Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [iptables PATCH v4 3/5] xtables: Set errno in nft_rule_check() if chain not found, (continued)
- [PATCH] net: nf_tables: Fix for endless loop when dumping ruleset,
Phil Sutter
- [libnftnl PATCH] src: chain: Add missing nftnl_chain_rule_del(),
Phil Sutter
- Re: [PATCH] nft_flow_offload: Fix the peer route get from wrong daddr,
Pablo Neira Ayuso
- [PATCH] nft_flow_offload: Make flow offload work with vrf slave device correct,
wenxu
- [PATCH] netfilter: account ebt_table_info to kmemcg,
Shakeel Butt
- [PATCH nft 1/2] doc: refer to meta protocol in icmp and icmpv6,
Pablo Neira Ayuso
- [PATCH 1/2] ipset: remove useless memset() calls,
Florent Fourcot
- [PATCH nf 0/8] netfilter: nf_conncount: rework locking and memory management,
Florian Westphal
- [PATCH nf 1/8] nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS, Florian Westphal
- [PATCH nf 2/8] netfilter: nf_conncount: don't skip eviction when age is negative, Florian Westphal
- [PATCH nf 3/8] netfilter: nf_conncount: split gc in two phases, Florian Westphal
- [PATCH nf 4/8] netfilter: nf_conncount: restart search when nodes have been erased, Florian Westphal
- [PATCH nf 5/8] netfilter: nf_conncount: merge lookup and add functions, Florian Westphal
- [PATCH nf 6/8] netfilter: nf_conncount: move all list iterations under spinlock, Florian Westphal
- [PATCH nf 7/8] netfilter: nf_conncount: speculative garbage collection on empty lists, Florian Westphal
- [PATCH nf 8/8] netfilter: nf_conncount: fix argument order to find_next_bit, Florian Westphal
- Re: [PATCH nf 0/8] netfilter: nf_conncount: rework locking and memory management, Shawn Bohrer
- Re: [PATCH nf 0/8] netfilter: nf_conncount: rework locking and memory management, Pablo Neira Ayuso
- [PATCH nft] src: remove deprecated code for export/import commands, Pablo Neira Ayuso
- [PATCH AUTOSEL 4.19 21/97] netfilter: seqadj: re-load tcp header pointer after possible head reallocation, Sasha Levin
- [PATCH AUTOSEL 4.19 20/97] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace(), Sasha Levin
- [PATCH AUTOSEL 4.9 08/35] netfilter: seqadj: re-load tcp header pointer after possible head reallocation, Sasha Levin
- [PATCH AUTOSEL 4.9 12/35] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel, Sasha Levin
- [PATCH AUTOSEL 4.19 36/97] netfilter: nat: can't use dst_hold on noref dst, Sasha Levin
- [PATCH AUTOSEL 4.19 35/97] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel, Sasha Levin
- [PATCH AUTOSEL 4.19 37/97] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node(), Sasha Levin
- [PATCH AUTOSEL 4.14 12/59] netfilter: seqadj: re-load tcp header pointer after possible head reallocation, Sasha Levin
- [PATCH AUTOSEL 4.14 23/59] netfilter: nat: can't use dst_hold on noref dst, Sasha Levin
- [PATCH AUTOSEL 4.14 22/59] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel, Sasha Levin
- [PATCH nf 1/3] netfilter: nf_conncount: remove workqueue garbage collector,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_conncount: speculative garbage collection on empty lists,
Pablo Neira Ayuso
- [PATCH] ipset: fix a missing check of nla_parse,
Kangjie Lu
- [PATCH v4] netfilter: nf_conntrack_sip: add sip_external_media logic,
Alin Nastac
- [PATCH] include: Use char* for arithmetic over void*,
William Woodruff
- [PATCH iptables] iptables-xml: fix symlink path,
Joel Carlson
- [PATCH] netfilter: x_tables: add xt_tunnel match,
wenxu
- [PATCH] netfilter: fix a missing check of nla put failure,
Kangjie Lu
