Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH nf V2 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use, (continued)
How to reinject a packet (skb) at some later point in time, Pavel Vajarov
- Re: How to reinject a packet (skb) at some later point in time, Florian Westphal
  - Re: How to reinject a packet (skb) at some later point in time, Pavel Vajarov
[PATCH nf] netfilter: don't setup nat info for confirmed ct, Liping Zhang
- Re: [PATCH nf] netfilter: don't setup nat info for confirmed ct, Florian Westphal
- Re: [PATCH nf] netfilter: don't setup nat info for confirmed ct, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: don't setup nat info for confirmed ct, Pablo Neira Ayuso
[nft PATCH v2] List handles of added rules if requested, Phil Sutter
- Re: [nft PATCH v2] List handles of added rules if requested, Pablo Neira Ayuso
  - Re: [nft PATCH v2] List handles of added rules if requested, Phil Sutter
[PATCH 1/1] libxtables: Display weird character warning for wildcards, Oliver Ford
- Re: [PATCH 1/1] libxtables: Display weird character warning for wildcards, Pablo Neira Ayuso
[PATCH nf v6 1/3] netfilter: helper: Rename struct nf_ct_helper_expectfn to nf_ct_nat_helper, gfree . wind
- [PATCH nf v6 2/3] netfilter: nat_helper: Register one nf_ct_nat_helper each proto nat module, gfree . wind
  - Re: [PATCH nf v6 2/3] netfilter: nat_helper: Register one nf_ct_nat_helper each proto nat module, Pablo Neira Ayuso
- [PATCH nf v6 3/3] netfilter: nat_helper: Remove the expectations when its module is unloaded, gfree . wind
  - Re: [PATCH nf v6 3/3] netfilter: nat_helper: Remove the expectations when its module is unloaded, Liping Zhang
    - Re:Re: [PATCH nf v6 3/3] netfilter: nat_helper: Remove the expectations when its module is unloaded, Gao Feng
[PATCH nft] parser: allow listing sets in one table, Florian Westphal
- Re: [PATCH nft] parser: allow listing sets in one table, Pablo Neira Ayuso
[nft PATCH] List handles of added rules if requested, Phil Sutter
- Re: [nft PATCH] List handles of added rules if requested, Pablo Neira Ayuso
  - Re: [nft PATCH] List handles of added rules if requested, Florian Westphal
    - Re: [nft PATCH] List handles of added rules if requested, Pablo Neira Ayuso
      - Re: [nft PATCH] List handles of added rules if requested, Phil Sutter
        
        Re: [nft PATCH] List handles of added rules if requested, Pablo Neira Ayuso
        
        Re: [nft PATCH] List handles of added rules if requested, Puustinen, Ismo
        
        Re: [nft PATCH] List handles of added rules if requested, Pablo Neira Ayuso
        
        Re: [nft PATCH] List handles of added rules if requested, Florian Westphal
    - Re: [nft PATCH] List handles of added rules if requested, Thomas Woerner
      - Re: [nft PATCH] List handles of added rules if requested, Phil Sutter
[nf-next PATCH] netfilter: nf_tables: Return info of added rules back to user space, Phil Sutter
- Re: [nf-next PATCH] netfilter: nf_tables: Return info of added rules back to user space, Pablo Neira Ayuso
  - Re: [nf-next PATCH] netfilter: nf_tables: Return info of added rules back to user space, Phil Sutter
[PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure, Geert Uytterhoeven
- Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure, Arnd Bergmann
  - Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure, Geert Uytterhoeven
    - Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure, Arnd Bergmann
- Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure, Florian Westphal
- Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure, David Miller
  - Re: [PATCH] netfilter: conntrack: Force inlining of build check to prevent build failure, Pablo Neira Ayuso
crash on >= 4.9.0 kernel seems nf related, Bjørnar Ness
- Re: crash on >= 4.9.0 kernel seems nf related, Bjørnar Ness
  - Re: crash on >= 4.9.0 kernel seems nf related, Florian Westphal
    - Re: crash on >= 4.9.0 kernel seems nf related, Bjørnar Ness
      - Re: crash on >= 4.9.0 kernel seems nf related, Bjørnar Ness
        
