Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH 04/31] netfilter: nf_tables: asynchronous release, (continued)
- [PATCH 04/31] netfilter: nf_tables: asynchronous release, Pablo Neira Ayuso
- [PATCH 09/31] netfilter: nf_tables: avoid BUG_ON usage, Pablo Neira Ayuso
- [PATCH 13/31] netfilter: nat: remove unnecessary rcu_read_lock in nf_nat_redirect_ipv{4/6}, Pablo Neira Ayuso
- [PATCH 12/31] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions, Pablo Neira Ayuso
- [PATCH 10/31] netfilter: xtables: avoid BUG_ON, Pablo Neira Ayuso
- [PATCH 08/31] netfilter: xt_cgroup: shrink size of v2 path, Pablo Neira Ayuso
- [PATCH 03/31] netfilter: nf_tables: warn when expr implements only one of activate/deactivate, Pablo Neira Ayuso
- [PATCH 07/31] netfilter: ctnetlink: Support L3 protocol-filter on flush, Pablo Neira Ayuso
- [PATCH 05/31] netfilter: remove obsolete need_conntrack stub, Pablo Neira Ayuso
- [PATCH 01/31] netfilter: nf_tables: rt: allow checking if dst has xfrm attached, Pablo Neira Ayuso
- Re: [PATCH 00/31] Netfilter updates for net-next, David Miller
- [PATCH nf] netfilter: nf_flow_table: do not remove offload when other netns's interface is down,
Taehee Yoo
- [PATCH] netfilter: xt_quota: Don't use aligned attribute in sizeof,
Nathan Chancellor
- [PATCH nf-next] netfilter: nf_nat_snmp_basic: add missing helper alias name,
Taehee Yoo
- [PATCH nf 2/2] netfilter: xt_TEE: add missing code to get interface index in checkentry.,
Taehee Yoo
- [PATCH nf 1/2] netfilter: xt_TEE: fix wrong interface selection,
Taehee Yoo
- [PATCH nf 0/2] netfilter: xt_TEE: fix bugs in xt_TEE, Taehee Yoo
- [PATCH nf 2/2] netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine, Taehee Yoo
- [PATCH nf 1/2] netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine,
Taehee Yoo
- [PATCH nf 0/2] netfilter: ipt_CLUSTERIP: fix bugs in ipt_CLUSTERIP, Taehee Yoo
- [PATCH nf-next v3] nft_osf: Add ttl option support,
Fernando Fernandez Mancera
- [PATCH RFC,net-next 0/3] ip_tunnel: specify tunnel type via template,
Pablo Neira Ayuso
- [PATCH nft 0/4] assorted updates,
Pablo Neira Ayuso
- [PATCH nft] segtree: stop iteration on existing elements in case closing range is found, Pablo Neira Ayuso
- [PATCH nft] rule: fix memleak in do_get_setelems(), Pablo Neira Ayuso
- [PATCH nft] segtree: memleak in get_set_decompose(), Pablo Neira Ayuso
- [PATCH nft] segtree: disantangle get_set_interval_end(), Pablo Neira Ayuso
- [PATCH 14/16] netfilter: Replace spin_is_locked() with lockdep,
Lance Roy
- [PATCH net-next iptables] Rework the xt_quota module,
Chenbo Feng
- [PATCH nf-next] netfilter: nf_flow_table: remove flowtable hook flush routine in netns exit routine,
Taehee Yoo
- [PATCH nf] netfilter: nft_set_rbtree: allow loose matching of closing intervals, Pablo Neira Ayuso
- [PATCH nft] segtree: bogus range via get set element on existing elements, Pablo Neira Ayuso
- [PATCH nft] include: add missing xfrm.h to Makefile.am,
Fernando Fernandez Mancera
- __nf_register_net_hook jump label splat,
Borislav Petkov
- [PATCH nf-next v2] nft_osf: Add ttl option support,
Fernando Fernandez Mancera
- [PATCH 1/2 nft v2] src: osf: add ttl option support,
Fernando Fernandez Mancera
- [PATCH] Revert "openvswitch: Fix template leak in error cases.",
Flavio Leitner
- [PATCH] openvswitch: load NAT helper,
