Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH iptables] ebtables-compat: add initial translations, (continued)
- Re: [PATCH iptables] ebtables-compat: add initial translations, Pablo Neira Ayuso
[nft PATCH] cli: Drop String termination workaround, Phil Sutter
- Re: [nft PATCH] cli: Drop String termination workaround, Pablo Neira Ayuso
[PATCH] netfilter: ftp helper: Support \n and \r terminators for PORT, Scott Parlane
Re: ipset 6.37, Jan Engelhardt
- Re: ipset 6.37, Jozsef Kadlecsik
[ANNOUNCE] ipset 6.37 released, Jozsef Kadlecsik
- Re: [ANNOUNCE] ipset 6.37 released, Jozsef Kadlecsik
[nft PATCH 0/8] Convert tests/py to use libnftables directly, Phil Sutter
- [nft PATCH 4/8] libnftables: Support buffering output and error, Phil Sutter
- [nft PATCH 6/8] tests/py: Use libnftables instead of calling nft binary, Phil Sutter
- [nft PATCH 7/8] tests/py: Review print statements in nft-test.py, Phil Sutter
- [nft PATCH 5/8] libnftables: Simplify cookie integration, Phil Sutter
- [nft PATCH 1/8] ct: Fix output_fp bypass in ct_print(), Phil Sutter
  - Re: [nft PATCH 1/8] ct: Fix output_fp bypass in ct_print(), Florian Westphal
- [nft PATCH 2/8] libnftables: Fix for input without trailing newline, Phil Sutter
- [nft PATCH 8/8] tests/py: Allow passing multiple files to nft-test.py, Phil Sutter
- [nft PATCH 3/8] libnftables: Introduce nft_ctx_set_error(), Phil Sutter
  - Re: [nft PATCH 3/8] libnftables: Introduce nft_ctx_set_error(), Pablo Neira Ayuso
- Re: [nft PATCH 0/8] Convert tests/py to use libnftables directly, Pablo Neira Ayuso
  - Re: [nft PATCH 0/8] Convert tests/py to use libnftables directly, Phil Sutter
[PATCH iptables] ebtables-compat: don't make failing extension load fatal, Florian Westphal
- Re: [PATCH iptables] ebtables-compat: don't make failing extension load fatal, Pablo Neira Ayuso
[PATCH iptables] ebtables-compat: load mark target, Florian Westphal
- Re: [PATCH iptables] ebtables-compat: load mark target, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: can't fail after linking rule into active rule list, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: can't fail after linking rule into active rule list, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: free set name in error path, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: free set name in error path, Pablo Neira Ayuso
[PATCH] netfilter: fix CONFIG_NF_REJECT_IPV6=m link error, Arnd Bergmann
- Re: [PATCH] netfilter: fix CONFIG_NF_REJECT_IPV6=m link error, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: fix CONFIG_NF_REJECT_IPV6=m link error, Arnd Bergmann
    - Re: [PATCH] netfilter: fix CONFIG_NF_REJECT_IPV6=m link error, Pablo Neira Ayuso
      - Re: [PATCH] netfilter: fix CONFIG_NF_REJECT_IPV6=m link error, Arnd Bergmann
      - Re: [PATCH] netfilter: CONFIG_NF_REJECT_IPV{4,6} becomes bool toggle, kbuild test robot
      - Re: [PATCH] netfilter: CONFIG_NF_REJECT_IPV{4,6} becomes bool toggle, kbuild test robot
[PATCH nf-next v4] netfilter: nf_osf: nf_osf_ttl() and nf_osf_match(), Fernando Fernandez Mancera
[PATCH v2] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
- [PATCH v3] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
  - Re: [PATCH v3] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
  - Re: [PATCH v3] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Florian Westphal
    - Re: [PATCH v3] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
  - [PATCH v4] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
  - [PATCH v5] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
    - Re: [PATCH v5] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Pablo Neira Ayuso
      - Re: [PATCH v5] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
[PATCH iptables 1/4] xtables-compat: fix snprintf truncation warnings, Florian Westphal
- [PATCH iptables 2/4] xtables-compat: also validate priorities and hook points match expected values, Florian Westphal
- [PATCH iptables 3/4] xtables-compat: skip unsupported tables, Florian Westphal
- [PATCH iptables 4/4] xtables-compat: only validate the xtables builtin tables, Florian Westphal
[PATCH nf-next] netfilter: x_tables: remove duplicate ip6t_get_target function call, Taehee Yoo
- Re: [PATCH nf-next] netfilter: x_tables: remove duplicate ip6t_get_target function call, Pablo Neira Ayuso
[PATCH nf-next] netfilter: ebtables: remove EBT_MATCH and EBT_NOMATCH, Taehee Yoo
- Re: [PATCH nf-next] netfilter: ebtables: remove EBT_MATCH and EBT_NOMATCH, Pablo Neira Ayuso
[PATCH nf-next] netfilter: ebtables: add ebt_free_table_info function, Taehee Yoo
- Re: [PATCH nf-next] netfilter: ebtables: add ebt_free_table_info function, Pablo Neira Ayuso
[PATCH nf-next] netfilter: add __exit mark to helper modules, Taehee Yoo
[PATCH net] ipvs: fix rtnl_lock lockups caused by start_sync_thread, Julian Anastasov
- Re: [PATCH net] ipvs: fix rtnl_lock lockups caused by start_sync_thread, Simon Horman
  - Re: [PATCH net] ipvs: fix rtnl_lock lockups caused by start_sync_thread, Pablo Neira Ayuso
    - Re: [PATCH net] ipvs: fix rtnl_lock lockups caused by start_sync_thread, Simon Horman
INFO: task hung in do_ip_vs_set_ctl (2), syzbot
- Re: INFO: task hung in do_ip_vs_set_ctl (2), syzbot
- Re: INFO: task hung in do_ip_vs_set_ctl (2), syzbot
  - Re: INFO: task hung in do_ip_vs_set_ctl (2), Eric Biggers
[PATCH] xt_connmark: Add bit mapping for bit-shift operation., Jack Ma
- Re: [PATCH] xt_connmark: Add bit mapping for bit-shift operation., Florian Westphal
  - Re: [PATCH] xt_connmark: Add bit mapping for bit-shift operation., Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH] xt_connmark: Add bit mapping for bit-shift operation., Jack Ma
  - [PATCH v2] xt_connmark: Fix invalid tginfo* casting., Jack Ma
    - Re: [PATCH v2] xt_connmark: Fix invalid tginfo* casting., Jack Ma
    - Re: [PATCH v2] xt_connmark: Fix invalid tginfo* casting., Pablo Neira Ayuso
[ANNOUNCE] 14th Netfilter Workshop in Berlin, Germany, Florian Westphal
Proposal: Add config option to set xtable_lock wait = true., Jack Ma
[PATCH nf] netfilter: ebtables: don't attempt to allocate 0-sized compat array, Florian Westphal
- Re: [PATCH nf] netfilter: ebtables: don't attempt to allocate 0-sized compat array, Pablo Neira Ayuso
compat ebtables broke in syzkaller, Dmitry Vyukov
- Re: compat ebtables broke in syzkaller, Florian Westphal
  - Re: compat ebtables broke in syzkaller, Dmitry Vyukov
    - Re: compat ebtables broke in syzkaller, Florian Westphal
      - Re: compat ebtables broke in syzkaller, Dmitry Vyukov
[PATCH v6] netfilter : add NAT support for shifted portmap ranges, Thierry Du Tre
- Re: [PATCH v6] netfilter : add NAT support for shifted portmap ranges, Pablo Neira Ayuso
[PATCH nft] configure: don't enable xtables when --without-xtables is passed, Florian Westphal
- Re: [PATCH nft] configure: don't enable xtables when --without-xtables is passed, Alexander Dahl
[PATCH] netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}, Subash Abhinov Kasiviswanathan
[PATCH v2 0/2] net: nftables: Simplify set backend selection, Phil Sutter
- [PATCH v2 2/2] net: nftables: Export set backend name via netlink, Phil Sutter
- [PATCH v2 1/2] net: nftables: Simplify set backend selection, Phil Sutter
  - Re: [PATCH v2 1/2] net: nftables: Simplify set backend selection, Pablo Neira Ayuso
[PATCH v3] extensions: libipt_DNAT: support shifted portmap ranges, Thierry Du Tre
[PATCH v5] netfilter : add NAT support for shifted portmap ranges, Thierry Du Tre
- Re: [PATCH v5] netfilter : add NAT support for shifted portmap ranges, kbuild test robot
- Re: [PATCH v5] netfilter : add NAT support for shifted portmap ranges, kbuild test robot
[PATCH nf-next v3] netfilter: nf_osf: nf_osf_ttl() and nf_osf_match(), Fernando Fernandez Mancera
- Re: [PATCH nf-next v3] netfilter: nf_osf: nf_osf_ttl() and nf_osf_match(), kbuild test robot
[PATCH nft 0/4] evaluate: clean up binop transfer, Florian Westphal
- [PATCH nft 1/4] evaluate: move lhs fixup to a helper, Florian Westphal
- [PATCH nft 2/4] evaluate: split binop xfer to separate function, Florian Westphal
- [PATCH nft 3/4] evaluate: handle EXPR_MAPPING, Florian Westphal
- [PATCH nft 4/4] evaluate: use recursive call for SET_REF handling, Florian Westphal
- Re: [PATCH nft 0/4] evaluate: clean up binop transfer, Pablo Neira Ayuso
[PATCH nft 1/2] evaluate: propagate binop_transfer() adjustment to set key size, Pablo Neira Ayuso
- [PATCH nft 2/2] netlink: floating point exception, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_conntrack_sip: allow duplicate SDP expectations, Florian Westphal
- Re: [PATCH nf] netfilter: nf_conntrack_sip: allow duplicate SDP expectations, Pablo Neira Ayuso
[ulogd PATCH] ulogd2: cleanup downstream files, Arturo Borrero Gonzalez
- Re: [ulogd PATCH] ulogd2: cleanup downstream files, Pablo Neira Ayuso
[PATCH nft] evaluate: do not inconditionally update cache from flush command, Pablo Neira Ayuso
[PATCH v2] net: netfilter: nf_tables_api: Use id allocation., Varsha Rao
Problems on redirecting traffic transparently, Haohao Lee
[PATCH nft] evaluate: increase set key size if needed, Florian Westphal
- Re: [PATCH nft] evaluate: increase set key size if needed, Pablo Neira Ayuso
  - Re: [PATCH nft] evaluate: increase set key size if needed, Florian Westphal
    - Re: [PATCH nft] evaluate: increase set key size if needed, Pablo Neira Ayuso
      - Re: [PATCH nft] evaluate: increase set key size if needed, Florian Westphal
        