        Re: crash on >= 4.9.0 kernel seems nf related, Florian Westphal
        
        Re: crash on >= 4.9.0 kernel seems nf related, Bjørnar Ness
        
        Re: crash on >= 4.9.0 kernel seems nf related, Florian Westphal
        
        Re: crash on >= 4.9.0 kernel seems nf related, Bjørnar Ness
.nf_ct_iterate_cleanup panic, dalin liu
- Re: .nf_ct_iterate_cleanup panic, Florian Westphal
[PATCH 00/16] Netfilter/IPVS/OVS fixes for net, Pablo Neira Ayuso
- [PATCH 02/16] openvswitch: Delete conntrack entry clashing with an expectation., Pablo Neira Ayuso
- [PATCH 01/16] netfilter: xt_CT: fix refcnt leak on error path, Pablo Neira Ayuso
- [PATCH 06/16] netfilter: ctnetlink: fix deadlock due to acquire _expect_lock twice, Pablo Neira Ayuso
- [PATCH 11/16] netfilter: nft_dynset: continue to next expr if _OP_ADD succeeded, Pablo Neira Ayuso
- [PATCH 05/16] netfilter: ctnetlink: drop the incorrect cthelper module request, Pablo Neira Ayuso
- [PATCH 10/16] bridge: ebtables: fix reception of frames DNAT-ed to bridge device/port, Pablo Neira Ayuso
- [PATCH 12/16] netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path, Pablo Neira Ayuso
- [PATCH 08/16] netfilter: ctnetlink: acquire ct->lock before operating nf_ct_seqadj, Pablo Neira Ayuso
- [PATCH 07/16] netfilter: ctnetlink: make it safer when updating ct->status, Pablo Neira Ayuso
- [PATCH 16/16] netfilter: nf_tables: check if same extensions are set when adding elements, Pablo Neira Ayuso
- [PATCH 14/16] netfilter: x_tables: unlock on error in xt_find_table_lock(), Pablo Neira Ayuso
- [PATCH 15/16] netfilter: update MAINTAINERS file, Pablo Neira Ayuso
- [PATCH 13/16] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Pablo Neira Ayuso
- [PATCH 03/16] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Pablo Neira Ayuso
- [PATCH 04/16] netfilter: nft_set_bitmap: free dummy elements when destroy the set, Pablo Neira Ayuso
- [PATCH 09/16] netfilter: xt_socket: Fix broken IPv6 handling, Pablo Neira Ayuso
- Re: [PATCH 00/16] Netfilter/IPVS/OVS fixes for net, David Miller
[nft PATCH] nft.8: Enhance NAT documentation, Phil Sutter
- Re: [nft PATCH] nft.8: Enhance NAT documentation, Arturo Borrero Gonzalez
- Re: [nft PATCH] nft.8: Enhance NAT documentation, Pablo Neira Ayuso
[nft PATCH v3] expression: print sets and maps in pretty format, Arturo Borrero Gonzalez
- Re: [nft PATCH v3] expression: print sets and maps in pretty format, Pablo Neira Ayuso
migrating from iptables to nftables, Arturo Borrero Gonzalez
[PATCH -stable 0/3] ipvs: patches for stable, Julian Anastasov
- [PATCH 3.2.88,3.4.113 -stable 1/3] ipvs: SNAT packet replies only for NATed connections, Julian Anastasov
- [PATCH 3.10.105,3.12.73,3.16.43,4.1.39 -stable 2/3] ipvs: SNAT packet replies only for NATed connections, Julian Anastasov
- [PATCH 4.4.65 -stable 3/3] ipvs: SNAT packet replies only for NATed connections, Julian Anastasov
- Re: [PATCH -stable 0/3] ipvs: patches for stable, Pablo Neira Ayuso
  - Re: [PATCH -stable 0/3] ipvs: patches for stable, Julian Anastasov
    - Re: [PATCH -stable 0/3] ipvs: patches for stable, Simon Horman
[PATCH nf] netfilter: nf_tables: check if same extensions are set when adding elements, Pablo Neira Ayuso
[PATCH 00/53] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 01/53] netfilter: ipvs: don't check for presence of nat extension, Pablo Neira Ayuso
- [PATCH 02/53] netfilter: ipvs: Replace kzalloc with kcalloc., Pablo Neira Ayuso
- [PATCH 05/53] netfilter: expect: Make sure the max_expected limit is effective, Pablo Neira Ayuso
- [PATCH 04/53] netfilter: nf_tables: add nft_is_base_chain() helper, Pablo Neira Ayuso
- [PATCH 03/53] ipvs: remove unused variable, Pablo Neira Ayuso
- [PATCH 06/53] netfilter: nf_ct_expect: Add nf_ct_remove_expect(), Pablo Neira Ayuso
- [PATCH 12/53] netfilter: Use seq_puts()/seq_putc() where possible, Pablo Neira Ayuso
- [PATCH 13/53] net: netfilter: Use list_{next/prev}_entry instead of list_entry, Pablo Neira Ayuso
- [PATCH 10/53] netfilter: Add nfnl_msg_type() helper function, Pablo Neira Ayuso
- [PATCH 11/53] netfilter: Remove unnecessary cast on void pointer, Pablo Neira Ayuso
- [PATCH 20/53] ipset: remove unused function __ip_set_get_netlink, Pablo Neira Ayuso
- [PATCH 50/53] netfilter: nf_log: don't call synchronize_rcu in nf_log_unset, Pablo Neira Ayuso
- [PATCH 49/53] netfilter: batch synchronize_net calls during hook unregister, Pablo Neira Ayuso
- [PATCH 52/53] netfilter: snmp: avoid stack size warning, Pablo Neira Ayuso
- [PATCH 51/53] netfilter: nf_queue: only call synchronize_net twice if nf_queue is active, Pablo Neira Ayuso
- [PATCH 53/53] netfilter: nf_ct_ext: invoke destroy even when ext is not attached, Pablo Neira Ayuso
- [PATCH 48/53] ipvs: change comparison on sync_refresh_period, Pablo Neira Ayuso
- [PATCH 47/53] ipvs: remove unused function ip_vs_set_state_timeout, Pablo Neira Ayuso
- [PATCH 46/53] netfilter: don't attach a nat extension by default, Pablo Neira Ayuso
- [PATCH 45/53] netfilter: pptp: attach nat extension when needed, Pablo Neira Ayuso
- [PATCH 42/53] netfilter: conntrack: mark extension structs as const, Pablo Neira Ayuso
- [PATCH 43/53] netfilter: conntrack: handle initial extension alloc via krealloc, Pablo Neira Ayuso
- [PATCH 41/53] netfilter: conntrack: remove prealloc support, Pablo Neira Ayuso
- [PATCH 23/53] netfilter: kill the fake untracked conntrack objects, Pablo Neira Ayuso
- [PATCH 44/53] netfilter: masquerade: attach nat extension if not present, Pablo Neira Ayuso
- [PATCH 40/53] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, Pablo Neira Ayuso
- [PATCH 39/53] ebtables: remove nf_hook_register usage, Pablo Neira Ayuso
- [PATCH 38/53] netfilter: decnet: only register hooks in init namespace, Pablo Neira Ayuso
- [PATCH 37/53] ipvs: convert to use pernet nf_hook api, Pablo Neira Ayuso
- [PATCH 35/53] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Pablo Neira Ayuso
- [PATCH 33/53] nefilter: eache: reduce struct size from 32 to 24 byte, Pablo Neira Ayuso
- [PATCH 21/53] netfilter: nf_nat: Fix return NF_DROP in nfnetlink_parse_nat_setup, Pablo Neira Ayuso
- [PATCH 36/53] netfilter: synproxy: only register hooks when needed, Pablo Neira Ayuso
- [PATCH 32/53] netfilter: allow early drop of assured conntracks, Pablo Neira Ayuso
- [PATCH 34/53] netfilter: ipvs: fix incorrect conflict resolution, Pablo Neira Ayuso
- [PATCH 28/53] netfilter: nfnetlink_cthelper: reject too large userspace allocation requests, Pablo Neira Ayuso
- [PATCH 26/53] netfilter: conntrack: move helper struct to nf_conntrack_helper.h, Pablo Neira Ayuso
- [PATCH 29/53] netfilter: helpers: remove data_len usage for inkernel helpers, Pablo Neira Ayuso
- [PATCH 30/53] netfilter: remove last traces of variable-sized extensions, Pablo Neira Ayuso
- [PATCH 31/53] netfilter: conntrack: use u8 for extension sizes again, Pablo Neira Ayuso
- [PATCH 24/53] netfilter: remove nf_ct_is_untracked, Pablo Neira Ayuso
- [PATCH 25/53] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Pablo Neira Ayuso
- [PATCH 17/53] netfilter: nat: remove rcu_read_lock in __nf_nat_decode_session., Pablo Neira Ayuso
- [PATCH 18/53] netfilter: nf_tables: remove double return statement, Pablo Neira Ayuso
- [PATCH 14/53] netfilter: Remove exceptional & on function name, Pablo Neira Ayuso
- [PATCH 15/53] netfilter: ip6_tables: Remove unneccessary comments, Pablo Neira Ayuso
- [PATCH 16/53] netfilter: udplite: Remove duplicated udplite4/6 declaration, Pablo Neira Ayuso
- [PATCH 19/53] netfilter: nf_conntrack: remove double assignment, Pablo Neira Ayuso
- [PATCH 22/53] netfilter: ecache: Refine the nf_ct_deliver_cached_events, Pablo Neira Ayuso
- [PATCH 27/53] netfilter: helper: add build-time asserts for helper data size, Pablo Neira Ayuso
- [PATCH 09/53] netfilter: ctnetlink: Expectations must have a conntrack helper area, Pablo Neira Ayuso
- [PATCH 08/53] netfilter: nat: avoid use of nf_conn_nat extension, Pablo Neira Ayuso
- [PATCH 07/53] netfilter: nat: nf_nat_mangle_{udp,tcp}_packet returns boolean, Pablo Neira Ayuso
- Re: [PATCH 00/53] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
  - Re: [PATCH 00/53] Netfilter/IPVS updates for net-next, David Miller
- Re: [PATCH 00/53] Netfilter/IPVS updates for net-next, David Miller
[PATCH nf-next v2 1/4] netfilter: nf_tables: get rid of jump label to return, Pablo Neira Ayuso
- [PATCH nf-next 3/4] netfilter: nf_tables: missing sanitization in data from userspace, Pablo Neira Ayuso
- [PATCH nf-next v2 4/4] netfilter: nf_tables: revisit chain/object refcounting from elements, Pablo Neira Ayuso
- [PATCH nf-next v2 2/4] netfilter: nf_tables: simplify nft_set_elem_destroy(), Pablo Neira Ayuso
- Re: [PATCH nf-next v2 1/4] netfilter: nf_tables: get rid of jump label to return, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_ct_ext: invoke destroy even when ext is not attached, Liping Zhang
- Re: [PATCH nf-next] netfilter: nf_ct_ext: invoke destroy even when ext is not attached, Florian Westphal
- Re: [PATCH nf-next] netfilter: nf_ct_ext: invoke destroy even when ext is not attached, Pablo Neira Ayuso
[PATCH nf] netfilter: update MAINTAINERS file, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: update MAINTAINERS file, Florian Westphal
[PATCH nf-next 4/4] netfilter: nf_tables: revisit chain/object refcounting from elements, Pablo Neira Ayuso
[PATCH nf-next 1/4] netfilter: nf_tables: get rid of jump label to return, Pablo Neira Ayuso
- [PATCH nf-next 2/4] netfilter: nf_tables: remove nft_data_uninit() on NFT_DATA_VALUE, Pablo Neira Ayuso
- [PATCH nf-next 3/4] netfilter: nf_tables: simplify nft_set_elem_destroy(), Pablo Neira Ayuso
[PATCH nft] tests: shell: delete element and chain in transaction, Pablo Neira Ayuso
[PATCH] netfilter: x_tables: unlock on error in xt_find_table_lock(), Dan Carpenter
- Re: [PATCH] netfilter: x_tables: unlock on error in xt_find_table_lock(), Florian Westphal
- Re: [PATCH] netfilter: x_tables: unlock on error in xt_find_table_lock(), Pablo Neira Ayuso
[GIT PULL 0/2] Third Round of IPVS Updates for v4.12, Simon Horman
- [PATCH 1/2] ipvs: remove unused function ip_vs_set_state_timeout, Simon Horman
- [PATCH 2/2] ipvs: change comparison on sync_refresh_period, Simon Horman
- Re: [GIT PULL 0/2] Third Round of IPVS Updates for v4.12, Pablo Neira Ayuso
[GIT PULL v2 0/1] IPVS Fixes for v4.11, Simon Horman
- [PATCH 1/1] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Simon Horman
- Re: [GIT PULL v2 0/1] IPVS Fixes for v4.11, Pablo Neira Ayuso
[GIT 0/1] IPVS Fixes for v4.11, Simon Horman
- [PATCH 1/1] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Simon Horman
- Re: [GIT 0/1] IPVS Fixes for v4.11, Simon Horman
[PATCH nf-next] netfilter: snmp: avoid stack size warning, Florian Westphal
- Re: [PATCH nf-next] netfilter: snmp: avoid stack size warning, Pablo Neira Ayuso
[nft PATCH 1/2] erec: Make __stmt_binary_error a little more versatile, Phil Sutter
- [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Phil Sutter
  - Re: [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Arturo Borrero Gonzalez
    - Re: [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Phil Sutter
      - Re: [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Arturo Borrero Gonzalez
        