Flavio Leitner
- [nft PATCH] tests: shell: Test 'get element' command,
Phil Sutter
- Re: [PATCH] netfilter: check if the socket netns is correct.,
Guenter Roeck
- nft: Dubious code in get_set_decompose() of src/segtree.c,
Phil Sutter
- [nft PATCH 0/5] Fix and improve for 0021prio_0 in tests/shell,
Phil Sutter
- Contribution of a GRE Module,
Alexandre Connat
- [libnftnl PATCH] expr: xfrm: Fix for unused variable warning,
Phil Sutter
- [iptables PATCH 0/6] Follow-up to covscan fixes,
Phil Sutter
- [PATCH nf-next] netfilter: nf_tables: use rhashtable_lookup() instead of rhashtable_lookup_fast(),
Taehee Yoo
- [PATCH nf-next] netfilter: nf_flow_table: remove unnecessary nat flag check code,
Taehee Yoo
- [PATCH nf] netfilter: avoid erronous array bounds warning,
Florian Westphal
- [PATCH v3 1/2] netfilter: nf_tables: add SECMARK support,
Christian Göttsche
- [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support,
Christian Göttsche
- change netfilter packet flow,
morteza1131@xxxxxxxxx
- How to contribute to netfilter.org/documentation?, Phil Sutter
- [PATCH] doc: Re-work RULES:add/insert/replace to read better.,
Duncan Roe
- general protection fault in ctnetlink_alloc_filter,
syzbot
- [PATCH net-next 0/3] net: wean netfilter from fib_nh,
dsahern
- [PATCH] nftables: add support for setting secmark,
Christian Göttsche
- [PATCH] libnftnl: add support for new secmark object, Christian Göttsche
- [PATCH] netfilter: nf_tables: add SECMARK support,
Christian Göttsche
- [iptables PATCH 0/3] Merge legacy save and restore implementations,
Phil Sutter
- [iptables PATCH 00/28] Another round of covscan fixes,
Phil Sutter
- [iptables PATCH 19/28] iptables: Use print_ifaces() from xtables, Phil Sutter
- [iptables PATCH 11/28] libxt_time: Drop initialization of variable 'year', Phil Sutter
- [iptables PATCH 22/28] extensions: libebt_ip{,6}: Drop pointless error checking, Phil Sutter
- [iptables PATCH 02/28] xtables: Fix for wrong assert() in __nft_table_flush(), Phil Sutter
- [iptables PATCH 14/28] libxtables: Don't read garbage in xtables_strtoui(), Phil Sutter
- [iptables PATCH 28/28] iptables: Gitignore xtables-{legacy,nft}-multi scripts, Phil Sutter
- [iptables PATCH 17/28] iptables-apply: Replace signal numbers by names, Phil Sutter
- [iptables PATCH 24/28] libxtables: Use posix_spawn() instead of vfork(), Phil Sutter
- [iptables PATCH 15/28] nfnl_osf: Replace deprecated nfnl_talk() by nfnl_query(), Phil Sutter
- [iptables PATCH 04/28] Mark fall through cases in switch() statements, Phil Sutter
- [iptables PATCH 10/28] libxt_ipvs: Avoid potential buffer overrun, Phil Sutter
- [iptables PATCH 23/28] Fix a few cases of pointless assignments, Phil Sutter
- [iptables PATCH 06/28] xtables: Remove unused variable in nft_is_table_compatible(), Phil Sutter
- [iptables PATCH 13/28] libxtables: Avoid calling memcpy() with NULL source, Phil Sutter
- [iptables PATCH 03/28] libxtables: Integrate getethertype.c from xtables core, Phil Sutter
- [iptables PATCH 16/28] iptables-apply: Quote strings passed to echo, Phil Sutter
- [iptables PATCH 18/28] Share print_ipv{4,6}_addr() from xtables, Phil Sutter
- [iptables PATCH 01/28] nfnl_osf: Drop pointless check in xt_osf_strchr(), Phil Sutter
- [iptables PATCH 21/28] nft-arp: Drop ineffective conditional, Phil Sutter
