, Phil Sutter
- Re: [ebtables PATCH 0/3] Misc items found in Fedora package, Pablo Neira Ayuso
[PATCH net-next] netfilter: nft_redir: Make nft_redir_dump static, Yue Haibing
- Re: [PATCH net-next] netfilter: nft_redir: Make nft_redir_dump static, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_flowtable: remove duplicated transition in diagram, Pablo Neira Ayuso
[nftables,v2] tests/py: Add Test for `meta time`, Karuna Grewal
[PATCH v5] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
- Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Simon Horman
  - Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Jacky Hu
    - Re: [PATCH v5] ipvs: allow tunneling with gue encapsulation, Simon Horman
[PATCH nf] netfilter: nf_tables: add missing ->release_ops() in error path of newrule(), Taehee Yoo
- Re: [PATCH nf] netfilter: nf_tables: add missing ->release_ops() in error path of newrule(), Pablo Neira Ayuso
[ANNOUNCE] nftlb 0.4 release, Laura Garcia
[nftables] tests/py: Add Test for `meta time`, Karuna Grewal
- Message not available
  - Message not available
    - Message not available
      - Message not available
        
        Re: [nftables] tests/py: Add Test for `meta time`, Karuna Grewal
        
        Re: [nftables] tests/py: Add Test for `meta time`, Florian Westphal
        
        Re: [nftables] tests/py: Add Test for `meta time`, Karuna Grewal
        
        Re: [nftables] tests/py: Add Test for `meta time`, Florian Westphal
- Re: [nftables] tests/py: Add Test for `meta time`, Pablo Neira Ayuso
[PATCH nft 2/2 v2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, s/==/=/, Luis Ressel
- Re: [PATCH nft 2/2 v2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, s/==/=/, Pablo Neira Ayuso
[PATCH nft 1/2] configure.ac: Fix a2x check, Luis Ressel
- [PATCH nft 2/2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, Luis Ressel
  - Re: [PATCH nft 2/2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, Jan Engelhardt
    - Re: [PATCH nft 2/2] configure.ac: Clean up AC_ARG_{WITH,ENABLE} invocations, Luis Ressel
- Re: [PATCH nft 1/2] configure.ac: Fix a2x check, Pablo Neira Ayuso
[PATCH] netfilter: nf_tables: remove unused parameter ctx, Colin King
- Re: [PATCH] netfilter: nf_tables: remove unused parameter ctx, Pablo Neira Ayuso
[PATCH v4] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, kbuild test robot
  - Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, Jacky Hu
    - Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
      - Re: [PATCH v4] ipvs: allow tunneling with gue encapsulation, Jacky Hu
[PATCH v3] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v3] ipvs: allow tunneling with gue encapsulation, Pablo Neira Ayuso
  - Re: [PATCH v3] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v3] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
[PATCH v2] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- Re: [PATCH v2] ipvs: allow tunneling with gue encapsulation, kbuild test robot
[PATCH ghak90 V5 00/10] audit: implement container identifier, Richard Guy Briggs
- [PATCH ghak90 V5 01/10] audit: collect audit task parameters, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 01/10] audit: collect audit task parameters, Neil Horman
  - Re: [PATCH ghak90 V5 01/10] audit: collect audit task parameters, Ondrej Mosnacek
- [PATCH ghak90 V5 02/10] audit: add container id, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 02/10] audit: add container id, Neil Horman
  - Re: [PATCH ghak90 V5 02/10] audit: add container id, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 02/10] audit: add container id, Richard Guy Briggs
- [PATCH ghak90 V5 03/10] audit: read container ID of a process, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Neil Horman
    - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Neil Horman
        
        Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process, Ondrej Mosnacek
- [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Neil Horman
    - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 05/10] audit: add containerid support for ptrace and signals, Richard Guy Briggs
- [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Neil Horman
  - Re: [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 04/10] audit: log container info of syscalls, Richard Guy Briggs
- [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Neil Horman
  - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Ondrej Mosnacek
  - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Paul Moore
    - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Paul Moore
        
        Re: [PATCH ghak90 V5 06/10] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
- [PATCH ghak90 V5 07/10] audit: add containerid support for user records, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 07/10] audit: add containerid support for user records, Neil Horman
  - Re: [PATCH ghak90 V5 07/10] audit: add containerid support for user records, Ondrej Mosnacek
- [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
  - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Ondrej Mosnacek
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
  - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
    - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
    - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
      - Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Richard Guy Briggs
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Paul Moore
        