        Re: [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Phil Sutter
        
        Re: [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Arturo Borrero Gonzalez
        
        Re: [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Pablo Neira Ayuso
        
        Re: [nft PATCH 2/2] masquerade: Complain if no prerouting chain exists, Phil Sutter
[nft PATCH v2] expression: print sets and maps in pretty format, Arturo Borrero Gonzalez
- Re: [nft PATCH v2] expression: print sets and maps in pretty format, Pablo Neira Ayuso
[nft RFC PATCH] expression: print sets and maps in pretty format, Arturo Borrero Gonzalez
- Re: [nft RFC PATCH] expression: print sets and maps in pretty format, Pablo M. Bermudo Garay
  - Re: [nft RFC PATCH] expression: print sets and maps in pretty format, Arturo Borrero Gonzalez
[PATCH nf-next 0/3] netfilter: speed up netns cleanup, Florian Westphal
- [PATCH nf-next 1/3] netfilter: batch synchronize_net calls during hook unregister, Florian Westphal
- [PATCH nf-next 2/3] netfilter: nf_log: don't call synchronize_rcu in nf_log_unset, Florian Westphal
  - Re: [PATCH nf-next 2/3] netfilter: nf_log: don't call synchronize_rcu in nf_log_unset, Liping Zhang
- [PATCH nf-next 3/3] netfilter: nf_queue: only call synchronize_net twice if nf_queue is active, Florian Westphal
- [PATCHo nf-next v2] netfilter: nf_log: don't call synchronize_rcu in nf_log_unset, Florian Westphal
- Re: [PATCH nf-next 0/3] netfilter: speed up netns cleanup, Pablo Neira Ayuso
  - Re: [PATCH nf-next 0/3] netfilter: speed up netns cleanup, Florian Westphal
[PATCH nf] netfilter: nft_dynset: continue to next expr if _OP_ADD succeeded, Liping Zhang
- Re: [PATCH nf] netfilter: nft_dynset: continue to next expr if _OP_ADD succeeded, Pablo Neira Ayuso
[nft RFC PATCH] rule: introduce new option to print set elements per line, Arturo Borrero Gonzalez
- Re: [nft,RFC] rule: introduce new option to print set elements per line, Florian Westphal
- Re: [nft RFC PATCH] rule: introduce new option to print set elements per line, Pablo Neira Ayuso
  - Re: [nft RFC PATCH] rule: introduce new option to print set elements per line, Arturo Borrero Gonzalez
    - Re: [nft RFC PATCH] rule: introduce new option to print set elements per line, Florian Westphal
      - Re: [nft RFC PATCH] rule: introduce new option to print set elements per line, Pablo Neira Ayuso
    - Re: [nft RFC PATCH] rule: introduce new option to print set elements per line, Pablo Neira Ayuso
[conntrack-tools PATCH 1/4] conntrackd: factorice tx_queue functions, Arturo Borrero Gonzalez
- [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Arturo Borrero Gonzalez
  - Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Pablo Neira Ayuso
    - Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Arturo Borrero Gonzalez
      - Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Pablo Neira Ayuso
        
        Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Arturo Borrero Gonzalez
        
        Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Pablo Neira Ayuso
        
        Re: [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Pablo Neira Ayuso
- [conntrack-tools PATCH 3/4] conntrackd: factorize resync operations, Arturo Borrero Gonzalez
  - Re: [conntrack-tools PATCH 3/4] conntrackd: factorize resync operations, Pablo Neira Ayuso
- [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Arturo Borrero Gonzalez
  - Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Pablo Neira Ayuso
    - Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Arturo Borrero Gonzalez
      - Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Pablo Neira Ayuso
        
        Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Arturo Borrero Gonzalez
        
        Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Pablo Neira Ayuso
        
        Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Arturo Borrero Gonzalez
        
        Re: [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Pablo Neira Ayuso
- Re: [conntrack-tools PATCH 1/4] conntrackd: factorice tx_queue functions, Pablo Neira Ayuso
- <Possible follow-ups>
- [conntrack-tools PATCH 1/4] conntrackd: factorice tx_queue functions, Arturo Borrero Gonzalez
  - [conntrack-tools PATCH 2/4] conntrackd: warn users about queue allocation errors, Arturo Borrero Gonzalez
  - [conntrack-tools PATCH 3/4] conntrackd: factorize resync operations, Arturo Borrero Gonzalez
  - [conntrack-tools PATCH 4/4] conntrackd: introduce RequestResync option, Arturo Borrero Gonzalez
[conntrack-tools PATCH] conntrackd: request resync at startup, Arturo Borrero Gonzalez
- Re: [conntrack-tools PATCH] conntrackd: request resync at startup, Pablo Neira Ayuso
[PATCH] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Paolo Abeni
- Re: [PATCH] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Julian Anastasov
  - Re: [PATCH] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Paolo Abeni
    - Re: [PATCH] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Julian Anastasov
      - Re: [PATCH] ipvs: explicitly forbid ipv6 service/dest creation if ipv6 mod is disabled, Simon Horman
[PATCH iptables] iptables: support insisting that the lock is held, Lorenzo Colitti
- Re: [PATCH iptables] iptables: support insisting that the lock is held, Pablo Neira Ayuso
  - Re: [PATCH iptables] iptables: support insisting that the lock is held, Aaron Conole
    - Re: [PATCH iptables] iptables: support insisting that the lock is held, Aaron Conole
      - Re: [PATCH iptables] iptables: support insisting that the lock is held, Lorenzo Colitti
    - Re: [PATCH iptables] iptables: support insisting that the lock is held, Lorenzo Colitti
  - Re: [PATCH iptables] iptables: support insisting that the lock is held, Lorenzo Colitti
    - Re: [PATCH iptables] iptables: support insisting that the lock is held, Lorenzo Colitti
[PATCH nf] MAINTAINERS: add Florian Westphal as netfilter maintainer, Florian Westphal
[PATCH nf-next 0/3] netfilter: extensions: don't add nat by default, Florian Westphal
- [PATCH nf-next 2/3] netfilter: pptp: attach nat extension when needed, Florian Westphal
- [PATCH nf-next 1/3] netfilter: masquerade: attach nat extension if not present, Florian Westphal
- [PATCH nf-next 3/3] netfilter: don't attach a nat extension by default, Florian Westphal
- Re: [PATCH nf-next 0/3] netfilter: extensions: don't add nat by default, Pablo Neira Ayuso
[PATCH v2 nf-next 0/3] netfilter: conntrack: removal prealloc support, Florian Westphal
- [PATCH v2 nf-next 1/3] netfilter: conntrack: remove prealloc support, Florian Westphal
- [PATCH v2 nf-next 2/3] netfilter: conntrack: mark extension structs as const, Florian Westphal
- [PATCH v2 nf-next 3/3] netfilter: conntrack: handle initial extension alloc via krealloc, Florian Westphal
- Re: [PATCH v2 nf-next 0/3] netfilter: conntrack: removal prealloc support, Pablo Neira Ayuso
[PATCH nf-next v3] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, gfree . wind
[PATCH nf-next] ebtables: remove nf_hook_register usage, Florian Westphal
- Re: [PATCH nf-next] ebtables: remove nf_hook_register usage, Pablo Neira Ayuso
[PATCH nf-next] netfilter: decnet: only register hooks in init namespace, Florian Westphal
- Re: [PATCH nf-next] netfilter: decnet: only register hooks in init namespace, Pablo Neira Ayuso
[PATCH nf-next 0/3] netfilter: conntrack: removal prealloc support, Florian Westphal
- [PATCH nf-next 1/3] netfilter: conntrack: remove prealloc support, Florian Westphal
- [PATCH nf-next 2/3] netfilter: conntrack: mark extension structs as const, Florian Westphal
- [PATCH nf-next 3/3] netfilter: conntrack: handle initial extension alloc via krealloc, Florian Westphal
  - Re: [PATCH nf-next 3/3] netfilter: conntrack: handle initial extension alloc via krealloc, kbuild test robot
[PATCH net v3] bridge: ebtables: fix reception of frames DNAT-ed to bridge device/port, Linus Lüssing
- Re: [PATCH net v3] bridge: ebtables: fix reception of frames DNAT-ed to bridge device/port, Pablo Neira Ayuso
[PATCH] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch, Matthias Kaehlcke
- Re: [PATCH] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch, Joe Perches
  - Re: [PATCH] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch, Matthias Kaehlcke
- Re: [PATCH] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch, Matthias Kaehlcke
  - Re: [PATCH] netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch, Pablo Neira Ayuso
nfqueue buf size for recv(), Oleg
- Re: nfqueue buf size for recv(), Florian Westphal
  - Re: nfqueue buf size for recv(), Oleg
[PATCH nf-next] ipvs: convert to use pernet nf_hook api, Florian Westphal
[PATCH nf-next] netfilter: synproxy: only register hooks when needed, Florian Westphal
- Re: [PATCH nf-next] netfilter: synproxy: only register hooks when needed, Florian Westphal
[PATCH iptables 1/2] tests: xlate: remove python 3.5 dependency, Pablo M. Bermudo Garay
- [PATCH iptables 2/2] tests: xlate: check if it is being run as root, Pablo M. Bermudo Garay
  - Re: [PATCH iptables 2/2] tests: xlate: check if it is being run as root, Pablo Neira Ayuso
- Re: [PATCH iptables 1/2] tests: xlate: remove python 3.5 dependency, Pablo Neira Ayuso
Mixing tables for NFQUEUE target, Michael Bailey
Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path, Dave Johnson
- [PATCH] netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path, Dave Johnson
  - Re: [PATCH] netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path, Pablo Neira Ayuso
    - Message not available
      - Message not available
        