- [iptables PATCH 07/28] libxt_LED: Avoid string overrun while parsing led-trigger-id, Phil Sutter
- [iptables PATCH 20/28] Sanitize calls to strcpy(), Phil Sutter
- [iptables PATCH 26/28] arptables: Fix incorrect strcmp() in nft_arp_rule_find(), Phil Sutter
- [iptables PATCH 09/28] libxt_conntrack: Avoid potential buffer overrun, Phil Sutter
- [iptables PATCH 25/28] xtables: Don't read garbage in nft_ipv4_parse_payload(), Phil Sutter
- [iptables PATCH 05/28] ip{,6}tables-restore: Fix for uninitialized array 'curtable', Phil Sutter
- [iptables PATCH 12/28] libiptc: Simplify alloc_handle() function signature, Phil Sutter
- [iptables PATCH 08/28] libxt_conntrack: Version 0 does not support XT_CONNTRACK_DIRECTION, Phil Sutter
- [iptables PATCH 27/28] xtables: Drop pointless check, Phil Sutter
- [PATCH] netfilter: conntrack: get rid of double sizeof,
zhong jiang
- Re: bpfilter breaks IPT_SO_GET_INFO,
Michal Kubecek
- [PATCH libnftnl v2] obj: ct_timeout: fix error in building tests,
Harsha Sharma
- Announcing Netdev 0x13 conference, Jamal Hadi Salim
- [PATCH] netfilter: nft_osf: use enum nft_data_types for nft_validate_register_store,
Stefan Agner
- [PATCH 4.14 095/126] inet: frags: Convert timers to use timer_setup(), Greg Kroah-Hartman
- [PATCH net] netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev,
dsahern
- [iptables PATCH] libxt_string: Fix array out of bounds check,
Phil Sutter
- [PATCH nft] src: osf: add ttl option support,
Fernando Fernandez Mancera
- [PATCH libnftnl] expr: osf: add ttl option support,
Fernando Fernandez Mancera
- [PATCH nf-next] nft_osf: Add ttl option support,
Fernando Fernandez Mancera
- SECMARK support,
Christian Göttsche
- KMSAN: uninit-value in strlcpy (2), syzbot
- KMSAN: uninit-value in do_ip_vs_set_ctl, syzbot
- [nft PATCH] Review numeric/literal options and related docs, Phil Sutter
- [nft PATCH] doc: Review man page building in Makefile.am,
Phil Sutter
- [nft PATCH] nft.8: Update meta pkt_type value description,
Phil Sutter
- [PATCH nf-next] netfilter: nf_tables: use rhashtable_walk_enter instead of rhashtable_walk_init,
Taehee Yoo
- [PATCH v3 04/30] inet: frags: Convert timers to use timer_setup(), Stephen Hemminger
- [PATCH] Conntrack l4 protocol helper for GRE has no GRE/IPv6 support,
Ignatius Cheng
- [PATCH v2 04/30] inet: frags: Convert timers to use timer_setup(), Stephen Hemminger
- [PATCH nf-next] netfilter: nat: remove duplicate skb_is_nonlinear() in __nf_nat_mangle_tcp_packet(),
Taehee Yoo
- netfilter: conntrack: remove indirect err call from l4proto trackers,
Florian Westphal
- [PATCH 04/29] inet: frags: Convert timers to use timer_setup(), Stephen Hemminger
- [nft PATCH 0/4] Apply some recent changes to JSON output,
Phil Sutter
- [PATCH nf-next] netfilter: nat: remove unnecessary rcu_read_lock in nf_nat_redirect_ipv{4/6},
Taehee Yoo
- [PATCH nf-next] netfilter: cttimeout: remove superfluous check on layer 4 netlink functions, Pablo Neira Ayuso
- [iptables PATCH 0/5] Fix for bugs indicated by covscan,
Phil Sutter
- [iptables PATCH] xtables-save: Ignore uninteresting tables,
Phil Sutter
- [nft PATCH] src: Fix literal check for inet_service type,
Phil Sutter
- [iptables PATCH] xtables: Don't check all rules for being compatible,
Phil Sutter
- [PATCH nf-next] netfilter: nf_nat_ipv4: remove obsolete EXPORT_SYMBOL,
Florian Westphal