- [PATCH 00/37] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH 02/37] netfilter: ipset: Make invalid MAC address checks consistent, Pablo Neira Ayuso
- [PATCH 06/37] netfilter: nf_flow_table: simplify nf_flow_offload_gc_step(), Pablo Neira Ayuso
- [PATCH 04/37] netfilter: ctnetlink: always honor CTA_MARK_MASK, Pablo Neira Ayuso
- [PATCH 05/37] netfilter: nf_flow_table: make nf_flow_table_iterate() static, Pablo Neira Ayuso
- [PATCH 15/37] netfilter: remove NF_NAT_RANGE_PROTO_RANDOM support, Pablo Neira Ayuso
- [PATCH 16/37] netfilter: nat: un-export nf_nat_l4proto_unique_tuple, Pablo Neira Ayuso
- [PATCH 17/37] netfilter: nat: remove l4proto->unique_tuple, Pablo Neira Ayuso
- [PATCH 20/37] netfilter: nat: remove l4proto->nlattr_to_range, Pablo Neira Ayuso
- [PATCH 32/37] netfilter: conntrack: un-export seq_print_acct, Pablo Neira Ayuso
- [PATCH 33/37] netfilter: conntrack: add mnemonics for sysctl table, Pablo Neira Ayuso
- [PATCH 35/37] netfilter: conntrack: merge ecache and timestamp sysctl tables with main one, Pablo Neira Ayuso
- [PATCH 36/37] netfilter: conntrack: remove empty pernet fini stubs, Pablo Neira Ayuso
- [PATCH 37/37] netfilter: netns: shrink netns_ct struct, Pablo Neira Ayuso
- [PATCH 34/37] netfilter: conntrack: merge acct and helper sysctl table with main one, Pablo Neira Ayuso
- [PATCH 31/37] netfilter: conntrack: register sysctl table for gre, Pablo Neira Ayuso
- [PATCH 25/37] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine, Pablo Neira Ayuso
- [PATCH 29/37] netfilter: conntrack: udp: only extend timeout to stream mode after 2s, Pablo Neira Ayuso
- [PATCH 30/37] netfilter: conntrack: udp: set stream timeout to 2 minutes, Pablo Neira Ayuso
- [PATCH 24/37] netfilter: nf_tables: Speed up selective rule dumps, Pablo Neira Ayuso
- [PATCH 22/37] netfilter: nat: remove nf_nat_l4proto struct, Pablo Neira Ayuso
- [PATCH 28/37] netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set, Pablo Neira Ayuso
- [PATCH 21/37] netfilter: nat: remove l4proto->manip_pkt, Pablo Neira Ayuso
- [PATCH 27/37] netfilter: ipt_CLUSTERIP: fix sleep-in-atomic bug in clusterip_config_entry_put(), Pablo Neira Ayuso
- [PATCH 26/37] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine, Pablo Neira Ayuso
- [PATCH 14/37] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl(), Pablo Neira Ayuso
- [PATCH 19/37] netfilter: nat: remove l4proto->in_range, Pablo Neira Ayuso
- [PATCH 23/37] netfilter: nf_nat_sip: fix RTP/RTCP source port translations, Pablo Neira Ayuso
- [PATCH 18/37] netfilter: nat: fold in_range indirection into caller, Pablo Neira Ayuso
- [PATCH 07/37] netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh(), Pablo Neira Ayuso
- [PATCH 13/37] netfilter: nat: limit port clash resolution attempts, Pablo Neira Ayuso
- [PATCH 12/37] netfilter: nat: remove unnecessary 'else if' branch, Pablo Neira Ayuso
- [PATCH 11/37] netfilter: ipset: replace a strncpy() with strscpy(), Pablo Neira Ayuso
- [PATCH 10/37] netfilter: ipset: fix ip_set_byindex function, Pablo Neira Ayuso
- [PATCH 03/37] netfilter: ipset: Introduction of new commands and protocol version 7, Pablo Neira Ayuso
- [PATCH 09/37] netfilter: nat: remove l4 protocol port rovers, Pablo Neira Ayuso
- [PATCH 08/37] netfilter: remove NFC_* cache bits, Pablo Neira Ayuso
- [PATCH 01/37] netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets, Pablo Neira Ayuso
- Re: [PATCH 00/37] Netfilter updates for net-next, David Miller
- [libnftnl PATCH 0/5] Covscan indicated fixes,
Phil Sutter
- [iptables PATCH v3 00/21] Separate rule cache per chain et al.,
Phil Sutter