        Re: [PATCH] netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path, Dave Johnson
    - Message not available
      - Re: [PATCH] netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path, Dave Johnson
  - Re: [PATCH] netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path, Pablo Neira Ayuso
[PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, gfree . wind
- Re: [PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Pablo Neira Ayuso
  - Re: [PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Eric Dumazet
    - Re: [PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Pablo Neira Ayuso
      - Re: [PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Pablo Neira Ayuso
        
        RE: [PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Gao Feng
        
        Re: [PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Eric Dumazet
        
        RE: [PATCH nf-next] netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14, Gao Feng
[PATCH] netfilter: xt_socket: Fix broken IPv6 handling, Peter Tirsek
- Re: [PATCH] netfilter: xt_socket: Fix broken IPv6 handling, Florian Westphal
- Re: [PATCH] netfilter: xt_socket: Fix broken IPv6 handling, Pablo Neira Ayuso
[PATCH nf-next] netfilter: ipvs: fix incorrect conflict resolution, Florian Westphal
- Re: [PATCH nf-next] netfilter: ipvs: fix incorrect conflict resolution, Pablo Neira Ayuso
[PATCH nf-next] nefilter: eache: reduce struct size from 32 to 24 byte, Florian Westphal
Doubt about CTA_EXPECT_* values passed to ctnetlink_parse_tuple(), Matthias Kaehlcke
- Re: Doubt about CTA_EXPECT_* values passed to ctnetlink_parse_tuple(), Pablo Neira Ayuso
  - Re: Doubt about CTA_EXPECT_* values passed to ctnetlink_parse_tuple(), Matthias Kaehlcke
    - Re: Doubt about CTA_EXPECT_* values passed to ctnetlink_parse_tuple(), Matthias Kaehlcke
      - Re: Doubt about CTA_EXPECT_* values passed to ctnetlink_parse_tuple(), Pablo Neira Ayuso
[PATCH nf 0/4] netfilter: ctnetlink: fix some bugs related to ct update, Liping Zhang
- [PATCH nf 2/4] netfilter: ctnetlink: fix deadlock due to acquire _expect_lock twice, Liping Zhang
- [PATCH nf 1/4] netfilter: ctnetlink: drop the incorrect cthelper module request, Liping Zhang
- [PATCH nf 3/4] netfilter: ctnetlink: make it safer when updating ct->status, Liping Zhang
- [PATCH nf 4/4] netfilter: ctnetlink: acquire ct->lock before operating nf_ct_seqadj, Liping Zhang
- Re: [PATCH nf 0/4] netfilter: ctnetlink: fix some bugs related to ct update, Pablo Neira Ayuso
[PATCH nf-next] netfilter: allow early drop of assured conntracks, Florian Westphal
- Re: [PATCH nf-next] netfilter: allow early drop of assured conntracks, Jozsef Kadlecsik
[PATCH nf-next 0/6] netfilter: remove support for variably-sized extensions, Florian Westphal
- [PATCH nf-next 1/6] netfilter: conntrack: move helper struct to nf_conntrack_helper.h, Florian Westphal
- [PATCH nf-next 3/6] netfilter: nfnetlink_cthelper: reject too large userspace allocation requests, Florian Westphal
- [PATCH nf-next 2/6] netfilter: helper: add build-time asserts for helper data size, Florian Westphal
- [PATCH nf-next 4/6] netfilter: helpers: remove data_len usage for inkernel helpers, Florian Westphal
- [PATCH nf-next 5/6] netfilter: remove last traces of variable-sized extensions, Florian Westphal
- [PATCH nf-next 6/6] netfilter: conntrack: use u8 for extension sizes again, Florian Westphal
- Re: [PATCH nf-next 0/6] netfilter: remove support for variably-sized extensions, Pablo Neira Ayuso
[PATCH v3 nf-next] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Florian Westphal
- Re: [PATCH v3 nf-next] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_set_bitmap: free dummy elements when destroy the set, Liping Zhang
- Re: [PATCH nf] netfilter: nft_set_bitmap: free dummy elements when destroy the set, Pablo Neira Ayuso
[PATCH nf V3] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Liping Zhang
- Re: [PATCH nf V3] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Pablo Neira Ayuso
[PATCH v2 nf-next] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Florian Westphal
- Re: [PATCH v2 nf-next] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Liping Zhang
  - Re: [PATCH v2 nf-next] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Florian Westphal
[PATCH nft V2] hash: generate a random seed if seed option is empty, Liping Zhang
- Re: [PATCH nft V2] hash: generate a random seed if seed option is empty, Pablo Neira Ayuso
netfilter: nftables: ctnetlink event type set support, Florian Westphal
- [PATCH nf-next 1/3] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Florian Westphal
  - Re: [PATCH nf-next 1/3] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Pablo Neira Ayuso
    - Re: [PATCH nf-next 1/3] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Florian Westphal
      - Re: [PATCH nf-next 1/3] netfilter: nft_ct: allow to set ctnetlink event types of a connection, Pablo Neira Ayuso
- [PATCH libnftnl 2/3] src: ct eventmask support, Florian Westphal
- [PATCH nft 3/3] ct: add conntrack event mask support, Florian Westphal
[PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
- Re: [PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Joe Stringer
  - Re: [PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
    - Re: [PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Joe Stringer
      - Re: [PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Pablo Neira Ayuso
        