        Re: [PATCH ghak90 V5 09/10] audit: add support for containerid to network namespaces, Neil Horman
- [PATCH ghak90 V5 08/10] audit: add containerid filtering, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Ondrej Mosnacek
    - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Richard Guy Briggs
      - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Ondrej Mosnacek
        
        Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 08/10] audit: add containerid filtering, Neil Horman
- [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Richard Guy Briggs
  - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Neil Horman
  - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Ondrej Mosnacek
  - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Paul Moore
    - Re: [PATCH ghak90 V5 10/10] audit: NETFILTER_PKT: record each container ID associated with a netNS, Richard Guy Briggs
- Re: [PATCH ghak90 V5 00/10] audit: implement container identifier, Richard Guy Briggs
[PATCH nft,v2] src: file descriptor leak in include_file(), Pablo Neira Ayuso
[PATCH] netfilter: nft_redir: module autoload with ip4, Pablo Neira Ayuso
[PATCH nft] src: file descriptor leak in include_file(), Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: bogus EBUSY in helper removal from transaction, Pablo Neira Ayuso
[PATCH nft] parser_bison: no need for statement separator for ct object commands, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH nft] parser_bison: no need for statement separator for ct object commands, Pablo Neira Ayuso
[PATCH nft] tests: shell: bogus EBUSY on helper deletion from transaction, Pablo Neira Ayuso
[PATCH] ipv6: ip6t_srh: fix NULL pointer dereferences, Kangjie Lu
- Re: [PATCH] ipv6: ip6t_srh: fix NULL pointer dereferences, Pablo Neira Ayuso
[PATCH v2] netfilter: nf_conntrack_sip: fix rtcp expectation clash, xiao ruizhu
- Re: [PATCH v2] netfilter: nf_conntrack_sip: fix rtcp expectation clash, Alin Năstac
- Re: [PATCH v2] netfilter: nf_conntrack_sip: fix rtcp expectation clash, Pablo Neira Ayuso
  - [PATCH v3] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
    - Re: [PATCH v3] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
      - Message not available
        
        Re: [PATCH v3] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v4] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        [PATCH v5] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v5] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v6] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v6] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v7] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v7] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
        
        [PATCH v8] netfilter: nf_conntrack_sip: fix expectation clash, xiao ruizhu
        
        Re: [PATCH v8] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
[PATCH] [v2] netfilter: fix NETFILTER_XT_TARGET_TEE dependencies, Arnd Bergmann
- Re: [PATCH] [v2] netfilter: fix NETFILTER_XT_TARGET_TEE dependencies, Pablo Neira Ayuso
[iptables PATCH 0/6] Man pages for arptables and ebtables, Phil Sutter
- [iptables PATCH 5/6] xtables-legacy.8: Remove stray colon, Phil Sutter
- [iptables PATCH 4/6] doc: Adjust ebtables man page, Phil Sutter
- [iptables PATCH 2/6] doc: Adjust arptables man pages, Phil Sutter
- [iptables PATCH 6/6] xtables-save: Point at existing man page in help text, Phil Sutter
- [iptables PATCH 1/6] doc: Add arptables-nft man pages, Phil Sutter
- [iptables PATCH 3/6] doc: Add ebtables man page, Phil Sutter
- Re: [iptables PATCH 0/6] Man pages for arptables and ebtables, Florian Westphal
[PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Xin Long
- Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Neil Horman
  - Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Florian Westphal
    - Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Pablo Neira Ayuso
      - Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Xin Long
        
        Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Neil Horman
        
        Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Xin Long
- Re: [PATCH net] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING, Pablo Neira Ayuso
[PATCH] netfilter: nf_conntrack_sip: fix rtcp expectation clash, xiao ruizhu
[ebtables PATCH] Adjust .gitignore to renamed files, Phil Sutter
- Re: [ebtables PATCH] Adjust .gitignore to renamed files, Pablo Neira Ayuso
[PATCH nft] tests: shell: bogus ENOENT on element deletion in interval set, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_set_rbtree: check for inactive element after flag mismatch, Pablo Neira Ayuso
[PATCH] ipvs: allow tunneling with gue encapsulation, Jacky Hu
- <Possible follow-ups>
- [PATCH] ipvs: allow tunneling with gue encapsulation, Jacky Hu
  - Re: [PATCH] ipvs: allow tunneling with gue encapsulation, Julian Anastasov
[PATCH] netfilter: ip6t_srh: Fix potential NULL pointer dereference, Aditya Pakki
- Re: [PATCH] netfilter: ip6t_srh: Fix potential NULL pointer dereference, Pablo Neira Ayuso
[PATCH AUTOSEL 4.20 31/52] netfilter: compat: initialize all fields in xt_init, Sasha Levin
[PATCH AUTOSEL 4.20 33/52] ipvs: fix dependency on nf_defrag_ipv6, Sasha Levin
[PATCH AUTOSEL 4.19 28/44] netfilter: compat: initialize all fields in xt_init, Sasha Levin
[PATCH AUTOSEL 4.19 30/44] ipvs: fix dependency on nf_defrag_ipv6, Sasha Levin
[PATCH AUTOSEL 4.14 17/27] ipvs: fix dependency on nf_defrag_ipv6, Sasha Levin
[PATCH] netfilter: nf_conntrack_sip: remove direct dependency on IPv6, Alin Nastac
- Re: [PATCH] netfilter: nf_conntrack_sip: remove direct dependency on IPv6, Pablo Neira Ayuso
[PATCH nf-next v2] netfilter: nft_osf: Add version option support, Fernando Fernandez Mancera
[PATCH libnftnl v2] expr: osf: add version option support, Fernando Fernandez Mancera
[PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
- [PATCH nft v2 2/6] json: osf: add version json support, Fernando Fernandez Mancera
- [PATCH nft v2 3/6] tests: py: add osf tests with versions, Fernando Fernandez Mancera
- [PATCH nft v2 4/6] doc: add osf version option to man page, Fernando Fernandez Mancera
- [PATCH nft v2 5/6] files: osf: update pf.os with newer OS fingerprints, Fernando Fernandez Mancera
- [PATCH nft v2 6/6] files: pf.os: merge the signatures spllited by version, Fernando Fernandez Mancera
- Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
  - Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
    - Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
      - Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Fernando Fernandez Mancera
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Phil Sutter
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint support, Pablo Neira Ayuso
        