- [iptables PATCH v3 18/21] xtables: Optimize list rules command with given chain, Phil Sutter
- [iptables PATCH v3 10/21] nft: Move nft_rule_list_get() above nft_chain_list_get(), Phil Sutter
- [iptables PATCH v3 16/21] xtables: Optimize user-defined chain deletion, Phil Sutter
- [iptables PATCH v3 04/21] nft: Review is_*_compatible() routines, Phil Sutter
- [iptables PATCH v3 07/21] nft: Simplify per table chain cache update, Phil Sutter
- [iptables PATCH v3 11/21] xtables: Implement per chain rule cache, Phil Sutter
- [iptables PATCH v3 09/21] nft: Introduce fetch_chain_cache(), Phil Sutter
- [iptables PATCH v3 06/21] nft: Reduce indenting level in flush_chain_cache(), Phil Sutter
- [iptables PATCH v3 03/21] xtables-restore: Review chain handling, Phil Sutter
- [iptables PATCH v3 20/21] xtables: Fix for inserting rule at wrong position, Phil Sutter
- [iptables PATCH v3 15/21] tests: Extend verbose output and return code tests, Phil Sutter
- [iptables PATCH v3 12/21] nft: Drop nft_chain_list_find(), Phil Sutter
- [iptables PATCH v3 17/21] xtables: Optimize list command with given chain, Phil Sutter
- [iptables PATCH v3 21/21] xtables: Do not change ruleset while listing, Phil Sutter
- [iptables PATCH v3 05/21] nft: Reduce __nft_rule_del() signature, Phil Sutter
- [iptables PATCH v3 02/21] nft: Review unclear return points, Phil Sutter
- [iptables PATCH v3 19/21] nft: Make use of nftnl_rule_lookup_byindex(), Phil Sutter
- [iptables PATCH v3 13/21] xtables: Optimize flushing a specific chain, Phil Sutter
- [iptables PATCH v3 14/21] xtables: Optimize nft_chain_zero_counters(), Phil Sutter
- [iptables PATCH v3 08/21] nft: Simplify nft_rule_insert() a bit, Phil Sutter
- [iptables PATCH v3 01/21] nft: Simplify nftnl_rule_list_chain_save(), Phil Sutter
- Re: [iptables PATCH v3 00/21] Separate rule cache per chain et al., Pablo Neira Ayuso
- [PATCH iptables] include: Use char* for arithmetic over void*,
William Woodruff
- nf_conncount_destroy bug in rb_erase(),
Shawn Bohrer
- [PATCH nf-next 0/6] netfilter: conntrack: reduce sysctl management copypaste,
Florian Westphal
- [PATCH iptables] libxtables: work around unwanted kernel module load,
Florian Westphal
- [PATCH nf-next] netfilter: conntrack: register sysctl table for gre,
Yafang Shao
- nftables Newcomers Tasks from Bugzilla,
Karuna Grewal
- [iptables PATCH] extensions: TRACE: Point at xtables-monitor in documentation, Phil Sutter
- [PATCH nf-next v2] netfilter: conntrack: udp: set stream timeout to 2 minutes,
Florian Westphal
- [nft PATCH v2] nft: Reject 'export vm json' command,
Phil Sutter
- [nft PATCH] nft: Reject 'export vm json' command, Phil Sutter
- [PATCH 0/5] RFC: Add new ip/net,port,ip/net,port sets,
Oliver Smith
- [PATCH 1/5] ipset: Support sets with 4 individual elements and an extra port, Oliver Smith
- [PATCH 5/5] lib/ipset.c: Fix a compilation failure when using --enable-debug, Oliver Smith
- [PATCH 4/5] ipset: Implement net,port,net,port hash set., Oliver Smith
- [PATCH 3/5] ipset: Implement ip,port,net,port hash set., Oliver Smith
- [PATCH 2/5] ipset: Implement ip,port,ip,port hash set., Oliver Smith
- Re: [PATCH 0/5] RFC: Add new ip/net,port,ip/net,port sets, Jozsef Kadlecsik
- Proposal: Reduce void pointer arithmetic in favor of char pointers,
William Woodruff
- [iptables PATCH] xtables: Catch errors when zeroing rule rounters,
Phil Sutter
- ebtables & arptables releases, Arturo Borrero Gonzalez
- Re: general protection fault in watchdog,
Dmitry Vyukov
- [PATCH v2 nf-next] netfilter: nat: remove nf_nat_l4proto struct,