        Re: [PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
        
        Re: [PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
- Re: [PATCH nf v3] net/openvswitch: Delete conntrack entry clashing with an expectation., Pablo Neira Ayuso
[PATCH nf-next 1/2] netfilter: kill the fake untracked conntrack objects, Florian Westphal
- [PATCH nf-next 2/2] netfilter: remove nf_ct_is_untracked, Florian Westphal
- Re: [PATCH nf-next 1/2] netfilter: kill the fake untracked conntrack objects, Pablo Neira Ayuso
  - Re: [PATCH nf-next 1/2] netfilter: kill the fake untracked conntrack objects, Florian Westphal
    - Re: [PATCH nf-next 1/2] netfilter: kill the fake untracked conntrack objects, Pablo Neira Ayuso
  - Re: [PATCH nf-next 1/2] netfilter: kill the fake untracked conntrack objects, Pablo Neira Ayuso
[PATCH nf v3] netfilter: xt_CT: fix refcnt leak on error path, gfree . wind
- Re: [PATCH nf v3] netfilter: xt_CT: fix refcnt leak on error path, Pablo Neira Ayuso
[PATCH nf v2] netfilter: cttimeout: Fix one possible use-after-free issue, gfree . wind
- Re: [PATCH nf v2] netfilter: cttimeout: Fix one possible use-after-free issue, Pablo Neira Ayuso
  - RE: [PATCH nf v2] netfilter: cttimeout: Fix one possible use-after-free issue, Gao Feng
[PATCH nf v2] net/openvswitch: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
- Re: [PATCH nf v2] net/openvswitch: Delete conntrack entry clashing with an expectation., Liping Zhang
  - Re: [PATCH nf v2] net/openvswitch: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
[PATCH nf] datapath: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
- Re: [PATCH nf] datapath: Delete conntrack entry clashing with an expectation., Jarno Rajahalme
[PATCH nf V2] netfilter: ctnetlink: make it safer when updating ct->status, Liping Zhang
- Re: [PATCH nf V2] netfilter: ctnetlink: make it safer when updating ct->status, Pablo Neira Ayuso
  - Re: [PATCH nf V2] netfilter: ctnetlink: make it safer when updating ct->status, Liping Zhang
[PATCH nf-next 1/1] netfilter: ecache: Refine the nf_ct_deliver_cached_events, gfree . wind
- Re: [PATCH nf-next 1/1] netfilter: ecache: Refine the nf_ct_deliver_cached_events, Pablo Neira Ayuso
[PATCH nf-next] ip_vs_sync: change comparison on sync_refresh_period, Aaron Conole
- Re: [PATCH nf-next] ip_vs_sync: change comparison on sync_refresh_period, Simon Horman
[PATCH nf-next] nf_conntrack: remove double assignment, Aaron Conole
- Re: [PATCH nf-next] nf_conntrack: remove double assignment, Pablo Neira Ayuso
[PATCH nf-next] nf_tables: remove double return statement, Aaron Conole
- Re: [PATCH nf-next] nf_tables: remove double return statement, Pablo Neira Ayuso
[PATCH nf] netfilter: ctnetlink: make it safer when updating ct->status, Liping Zhang
- RE: [PATCH nf] netfilter: ctnetlink: make it safer when updating ct->status, Gao Feng
  - Re: [PATCH nf] netfilter: ctnetlink: make it safer when updating ct->status, Liping Zhang
    - RE: [PATCH nf] netfilter: ctnetlink: make it safer when updating ct->status, Gao Feng
      - Re: [PATCH nf] netfilter: ctnetlink: make it safer when updating ct->status, Liping Zhang
- RE: [PATCH nf] netfilter: ctnetlink: make it safer when updating ct->status, Gao Feng
[PATCH nf 1/1] netfilter: nf_nat: Fix return NF_DROP in nfnetlink_parse_nat_setup, gfree . wind
- Re: [PATCH nf 1/1] netfilter: nf_nat: Fix return NF_DROP in nfnetlink_parse_nat_setup, Pablo Neira Ayuso
[PATCH nf-next v2 1/1] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, gfree . wind
- Re: [PATCH nf-next v2 1/1] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, Pablo Neira Ayuso
  - RE: [PATCH nf-next v2 1/1] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, Gao Feng
    - Re: [PATCH nf-next v2 1/1] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, Pablo Neira Ayuso
      - RE: [PATCH nf-next v2 1/1] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, Gao Feng
        
        Re: [PATCH nf-next v2 1/1] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, Pablo Neira Ayuso
[PATCH nf-next 1/1] netfilter: SYNPROXY: Return NF_STOLEN instead of NF_DROP during handshaking, gfree . wind
[libnetfilter-acct][PATCH] Declare the define visibility attribute together, Khem Raj
[libnftnl][PATCH] Declare the define visivility attribute together, Khem Raj
[libnetfilter_queue][PATCH 1/2] Correct typo in the location of internal.h in #include, Khem Raj
- [libnetfilter_queue][PATCH 2/2] Declare the define visivility attribute together, Khem Raj
  - Re: [libnetfilter_queue][PATCH 2/2] Declare the define visivility attribute together, Pablo Neira Ayuso
    - Re: [libnetfilter_queue][PATCH 2/2] Declare the define visivility attribute together, Pablo Neira Ayuso
      - Re: [libnetfilter_queue][PATCH 2/2] Declare the define visivility attribute together, Khem Raj
        
        Re: [libnetfilter_queue][PATCH 2/2] Declare the define visivility attribute together, Pablo Neira Ayuso
        
        Re: [libnetfilter_queue][PATCH 2/2] Declare the define visivility attribute together, Khem Raj
- Re: [libnetfilter_queue][PATCH 1/2] Correct typo in the location of internal.h in #include, Pablo Neira Ayuso
[PATCH nf-next] ipset: remove unused function __ip_set_get_netlink, Aaron Conole
- Re: [PATCH nf-next] ipset: remove unused function __ip_set_get_netlink, Pablo Neira Ayuso
  - Re: [PATCH nf-next] ipset: remove unused function __ip_set_get_netlink, Jozsef Kadlecsik
    - Re: [PATCH nf-next] ipset: remove unused function __ip_set_get_netlink, Pablo Neira Ayuso
[PATCH nf-next] ipvs: remove unused function ip_vs_set_state_timeout, Aaron Conole
- Re: [PATCH nf-next] ipvs: remove unused function ip_vs_set_state_timeout, Simon Horman
- Re: [PATCH nf-next] ipvs: remove unused function ip_vs_set_state_timeout, Pablo Neira Ayuso
  - Re: [PATCH nf-next] ipvs: remove unused function ip_vs_set_state_timeout, Simon Horman
[GIT 0/3] Second Round of IPVS Updates for v4.12, Simon Horman
- [PATCH 1/3] netfilter: ipvs: don't check for presence of nat extension, Simon Horman
- [PATCH 3/3] ipvs: remove unused variable, Simon Horman
- [PATCH 2/3] netfilter: ipvs: Replace kzalloc with kcalloc., Simon Horman
- Re: [GIT 0/3] Second Round of IPVS Updates for v4.12, Pablo Neira Ayuso
  - Re: [GIT 0/3] Second Round of IPVS Updates for v4.12, Simon Horman
    - Re: [GIT 0/3] Second Round of IPVS Updates for v4.12, Pablo Neira Ayuso
      - Re: [GIT 0/3] Second Round of IPVS Updates for v4.12, Pablo Neira Ayuso
[PATCH nf 1/1] netfilter: seqadj: Fix possible non-linear data access for TCP header, gfree . wind
- Re: [PATCH nf 1/1] netfilter: seqadj: Fix possible non-linear data access for TCP header, Pablo Neira Ayuso
- Re: [PATCH nf 1/1] netfilter: seqadj: Fix possible non-linear data access for TCP header, Pablo Neira Ayuso
  - Re: [PATCH nf 1/1] netfilter: seqadj: Fix possible non-linear data access for TCP header, Pablo Neira Ayuso
    - Re: [PATCH nf 1/1] netfilter: seqadj: Fix possible non-linear data access for TCP header, Pablo Neira Ayuso
      - RE: [PATCH nf 1/1] netfilter: seqadj: Fix possible non-linear data access for TCP header, Gao Feng
[PATCH nf 0/2] netfilter: reject cthelper del request if it is in use, Liping Zhang
- [PATCH nf 1/2] netfilter: introduce nf_conntrack_helper_put helper function, Liping Zhang
- [PATCH nf 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use, Liping Zhang
  - Re: [PATCH nf 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use, Pablo Neira Ayuso
    - Re: [PATCH nf 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use, Liping Zhang
      - Re: [PATCH nf 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use, Pablo Neira Ayuso
        