        Re: [PATCH nft] evaluate: increase set key size if needed, Pablo Neira Ayuso
[RFC xt-compat] ebtables: full nft translations, Florian Westphal
- Re: [RFC xt-compat] ebtables: full nft translations, Pablo Neira Ayuso
  - Re: [RFC xt-compat] ebtables: full nft translations, Pablo Neira Ayuso
  - Re: [RFC xt-compat] ebtables: full nft translations, Florian Westphal
    - Re: [RFC xt-compat] ebtables: full nft translations, Pablo Neira Ayuso
[PATCH nft 0/6] fix dependency eval and nft-test.py, Florian Westphal
- [PATCH nft 1/6] statement: print space before "{" in set add, Florian Westphal
- [PATCH nft 2/6] netlink_delinearize: kill dependency before eval of 'redirect' stmt, Florian Westphal
- [PATCH nft 3/6] tests: redirect: fix tests for upcoming nft-test.py fix, Florian Westphal
  - Re: [PATCH nft 3/6] tests: redirect: fix tests for upcoming nft-test.py fix, Pablo Neira Ayuso
    - Re: [PATCH nft 3/6] tests: redirect: fix tests for upcoming nft-test.py fix, Florian Westphal
      - Re: [PATCH nft 3/6] tests: redirect: fix tests for upcoming nft-test.py fix, Pablo Neira Ayuso
- [PATCH nft 4/6] tests: mh: fix expected test output, Florian Westphal
- [PATCH nft 5/6] tests: ct, meta: fixes for upcoming nft-test.py fix, Florian Westphal
- [PATCH nft 6/6] nft-test: check start of rule with sets too, Florian Westphal
- Re: [PATCH nft 0/6] fix dependency eval and nft-test.py, Pablo Neira Ayuso
[PATCH nft] src: Updates for mini-gmp.{c,h}, Harsha Sharma
- Re: [PATCH nft] src: Updates for mini-gmp.{c,h}, Pablo Neira Ayuso
  - Re: [PATCH nft] src: Updates for mini-gmp.{c,h}, Pablo Neira Ayuso
[PATCH WIP nf-next] netfilter: nft_ct: add ct timeout support, Harsha Sharma
- Re: [PATCH WIP nf-next] netfilter: nft_ct: add ct timeout support, Pablo Neira Ayuso
- Re: [PATCH WIP nf-next] netfilter: nft_ct: add ct timeout support, kbuild test robot
- Re: [PATCH WIP nf-next] netfilter: nft_ct: add ct timeout support, kbuild test robot
[PATCH WIP libnftnl 2/2] examples: add nft-ct-timeout-{add,del,get}, Harsha Sharma
- Re: [PATCH WIP libnftnl 2/2] examples: add nft-ct-timeout-{add,del,get}, Pablo Neira Ayuso
[PATCH WIP libnftnl 1/2] src: add ct timeout support, Harsha Sharma
[PATCH WIP libnftnl 0/2] Add ct timeout support, Harsha Sharma
[PATCH 00/12] Ethernet: Add and use ether_<type>_addr globals, Joe Perches
- [PATCH 04/12] bridge: netfilter: Use the new global ether_<foo>_addr arrays, Joe Perches
  - Re: [PATCH 04/12] bridge: netfilter: Use the new global ether_<foo>_addr arrays, Pablo Neira Ayuso
    - Re: [PATCH 04/12] bridge: netfilter: Use the new global ether_<foo>_addr arrays, Joe Perches
- Re: [PATCH 00/12] Ethernet: Add and use ether_<type>_addr globals, Felix Fietkau
  - Re: [PATCH 00/12] Ethernet: Add and use ether_<type>_addr globals, Joe Perches
    - Re: [PATCH 00/12] Ethernet: Add and use ether_<type>_addr globals, Felix Fietkau
[Patches] iptables and ip6tables: Warning on use of -L, Noel Kuntze
[Patch nf] nf_conntrack_extend: silent a memory leak warning, Cong Wang
- Re: [Patch nf] nf_conntrack_extend: silent a memory leak warning, Pablo Neira Ayuso
[PATCH nf-next v2] netfilter: nf_osf implementation: nf_osf_ttl() and nf_osf_match(), Fernando Fernandez Mancera
- Re: [PATCH nf-next v2] netfilter: nf_osf implementation: nf_osf_ttl() and nf_osf_match(), kbuild test robot
- Re: [PATCH nf-next v2] netfilter: nf_osf implementation: nf_osf_ttl() and nf_osf_match(), kbuild test robot
- Re: [PATCH nf-next v2] netfilter: nf_osf implementation: nf_osf_ttl() and nf_osf_match(), Florian Westphal
  - Re: [PATCH nf-next v2] netfilter: nf_osf implementation: nf_osf_ttl() and nf_osf_match(), Pablo Neira Ayuso
- Re: [PATCH nf-next v2] netfilter: nf_osf implementation: nf_osf_ttl() and nf_osf_match(), Pablo Neira Ayuso
[PATCH 40/47] netfilter: nf_tables: build-in filter chain type, Pablo Neira Ayuso
- [PATCH 46/47] Revert "netfilter: x_tables: ensure last rule in base chain matches underflow/policy", Pablo Neira Ayuso
- [PATCH 47/47] netfilter: ipset: Use is_zero_ether_addr instead of static and memcmp, Pablo Neira Ayuso
- [PATCH 44/47] netfilter: Merge assignment with return, Pablo Neira Ayuso
- [PATCH 45/47] netfilter: x_tables: Add note about how to free percpu counters, Pablo Neira Ayuso
- [PATCH 41/47] netfilter: nf_tables: enable conntrack if NAT chain is registered, Pablo Neira Ayuso
- [PATCH 43/47] netfilter: nf_tables: use nft_set_lookup_global from nf_tables_newsetelem(), Pablo Neira Ayuso
- [PATCH 42/47] netfilter: nf_tables: rename to nft_set_lookup_global(), Pablo Neira Ayuso
- Re: [PATCH 40/47] netfilter: nf_tables: build-in filter chain type, Arnd Bergmann
  - Re: [PATCH 40/47] netfilter: nf_tables: build-in filter chain type, Pablo Neira Ayuso
    - Re: [PATCH 40/47] netfilter: nf_tables: build-in filter chain type, Arnd Bergmann
[PATCH 30/47] netfilter: Replace printk() with pr_*() and define pr_fmt(), Pablo Neira Ayuso
- [PATCH 38/47] netfilter: nf_tables: rename struct nf_chain_type, Pablo Neira Ayuso
- [PATCH 39/47] netfilter: nf_tables: nft_register_chain_type() returns void, Pablo Neira Ayuso
- [PATCH 37/47] netfilter: ebt_stp: Use generic functions for comparisons, Pablo Neira Ayuso
- [PATCH 35/47] netfilter: ebtables: Add string filter, Pablo Neira Ayuso
- [PATCH 36/47] netfilter: add flowtable documentation, Pablo Neira Ayuso
- [PATCH 34/47] netfilter: ebtables: Add support for specifying match revision, Pablo Neira Ayuso
- [PATCH 33/47] netfilter: ebtables: add support for matching IGMP type, Pablo Neira Ayuso
- [PATCH 31/47] netfilter: ctnetlink: synproxy support, Pablo Neira Ayuso
- [PATCH 32/47] netfilter: ebtables: add support for matching ICMP type and code, Pablo Neira Ayuso
