Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [stable] bridge: netfilter: Fix dropping packets that moving through bridge interface, (continued)
- [PATCH nf] netfilter: conntrack: remove GC_MAX_EVICTS break,
Florian Westphal
- ANNOUNCE: Netdev 2.1 Call For Proposals Opened!, Jamal Hadi Salim
- [PATCH nf-next v2 1/1] netfilter: nf_tables: Refine the codes to eliminate useless condition checks in nf_tables_api.c,
fgao
- [PATCH nft] evaluate: fix export length and data corruption,
Florian Westphal
- [PATCH nf] netfilter: conntrack: refine gc worker heuristics, redux,
Florian Westphal
- 4.9 conntrack performance issues,
Denys Fedoryshchenko
- ANNOUNCE: Netdev 2.1 in Montreal, Jamal Hadi Salim
- [PATCH] netfilter: ipt_CLUSTERIP: fix build error without procfs,
Arnd Bergmann
- [PATCH nft] src: Allow to list ruleset without stateful information,
Elise Lennion
- [PATCH nft] build: add missing backslash to list of CFLAGS,
Tobias Klauser
- [PATCH libnftnl] expr: Add const qualifiers to *2str translation arrays,
Tobias Klauser
- [PATCH] examples: Remove the use of nftnl_mnl_batch_put(),
Elise Lennion
- [PATCH nf-next 1/1] netfilter: nf_tables: Remove the rcu lock for dump functions,
fgao
- Re: probably serious conntrack/netfilter panic, 4.8.14, timers and intel turbo,
Guillaume Nault
- nftables conntrack set ops for zone, helper assignment, etc.,
Florian Westphal
- [PATCH nf-next 1/1] netfilter: nf_tables: Refine the codes to eliminate useless condition checks in nf_tables_api.c,
fgao
- RFC: nftables: Boolean operation, two alternatives, Phil Sutter
- [PATCH nf-next 1/1] netfilter: nf_tables: Eliminate duplicated codes in nf_tables_table_enable,
fgao
- [PATCH] netfilter: Fix typo in NF_CONNTRACK Kconfig option description,
William Breathitt Gray
- net_device features, Peter Skvarka
- [PATCH iptables] extensions: libxt_rpfilter: add translation to nft,
Liping Zhang
- [PATCH nf-next 1/2] netfilter: pkttype: unnecessary to check ipv6 multicast address,
Liping Zhang
- [PATCH nf] netfilter: nf_tables: fix possible oops when dumping stateful objects,
Liping Zhang
- [PATCH nf] netfilter: rpfilter: fix incorrect loopback packet judgment,
Liping Zhang
- [PATCH] treewide: fix semicolon.cocci warnings,
kbuild test robot
- [PATCH nft 2/2] tests: shell: add maps tests,
Elise Lennion
- [PATCH nft 1/2] src: sort set elements in netlink_get_setelems(),
Elise Lennion
- [PATCH nf-next 1/1] netfilter: nf_tables: Remove one useless condition check in nf_tables_newobj,
fgao
- [PATCH V2 conntrack-tools] conntrackd: cthelper: ssdp: Track UPnP eventing,
Kevin Cernekee
- [PATCH nft] evaluate: Remove cache_update() in cmd_evaluate_flush(),
Elise Lennion
- [PATCH nf-next v2 0/4] netfilter: skbuff: merge nfctinfo bits and nfct pointer,
Florian Westphal
- [PATCH iptables] iptables 1.6.1 release, Pablo Neira Ayuso
- [PATCH libnetfilter_cttimeout] Use __EXPORTED rather than EXPORT_SYMBOL,
Kevin Cernekee
- [PATCH] netfilter: nf_tables: fix spelling mistakes,
Alexander Alemayhu
- [PATCH nf-next 0/4] netfilter: skbuff: merge nfctinfo bits and nfct pointer,
Florian Westphal
- [PATCH net-next 5/8] bridge: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next] nfnetlink/queue: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next v2 13/27] bridge: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH net-next v2 16/27] nfnetlink/queue: use __vlan_hwaccel helpers, Michał Mirosław
- [PATCH] uapi: use wildcards to list files,
Nicolas Dichtel
- Re: [PATCH] uapi: use wildcards to list files, David Miller
- Re: [PATCH] uapi: use wildcards to list files, Arnd Bergmann
- Re: [PATCH] uapi: use wildcards to list files, Nicolas Dichtel
- [PATCH v2 0/7] uapi: export all headers under uapi directories, Nicolas Dichtel
- [PATCH v2 1/7] arm: put types.h in uapi, Nicolas Dichtel
- [PATCH v2 5/7] Makefile.headersinst: cleanup input files, Nicolas Dichtel
- [PATCH v2 4/7] x86: put msr-index.h in uapi, Nicolas Dichtel
- [PATCH v2 3/7] nios2: put setup.h in uapi, Nicolas Dichtel