Florian Westphal
- [PATCH nf-next] netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl(),
Yafang Shao
- [iptables PATCH v2 00/14] Separate rule cache per chain et al.,
Phil Sutter
- [iptables PATCH v2 06/14] xtables: Optimize flushing a specific chain, Phil Sutter
- [iptables PATCH v2 14/14] xtables: Do not change ruleset while listing, Phil Sutter
- [iptables PATCH v2 04/14] nft: Simplify nftnl_rule_list_chain_save(), Phil Sutter
- [iptables PATCH v2 12/14] xtables: Make use of nftnl_rule_lookup_byindex(), Phil Sutter
- [iptables PATCH v2 02/14] xtables-restore: Review chain handling, Phil Sutter
- [iptables PATCH v2 07/14] xtables: Optimize nft_chain_zero_counters(), Phil Sutter
- [iptables PATCH v2 08/14] tests: Extend verbose output and return code tests, Phil Sutter
- [iptables PATCH v2 11/14] xtables: Optimize nft_rule_list_save(), Phil Sutter
- [iptables PATCH v2 09/14] xtables: Optimize nft_chain_user_del(), Phil Sutter
- [iptables PATCH v2 05/14] xtables: Drop nft_chain_list_find(), Phil Sutter
- [iptables PATCH v2 10/14] xtables: Optimize nft_rule_list(), Phil Sutter
- [iptables PATCH v2 01/14] xtables: Review unclear return points, Phil Sutter
- [iptables PATCH v2 13/14] xtables: Fix for inserting rule at wrong position, Phil Sutter
- [iptables PATCH v2 03/14] xtables: Implement per chain rule cache, Phil Sutter
- [PATCH v2] netfilter: nf_nat_sip: fix RTP/RTCP source port translations,
Alin Nastac
- netfilter: nat: remove nf_nat_l4proto struct,
Florian Westphal
- [iptables PATCH] xtables: Speed up chain deletion in large rulesets,
Phil Sutter
- [PATCH] net: nf_tables: Speed up selective rule dumps,
Phil Sutter
- [libnftnl PATCH] chain: Hash chain list by name,
Phil Sutter
- [ANNOUNCE] ipset 7.1 released,
Jozsef Kadlecsik
- [iptables PATCH 00/14] Separate rule cache per chain et al.,
Phil Sutter
- [iptables PATCH 08/14] tests: Extend verbose output and return code tests, Phil Sutter
- [iptables PATCH 01/14] xtables: Review unclear return points, Phil Sutter
- [iptables PATCH 13/14] xtables: Fix for inserting rule at wrong position, Phil Sutter
- [iptables PATCH 09/14] xtables: Optimize nft_chain_user_del(), Phil Sutter
- [iptables PATCH 06/14] xtables: Optimize flushing a specific chain, Phil Sutter
- [iptables PATCH 07/14] xtables: Optimize nft_chain_zero_counters(), Phil Sutter
- [iptables PATCH 02/14] xtables-restore: Review chain handling, Phil Sutter
- [iptables PATCH 10/14] xtables: Optimize nft_rule_list(), Phil Sutter
- [iptables PATCH 14/14] xtables: Do not change ruleset while listing, Phil Sutter
- [iptables PATCH 11/14] xtables: Optimize nft_rule_list_save(), Phil Sutter
- [iptables PATCH 04/14] nft: Simplify nftnl_rule_list_chain_save(), Phil Sutter
- [iptables PATCH 03/14] xtables: Implement per chain rule cache, Phil Sutter
- [iptables PATCH 05/14] xtables: Drop nft_chain_list_find(), Phil Sutter
- [iptables PATCH 12/14] xtables: Make use of nftnl_rule_lookup_byindex(), Phil Sutter
- [PATCH nf] netfilter: nat: can't use dst_hold on noref dst,
Florian Westphal
- [PATCH v3 nf-next] netfilter: nat: limit port clash resolution attempts,
Florian Westphal
- [PATCH 0/5] ipset patches for nf-next,
Jozsef Kadlecsik
- [PATCH net-next v2] netfilter: ebtables: avoid resetting limit rule state,
Linus Lüssing
- [PATCH nf v2] netfilter: nat: limit port clash resolution attempts,
Florian Westphal
- Another compilation error,
Ansuel Smith
- [PATCH nf] netfilter: nat: limit port clash resolution attempts,
Florian Westphal
- [PATCH nf] netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node(),