- [PATCH] netfilter: masquerade: don't flush all conntracks if only one address deleted on device,
Tan Hu
- [iptables PATCH v2] xtables-restore: Fix flushing referenced custom chains, Phil Sutter
- [iptables PATCH] xtables-restore: Fix flushing referenced custom chains,
Phil Sutter
- [Patch nf] xt_hashlimit: use s->file instead of s->private,
Cong Wang
- [iptables PATCH] xtables: Accept --wait in iptables-nft-restore,
Phil Sutter
- [RFC] UAPI: Check headers by compiling all together as C++,
David Howells
- [PATCH libnftnl,nft] ipsec matching support,
Florian Westphal
- [PATCH nft] doc: Document ct timeout support,
Harsha Sharma
- [PATCH] obj: ct_timeout: fix error in building tests, Harsha Sharma
- [PATCH iptables] extensions: add cgroup revision 2, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: xtables: avoid BUG_ON,
Florian Westphal
- [PATCH nf-next] netfilter: nf_tables: avoid BUG_ON usage,
Florian Westphal
- [PATCH nft] proto: fix icmp/icmpv6 code datatype, Florian Westphal
- [PATCH nf] netfilter: nfnetlink_queue: Solve the NFQUEUE/conntrack clash for NF_REPEAT, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: xt_cgroup: shrink size of v2 path,
Pablo Neira Ayuso
- [PATCH] conntrack: Support L3 protocol-filter on flush,
Kristian Evensen
- [PATCH nf-next] netfilter: nf_tables: add xfrm expression,
Florian Westphal
- [PATCH nft] tests: fix json output for osf, socket and tproxy expressions, Florian Westphal
- [PATCH nf,v2] netfilter: cttimeout: ctnl_timeout_find_get() returns incorrect pointer to type, Pablo Neira Ayuso
- [PATCH nf] netfilter: cttimeout: ctnl_timeout_find_get() returns incorrect pointer to type, Pablo Neira Ayuso
- [iptables PATCH] doc: Improve layout of u32 instructions, Joseph C. Sible
- Re: netfilter mailing list abandoned, Neal P. Murphy
- [iptables PATCH] xtables: Drop use of IP6T_F_PROTO,
Phil Sutter
- [PATCH nf-next] netfilter: remove obsolete need_conntrack stub,
Florian Westphal
- [PATCH libnftnl 1/2] obj: ct_timeout: use fixed size array,
Pablo Neira Ayuso
- [PATCH nf] netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT, Pablo Neira Ayuso
- [iptables PATCH] xtables: Align return codes with legacy iptables,
Phil Sutter
- [PATCH ipset v3] Validate string type attributes in attr2data(),
Stefano Brivio
- [PATCH nft] src: osf: load pf.os from expr_evaluate_osf(),
Fernando Fernandez Mancera
- [PATCH nf] netfilter: nft_set_rbtree: add missing rb_erase() in GC routine,
Taehee Yoo
- [PATCH nft,libnftnl 0/2] rt ipsec support,
Florian Westphal
- [PATCH ipset] manpage: Add comment about matching on destination MAC address,
Stefano Brivio
- [PATCH ipset v2] Check setname length in session code before copying it,
Stefano Brivio
- [PATCH nft 1/2] tests: build: run make distcheck from fresh clone,
Pablo Neira Ayuso
- [nft PATCH 0/2] tests/py: One enhancement and a fix,
Phil Sutter
- [nft PATCH] parser_json: Fix crash in error reporting,
Phil Sutter
- [nft PATCH] py: trivial: Fix typo in comment string,
Phil Sutter
- [nft PATCH 0/9] JSON schema review,
Phil Sutter
- [nft PATCH 4/9] JSON: Review verdict statement and expression, Phil Sutter
- [nft PATCH 1/9] doc: Improve example in libnftables-json(5), Phil Sutter
- [nft PATCH 2/9] doc: Review libnftables-json.adoc, Phil Sutter
- [nft PATCH 6/9] JSON: Rename (v)map expression properties, Phil Sutter