        Re: [PATCH nft v2 1/6] osf: add version fingerprint supportg, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: use-after-free in dynamic operations, Pablo Neira Ayuso
[PATCH nf,v4] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH 4.19 1/2] netfilter: xt_TEE: fix wrong interface selection, Subash Abhinov Kasiviswanathan
- [PATCH 4.19 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry., Subash Abhinov Kasiviswanathan
  - Re: [PATCH 4.19 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry., Pablo Neira Ayuso
    - Re: [PATCH 4.19 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry., Sasha Levin
[PATCH nftables] meta: Add support for `time`, Karuna Grewal
- Re: [PATCH nftables] meta: Add support for `time`, Pablo Neira Ayuso
[PATCHv3] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
[PATCH] xtables-legacy: add missing config.h include, Lucas Stach
- Re: [PATCH] xtables-legacy: add missing config.h include, Pablo Neira Ayuso
  - Re: [PATCH] xtables-legacy: add missing config.h include, Lucas Stach
    - Re: [PATCH] xtables-legacy: add missing config.h include, Pablo Neira Ayuso
[PATCH nf,v3] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH nf,v2] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH nft] tests: shell: bogus EBUSY in set deletion after flush, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: bogus EBUSY when deleting set after flush, Pablo Neira Ayuso
[PATCH nf,v2] netfilter: nf_tables: fix set double-free in abort path, Pablo Neira Ayuso
- Re: [PATCH nf,v2] netfilter: nf_tables: fix set double-free in abort path, Florian Westphal
NULL pointer dereference in nft_set_elem_destroy(), Dmitrii Tcvetkov
- Re: NULL pointer dereference in nft_set_elem_destroy(), Florian Westphal
  - Re: NULL pointer dereference in nft_set_elem_destroy(), Dmitrii Tcvetkov
Backport of iptables TEE target fixes to 4.19, Subash Abhinov Kasiviswanathan
- Re: Backport of iptables TEE target fixes to 4.19, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: return immediately on empty commit, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: return immediately on empty commit, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_tables: return immediately on empty commit, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: return immediately on empty commit, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path,
- Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Florian Westphal
    - Re: [PATCH nf] netfilter: nf_tables: fix set double-free in abort path, Pablo Neira Ayuso
[PATCH libnftnl] src: libnftnl: export genid functions again, Florian Westphal
- Re: [PATCH libnftnl] src: libnftnl: export genid functions again, Pablo Neira Ayuso
Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Pablo Neira Ayuso
- Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Fernando Fernandez Mancera
  - Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Fernando Fernandez Mancera
    - Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Pablo Neira Ayuso
  - Re: [PATCH nf-next] netfilter: nft_osf: Add version option support, Pablo Neira Ayuso
[PATCH v2 nf] netfilter: nat: don't register device notifier twice, Florian Westphal
- Re: [PATCH v2 nf] netfilter: nat: don't register device notifier twice, Pablo Neira Ayuso
[PATCH nft] evaluate: misleading error reporting, Pablo Neira Ayuso
- Re: [PATCH nft] evaluate: misleading error reporting, Florian Westphal
[PATCH nft 1/2,v2] segtree: remove dummy debug_octx, Pablo Neira Ayuso
Netfilter, satya phanisree
[PATCH nft 1/2] segtree: remove dummy debug_octx, Pablo Neira Ayuso
- [PATCH nft 2/2] segtree: add missing non-matching segment to set in flat representation, Pablo Neira Ayuso
[bug report] netfilter: nft_compat: use .release_ops and remove list of extension, Dan Carpenter
[PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Arnd Bergmann
- Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Alin Năstac
    - Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Arnd Bergmann
      - Re: [PATCH] netfilter: nf_conntrack_sip: fix IPV6 dependency, Arnd Bergmann
xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", PGNet Dev
- Re: xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", PGNet Dev
  - Re: xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", PGNet Dev
    - Re: xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?", Jan Engelhardt
[PATCH v4 2/2] xtables-save: implement showing zeroed chain counters when saving rulesets, Alban Vidal
[PATCH v4 1/2] iptables-save: add option to show zeroed counters when saving rulesets, Alban Vidal
- Re: [PATCH v4 1/2] iptables-save: add option to show zeroed counters when saving rulesets, Pablo Neira Ayuso
  - Re: [PATCH v4 1/2] iptables-save: add option to show zeroed counters when saving rulesets, Alban Vidal
[PATCH v4 0/2] iptables-save,xtables-save: add option to show zeroed counters when saving rulesets, Alban Vidal
[PATCH nf-next] netfilter: nat: don't use same refcount for notifiers, Florian Westphal
[PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
- Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Pablo Neira Ayuso
  - Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
    - Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Florian Westphal
      - Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Neil Horman
        
        Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
        
        Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Pablo Neira Ayuso
        
        Re: [PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum, Xin Long
[PATCH 20/29] netfilter: nft_tunnel: Add dst_cache support, Pablo Neira Ayuso
- [PATCH 21/29] netfilter: convert the proto argument from u8 to u16, Pablo Neira Ayuso
- [PATCH 24/29] netfilter: nf_tables: check the result of dereferencing base_chain->stats, Pablo Neira Ayuso
- [PATCH 27/29] netfilter: nf_tables: nat: merge nft_redir protocol specific modules, Pablo Neira Ayuso
- [PATCH 29/29] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types, Pablo Neira Ayuso
  - Re: [PATCH 29/29] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types, Reindl Harald
- [PATCH 26/29] netfilter: xt_IDLETIMER: fix sysfs callback function type, Pablo Neira Ayuso
- [PATCH 28/29] netfilter: nf_tables: nat: merge nft_masq protocol specific modules, Pablo Neira Ayuso
- [PATCH 25/29] netfilter: nf_conntrack: ensure that CONNTRACK_LOCKS is power of 2, Pablo Neira Ayuso
  - Re: [PATCH 25/29] netfilter: nf_conntrack: ensure that CONNTRACK_LOCKS is power of 2, Sergei Shtylyov
- [PATCH 22/29] ipvs: get sctphdr by sctphoff in sctp_csum_check, Pablo Neira Ayuso
- [PATCH 23/29] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave, Pablo Neira Ayuso
[PATCH 10/29] netfilter: nat: remove csum_recalc hook, Pablo Neira Ayuso
- [PATCH 11/29] netfilter: nat: remove l3proto struct, Pablo Neira Ayuso
- [PATCH 12/29] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h, Pablo Neira Ayuso
- [PATCH 16/29] netfilter: nft_set_hash: bogus element self comparison from deactivation path, Pablo Neira Ayuso
- [PATCH 18/29] ipvs: change some data types from int to bool, Pablo Neira Ayuso
- [PATCH 17/29] netfilter: nft_set_hash: remove nft_hash_key(), Pablo Neira Ayuso
- [PATCH 19/29] netfilter: conntrack: tcp: only close if RST matches exact sequence, Pablo Neira Ayuso
- [PATCH 15/29] netfilter: nft_set_hash: fix lookups with fixed size hash on big endian, Pablo Neira Ayuso
- [PATCH 14/29] netfilter: remove unneeded switch fall-through, Pablo Neira Ayuso
- [PATCH 13/29] netfilter: conntrack: avoid same-timeout update, Pablo Neira Ayuso
[PATCH 00/29] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 01/29] netfilter: nft_compat: use .release_ops and remove list of extension, Pablo Neira Ayuso
- [PATCH 02/29] netfilter: nf_conntrack_amanda: add support for STATE streams, Pablo Neira Ayuso
- [PATCH 04/29] netfilter: nat: merge ipv4 and ipv6 masquerade functionality, Pablo Neira Ayuso
- [PATCH 07/29] netfilter: nat: remove nf_nat_l4proto.h, Pablo Neira Ayuso
- [PATCH 08/29] netfilter: nat: remove l3 manip_pkt hook, Pablo Neira Ayuso
- [PATCH 06/29] netfilter: nat: merge nf_nat_ipv4,6 into nat core, Pablo Neira Ayuso
- [PATCH 03/29] netfilter: ebtables: remove BUGPRINT messages, Pablo Neira Ayuso
- [PATCH 05/29] netfilter: nat: move nlattr parse and xfrm session decode to core, Pablo Neira Ayuso
- [PATCH 09/29] netfilter: nat: remove csum_update hook, Pablo Neira Ayuso
- Re: [PATCH 00/29] Netfilter/IPVS updates for net-next, David Miller
[PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
- Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
- Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Dan Carpenter
- <Possible follow-ups>
- [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
  - Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Florian Westphal
    - Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
      - Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Florian Westphal
        
        Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
        
        Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS, Karuna Grewal
[PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Su Yanjun
- Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Sergei Shtylyov
  - Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module, Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>
[PATCH AUTOSEL 4.20 59/81] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH AUTOSEL 4.19 46/64] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH AUTOSEL 4.14 27/36] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH AUTOSEL 4.9 13/19] netfilter: nf_nat: skip nat clash resolution for same-origin entries, Sasha Levin
[PATCH nf-next 0/3] netfilter: nf_tables: merge remaining nat related modules, Florian Westphal
- [PATCH nf-next 1/3] netfilter: nf_tables: nat: merge nft_redir protocol specific modules, Florian Westphal
- [PATCH nf-next 2/3] netfilter: nf_tables: nat: merge nft_masq protocol specific modules, Florian Westphal
- [PATCH nf-next 3/3] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types, Florian Westphal
- Re: [PATCH nf-next 0/3] netfilter: nf_tables: merge remaining nat related modules, Pablo Neira Ayuso
[PATCH][v2] time: Introduce jiffies64_to_msecs(), Li RongQing
- Re: [PATCH][v2] time: Introduce jiffies64_to_msecs(), Pablo Neira Ayuso
  - Re: [PATCH][v2] time: Introduce jiffies64_to_msecs(), John Stultz
    - Re: [PATCH][v2] time: Introduce jiffies64_to_msecs(), Pablo Neira Ayuso
[PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type, Sami Tolvanen
- Re: [PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type, Pablo Neira Ayuso
[PATCH] time: Introduce jiffies64_to_msecs(), Li RongQing
- Re: [PATCH] time: Introduce jiffies64_to_msecs(), Thomas Gleixner
  - 答复: [PATCH] time: Introduce jiffies64_to_msecs(), Li,Rongqing
[nft PATCH 0/5] Some fixes for JSON support, Phil Sutter
- [nft PATCH 5/5] parser_json: Respect base chain priority, Phil Sutter
- [nft PATCH 1/5] libnftables: Print errors before freeing commands, Phil Sutter
- [nft PATCH 2/5] parser_json: Duplicate chain name when parsing jump verdict, Phil Sutter
- [nft PATCH 4/5] json: Fix memleaks in echo support, Phil Sutter
  - Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Pablo Neira Ayuso
    - Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Phil Sutter
      - Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Pablo Neira Ayuso
        
        Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Phil Sutter
        
        Re: [nft PATCH 4/5] json: Fix memleaks in echo support, Pablo Neira Ayuso
- [nft PATCH 3/5] parser_json: Use xstrdup() when parsing rule comment, Phil Sutter
- Re: [nft PATCH 0/5] Some fixes for JSON support, Pablo Neira Ayuso
[PATCH] netfilter: conntrack: limit sysctl setting for boolean options, xiangxia . m . yue
- <Possible follow-ups>
- [PATCH] netfilter: conntrack: limit sysctl setting for boolean options, xiangxia . m . yue
  - Re: [PATCH] netfilter: conntrack: limit sysctl setting for boolean options, Pablo Neira Ayuso
[PATCH][v2] netfilter: ensure that CONNTRACK_LOCKS is power of 2, Li RongQing
- Re: [PATCH][v2] netfilter: ensure that CONNTRACK_LOCKS is power of 2, Pablo Neira Ayuso
[PATCH][v2] netfilter: check the result of dereferencing base_chain->stats, Li RongQing
- Re: [PATCH][v2] netfilter: check the result of dereferencing base_chain->stats, Pablo Neira Ayuso
[PATCH net] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave, David Ahern
- Re: [PATCH net] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave, Pablo Neira Ayuso
[PATCH nf-next] netfilter: ctnetlink: do not bail out with EBUSY on unchangeable bits, Pablo Neira Ayuso
[PATCH nf 1/3] netfilter: nft_set_hash: fix lookups with fixed size hash on big endian, Pablo Neira Ayuso
- [PATCH nf 2/3] netfilter: nft_set_hash: bogus element self comparison from deactivation path, Pablo Neira Ayuso
- [PATCH nf 3/3] netfilter: nft_set_hash: remove nft_hash_key(), Pablo Neira Ayuso
[PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Xin Long
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Marcelo Ricardo Leitner
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Julian Anastasov
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Simon Horman
- Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check, Pablo Neira Ayuso
[PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li RongQing
- Re: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Florian Westphal
  - 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li,Rongqing
    - Re: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Florian Westphal
      - 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li,Rongqing
        
        Re: 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Florian Westphal
        
        答复: 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND, Li,Rongqing
[PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data, Li RongQing
- Re: [PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data, Eric Dumazet
  - 答复: [PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data, Li,Rongqing
[PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li RongQing
- Re: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
  - 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li,Rongqing
    - Re: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
      - 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li,Rongqing
        
        Re: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
        
        答复: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Li,Rongqing
        
        Re: 答复: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats, Eric Dumazet
[PATCH AUTOSEL 4.20 05/72] netfilter: nft_compat: use refcnt_t type for nft_xt reference count, Sasha Levin
[PATCH AUTOSEL 4.20 06/72] netfilter: nft_compat: make lists per netns, Sasha Levin
[PATCH AUTOSEL 4.20 17/72] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.20 38/72] netfilter: nfnetlink_osf: add missing fmatch check, Sasha Levin
[PATCH AUTOSEL 4.20 37/72] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Sasha Levin
[PATCH AUTOSEL 4.19 04/65] netfilter: nft_compat: use refcnt_t type for nft_xt reference count, Sasha Levin
[PATCH AUTOSEL 4.19 05/65] netfilter: nft_compat: make lists per netns, Sasha Levin
[PATCH AUTOSEL 4.19 14/65] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.19 34/65] netfilter: nfnetlink_osf: add missing fmatch check, Sasha Levin
[PATCH AUTOSEL 4.14 08/45] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.14 21/45] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Sasha Levin
[PATCH AUTOSEL 4.9 08/32] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.4 05/26] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 3.18 04/18] ipvs: Fix signed integer overflow when setsockopt timeout, Sasha Levin
[PATCH AUTOSEL 4.19 33/65] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present, Sasha Levin
[PATCH AUTOSEL 4.20 07/72] netfilter: nft_compat: destroy function must not have side effects, Sasha Levin
WARNING in xt_compat_add_offset, syzbot
- Re: WARNING in xt_compat_add_offset, syzbot
- Re: WARNING in xt_compat_add_offset, syzbot
  - [PATCH nf] netfilter: ebtables: also count base chain policies, Florian Westphal
    - Re: [PATCH nf] netfilter: ebtables: also count base chain policies, Pablo Neira Ayuso

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]