[PATCH 20/47] netfilter: x_tables: fix build with CONFIG_COMPAT=n, Pablo Neira Ayuso
- [PATCH 27/47] netfilter: nf_tables: remove VLA usage, Pablo Neira Ayuso
- [PATCH 29/47] netfilter: xt_conntrack: Support bit-shifting for CONNMARK & MARK targets., Pablo Neira Ayuso
- [PATCH 24/47] netfilter: nft_ct: add NFT_CT_{SRC,DST}_{IP,IP6}, Pablo Neira Ayuso
- [PATCH 26/47] netfilter: nfnetlink_cthelper: Remove VLA usage, Pablo Neira Ayuso
- [PATCH 28/47] netfilter: ebtables: use ADD_COUNTER macro, Pablo Neira Ayuso
- [PATCH 25/47] netfilter: cttimeout: remove VLA usage, Pablo Neira Ayuso
- [PATCH 21/47] ipvs: use true and false for boolean values, Pablo Neira Ayuso
- [PATCH 23/47] netfilter: conncount: Support count only use case, Pablo Neira Ayuso
- [PATCH 22/47] netfilter: Refactor nf_conncount, Pablo Neira Ayuso
[PATCH 10/47] netfilter: x_tables: enforce unique and ascending entry points, Pablo Neira Ayuso
- [PATCH 14/47] netfilter: compat: prepare xt_compat_init_offsets to return errors, Pablo Neira Ayuso
- [PATCH 15/47] netfilter: compat: reject huge allocation requests, Pablo Neira Ayuso
- [PATCH 19/47] netfilter: xt_limit: Spelling s/maxmum/maximum/, Pablo Neira Ayuso
- [PATCH 17/47] netfilter: x_tables: ensure last rule in base chain matches underflow/policy, Pablo Neira Ayuso
- [PATCH 18/47] netfilter: make xt_rateest hash table per net, Pablo Neira Ayuso
- [PATCH 16/47] netfilter: x_tables: make sure compat af mutex is held, Pablo Neira Ayuso
- [PATCH 13/47] netfilter: x_tables: add counters allocation wrapper, Pablo Neira Ayuso
- [PATCH 11/47] netfilter: x_tables: cap allocations at 512 mbyte, Pablo Neira Ayuso
- [PATCH 12/47] netfilter: x_tables: limit allocation requests for blob rule heads, Pablo Neira Ayuso
[PATCH 00/47] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 07/47] netfilter: x_tables: check standard verdicts in core, Pablo Neira Ayuso
- [PATCH 08/47] netfilter: x_tables: check error target size too, Pablo Neira Ayuso
- [PATCH 06/47] netfilter: unlock xt_table earlier in __do_replace, Pablo Neira Ayuso
- [PATCH 05/47] netfilter: ipt_ah: return boolean instead of integer, Pablo Neira Ayuso
- [PATCH 09/47] netfilter: x_tables: move hook entry checks into core, Pablo Neira Ayuso
- [PATCH 03/47] netfilter: xt_cluster: get rid of xt_cluster_ipv6_is_multicast, Pablo Neira Ayuso
- [PATCH 04/47] netfilter: nf_conntrack_broadcast: remove useless parameter, Pablo Neira Ayuso
- [PATCH 01/47] netfilter: nf_tables: nf_tables_obj_lookup_byhandle() can be static, Pablo Neira Ayuso
- [PATCH 02/47] netfilter: nfnetlink_acct: remove useless parameter, Pablo Neira Ayuso
- Re: [PATCH 00/47] Netfilter/IPVS updates for net-next, David Miller
- Re: [PATCH 00/47] Netfilter/IPVS updates for net-next, Rafał Miłecki
  - Re: [PATCH 00/47] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
[PATCH net-next 0/5] Introduce net_rwsem to protect net_namespace_list, Kirill Tkhai
- [PATCH net-next 1/5] net: Introduce net_rwsem to protect net_namespace_list, Kirill Tkhai
- [PATCH net-next 2/5] net: Don't take rtnl_lock() in wireless_nlevent_flush(), Kirill Tkhai
- [PATCH net-next 3/5] security: Remove rtnl_lock() in selinux_xfrm_notify_policyload(), Kirill Tkhai
- [PATCH net-next 4/5] ovs: Remove rtnl_lock() from ovs_exit_net(), Kirill Tkhai
- [PATCH net-next 5/5] net: Remove rtnl_lock() in nf_ct_iterate_destroy(), Kirill Tkhai
- Re: [PATCH net-next 0/5] Introduce net_rwsem to protect net_namespace_list, David Miller
[PATCH] netfilter: x_tables: Add note about how to free percpu counters, Ben Hutchings
- Re: [PATCH] netfilter: x_tables: Add note about how to free percpu counters, Pablo Neira Ayuso
[PATCH net-next 0/3] Close race between {un, }register_netdevice_notifier and pernet_operations, Kirill Tkhai
- [PATCH net-next 1/3] xfrm: Register xfrm_dev_notifier in appropriate place, Kirill Tkhai
- [PATCH net-next 2/3] netfilter: Rework xt_TEE netdevice notifier, Kirill Tkhai
  - Re: [PATCH net-next 2/3] netfilter: Rework xt_TEE netdevice notifier, Pablo Neira Ayuso
- [PATCH net-next 3/3] net: Close race between {un, }register_netdevice_notifier() and setup_net()/cleanup_net(), Kirill Tkhai
- Re: [PATCH net-next 0/3] Close race between {un, }register_netdevice_notifier and pernet_operations, David Miller
  - Re: [PATCH net-next 0/3] Close race between {un, }register_netdevice_notifier and pernet_operations, Kirill Tkhai
INFO: task hung in stop_sync_thread (2), syzbot
- Re: INFO: task hung in stop_sync_thread (2), Julian Anastasov
- Re: INFO: task hung in stop_sync_thread (2), syzbot
  - Re: INFO: task hung in stop_sync_thread (2), Dmitry Vyukov
[PATCH] net: netfilter: Merge assignment with return, Arushi Singhal
- Re: [PATCH] net: netfilter: Merge assignment with return, Pablo Neira Ayuso
[PATCH nf-next] netfilter: add flowtable documentation, Pablo Neira Ayuso
[PATCH nf-next 1/4] netfilter: nf_tables: rename to nft_set_lookup_global(), Pablo Neira Ayuso
- [PATCH nf-next 2/4] netfilter: nf_tables: use nft_set_lookup_global from nf_tables_newsetelem(), Pablo Neira Ayuso
- [PATCH nf-next 3/4] netfilter: nf_tables: simplify lookup functions, Pablo Neira Ayuso
- [PATCH nf-next 4/4] netfilter: nf_tables: initial support for extended ACK reporting, Pablo Neira Ayuso
[PATCH nft] proto: permit icmp-in-ipv6 and icmpv6-in-ipv4, Florian Westphal
- Re: [PATCH nft] proto: permit icmp-in-ipv6 and icmpv6-in-ipv4, Phil Sutter
  - Re: [PATCH nft] proto: permit icmp-in-ipv6 and icmpv6-in-ipv4, Florian Westphal
    - Re: [PATCH nft] proto: permit icmp-in-ipv6 and icmpv6-in-ipv4, Phil Sutter
      - Re: [PATCH nft] proto: permit icmp-in-ipv6 and icmpv6-in-ipv4, Pablo Neira Ayuso
        