Taehee Yoo
- [PATCH RFC] src: support for arp ether and IP source and destination fields,
Pablo Neira Ayuso
- [libnftnl PATCH 0/2] chain: Support per chain rules list,
Phil Sutter
- [PATCH v2 nf-next] netfilter: conntrack: udp: only extend timeout to stream mode after 2s, Florian Westphal
- [PATCH nf-next] netfilter: conntrack: udp: only extend timeout after 2s, Florian Westphal
- [PATCH nf-next] netfilter: conntrack: udp: reduce default timeouts, Florian Westphal
- [PATCH nf-next] netfilter: nat: remove unnecessary 'else if' branch,
Xiaozhou Liu
- [PATCH nf] netfilter: seqadj: re-load tcp header pointer after possible head reallocation,
Florian Westphal
- [PATCH 1/5] netfilter: fix general protection fault when unregister sysctl table,
Yafang Shao
- [PATCH AUTOSEL 4.19 018/123] netfilter: nf_conncount: fix list_del corruption in conn_free, Sasha Levin
- [PATCH AUTOSEL 4.19 017/123] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock, Sasha Levin
- [PATCH AUTOSEL 4.19 019/123] netfilter: nf_conncount: fix unexpected permanent node of list., Sasha Levin
- [PATCH AUTOSEL 4.19 023/123] netfilter: xt_RATEEST: remove netns exit routine, Sasha Levin
- [PATCH AUTOSEL 4.19 024/123] netfilter: nf_tables: fix use-after-free when deleting compat expressions, Sasha Levin
- [PATCH AUTOSEL 4.19 042/123] netfilter: xt_hashlimit: fix a possible memory leak in htable_create(), Sasha Levin
- [PATCH AUTOSEL 4.19 075/123] netfilter: ipv6: Preserve link scope traffic original oif, Sasha Levin
- [PATCH AUTOSEL 4.19 067/123] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf, Sasha Levin
- [PATCH AUTOSEL 4.19 078/123] netfilter: nat: fix double register in masquerade modules, Sasha Levin
- [PATCH AUTOSEL 4.19 079/123] netfilter: nf_conncount: remove wrong condition check routine, Sasha Levin
- [PATCH AUTOSEL 4.19 077/123] netfilter: add missing error handling code for register functions, Sasha Levin
- [PATCH AUTOSEL 4.19 089/123] netfilter: nf_tables: deactivate expressions in rule replecement routine, Sasha Levin
- [PATCH AUTOSEL 4.14 09/69] netfilter: nf_tables: fix use-after-free when deleting compat expressions, Sasha Levin
- [PATCH AUTOSEL 4.14 17/69] netfilter: xt_hashlimit: fix a possible memory leak in htable_create(), Sasha Levin
- [PATCH AUTOSEL 4.14 33/69] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf, Sasha Levin
- [PATCH AUTOSEL 4.14 40/69] netfilter: ipv6: Preserve link scope traffic original oif, Sasha Levin
- [PATCH AUTOSEL 4.14 46/69] netfilter: nf_tables: deactivate expressions in rule replecement routine, Sasha Levin
- [PATCH AUTOSEL 4.9 21/45] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf, Sasha Levin
- [PATCH AUTOSEL 4.19 020/123] netfilter: nf_tables: don't skip inactive chains during update, Sasha Levin
- stable nftables kernel changes for port to 3.12 kernel,
Pavel Melnik
- [PATCH nft] parser: bail out on incorrect burst unit, Pablo Neira Ayuso
- [iptables PATCH] extensions: libipt_realm: Document allowed realm values,
Phil Sutter
- [PATCH v3] netfilter: nf_conntrack_sip: add sip_external_media logic, Alin Nastac
- [PATCH RESEND iptables] include: extend the headers conflict workaround to in6.h,
Baruch Siach
- [PATCH v3] netfilter/ipset: replace a strncpy() with strscpy(),
Qian Cai
- [PATCH nft] doc: nft: document ct count, Pablo Neira Ayuso
- [PATCH nft 1/2] src: introduce simple hints on incorrect object,
Pablo Neira Ayuso
- [PATCH nft 1/3] utils: remove type checks in min() and max(),
Pablo Neira Ayuso