        Re: [PATCH nf 2/2] netfilter: nfnl_cthelper: reject del request if helper obj is in use, Pablo Neira Ayuso
[PATCH] net: netfilter: Replace explicit NULL comparisons, Arushi Singhal
- Re: [PATCH] net: netfilter: Replace explicit NULL comparisons, Jan Engelhardt
  - Re: [PATCH] net: netfilter: Replace explicit NULL comparisons, Pablo Neira Ayuso
    - Message not available
      - Re: [PATCH] net: netfilter: Replace explicit NULL comparisons, Jan Engelhardt
        
        Re: [PATCH] net: netfilter: Replace explicit NULL comparisons, Liping Zhang
    - Message not available
      - Re: [PATCH] net: netfilter: Replace explicit NULL comparisons, Pablo Neira Ayuso
[PATCH] net: netfilter: ipvs: Replace explicit NULL comparison, Arushi Singhal
- Re: [PATCH] net: netfilter: ipvs: Replace explicit NULL comparison, kbuild test robot
  - Re: [PATCH] net: netfilter: ipvs: Replace explicit NULL comparison, Pablo Neira Ayuso
[PATCH] net: ipv6: Remove unneccessary comments, Arushi Singhal
- Re: [PATCH] net: ipv6: Remove unneccessary comments, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_conntrack: make nf_conntrack_max as an unsigned int knob, Liping Zhang
- Re: [PATCH nf-next] netfilter: nf_conntrack: make nf_conntrack_max as an unsigned int knob, Pablo Neira Ayuso
[PATCH nf] netfilter: xt_CT: fix cthelper module's refcnt leak, Liping Zhang
- Re: [PATCH nf] netfilter: xt_CT: fix cthelper module's refcnt leak, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: xt_CT: fix cthelper module's refcnt leak, Liping Zhang
    - RE: [PATCH nf] netfilter: xt_CT: fix cthelper module's refcnt leak, Gao Feng
[PATCH iptables] extensions: libxt_hashlimit: fix 64-bit printf formats, James Cowgill
- Re: [PATCH iptables] extensions: libxt_hashlimit: fix 64-bit printf formats, Arturo Borrero Gonzalez
- Re: [PATCH iptables] extensions: libxt_hashlimit: fix 64-bit printf formats, Pablo Neira Ayuso
  - Re: [PATCH iptables] extensions: libxt_hashlimit: fix 64-bit printf formats, James Cowgill
  - Re: [PATCH iptables] extensions: libxt_hashlimit: fix 64-bit printf formats, Jan Engelhardt
    - Re: [PATCH iptables] extensions: libxt_hashlimit: fix 64-bit printf formats, Pablo Neira Ayuso
[PATCH nf-next 1/1] netfilter: cttimeout: Refine cttimeout_del_timeout, gfree . wind
- Re: [PATCH nf-next 1/1] netfilter: cttimeout: Refine cttimeout_del_timeout, Pablo Neira Ayuso
[PATCH nf v2 1/1] netfilter: xt_CT: Fix one possible memleak of timeout, gfree . wind
- Re: [PATCH nf v2 1/1] netfilter: xt_CT: Fix one possible memleak of timeout, Pablo Neira Ayuso
[PATCH nf-next 1/1] netfilter: cttimeout: Return -EOPNOTSUPP if l4proto doesn't support, gfree . wind
[PATCH nf 1/1] netfilter: cttimeout: Fix one possible use-after-free issue, gfree . wind
- Re: [PATCH nf 1/1] netfilter: cttimeout: Fix one possible use-after-free issue, Pablo Neira Ayuso
  - RE: [PATCH nf 1/1] netfilter: cttimeout: Fix one possible use-after-free issue, Gao Feng
    - Re: [PATCH nf 1/1] netfilter: cttimeout: Fix one possible use-after-free issue, Pablo Neira Ayuso
[PATCH nf 1/1] netfilter: xt_CT: Fix one possible memleak of timeout, gfree . wind
- RE: [PATCH nf 1/1] netfilter: xt_CT: Fix one possible memleak of timeout, Gao Feng
[PATCH nf 1/1] netfilter: CLUSTERIP: Fix one wrong refcnt usage, gfree . wind
- Re: [PATCH nf 1/1] netfilter: CLUSTERIP: Fix one wrong refcnt usage, Pablo Neira Ayuso
[PATCH nf-next 1/1] netfilter: Remove useless variable timeouts in init_conntrack, gfree . wind
- Re: [PATCH nf-next 1/1] netfilter: Remove useless variable timeouts in init_conntrack, Florian Westphal
  - RE: [PATCH nf-next 1/1] netfilter: Remove useless variable timeouts in init_conntrack, Gao Feng
- Re: [PATCH nf-next 1/1] netfilter: Remove useless variable timeouts in init_conntrack, kbuild test robot
  - RE: [PATCH nf-next 1/1] netfilter: Remove useless variable timeouts in init_conntrack, Gao Feng
- Re: [PATCH nf-next 1/1] netfilter: Remove useless variable timeouts in init_conntrack, kbuild test robot
[PATCH nf-next v2 1/1] netfilter: udplite: Remove duplicated udplite4/6 declaration, gfree . wind
- Re: [PATCH nf-next v2 1/1] netfilter: udplite: Remove duplicated udplite4/6 declaration, Pablo Neira Ayuso
[PATCH nf-next 1/1] netfilter: udplite4: Remove duplicated udplite4 declaration, gfree . wind
- RE: [PATCH nf-next 1/1] netfilter: udplite4: Remove duplicated udplite4 declaration, Gao Feng
[PATCH nft] exthdr: avoid crash with older kernels, Florian Westphal
- Re: [PATCH nft] exthdr: avoid crash with older kernels, Pablo Neira Ayuso
[PATCH nft] src: fix build warning on i686, Florian Westphal
- Re: [PATCH nft] src: fix build warning on i686, Pablo Neira Ayuso
[PATCH] libnetfilter_conntrack: Add API support for passing bound file descriptor, Skylar Chang
[PATCH] libnfnetlink: Add API support for passing bound file descriptor, Skylar Chang
- Re: [PATCH] libnfnetlink: Add API support for passing bound file descriptor, Pablo Neira Ayuso
[PATCH] iptables-restore/ip6tables-restore: add --version/-V argument, Dan Williams
- Re: [PATCH] iptables-restore/ip6tables-restore: add --version/-V argument, Pablo Neira Ayuso
  - Re: [PATCH] iptables-restore/ip6tables-restore: add --version/-V argument, Dan Williams
    - Re: [PATCH] iptables-restore/ip6tables-restore: add --version/-V argument, Pablo Neira Ayuso
      - [PATCH 1/2 v2] iptables-restore/ip6tables-restore: add --version/-V argument, Dan Williams
        