        Re: [PATCH nft] proto: permit icmp-in-ipv6 and icmpv6-in-ipv4, Phil Sutter
[PATCH nft] payload: don't remove icmp family dependency in special cases, Florian Westphal
- Re: [PATCH nft] payload: don't remove icmp family dependency in special cases, Jozsef Kadlecsik
[PATCH nf] netfilter: ipt_CLUSTERIP: Allow configuring --local-node 0 again, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: ipt_CLUSTERIP: Allow configuring --local-node 0 again, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: ipt_CLUSTERIP: Allow configuring --local-node 0 again, Tobias Brunner
    - Re: [PATCH nf] netfilter: ipt_CLUSTERIP: Allow configuring --local-node 0 again, Pablo Neira Ayuso
[PATCH nf-next] nf_osf implementation: nf_osf_ttl() and nf_osf_match(), Fernando Fernandez Mancera
- Re: [PATCH nf-next] nf_osf implementation: nf_osf_ttl() and nf_osf_match(), Florian Westphal
- Re: [PATCH nf-next] nf_osf implementation: nf_osf_ttl() and nf_osf_match(), kbuild test robot
[PATCH nf-next 1/4] netfilter: nf_tables: rename struct nf_chain_type, Pablo Neira Ayuso
- [PATCH nf-next 2/4] netfilter: nf_tables: nft_register_chain_type() returns void, Pablo Neira Ayuso
- [PATCH nf-next 4/4] netfilter: nf_tables: enable conntrack if NAT chain is registered, Pablo Neira Ayuso
- [PATCH nf-next 3/4] netfilter: nf_tables: build-in filter chain type, Pablo Neira Ayuso
[PATCH nft] src: avoid errouneous assert with map+concat, Florian Westphal
[PATCH] doc: nft.8 more spelling fixes, Duncan Roe
- Re: [PATCH] doc: nft.8 more spelling fixes, Florian Westphal
[PATCH 0/4] net: drivers/net: Use octal permissions, Joe Perches
- [PATCH 3/4] net: Use octal not symbolic permissions, Joe Perches
  - Re: [PATCH 3/4] net: Use octal not symbolic permissions, David Miller
[nf-next PATCH 0/2] net: nftables: Simplify set backend selection, Phil Sutter
- [nf-next PATCH 2/2] net: nftables: Export set backend name via netlink, Phil Sutter
- [nf-next PATCH 1/2] net: nftables: Simplify set backend selection, Phil Sutter
[PATCH 1/2] netfilter: nf_flow_table: add missing condition for TCP state check, Felix Fietkau
- [PATCH 2/2] netfilter: nf_flow_table: fix offloading connections with SNAT+DNAT, Felix Fietkau
[PATCH nf] netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}, Subash Abhinov Kasiviswanathan
- Re: [PATCH nf] netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}, Florian Westphal
  - Re: [PATCH nf] netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}, Subash Abhinov Kasiviswanathan
- Re: [PATCH nf] netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}, Pablo Neira Ayuso
[PATCH 1/2 nf] netfilter: nf_tables: cache device name in flowtable object, Pablo Neira Ayuso
- [PATCH 2/2 nf] netfilter: nf_tables: do not hold reference on netdevice from preparation phase, Pablo Neira Ayuso
[PATCH nf] netfilter: drop template ct when conntrack is skipped., Paolo Abeni
- Re: [PATCH nf] netfilter: drop template ct when conntrack is skipped., Florian Westphal
- Re: [PATCH nf] netfilter: drop template ct when conntrack is skipped., Pablo Neira Ayuso
[nft PATCH] Export libnftables (again), Phil Sutter
- Re: [nft PATCH] Export libnftables (again), Pablo Neira Ayuso
  - Re: [nft PATCH] Export libnftables (again), Phil Sutter
- Re: [nft PATCH] Export libnftables (again), Pablo Neira Ayuso
[nft PATCH] tests/shell: Test flush and nat chain recreate in one go, Phil Sutter
- Re: [nft PATCH] tests/shell: Test flush and nat chain recreate in one go, Florian Westphal
[nf-next PATCH] net: nftables: Respect hash set backend features, Phil Sutter
- Re: [nf-next PATCH] net: nftables: Respect hash set backend features, Pablo Neira Ayuso
  - Re: [nf-next PATCH] net: nftables: Respect hash set backend features, Phil Sutter
    - Re: [nf-next PATCH] net: nftables: Respect hash set backend features, Florian Westphal
      - Re: [nf-next PATCH] net: nftables: Respect hash set backend features, Phil Sutter
  - Re: [nf-next PATCH] net: nftables: Respect hash set backend features, Phil Sutter
    - Re: [nf-next PATCH] net: nftables: Respect hash set backend features, Pablo Neira Ayuso
[PATCH] bridge: netfilter: ebt_stp: Use generic functions for comparisons, Joe Perches
- Re: [PATCH] bridge: netfilter: ebt_stp: Use generic functions for comparisons, Pablo Neira Ayuso
[PATCH v2] iptables: constify option struct, Arushi Singhal
- Re: [PATCH v2] iptables: constify option struct, Pablo Neira Ayuso
[PATCH] iptables: extension: Constify option struct, Arushi Singhal
[ebtables PATCH v2] Add string filter to ebtables, Bernie Harris
- Re: [ebtables PATCH v2] Add string filter to ebtables, Pablo Neira Ayuso
[PATCH v2 1/3] net: Allow to and from offsets to be equal in skb_find_text, Bernie Harris
- [PATCH v2 2/3] ebtables: Add support for specifying match revision, Bernie Harris
  - Re: [PATCH v2 2/3] ebtables: Add support for specifying match revision, Pablo Neira Ayuso
- [PATCH v2 3/3] ebtables: Add string filter, Bernie Harris
  - Re: [PATCH v2 3/3] ebtables: Add string filter, Pablo Neira Ayuso
- Re: [PATCH v2 1/3] net: Allow to and from offsets to be equal in skb_find_text, Pablo Neira Ayuso
  - Re: [PATCH v2 1/3] net: Allow to and from offsets to be equal in skb_find_text, Bernie Harris
[PATCH] netfilter: ipset: Use is_zero_ether_addr instead of static and memcmp, Joe Perches
- Re: [PATCH] netfilter: ipset: Use is_zero_ether_addr instead of static and memcmp, Pablo Neira Ayuso
[PATCH libnftnl v2] examples: add nft-ct-helper-{add,get,del}, Yang Zheng
- Re: [PATCH libnftnl v2] examples: add nft-ct-helper-{add,get,del}, Pablo Neira Ayuso
- Re: [PATCH libnftnl v2] examples: add nft-ct-helper-{add,get,del}, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: add missing netlink attrs to policies, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: add missing netlink attrs to policies, Pablo Neira Ayuso
[PATCH 1/2 conntrackd] src: add ARRAY_SIZE definition, Pablo Neira Ayuso
- [PATCH 2/2 conntrackd] conntrackd: add TCP flag support, Pablo Neira Ayuso
- Re: [PATCH 1/2 conntrackd] src: add ARRAY_SIZE definition, Jan Engelhardt
[PATCH nf-next,RFC] netfilter: nf_conntrack_tcp: reset entry only from CLOSE and TIME_WAIT states, Pablo Neira Ayuso
- Re: [PATCH nf-next,RFC] netfilter: nf_conntrack_tcp: reset entry only from CLOSE and TIME_WAIT states, Jozsef Kadlecsik
[PATCH 1/2 nf-next,v2] netfilter: ctnetlink: synproxy support, Pablo Neira Ayuso
- [PATCH 2/2 nf-next] netfilter: SYNPROXY: don't proxy invalid PSH,ACK packets, Pablo Neira Ayuso
  - Re: [PATCH 2/2 nf-next] netfilter: SYNPROXY: don't proxy invalid PSH,ACK packets, Florian Westphal
    - Re: [PATCH 2/2 nf-next] netfilter: SYNPROXY: don't proxy invalid PSH,ACK packets, Pablo Neira Ayuso
      - Re: [PATCH 2/2 nf-next] netfilter: SYNPROXY: don't proxy invalid PSH,ACK packets, Florian Westphal
[PATCH libnftnl] examples: add nft-ct-helper-{add,get,del}, Yang Zheng
- Re: [PATCH libnftnl] examples: add nft-ct-helper-{add,get,del}, Arturo Borrero Gonzalez
[nft PATCH 0/6] A set of patches resulting from running tests/shell, Phil Sutter
- [nft PATCH 5/6] tests/shell: Fix sporadic fail of include/0007glob_double_0, Phil Sutter
- [nft PATCH 4/6] flowtable: Make parsing a little more robust, Phil Sutter
- [nft PATCH 6/6] tests/shell: Allow to specify multiple testcases, Phil Sutter
- [nft PATCH 1/6] Support 'nft -f -' to read from stdin, Phil Sutter
- [nft PATCH 3/6] tests/shell: Fix flowtable test cases, Phil Sutter
- [nft PATCH 2/6] tests/shell: Fix dump of chains/0016delete_handle_0, Phil Sutter
- Re: [nft PATCH 0/6] A set of patches resulting from running tests/shell, Arturo Borrero Gonzalez
- Re: [nft PATCH 0/6] A set of patches resulting from running tests/shell, Pablo Neira Ayuso
[PATCH net-next 0/2] Converting pernet_operations (part #10), Kirill Tkhai
- [PATCH net-next 1/2] net: Convert lowpan_frags_ops, Kirill Tkhai
  - Re: [PATCH net-next 1/2] net: Convert lowpan_frags_ops, David Miller
- [PATCH net-next 2/2] net: Convert nf_ct_net_ops, Kirill Tkhai
  - Re: [PATCH net-next 2/2] net: Convert nf_ct_net_ops, David Miller
[PATCH] doc: nft.8 aim for consistent synopses throughout (again), Duncan Roe
- Re: [PATCH] doc: nft.8 aim for consistent synopses throughout (again), Florian Westphal
[WIKI] Certificate has expired, Duncan Roe
[PATCH nft] rule: reset cache iff there is an existing cache, Pablo Neira Ayuso
[PATCH] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
- [PATCH] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
  - Re: [PATCH] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
    - Re: [PATCH] libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark, Jack Ma