- [nft PATCH 9/9] JSON: Add metainfo object to all output, Phil Sutter
- [nft PATCH 3/9] JSON: Make meta statement/expression extensible, Phil Sutter
- [nft PATCH 5/9] JSON: Review payload expression, Phil Sutter
- [nft PATCH 8/9] JSON: Make match op mandatory, introduce 'in' operator, Phil Sutter
- [nft PATCH 7/9] JSON: Rename mangle statement properties, Phil Sutter
- Re: [nft PATCH 0/9] JSON schema review, Pablo Neira Ayuso
- [PATCH nf-next 0/3] netfilter: nf_tables: remove last synchronize_rcu from config path,
Florian Westphal
- [PATCH nft] tests: build: no need for root to run build tests, Pablo Neira Ayuso
- nft: Cache maintenance woes,
Phil Sutter
- [PATCH nft 0/4] add json support for tproxy and osf expressions,
Florian Westphal
- [PATCH nft 4/4] src: tproxy: add json support, Florian Westphal
[PATCH nf-next] netfilter: nf_tables: rt: allow checking if dst has xfrm attached,
Florian Westphal
[PATCH] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net,
Eric Westbrook
[nft PATCH] json: Fix compile error,
Phil Sutter
[iptables PATCH v3] xtables: Fix for deleting rules with comment, Phil Sutter
[iptables PATCH v2] xtables: Fix for deleting rules with comment, Phil Sutter
[iptables PATCH] xtables: Fix for deleting rules with comment,
Phil Sutter
[PATCH nf] netfilter: nf_tables: release chain in flushing set,
Taehee Yoo
[PATCH v3 nf] netfilter: conntrack: reset tcp maxwin on re-register,
Florian Westphal
[PATCH nft 2/2] test: shell: Test cases for standard prios for flowtables,
Máté Eckl
[PATCH nft 1/2] test: shell: Test cases for standard chain prios,
Máté Eckl
Re: mmotm 2018-08-23-17-26 uploaded (netfilter: undefined reference),
Randy Dunlap
[nft PATCH] doc: Document implicit dependency creation for icmp/icmpv6,
Phil Sutter
[nft PATCH] tests: py: Fix coloring of differences,
Phil Sutter
[nft PATCH] parser_bison: Fix for ECN keyword in LHS of relational,
Phil Sutter
[PATCH nft] src: honor /etc/services, Pablo Neira Ayuso
[PATCH nf 1/2] netfilter: conntrack: place 'new' timeout in first location too,
Florian Westphal
[iptables PATCH 00/10] Some fixes and enhancements around ebtables-translate,
Phil Sutter
- [iptables PATCH 09/10] ebtables-translate: Fix for libebt_limit.txlate, Phil Sutter
- [iptables PATCH 04/10] ebtables-translate: Fix segfault while parsing extension options, Phil Sutter
- [iptables PATCH 05/10] xtables: Add a few missing exit calls, Phil Sutter
- [iptables PATCH 02/10] xlate-test: Fix for calling wrong command name, Phil Sutter
- [iptables PATCH 01/10] extensions: AUDIT: Provide translation, Phil Sutter
- [iptables PATCH 07/10] ebtables: Review match/target lookup once more, Phil Sutter
- [iptables PATCH 08/10] xtables: Add missing deinitialization, Phil Sutter
- [iptables PATCH 10/10] ip6tables-translate: Fix libip6t_mh.txlate test, Phil Sutter
- [iptables PATCH 03/10] ebtables: trivial: Leverage C99-style initializers a bit more, Phil Sutter
- [iptables PATCH 06/10] extensions: libebt_mark: Drop mark_supplied check, Phil Sutter
- Re: [iptables PATCH 00/10] Some fixes and enhancements around ebtables-translate, Pablo Neira Ayuso
[PATCH nf v2] netfilter: conntrack: reset tcp maxwin on re-register, Florian Westphal
[PATCH nf] netfilter: nf_tables: rework ct timeout set support,
Florian Westphal