        [PATCH 2/2 v2] iptables-restore.8: document -w/-W options, Dan Williams
        
        Re: [PATCH 2/2 v2] iptables-restore.8: document -w/-W options, Pablo Neira Ayuso
        
        Re: [PATCH 1/2 v2] iptables-restore/ip6tables-restore: add --version/-V argument, Pablo Neira Ayuso
[PATCH iptables v1] iptables-restore/save: exit when given an unknown option, Vincent Bernat
- Re: [PATCH iptables v1] iptables-restore/save: exit when given an unknown option, Pablo Neira Ayuso
  - [PATCH iptables v2] iptables-restore/save: exit when given an unknown option, Vincent Bernat
    - Re: [PATCH iptables v2] iptables-restore/save: exit when given an unknown option, Pablo Neira Ayuso
    - [PATCH iptables v3] iptables-restore/save: exit when given an unknown option, Vincent Bernat
      - Re: [PATCH iptables v3] iptables-restore/save: exit when given an unknown option, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_hash: do not dump the auto generated seed, Liping Zhang
- Re: [PATCH nf] netfilter: nft_hash: do not dump the auto generated seed, Laura García Liébana
  - Re: [PATCH nf] netfilter: nft_hash: do not dump the auto generated seed, Liping Zhang
    - Re: [PATCH nf] netfilter: nft_hash: do not dump the auto generated seed, Florian Westphal
      - Re: [PATCH nf] netfilter: nft_hash: do not dump the auto generated seed, Laura García Liébana
- Re: [PATCH nf] netfilter: nft_hash: do not dump the auto generated seed, Pablo Neira Ayuso
[PATCH nft] hash: generate a random seed if seed option is empty, Liping Zhang
- Re: [PATCH nft] hash: generate a random seed if seed option is empty, Pablo Neira Ayuso
  - Re: [PATCH nft] hash: generate a random seed if seed option is empty, Pablo Neira Ayuso
  - Re: [PATCH nft] hash: generate a random seed if seed option is empty, Liping Zhang
[PATCH libmnl] nlmsg: introduce mnl_nlmsg_batch_rest to get the rest length, Ken-ichirou MATSUZAWA
- Re: [PATCH libmnl] nlmsg: introduce mnl_nlmsg_batch_rest to get the rest length, Pablo Neira Ayuso
  - Re: [PATCH libmnl] nlmsg: introduce mnl_nlmsg_batch_rest to get the rest length, Ken-ichirou MATSUZAWA
[PATCH 1/2] iptables: extensions: unnecessary cast on void pointer, Arushi Singhal
- [PATCH 2/2] iptables: iptables: unnecessary cast on void pointer, Arushi Singhal
[PATCH nf] netfilter: nf_ct_expect: use proper RCU list traversal/update APIs, Liping Zhang
- Re: [PATCH nf] netfilter: nf_ct_expect: use proper RCU list traversal/update APIs, Pablo Neira Ayuso
[PATCH nf] netfilter: ctnetlink: skip dumping expect when nfct_help(ct) is NULL, Liping Zhang
- Re: [PATCH nf] netfilter: ctnetlink: skip dumping expect when nfct_help(ct) is NULL, Pablo Neira Ayuso
[PATCH nf] netfilter: make it safer during the inet6_dev->addr_list traversal, Liping Zhang
- Re: [PATCH nf] netfilter: make it safer during the inet6_dev->addr_list traversal, Pablo Neira Ayuso
[PATCH] iptables: iptables: Remove exceptional & on function name, Arushi Singhal
[PATCH 1/4] net: netfilter:Remove exceptional & on function name, Arushi Singhal
- [PATCH 2/4] net: bridge: Remove exceptional & on function name, Arushi Singhal
- [PATCH 3/4] net: ipv4: Remove exceptional & on function name, Arushi Singhal
- [PATCH 4/4] net: ipv6: Remove exceptional & on function name, Arushi Singhal
- Re: [PATCH 1/4] net: netfilter:Remove exceptional & on function name, Pablo Neira Ayuso
KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Denys Fedoryshchenko
- Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
  - Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Florian Westphal
    - Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Denys Fedoryshchenko
    - Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
      - Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Denys Fedoryshchenko
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Denys Fedoryshchenko
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Denys Fedoryshchenko
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Denys Fedoryshchenko
        
        Re: KASAN, xt_TCPMSS finally found nasty use-after-free bug? 4.10.8, Eric Dumazet
  - [PATCH net] netfilter: xt_TCPMSS: add more sanity tests on tcph->doff, Eric Dumazet
    - Re: [PATCH net] netfilter: xt_TCPMSS: add more sanity tests on tcph->doff, Pablo Neira Ayuso
      - Re: [PATCH net] netfilter: xt_TCPMSS: add more sanity tests on tcph->doff, Denys Fedoryshchenko
[PATCH 1/2] extensions: libarpt_mangle.c : Constify option struct, Arushi Singhal
- [PATCH 2/2] iptables: iptables: Constify option struct, Arushi Singhal
  - Re: [PATCH 2/2] iptables: iptables: Constify option struct, Pablo Neira Ayuso
[PATCH 1/2] ipv4: netfilter: Simplify NULL comparisons, Arushi Singhal
- [PATCH 2/2] ipv6: netfilter: Simplify NULL comparisons, Arushi Singhal
[PATCH 0/2] Simplify NULL comparisons, Arushi Singhal
- [PATCH 2/2] ipv6: netfilter: Simplify NULL comparisons, Arushi Singhal
- [PATCH 1/2] ipv4: netfilter: Simplify NULL comparisons, Arushi Singhal
[PATCH nf] netfilter: ctnetlink: remove unnecessary nf_conntrack_expect_lock protection, Liping Zhang
- Re: [PATCH nf] netfilter: ctnetlink: remove unnecessary nf_conntrack_expect_lock protection, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: ctnetlink: remove unnecessary nf_conntrack_expect_lock protection, Liping Zhang
    - Re: [PATCH nf] netfilter: ctnetlink: remove unnecessary nf_conntrack_expect_lock protection, Pablo Neira Ayuso
      - Re: [PATCH nf] netfilter: ctnetlink: remove unnecessary nf_conntrack_expect_lock protection, Liping Zhang
        
        Re: [PATCH nf] netfilter: ctnetlink: remove unnecessary nf_conntrack_expect_lock protection, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: ctnetlink: remove unnecessary nf_conntrack_expect_lock protection, Pablo Neira Ayuso
[PATCH] net: ipv4: netfilter: Remove unused function nf_nat_need_gre(), simran singhal
- Re: [PATCH] net: ipv4: netfilter: Remove unused function nf_nat_need_gre(), Pablo Neira Ayuso
[PATCH nf] netfilter: ctnetlink: make it safer when checking the ct helper name, Liping Zhang
- Re: [PATCH nf] netfilter: ctnetlink: make it safer when checking the ct helper name, Pablo Neira Ayuso
[PATCH nf] netfilter: ctnetlink: using bit to represent the ct event, Liping Zhang
[PATCH] ipv4: netfilter: Comparison to NULL could be written, Arushi Singhal
- Re: [PATCH] ipv4: netfilter: Comparison to NULL could be written, Joe Perches
[PATCH 0/2] Add/Remove spaces, Arushi Singhal
- [PATCH 1/2] iio: adc: replace comma with a semicolon, Arushi Singhal
- [PATCH 2/2] staging: iio: meter: Replace mlock with driver private buf_lock, Arushi Singhal
[PATCH 0/4] Multiple checkpatch issues., Arushi Singhal
- [PATCH 1/4] iptables: iptables: Add blank line after declaration, Arushi Singhal
  - Re: [PATCH 1/4] iptables: iptables: Add blank line after declaration, Pablo Neira Ayuso
- [PATCH 2/4] iptables: iptables: Remove assignment in if condition, Arushi Singhal
- [PATCH 3/4] iptables: iptables: Indent the code., Arushi Singhal
- [PATCH 4/4] iptables: iptables: switch and case should be at the same indent, Arushi Singhal
[PATCH iptables] tests: add regression tests for xtables-translate, Pablo M. Bermudo Garay
- Re: [PATCH iptables] tests: add regression tests for xtables-translate, Pablo Neira Ayuso
  - Re: [PATCH iptables] tests: add regression tests for xtables-translate, Pablo M. Bermudo Garay
  - Message not available
    - Re: [PATCH iptables] tests: add regression tests for xtables-translate, Pablo Neira Ayuso
[PATCH nf v5 0/3] Refine the robust of helper expectfn, gfree . wind
- [PATCH nf v5 3/3] netfilter: nat_helper: Remove the expectations when its module is unloaded, gfree . wind
- [PATCH nf v5 1/3] netfilter: helper: Rename struct nf_ct_helper_expectfn to nf_ct_nat_helper, gfree . wind
- [PATCH nf v5 2/3] netfilter: nat_helper: Make sure every proto nat module uses its nat_helper, gfree . wind
  - Re: [PATCH nf v5 2/3] netfilter: nat_helper: Make sure every proto nat module uses its nat_helper, Pablo Neira Ayuso
    - RE: [PATCH nf v5 2/3] netfilter: nat_helper: Make sure every proto nat module uses its nat_helper, Gao Feng
      - Re: [PATCH nf v5 2/3] netfilter: nat_helper: Make sure every proto nat module uses its nat_helper, Pablo Neira Ayuso
        