[PATCH] xt_conntrack: Support bit-shifting for CONNMARK & MARK targets., Jack Ma
- Re: [PATCH] xt_conntrack: Support bit-shifting for CONNMARK & MARK targets., Pablo Neira Ayuso
  - Re: [PATCH] xt_conntrack: Support bit-shifting for CONNMARK & MARK targets., Jack Ma
[PATCH libmnl] attr: zero attribute padding, Florian Westphal
- Re: [PATCH libmnl] attr: zero attribute padding, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: permit second nat hook if colliding hook is going away, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: permit second nat hook if colliding hook is going away, kbuild test robot
- [RFC PATCH] netfilter: nf_tables: nf_tables_allow_nat_conflict() can be static, kbuild test robot
  - Re: [RFC PATCH] netfilter: nf_tables: nf_tables_allow_nat_conflict() can be static, Florian Westphal
    - Re: [RFC PATCH] netfilter: nf_tables: nf_tables_allow_nat_conflict() can be static, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: nf_tables: permit second nat hook if colliding hook is going away, Pablo Neira Ayuso
[PATCH nft] doc: describe table dormant flag, Florian Westphal
- Re: [PATCH nft] doc: describe table dormant flag, Pablo Neira Ayuso
[nft PATCH] Combine redir and masq statements into nat, Phil Sutter
- Re: [nft PATCH] Combine redir and masq statements into nat, Pablo Neira Ayuso
[PATCH nft 1/2] src: fix routing header support, Florian Westphal
- [PATCH nft 2/2] tests: add srh test cases, Florian Westphal
- Re: [PATCH nft 1/2] src: fix routing header support, Ahmed Abdelsalam
[iptables PATCH] iptables: add xtables-translate.8 manpage, Arturo Borrero Gonzalez
[PATCH nft] tests: update to new syntax to add/update set from packet path, Pablo Neira Ayuso
[PATCH nft,v2] src: revisit syntax to update sets and maps from packet path, Pablo Neira Ayuso
[PATCH nft] src: revisit syntax to update sets and maps from packet path, Pablo Neira Ayuso
[PATCH nft] src: update dynamic set updates from packet path syntax, Pablo Neira Ayuso
[nft PATCH 0/2] relational: Eliminate meta OPs, Phil Sutter
- [nft PATCH 2/2] netlink: Fold netlink_gen_cmp() into netlink_gen_relational(), Phil Sutter
- [nft PATCH 1/2] relational: Eliminate meta OPs, Phil Sutter
- Re: [nft PATCH 0/2] relational: Eliminate meta OPs, Pablo Neira Ayuso
[nft PATCH] tests/shell: Use custom nft binary for ruleset listing, Phil Sutter
- Re: [nft PATCH] tests/shell: Use custom nft binary for ruleset listing, Pablo Neira Ayuso
[PATCH v2 nft] support of dynamic map addition and update of elements, Laura Garcia Liebana
- Re: [PATCH v2 nft] support of dynamic map addition and update of elements, Pablo Neira Ayuso
  - Re: [PATCH v2 nft] support of dynamic map addition and update of elements, Pablo Neira Ayuso
    - Re: [PATCH v2 nft] support of dynamic map addition and update of elements, Pablo Neira Ayuso
[PATCH net-next 0/6] Converting pernet_operations (part #8), Kirill Tkhai
- [PATCH net-next 1/6] net: Convert l2tp_net_ops, Kirill Tkhai
  - Re: [PATCH net-next 1/6] net: Convert l2tp_net_ops, Guillaume Nault
- [PATCH net-next 3/6] net: Convert ovs_net_ops, Kirill Tkhai
- [PATCH net-next 4/6] net: Convert ipvs_core_ops, Kirill Tkhai
- [PATCH net-next 5/6] net: Convert ipvs_core_dev_ops, Kirill Tkhai
- [PATCH net-next 6/6] net: Convert ip_vs_ftp_ops, Kirill Tkhai
- [PATCH net-next 2/6] net: Convert mpls_net_ops, Kirill Tkhai
- Re: [PATCH net-next 0/6] Converting pernet_operations (part #8), Julian Anastasov
- Re: [PATCH net-next 0/6] Converting pernet_operations (part #8), David Miller
  - Re: [PATCH net-next 0/6] Converting pernet_operations (part #8), Kirill Tkhai
[PATCH nft] support of dynamic map addition and update of elements, Laura Garcia Liebana
- Re: [PATCH nft] support of dynamic map addition and update of elements, Pablo Neira Ayuso
  - Re: [PATCH nft] support of dynamic map addition and update of elements, Pablo Neira Ayuso
[PATCH nft] create u32_integer type to be used as a key for sets and maps, Laura Garcia Liebana
- Re: [PATCH nft] create u32_integer type to be used as a key for sets and maps, Duncan Roe
  - Re: [PATCH nft] create u32_integer type to be used as a key for sets and maps, Laura Garcia
    - Re: [PATCH nft] create u32_integer type to be used as a key for sets and maps, Duncan Roe
[PATCH] netfilter: ebtables: use ADD_COUNTER macro, Taehee Yoo
- Re: [PATCH] netfilter: ebtables: use ADD_COUNTER macro, Pablo Neira Ayuso
[PATCH conntrack-tools] src: synproxy support, Pablo Neira Ayuso
[PATCH libnetfilter_conntrack] conntrack: add synproxy support, Pablo Neira Ayuso
[PATCH nf-next] netfilter: ctnetlink: synproxy support, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: meter: pick a set backend that supports updates, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: meter: pick a set backend that supports updates, Pablo Neira Ayuso
explicit OP_EQ with non-singleton RHS, Phil Sutter
- Re: explicit OP_EQ with non-singleton RHS, Pablo Neira Ayuso
nftables patch proposal: debug_mask propagate through cache_update() just as it is., nozzy123nozzy
[PATCH v2] netfilter: nf_tables: remove VLA usage, Gustavo A. R. Silva
- Re: [PATCH v2] netfilter: nf_tables: remove VLA usage, Pablo Neira Ayuso
[PATCH] netfilter: nf_tables: remove VLA usage, Gustavo A. R. Silva
[PATCH] netfilter: nfnetlink_cthelper: Remove VLA usage, Gustavo A. R. Silva
- Re: [PATCH] netfilter: nfnetlink_cthelper: Remove VLA usage, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nfnetlink_cthelper: Remove VLA usage, Gustavo A. R. Silva
[PATCH] netfilter: cttimeout: remove VLA usage, Gustavo A. R. Silva
- Re: [PATCH] netfilter: cttimeout: remove VLA usage, Joe Perches
  - Re: [PATCH] netfilter: cttimeout: remove VLA usage, Pablo Neira Ayuso
    - Re: [PATCH] netfilter: cttimeout: remove VLA usage, Joe Perches
- Re: [PATCH] netfilter: cttimeout: remove VLA usage, Pablo Neira Ayuso
[PATCH] net: drivers/net: Remove unnecessary skb_copy_expand OOM messages, Joe Perches
- Re: [PATCH] net: drivers/net: Remove unnecessary skb_copy_expand OOM messages, David Miller
[PATCH] Net: netfilter: Replace printk() with pr_*() and define pr_fmt(), Arushi Singhal
- Re: [PATCH] Net: netfilter: Replace printk() with pr_*() and define pr_fmt(), Pablo Neira Ayuso
[PATCH nft] netlink: use nftnl_flowtable_get/set, Florian Westphal
- Re: [PATCH nft] netlink: use nftnl_flowtable_get/set, Pablo Neira Ayuso
[PATCH nft] src: install table skeleton files to sysconfdir/nftables, Florian Westphal
- Re: [PATCH nft] src: install table skeleton files to sysconfdir/nftables, Arturo Borrero Gonzalez
  - Re: [PATCH nft] src: install table skeleton files to sysconfdir/nftables, Florian Westphal
[PATCH nf] netfilter: nf_tables: release flowtable hooks, Pablo Neira Ayuso
[PATCH v2] net: netfilter: Replace printk() with appropriate pr_*() macro, Arushi Singhal
- Re: [PATCH v2] net: netfilter: Replace printk() with appropriate pr_*() macro, Joe Perches
  - Re: [PATCH v2] net: netfilter: Replace printk() with appropriate pr_*() macro, Pablo Neira Ayuso
    - Message not available
      - Re: [PATCH v2] net: netfilter: Replace printk() with appropriate pr_*() macro, Pablo Neira Ayuso
    - Message not available
      - Re: [PATCH v2] net: netfilter: Replace printk() with appropriate pr_*() macro, Florian Westphal
[PATCH 1/1] doc: add set information and example for run-time blackhole, Florian Westphal
[PATCH] src: fix parsing for set handle attributes, Harsha Sharma
- Re: [PATCH] src: fix parsing for set handle attributes, Eckl, Máté
Re: [PATCH Netfilter] net: netfilter: Replace printk() with more standardize output format., Pablo Neira Ayuso
- Message not available
  - Re: [PATCH Netfilter] net: netfilter: Replace printk() with more standardize output format., Florian Westphal
Problem in setting up netfilter repository, SIMRAN SINGHAL
- Re: Problem in setting up netfilter repository, Harsha Sharma
connlimit modul doesn't works as expected, Toralf Förster
- Re: connlimit modul doesn't works as expected, Florian Westphal
  - Re: connlimit modul doesn't works as expected, Toralf Förster
  - Re: connlimit modul doesn't works as expected, Toralf Förster
    - Re: connlimit modul doesn't works as expected, Florian Westphal
[PATCH nf] netfilter: x_tables: add and use xt_check_proc_name, Florian Westphal
- Re: [PATCH nf] netfilter: x_tables: add and use xt_check_proc_name, Pablo Neira Ayuso
WARNING in __proc_create, syzbot
- Re: WARNING in __proc_create, Cong Wang
  - Re: WARNING in __proc_create, Eric Dumazet
    - Re: WARNING in __proc_create, Eric Dumazet
      - Re: WARNING in __proc_create, Cong Wang
        