- [PATCH v2] netfilter: nf_conntrack_sip: add sip_external_media logic, Alin Nastac
- [PATCH nftables] src: xt: fix build when libxtables is not installed, Florian Westphal
- [PATCH] netfilter: nf_conntrack_sip: add sip_external_media logic,
Alin Nastac
- [PATCH nft] tests: fix return codes,
Arturo Borrero Gonzalez
- Proposal: rename of arptables.git and ebtables.git,
Arturo Borrero Gonzalez
- [PATCH 00/16] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH 01/16] netfilter: nf_conncount: use spin_lock_bh instead of spin_lock, Pablo Neira Ayuso
- [PATCH 02/16] netfilter: nf_conncount: fix list_del corruption in conn_free, Pablo Neira Ayuso
- [PATCH 04/16] netfilter: nf_tables: don't skip inactive chains during update, Pablo Neira Ayuso
- [PATCH 03/16] netfilter: nf_conncount: fix unexpected permanent node of list., Pablo Neira Ayuso
- [PATCH 08/16] netfilter: nf_tables: fix use-after-free when deleting compat expressions, Pablo Neira Ayuso
- [PATCH 14/16] netfilter: nat: fix double register in masquerade modules, Pablo Neira Ayuso
- [PATCH 16/16] netfilter: nf_tables: deactivate expressions in rule replecement routine, Pablo Neira Ayuso
- [PATCH 15/16] netfilter: nf_conncount: remove wrong condition check routine, Pablo Neira Ayuso
- [PATCH 13/16] netfilter: add missing error handling code for register functions, Pablo Neira Ayuso
- [PATCH 11/16] netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too, Pablo Neira Ayuso
- [PATCH 10/16] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf, Pablo Neira Ayuso
- [PATCH 12/16] netfilter: ipv6: Preserve link scope traffic original oif, Pablo Neira Ayuso
- [PATCH 05/16] selftests: add script to stress-test nft packet path vs. control plane, Pablo Neira Ayuso
- [PATCH 06/16] netfilter: nf_tables: don't use position attribute on rule replacement, Pablo Neira Ayuso
- [PATCH 09/16] netfilter: xt_hashlimit: fix a possible memory leak in htable_create(), Pablo Neira Ayuso
- [PATCH 07/16] netfilter: xt_RATEEST: remove netns exit routine, Pablo Neira Ayuso
- Re: [PATCH 00/16] Netfilter fixes for net, David Miller
- 4.19.x kernels oops in nf_conncount_destroy,
Todd Eigenschink
- [PATCH nf] netfilter: nf_tables: deactivate expressions in rule replecement routine,
Taehee Yoo
- [iptables PATCH] xtables: Don't use native nftables comments,
Phil Sutter
- [PATCH] netfilter: ipset: fix ip_set_byindex function,
Florent Fourcot
- iptables configure ignore "--disable-silent-rules",
Rolf Eike Beer
- 4.19.4 nf_conntrack_count kernel panic,
Sami Farin
- [PATCH v2] netfilter: ipset: replace a strncpy() with strscpy(),
Qian Cai
- [PATCH] netfilter: update comment about get_unique_tuple(),
Xiaozhou Liu
- [PATCH nf] netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace(),
Taehee Yoo
- [PATCH] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel,
Pan Bian
- [RFC -next v0 0/3] netfilter: expose flow offload tables as an ebpf map,
Aaron Conole
- [PATCH nf] netfilter: nf_conncount: remove wrong condition check routine,
Taehee Yoo
- [PATCH] include: extend the headers conflict workaround to in6.h, Baruch Siach
- [iptables PATCH] ebtables: Use xtables_exit_err(),
Phil Sutter
- compilation error glibc, Ansuel Smith
- [iptables PATCH] arptables: Support --set-counters option,
Phil Sutter
- [PATCH nf v2 2/2] netfilter: nat: fix double register in masquerade modules, Taehee Yoo
- [PATCH nf v2 1/2] netfilter: add missing error handling code for register functions, Taehee Yoo
- [PATCH nf v2 0/2] netfilter: fix notifier registration bugs,
Taehee Yoo
- [PATCH] netfilter: ipset: replace a strncpy() with strscpy(),