[PATCH 1/3 nft v4] files: osf: copy iptables/utils/pf.os into nftables tree,
Fernando Fernandez Mancera
Re: [PATCH 1/3 nft v4] files: osf: copy iptables/utils/pf.os into nftables tree, Pablo Neira Ayuso
[nf-next v2 1/3] netfilter: export SRH processing functions from seg6local,
Ahmed Abdelsalam
[PATCH v2 nf] netfilter: xt_checksum: ignore gso skbs,
Florian Westphal
[PATCH ipset 0/4] Fix issues reported by Covscan,
Stefano Brivio
[PATCH] netfilter: xt_cluster: add dependency on conntrack module,
Martin Willi
[PATCH 1/3 nft v3] files: osf: copy iptables/utils/pf.os into nftables tree,
Fernando Fernandez Mancera
Helper for RTSP connection tracking/NAT?,
Nicolas Boullis
[PATCH] netfilter: conntrack: remove duplicated include from nf_conntrack_proto_udp.c,
Yue Haibing
[PATCH] xtables: Fix for segfault when registering hashlimit extension,
Heena Sirwani
[PATCH nf] netfilter: conntrack: reset tcp maxwin on re-register,
Florian Westphal
[iptables PATCH] xtables: Use meta l4proto for -p match,
Phil Sutter
[PATCH nf] netfilter: xt_checksum: ignore gso skbs,
Florian Westphal
[PATCH v2] nft: Fix build failure in rule.c,
Duncan Roe
[PATCH 10/15] netfilter: x_tables: do not fail xt_alloc_table_info too easilly,
Pablo Neira Ayuso
[PATCH 0/2] ipset: Destination MAC match, consistent zero MAC checks,
Stefano Brivio
[iptables PATCH] xtables: Fix for segfault in iptables-nft, Phil Sutter
[PATCH] doc: Add script to build PDF files,
Duncan Roe
[PATCH] nft: Fix build failure in rule.c,
Duncan Roe
linux-next: manual merge of the ipvs tree with the netfilter tree, Stephen Rothwell
[iptables PATCH] ebtables: Fix entries count in chain listing,
Phil Sutter
[iptables PATCH] xtables: Make 'iptables -S nonexisting' return non-zero,
Phil Sutter
[iptables] extensions: add support for 'SEG6' target,
Ahmed Abdelsalam
[PATCH nft 1/4] statement: incorrect spacing in set reference,
Pablo Neira Ayuso
[PATCH nf] netfilter: nft_dynset: allow dynamic updates of non-anonymous set, Pablo Neira Ayuso
[iptables PATCH] ebtables: Fix for listing of non-existent chains,
Phil Sutter
[PATCH nf-next] netfilter: nft_tproxy: Fix missing-braces warning,
Máté Eckl
[iptables PATCH] xtables: Fix for no output in iptables-nft -S,
Phil Sutter
ebtables-nft: user-defined chain policies,
Phil Sutter
dropped SSH sessions with kernels >= 4.14 upon iptables clear then load [REGRESSION][BISECTED],
Doug Smythies
[PATCH nft] build: remove PDF documentation generation,
Pablo Neira Ayuso
[PATCH] doc: Remove double-spacing in text,
Duncan Roe
Re: Linux NATting does not support NAT hole punching?, Neal P. Murphy
xtables-addon build with kernel 4.17/4.18 is (still) "not officially supported yet. continue at own luck", PGNet Dev
[PATCH nft v5 3/3] tests: shell: add tests for ct timeout objects, Harsha Sharma
[PATCH nft v5 2/3] tests: py: add ct timeout tests, Harsha Sharma
[PATCH nft v5 1/3] src: add ct timeout support,
Harsha Sharma
[PATCH libnftnl 2/2] examples: ct_timeout: remove unnecessary and non-existing include, Harsha Sharma
[PATCH libnftnl 1/2] src: ct_timeout: remove unnecessary and non-existing include, Harsha Sharma
[nft PATCH] evaluate: reject: Allow icmpx in inet/bridge families,
Phil Sutter
[PATCH 1/3 nft v2] files: osf: copy iptables/utils/pf.os into nftables tree,
Fernando Fernandez Mancera
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