        Re: WARNING in __proc_create, Florian Westphal
        
        Re: WARNING in __proc_create, Eric Dumazet
        
        Re: WARNING in __proc_create, Cong Wang
        
        Re: WARNING in __proc_create, Eric Dumazet
    - Re: WARNING in __proc_create, Florian Westphal
[PATCH] tests: shell: fix tests for deletion via handle attribute, Harsha Sharma
- Re: [PATCH] tests: shell: fix tests for deletion via handle attribute, Pablo Neira Ayuso
[PATCH nf v5] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
- Re: [PATCH nf v5] netfilter: bridge: ebt_among: add more missing match size checks, Eric Dumazet
- Re: [PATCH nf v5] netfilter: bridge: ebt_among: add more missing match size checks, Pablo Neira Ayuso
[PATCH nft] ct: support for NFT_CT_{SRC,DST}_{IP,IP6}, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH nft] ct: support for NFT_CT_{SRC,DST}_{IP,IP6}, Pablo Neira Ayuso
[PATCH libnftnl] src: support for NFT_CT_{SRC,DST}_{IP,IP6}, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nft_ct: add NFT_CT_{SRC,DST}_{IP,IP6}, Pablo Neira Ayuso
- Re: [PATCH nf-next] netfilter: nft_ct: add NFT_CT_{SRC,DST}_{IP,IP6}, Florian Westphal
[PATCH nf v4] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
- Re: [PATCH nf v4] netfilter: bridge: ebt_among: add more missing match size checks, Eric Dumazet
[PATCH nf v3] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
- Re: [PATCH nf v3] netfilter: bridge: ebt_among: add more missing match size checks, Eric Dumazet
  - Re: [PATCH nf v3] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
    - Re: [PATCH nf v3] netfilter: bridge: ebt_among: add more missing match size checks, Eric Dumazet
      - Re: [PATCH nf v3] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
[PATCH nf v2] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
[PATCH] rule: print handle attribute in more clearer manner, Harsha Sharma
- Re: [PATCH] rule: print handle attribute in more clearer manner, Pablo Neira Ayuso
[PATCH nf] netfilter: ebtables: fix erroneous reject of last rule, Florian Westphal
- Re: [PATCH nf] netfilter: ebtables: fix erroneous reject of last rule, Pablo Neira Ayuso
[PATCH nf-next 0/2] netfilter: set transport header properly, Serhey Popovych
- [PATCH nf-next 1/2] netfilter: SYNPROXY: set transport header properly, Serhey Popovych
  - Re: [PATCH nf-next 1/2] netfilter: SYNPROXY: set transport header properly, Eric Dumazet
    - Re: [PATCH nf-next 1/2] netfilter: SYNPROXY: set transport header properly, Serhey Popovych
      - Re: [PATCH nf-next 1/2] netfilter: SYNPROXY: set transport header properly, Eric Dumazet
        