Qian Cai
- [PATCH nf] netfilter: nfnetlink_cttimeout: nf_proto_net must be first member of netns_proto_gre,
Florian Westphal
- [PATCH v2] ipv6: Preserve link scope traffic original oif,
Alin Nastac
- RFC: Designing per chain rule cache support in libnftnl,
Phil Sutter
- [PATCH nf-next] netfilter: add missing error handling code for register functions.,
Taehee Yoo
- [PATCH iptables] extensions: libip6t_mh: fix bogus translation error, Pablo Neira Ayuso
- [PATCH nft,v4 1/3] src: introduce simple hints on incorrect table,
Pablo Neira Ayuso
- [PATCH nft,v3 1/3] src: introduce simple hints on incorrect table,
Pablo Neira Ayuso
- [PATCH nft 1/2] src: introduce simple hints on incorrect table,
Pablo Neira Ayuso
- [PATCH nf] netfilter: xt_TEE: fix build failure,
Taehee Yoo
- [PATCH xtables] arptables-nft: use generic expression parsing function, Florian Westphal
- [PATCH iptables] xtables-monitor: fix build with musl libc,
Baruch Siach
- [PATCH iptables 1/4] nft: add type field to builtin_table,
Pablo Neira Ayuso
- WARNING in cttimeout_default_get,
syzbot
- [PATCH nf] netfilter: xt_hashlimit: fix a possible memory leak in htable_create(),
Taehee Yoo
- [PATCH iptables] include: fix build with kernel headers before 4.2,
Baruch Siach
- [PATCH xtables v2] xtables-monitor: fix build with older glibc,
Baruch Siach
- [ANNOUNCE] nftlb 0.3 release, Laura Garcia
- Different namespaces share the same xtables lock,
wenxian li
- Re: linux-next: Tree for Nov 15 (netfilter/xt_TEE), Randy Dunlap
- [iptables PATCH v2] xtables: Introduce per table chain caches,
Phil Sutter
- [iptables PATCH] xtables: Introduce per table chain caches, Phil Sutter
- [PATCH nf-next] netfilter: nat: remove l4 protocol port rovers,
Florian Westphal
- [PATCHv2 net] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf,
Xin Long
- [PATCH xtables] xtables-monitor: fix build with older glibc,
Baruch Siach
- [PATCH AUTOSEL 4.18 05/59] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace, Sasha Levin
- [PATCH AUTOSEL 4.18 06/59] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net, Sasha Levin
- [PATCH AUTOSEL 4.18 07/59] netfilter: ipset: fix ip_set_list allocation failure, Sasha Levin
- [PATCH AUTOSEL 4.18 16/59] netfilter: xt_IDLETIMER: add sysfs filename checking routine, Sasha Levin
- [PATCH AUTOSEL 4.18 18/59] netfilter: nft_compat: ebtables 'nat' table is normal chain type, Sasha Levin
- [PATCH AUTOSEL 4.18 15/59] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment(), Sasha Levin
- [PATCH AUTOSEL 4.18 17/59] netfilter: ipset: Fix calling ip_set() macro at dumping, Sasha Levin
- [PATCH AUTOSEL 4.14 02/27] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace, Sasha Levin
- [PATCH AUTOSEL 4.14 08/27] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment(), Sasha Levin
- [PATCH AUTOSEL 4.14 09/27] netfilter: xt_IDLETIMER: add sysfs filename checking routine, Sasha Levin
- [PATCH AUTOSEL 4.9 02/13] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net, Sasha Levin
- [PATCH AUTOSEL 4.9 06/13] netfilter: xt_IDLETIMER: add sysfs filename checking routine, Sasha Levin
- [PATCH AUTOSEL 4.9 05/13] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment(), Sasha Levin
- [PATCH AUTOSEL 4.4 2/8] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net, Sasha Levin
- [PATCH AUTOSEL 4.4 5/8] netfilter: xt_IDLETIMER: add sysfs filename checking routine, Sasha Levin
- [PATCH AUTOSEL 4.4 4/8] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment(), Sasha Levin
- [PATCH AUTOSEL 4.14 03/27] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net, Sasha Levin