        RE: [PATCH nf v5 2/3] netfilter: nat_helper: Make sure every proto nat module uses its nat_helper, Gao Feng
[PATCH] iptables: extensions: Add/Remove the braces where necessary, Arushi Singhal
[PATCH] iptables: extensions: Remove spaces., Arushi Singhal
[PATCH] iptables: extensions: Place trailing */ on a separate line., Arushi Singhal
[PATCH v2] iptables: extensions: Remove assignments in if condition., Arushi Singhal
[PATCH] iptables: extensions: Remove typedef in struct., Arushi Singhal
[PATCH] iptables: extensions: Remove unnecessary parenthesis., Arushi Singhal
[PATCH] iptables: extensions: Add/Remove unnecessary spaces., Arushi Singhal
[PATCH] iptables: extensions: Add blank line after declarations., Arushi Singhal
[PATCH] iptables: extensions: Remove assignment in if condition., Arushi Singhal
- Re: [PATCH] iptables: extensions: Remove assignment in if condition., Florian Westphal
[PATCH] iptables: extensions: Add space around operators, Arushi Singhal
[PATCH 2/2] iptables: Remove unnecessary braces., Varsha Rao
- Re: [PATCH 2/2] iptables: Remove unnecessary braces., Pablo Neira Ayuso
[PATCH 1/2] iptables: Remove explicit static variables initalization., Varsha Rao
- Re: [PATCH 1/2] iptables: Remove explicit static variables initalization., Pablo Neira Ayuso
[PATCH 0/2] iptables: Fix multiple checkpatch issues., Varsha Rao
[PATCH v2] net: netfilter: remove unused variable, Arushi Singhal
- Re: [PATCH v2] net: netfilter: remove unused variable, Simon Horman
  - Message not available
    - Re: [PATCH v2] net: netfilter: remove unused variable, Pablo Neira Ayuso
[PATCH] net: netfilter: remove unused variable, Arushi Singhal
- Re: [Outreachy kernel] [PATCH] net: netfilter: remove unused variable, Julia Lawall
[PATCH nf V2] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Liping Zhang
- Re: [PATCH nf V2] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Liping Zhang
  - Re: [PATCH nf V2] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Pablo Neira Ayuso
    - Re: [PATCH nf V2] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Liping Zhang
      - Re: [PATCH nf V2] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Pablo Neira Ayuso
        
        Re: [PATCH nf V2] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Pablo Neira Ayuso
        
        Re: [PATCH nf V2] netfilter: nf_ct_helper: permit cthelpers with different names via nfnetlink, Liping Zhang
[PATCH nf v3 1/1] netfilter: helper: Add the rcu lock when call __nf_conntrack_helper_find, gfree . wind
- Re: [PATCH nf v3 1/1] netfilter: helper: Add the rcu lock when call __nf_conntrack_helper_find, Pablo Neira Ayuso
[PATCH] net: netfilterL: Fix line over 80 characters., Arushi Singhal
[PATCH] net: ipv6: Removed unnecessary parenthesis, Arushi Singhal
- Re: [PATCH] net: ipv6: Removed unnecessary parenthesis, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH] net: ipv6: Removed unnecessary parenthesis, Arushi Singhal
[PATCH] net: ipv6: netfilter: Format block comments., Arushi Singhal
- Re: [Outreachy kernel] [PATCH] net: ipv6: netfilter: Format block comments., Pablo Neira Ayuso
[PATCH] net: netfilter: replace explicit NULL comparison with ! operator, Arushi Singhal
- <Possible follow-ups>
- [PATCH] net: netfilter: Replace explicit NULL comparison with ! operator, Arushi Singhal
  - Re: [PATCH] net: netfilter: Replace explicit NULL comparison with ! operator, Simon Horman
    - Re: [PATCH] net: netfilter: Replace explicit NULL comparison with ! operator, Pablo Neira Ayuso
[PATCH] net: bridge: netfilter: Comparison to NULL could be written, Arushi Singhal
[PATCH] iptables: libiptc: Use list_{next/prev}_entry instead of list_entry, simran singhal
- Re: [Outreachy kernel] [PATCH] iptables: libiptc: Use list_{next/prev}_entry instead of list_entry, Pablo Neira Ayuso
  - Re: [Outreachy kernel] [PATCH] iptables: libiptc: Use list_{next/prev}_entry instead of list_entry, Pablo Neira Ayuso
[PATCH] net: ipv6: netfilter: replace explicit NULL comparison with ! operator, Arushi Singhal
[PATCH] net: netfilter: Use list_{next/prev}_entry instead of list_entry, simran singhal
- Re: [PATCH] net: netfilter: Use list_{next/prev}_entry instead of list_entry, Pablo Neira Ayuso
ANNOUNCE: netdev 2.1 conference Schedule out!, Jamal Hadi Salim
[PATCH] net: netfilter: Use seq_puts()/seq_putc() where possible, simran singhal
- Re: [PATCH] net: netfilter: Use seq_puts()/seq_putc() where possible, Simon Horman
- Re: [PATCH] net: netfilter: Use seq_puts()/seq_putc() where possible, Pablo Neira Ayuso
[PATCH v2] net: Remove unnecessary cast on void pointer, simran singhal
- Re: [PATCH v2] net: Remove unnecessary cast on void pointer, Stephen Hemminger
- Re: [PATCH v2] net: Remove unnecessary cast on void pointer, Pablo Neira Ayuso
[RFC v2] extensions: libxt_TOS: Add translation to nft, Gargi Sharma
- Re: [RFC v2] extensions: libxt_TOS: Add translation to nft, Pablo Neira Ayuso
  - Re: [RFC v2] extensions: libxt_TOS: Add translation to nft, Gargi Sharma
- Re: [RFC v2] extensions: libxt_TOS: Add translation to nft, Pablo Neira Ayuso
  - Re: [RFC v2] extensions: libxt_TOS: Add translation to nft, Gargi Sharma
[PATCH] net: netfilter: Remove typedef from "typedef struct bitstr_t"., Arushi Singhal
- Re: [Outreachy kernel] [PATCH] net: netfilter: Remove typedef from "typedef struct bitstr_t"., Pablo Neira Ayuso
[PATCH v3] net: netfilter: Add nfnl_msg_type() helper function, Arushi Singhal
- Re: [Outreachy kernel] [PATCH v3] net: netfilter: Add nfnl_msg_type() helper function, Pablo Neira Ayuso
[PATCH v2] net: netfilter: add nfnl_msg_type() helper function, Arushi Singhal
[RFC] extensions: libxt_TOS: Add translation to nft, Gargi Sharma
- Re: [RFC] extensions: libxt_TOS: Add translation to nft, Florian Westphal
  - Re: [RFC] extensions: libxt_TOS: Add translation to nft, Gargi Sharma
[PATCH nf] netfilter: nfnetlink_queue: fix secctx memory leak, Liping Zhang
- Re: [PATCH nf] netfilter: nfnetlink_queue: fix secctx memory leak, Pablo Neira Ayuso
[PATCH v3] ebtables: extensions: Constify option struct, Gargi Sharma
[PATCH] netfilter: ipset: Use max macro instead of ternary operator, simran singhal
- Re: [PATCH] netfilter: ipset: Use max macro instead of ternary operator, Jan Engelhardt
- RE: [PATCH] netfilter: ipset: Use max macro instead of ternary operator, David Laight
[PATCH] net: netfilters: Remove unnecessary parenthesis, Arushi Singhal
- Re: [PATCH] net: netfilters: Remove unnecessary parenthesis, Simon Horman
[PATCH v2] netfilter: Clean up tests if NULL returned on failure, simran singhal
- Re: [PATCH v2] netfilter: Clean up tests if NULL returned on failure, Jan Engelhardt
  - Re: [PATCH v2] netfilter: Clean up tests if NULL returned on failure, SIMRAN SINGHAL
    - Re: [PATCH v2] netfilter: Clean up tests if NULL returned on failure, Jan Engelhardt

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]