        Re: [PATCH nf-next 1/2] netfilter: SYNPROXY: set transport header properly, Serhey Popovych
      - Re: [PATCH nf-next 1/2] netfilter: SYNPROXY: set transport header properly, Pablo Neira Ayuso
- [PATCH nf-next 2/2] netfilter: nf_reject: set transport header properly, Serhey Popovych
[PATCH nf] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
- Re: [PATCH nf] netfilter: bridge: ebt_among: add more missing match size checks, Florian Westphal
[PATCH nft] tests: shell: autogenerate dump verification, Laura Garcia Liebana
- Re: [PATCH nft] tests: shell: autogenerate dump verification, Pablo Neira Ayuso
BUG: unable to handle kernel paging request in ebt_among_mt_check (2), syzbot
[PATCH] src: don't not dump set content from netlink_get_setelems(), Pablo Neira Ayuso
[PATCH nft] src: remove unused batch support checks, Pablo Neira Ayuso
[PATCH nft] src: move monitor code to src/monitor.c, Pablo Neira Ayuso
- Re: [PATCH nft] src: move monitor code to src/monitor.c, Phil Sutter
  - Re: [PATCH nft] src: move monitor code to src/monitor.c, Arturo Borrero Gonzalez
[PATCH nft] src: support for get element command, Pablo Neira Ayuso
[PATCH iptables 0/4] iptables: Fix [unsupported revision] for matches/targets after update, Serhey Popovych
- [PATCH iptables 1/4] xtables: Do not register matches/targets with incompatible revision, Serhey Popovych
  - Re: [PATCH iptables 1/4] xtables: Do not register matches/targets with incompatible revision, Phil Sutter
- [PATCH iptables 2/4] xtables: Check match/target size vs XT_ALIGN(size) at register time, Serhey Popovych
- [PATCH iptables 3/4] xtables: Register all match/target revisions supported by us and kernel, Serhey Popovych
- [PATCH iptables 4/4] xtables: Fix rules print/save after iptables update, Serhey Popovych
- Re: [PATCH iptables 0/4] iptables: Fix [unsupported revision] for matches/targets after update, Willem de Bruijn
[RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy, Gustavo A. R. Silva
- Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy, Pablo Neira Ayuso
  - Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy, Gustavo A. R. Silva
    - Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy, Pablo Neira Ayuso
      - Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy, Gustavo A. R. Silva
WARNING in compat_copy_entries (2), syzbot
- Re: WARNING in compat_copy_entries (2), Dmitry Vyukov
- Re: WARNING in compat_copy_entries (2), syzbot
  - Re: WARNING in compat_copy_entries (2), Andy Lutomirski
    - Re: WARNING in compat_copy_entries (2), Florian Westphal
Port triggering, Stéphane Veyret
- Re: Port triggering, Stéphane Veyret
- Re: Port triggering, Florian Westphal
  - Re: Port triggering, Stéphane Veyret
    - Re: Port triggering, Stéphane Veyret
    - Re: Port triggering, Florian Westphal
      - Re: Port triggering, Stéphane Veyret
        
        Re: Port triggering, Florian Westphal
        
        Re: Port triggering, Stéphane Veyret
        
        Re: Port triggering, Stéphane Veyret
        
        Re: Port triggering, Florian Westphal
[PATCH nf-next] netfilter: x_tables: fix build with CONFIG_COMPAT=n, Florian Westphal
- Re: [PATCH nf-next] netfilter: x_tables: fix build with CONFIG_COMPAT=n, Pablo Neira Ayuso
[nf-next:master 7/24] net/netfilter/x_tables.c:797:3: error: implicit declaration of function 'verdict_ok', kbuild test robot
[PATCH] configure: Verify libnftnl install is recent enough, Duncan Roe
- Re: [PATCH] configure: Verify libnftnl install is recent enough, Pablo Neira Ayuso
[nf-next:master 8/24] net/netfilter/x_tables.c:819:8: error: implicit declaration of function 'error_tg_ok', kbuild test robot
[nf-next:master 7/24] net/netfilter/x_tables.c:797:8: error: implicit declaration of function 'verdict_ok'; did you mean 'vprintk'?, kbuild test robot
[RFC nft] tests: shell: autogenerate dump verification, Laura Garcia Liebana
- Re: [RFC nft] tests: shell: autogenerate dump verification, Arturo Borrero Gonzalez
  - Re: [RFC nft] tests: shell: autogenerate dump verification, Florian Westphal
    - Re: [RFC nft] tests: shell: autogenerate dump verification, Arturo Borrero Gonzalez
[PATCH] ipvs: use true and false for boolean values, Gustavo A. R. Silva
- Re: [PATCH] ipvs: use true and false for boolean values, Simon Horman
  - Re: [PATCH] ipvs: use true and false for boolean values, Pablo Neira Ayuso
[PATCH nft] rule: broken handle listing of table and named objects, Pablo Neira Ayuso
[PATCH nft] rule: print object handle with --echo --handle, Pablo Neira Ayuso
[PATCH nft 1/2] netlink: print chain handle with --echo --handle, Pablo Neira Ayuso
- [PATCH nft 2/2] netlink: print table handle with --echo --handle, Pablo Neira Ayuso
[PATCH nft] tests: shell: set timeout and size combination coverage, Pablo Neira Ayuso
- Re: [PATCH nft] tests: shell: set timeout and size combination coverage, Arturo Borrero Gonzalez
  - Re: [PATCH nft] tests: shell: set timeout and size combination coverage, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_set_hash: skip fixed hash if timeout is specified, Pablo Neira Ayuso
[PATCH net] netfilter: check for out-of-bounds while copying compat entries, Paolo Abeni
- Re: [PATCH net] netfilter: check for out-of-bounds while copying compat entries, Florian Westphal
  - Re: [PATCH net] netfilter: check for out-of-bounds while copying compat entries, Paolo Abeni
BUG: unable to handle kernel paging request in compat_copy_entries, syzbot
- Re: BUG: unable to handle kernel paging request in compat_copy_entries, Paolo Abeni
  - Re: BUG: unable to handle kernel paging request in compat_copy_entries, Eric Biggers
[PATCH nf-next v2 1/2] netfilter: Refactor nf_conncount, Yi-Hung Wei
- [PATCH nf-next v2 2/2] nf_conncount: Support count only use case, Yi-Hung Wei
  - Re: [PATCH nf-next v2 2/2] nf_conncount: Support count only use case, Florian Westphal
  - Re: [PATCH nf-next v2 2/2] nf_conncount: Support count only use case, Pablo Neira Ayuso
- Re: [PATCH nf-next v2 1/2] netfilter: Refactor nf_conncount, Florian Westphal
- Re: [PATCH nf-next v2 1/2] netfilter: Refactor nf_conncount, Pablo Neira Ayuso
[PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching, Matthias Schiffer
- [PATCH nf-next 1/2] ebtables: add support for matching ICMP type and code, Matthias Schiffer
  - Re: [PATCH nf-next 1/2] ebtables: add support for matching ICMP type and code, Pablo Neira Ayuso
    - Re: [PATCH nf-next 1/2] ebtables: add support for matching ICMP type and code, Matthias Schiffer
      - Re: [PATCH nf-next 1/2] ebtables: add support for matching ICMP type and code, Pablo Neira Ayuso
- [PATCH ebtables 4/4] ebt_ip: add support for matching IGMP type, Matthias Schiffer
- [PATCH ebtables 1/4] include: sync linux/netfilter_bridge/ebt_ip.h with kernel, Matthias Schiffer
  - Re: [PATCH ebtables 1/4] include: sync linux/netfilter_bridge/ebt_ip.h with kernel, Pablo Neira Ayuso
- [PATCH ebtables 2/4] Move ICMP type handling functions from ebt_ip6 to useful_functions.c, Matthias Schiffer
- [PATCH ebtables 3/4] ebt_ip: add support for matching ICMP type and code, Matthias Schiffer
- [PATCH nf-next 2/2] ebtables: add support for matching IGMP type, Matthias Schiffer
- Re: [PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching, Florian Westphal
  - Re: [PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching, Matthias Schiffer
    - Re: [PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching, Duncan Roe
    - nftables code size (was: Re: [PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching), Matthias Schiffer
      - Re: nftables code size (was: Re: [PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching), Florian Westphal
      - Re: nftables code size (was: Re: [PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching), Pablo Neira Ayuso
        