- iptc_delete_entry matchmask parameter,
Tom Cook
- [PATCH iptables] extensions: format-security fixes in libip[6]t_icmp,
Adam Gołębiowski
- [PATCH xtables] ebtables: vlan: fix userspace/kernel headers collision,
Baruch Siach
- [PATCH net] ipvs: call ip_vs_dst_notifier before ipv6_dev_notf,
Xin Long
- [ANNOUNCE] libnftnl 1.1.2 release, Pablo Neira Ayuso
- [ANNOUNCE] iptables 1.8.2 release, Florian Westphal
- [PATCH] doc: grammar fixes,
Jan Engelhardt
- [PATCH nftables] doc: Spelling and grammar fixes,
Ville Skyttä
- [PATCH nf] netfilter: nf_tables: fix use-after-free when deleting compat expressions,
Florian Westphal
- [PATCH xtables] libxtables: xlate: init buffer to zero, Florian Westphal
- [ebtables PATCH] extensions: among: Fix bitmask check,
Phil Sutter
- [PATCH nf-next] netfilter: remove NFC_* cache bits, Pablo Neira Ayuso
- [PATCH xtables 00/13] arptables: make it work,
Florian Westphal
- [PATCH xtables 01/13] arptables: use ->save for arptables-save, like xtables, Florian Westphal
- [PATCH xtables 02/13] arptables-save: add -c option, like xtables-save, Florian Westphal
- [PATCH xtables 03/13] arptables: remove code that is also commented-out in original arptables, Florian Westphal
- [PATCH xtables 04/13] arptables: fix rule deletion/compare, Florian Westphal
- [PATCH xtables 05/13] arptables: add basic test infra for arptables-nft, Florian Westphal
- [PATCH xtables 06/13] arptables: fix -s/-d handling for negation and mask, Florian Westphal
- [PATCH xtables 07/13] arptables: fix target ip offset, Florian Westphal
- [PATCH xtables 08/13] arptables: fix src/dst mac handling, Florian Westphal
- [PATCH xtables 09/13] arptables: pre-init hlen and ethertype, Florian Westphal
- [PATCH xtables 10/13] arptables: add test cases, Florian Westphal
- [PATCH xtables 11/13] arptables: make uni/multicast mac masks static, Florian Westphal
- [PATCH xtables 12/13] arptables: ignore --table argument., Florian Westphal
- [PATCH xtables 13/13] arptables: fix --version info, Florian Westphal
- BUG: Fatal in exception in interrupt, at nf_conncount_count [regression in 4.19(.1)],
Bruno Prémont
- [nft PATCH] nft.8: Clarify 'index' option of add rule command,
Phil Sutter
- [PATCH xtables] xtables: add 'printf' attribute to xlate_add, Florian Westphal
- [iptables PATCH 0/3] A few minor fixes,
Phil Sutter
- [PATCH iptables] nft: add NFT_TABLE_* enumeration, Pablo Neira Ayuso
- [PATCH xtables 1/2] ebtables-save: add -c option, using xtables-style counters,
Florian Westphal
- [PATCH iptables] nft: replace nft_chain_dump() by nft_chain_get_list(), Pablo Neira Ayuso
- [PATCH tip/core/rcu 30/41] netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh(),
Paul E. McKenney
- [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers,
Michał Mirosław
- [PATCH net-next 6/9] ipv4/tunnel: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 3/9] net/core: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 4/9] 8021q: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 9/9] sky2: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 5/9] bridge: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 2/9] nfnetlink/queue: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 1/9] cxgb4: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 7/9] benet: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next 8/9] mlx4: use __vlan_hwaccel helpers, Michał Mirosław
- Re: [PATCH net-next 0/9] Use __vlan_hwaccel_*() helpers, David Miller
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