        Re: nftables code size, Matthias Schiffer
        
        Re: nftables code size, Pablo Neira Ayuso
        
        Re: nftables code size, Matthias Schiffer
        
        Re: nftables code size, Phil Sutter
        
        Re: nftables code size, Matthias Schiffer
        
        Re: nftables code size, Phil Sutter
- Re: [PATCH nf-next 0/2] ebtables: add support for ICMP and IGMP type/code matching, Pablo Neira Ayuso
[PATCH nft,v2] src: add variable expression and use it to allow redefinitions, Pablo Neira Ayuso
[PATCH nft 1/2] src: add variable expression and use it to allow redefinitions, Pablo Neira Ayuso
- [PATCH nft 2/2] tests: shell: redefine and undefine, Pablo Neira Ayuso
Contribute to Net-filter Development && G-Soc 2018, Himanshu Sagar
- Re: Contribute to Net-filter Development && G-Soc 2018, Arturo Borrero Gonzalez
[ANNOUNCE] nftables 0.8.3 release, Florian Westphal
[ANNOUNCE] ipset 6.36 released, Jozsef Kadlecsik
[PATCH nft] src: datatype: prefer sscanf, avoid strncpy, Florian Westphal
[PATCH nft] netlink: remove non-batching routines, Pablo Neira Ayuso
[PATCH nft] configure: misc updates, Pablo Neira Ayuso
- Re: [PATCH nft] configure: misc updates, Florian Westphal
[PATCH v2 nft] libnftables: Print error and exit for empty string, Harsha Sharma
- Re: [PATCH v2 nft] libnftables: Print error and exit for empty string, Florian Westphal
[PATCH 00/14] Netfilter/IPVS fixes for net, Pablo Neira Ayuso
- [PATCH 07/14] netfilter: nf_flow_table: fix checksum when handling DNAT, Pablo Neira Ayuso
- [PATCH 09/14] netfilter: don't set F_IFACE on ipv6 fib lookups, Pablo Neira Ayuso
- [PATCH 12/14] netfilter: nf_tables: missing attribute validation in nf_tables_delflowtable(), Pablo Neira Ayuso
- [PATCH 11/14] netfilter: nf_tables: return EBUSY if device already belongs to flowtable, Pablo Neira Ayuso
- [PATCH 14/14] ipvs: remove IPS_NAT_MASK check to fix passive FTP, Pablo Neira Ayuso
- [PATCH 10/14] netfilter: use skb_to_full_sk in ip6_route_me_harder, Pablo Neira Ayuso
- [PATCH 05/14] netfilter: ebtables: convert BUG_ONs to WARN_ONs, Pablo Neira Ayuso
- [PATCH 13/14] netfilter: nf_tables: use the right index from flowtable error path, Pablo Neira Ayuso
- [PATCH 08/14] netfilter: increase IPSTATS_MIB_CSUMERRORS stat, Pablo Neira Ayuso
- [PATCH 04/14] netfilter: bridge: ebt_among: add missing match size checks, Pablo Neira Ayuso
- [PATCH 06/14] netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets, Pablo Neira Ayuso
- [PATCH 03/14] netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt, Pablo Neira Ayuso
- [PATCH 01/14] netfilter: ipt_CLUSTERIP: put config struct if we can't increment ct refcount, Pablo Neira Ayuso
- [PATCH 02/14] netfilter: ipt_CLUSTERIP: put config instead of freeing it, Pablo Neira Ayuso
- Re: [PATCH 00/14] Netfilter/IPVS fixes for net, David Miller
[PATCH nft] fix integer type size to be used as a key for sets and maps, Laura Garcia Liebana
- Re: [PATCH nft] fix integer type size to be used as a key for sets and maps, Phil Sutter
  - Re: [PATCH nft] fix integer type size to be used as a key for sets and maps, Laura Garcia Liebana
[PATCH trivial resend]] netfilter: xt_limit: Spelling s/maxmum/maximum/, Geert Uytterhoeven
- Re: [PATCH trivial resend]] netfilter: xt_limit: Spelling s/maxmum/maximum/, Pablo Neira Ayuso
[PATCH nft] parser: support of maps with timeout, Laura Garcia Liebana
- Re: [PATCH nft] parser: support of maps with timeout, Pablo Neira Ayuso
  - Re: [PATCH nft] parser: support of maps with timeout, Arturo Borrero Gonzalez
[Patch nf-next] netfilter: make xt_rateest hash table per net, Cong Wang
- Re: [Patch nf-next] netfilter: make xt_rateest hash table per net, Eric Dumazet
  - Re: [Patch nf-next] netfilter: make xt_rateest hash table per net, Pablo Neira Ayuso
[nft PATCH 0/6] A number of covscan-induced fixes, Phil Sutter
- [nft PATCH 4/6] hash: Fix potential null-pointer dereference in hash_expr_cmp(), Phil Sutter
- [nft PATCH v2 6/6] netlink_delinearize: Fix resource leaks, Phil Sutter
- [nft PATCH 3/6] evaluate: Fix memleak in stmt_reject_gen_dependency(), Phil Sutter
- [nft PATCH 2/6] erec: Avoid passing negative offset to fseek(), Phil Sutter
- [nft PATCH 1/6] cli: Drop pointless check in cli_append_multiline(), Phil Sutter
- [nft PATCH 5/6] netlink: Complain if setting O_NONBLOCK fails, Phil Sutter
- Re: [nft PATCH 0/6] A number of covscan-induced fixes, Pablo Neira Ayuso
[PATCH iptables 0/3] iptables: Unify val[/mask] parsing and printing routines, Serhey Popovych
- [PATCH iptables 2/3] xtables: Introduce and use common function to parse val[/mask] arguments, Serhey Popovych
  - Re: [PATCH iptables 2/3] xtables: Introduce and use common function to parse val[/mask] arguments, Florian Westphal
- [PATCH iptables 1/3] extensions: Initialize linear mapping of symbols in _init() of extension, Serhey Popovych
  - Re: [PATCH iptables 1/3] extensions: Initialize linear mapping of symbols in _init() of extension, Florian Westphal
- [PATCH iptables 3/3] xtables: Introduce and use common function to print val[/mask] arguments, Serhey Popovych
  - Re: [PATCH iptables 3/3] xtables: Introduce and use common function to print val[/mask] arguments, Florian Westphal
[PATCH nf-next 1/2] netfilter: nf_conncount: Refactor nf_conncount, Yi-Hung Wei
- [PATCH nf-next 2/2] nf_conncount: Support count only use case, Yi-Hung Wei
  - Re: [PATCH nf-next 2/2] nf_conncount: Support count only use case, Florian Westphal
    - Re: [PATCH nf-next 2/2] nf_conncount: Support count only use case, Yi-Hung Wei
      - Re: [PATCH nf-next 2/2] nf_conncount: Support count only use case, Florian Westphal
- Re: [PATCH nf-next 1/2] netfilter: nf_conncount: Refactor nf_conncount, Florian Westphal
  - Re: [PATCH nf-next 1/2] netfilter: nf_conncount: Refactor nf_conncount, Yi-Hung Wei
[PATCH nft] tests: shell: regression test for bugzilla 1228, Pablo Neira Ayuso
[nft PATCH] Review switch statements for unmarked fall through cases, Phil Sutter
- Re: [nft PATCH] Review switch statements for unmarked fall through cases, Florian Westphal
  - Re: [nft PATCH] Review switch statements for unmarked fall through cases, Phil Sutter
    - Re: [nft PATCH] Review switch statements for unmarked fall through cases, Florian Westphal
[nft PATCH] netlink_delinearize: Fix resource leaks, Phil Sutter
[nft PATCH 0/2] Review monitor code for output_fp conformity, Phil Sutter
- [nft PATCH 1/2] monitor: Make trace events respect output_fp, Phil Sutter
- [nft PATCH 2/2] monitor: Make JSON/XML output respect output_fp, Phil Sutter
- Re: [nft PATCH 0/2] Review monitor code for output_fp conformity, Pablo Neira Ayuso
[PATCH nft] doc: add example for rule add/delete, Florian Westphal
[nft] nftables: Adding support for segment routing header 'srh', Ahmed Abdelsalam
- Re: [nft] nftables: Adding support for segment routing header 'srh', Pablo Neira Ayuso
[PATCH nft] doc: remove ipv6 address FIXME, Florian Westphal
WARNING in xt_cluster_mt, syzbot
[PATCH nf-next 00/11] netfilter: x_tables: add more checks on rule blob format, Florian Westphal
- [PATCH nf-next 01/11] netfilter: x_tables: check standard verdicts in core, Florian Westphal
- [PATCH nf-next 02/11] netfilter: x_tables: check error target size too, Florian Westphal

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]