- [PATCH v2 2/7] h8300: put bitsperlong.h in uapi, Nicolas Dichtel
- [PATCH v2 6/7] Makefile.headersinst: remove destination-y option, Nicolas Dichtel
- [PATCH v2 7/7] uapi: export all headers under uapi directories, Nicolas Dichtel
- Re: [PATCH v2 0/7] uapi: export all headers under uapi directories, Arnd Bergmann
- Re: [PATCH v2 0/7] uapi: export all headers under uapi directories, Jesper Nilsson
- [PATCH v3 0/8] uapi: export all headers under uapi directories, Nicolas Dichtel
- [PATCH v3 4/8] x86: stop exporting msr-index.h to userland, Nicolas Dichtel
- [PATCH v3 3/8] nios2: put setup.h in uapi, Nicolas Dichtel
- [PATCH v3 5/8] Makefile.headersinst: cleanup input files, Nicolas Dichtel
- [PATCH v3 2/8] h8300: put bitsperlong.h in uapi, Nicolas Dichtel
- [PATCH v3 7/8] uapi: export all headers under uapi directories, Nicolas Dichtel
- [PATCH v3 8/8] uapi: export all arch specifics directories, Nicolas Dichtel
- [PATCH v3 6/8] Makefile.headersinst: remove destination-y option, Nicolas Dichtel
- [PATCH v3 1/8] arm: put types.h in uapi, Nicolas Dichtel
- [no subject], David Howells
- [no subject], David Howells
- [PATCH nf-next 0/7] xtables: use dedicated copy_to_user helpers,
Willem de Bruijn
- [PATCH nf-next 1/7] xtables: add xt_match, xt_target and data copy_to_user functions, Willem de Bruijn
- [PATCH nf-next 2/7] iptables: use match, target and data copy_to_user helpers, Willem de Bruijn
- [PATCH nf-next 3/7] ip6tables: use match, target and data copy_to_user helpers, Willem de Bruijn
- [PATCH nf-next 4/7] arptables: use match, target and data copy_to_user helpers, Willem de Bruijn
- [PATCH nf-next 6/7] xtables: use match, target and data copy_to_user helpers in compat, Willem de Bruijn
- [PATCH nf-next 5/7] ebtables: use match, target and data copy_to_user helpers, Willem de Bruijn
- [PATCH nf-next 7/7] xtables: extend matches and targets with .usersize, Willem de Bruijn
- Re: [PATCH nf-next 0/7] xtables: use dedicated copy_to_user helpers, Pablo Neira Ayuso
- [PATCH v2 0/2] segtree: move huge arrays to heap,
Oleksandr Natalenko
- [PATCH 0/2] segtree: move huge arrays to heap,
Oleksandr Natalenko
- [PATCH nft] scanner: fix search_in_include_path test,
Anatole Denis
- [PATCH nf-next 0/2] nf_conntrack: validate crc32c on SCTP packets hitting PREROUTING hook,
Davide Caratti
- nft segfaults listing huge sets,
Oleksandr Natalenko
- [PATCH] net/bridge: Fix dropping packets that moving through bridge interface,
Artur Molchanov
- [PATCH] Add a configure flag to link libc statically,
Keno Fischer
- [PATCH] Fix two compile errors during out-of-tree build, Keno Fischer
- [PATCH nf-next 2/2] netfilter: nf_tables: Make sure the uniform style of condition blocks in nf_tables_newrule,
fgao
- [PATCH nf-next 1/2] netfilter: nf_tables: Check chain's use count before alloc new handle in nf_tables_newrule,
fgao
- [PATCH nf-next 1/1] netfilter: Use strlcpy to copy dev name instead of strncpy,
fgao
- [PATCH xtables-addons] build: support for Linux 4.10,
Ralph Sennhauser
- [PATCH xtables-addons] build: support for Linux 4.9, Ralph Sennhauser
- [PATCH iptables] extensions: libxt_connbytes: Add translation to nft,
Liping Zhang
- [PATCH nft] ct: add average bytes per packet counter support,
Liping Zhang
- [PATCH libnftnl] src: ct: add average bytes per packet counter support,
Liping Zhang
- [PATCH nf-next 1/2] netfilter: nf_tables: add missing descriptions in nft_ct_keys,
Liping Zhang
- [PATCH conntrack-tools] conntrack: send mark filter to kernel iff set, Pablo Neira Ayuso
- [PATCH nft 01/10] include: fetch nf_tables.h updates,
Pablo Neira Ayuso
- BUG/panic in ctnetlink_conntrack_event in 4.8.11, Chris Boot
- [PATCH v2 nf-next 0/2] netfilter: merge udp and udplite trackers,
Florian Westphal
- [ANNOUNCE] nftables 0.7 release,
Pablo Neira Ayuso
- [PATCH] netfilter: xt_connlimit: use rb_entry(),
Geliang Tang
- [PATCH libnftnl] src: get rid of aliases and compat, Pablo Neira Ayuso
- [PATCH nft] xt: use NFTNL_* definitions, Pablo Neira Ayuso
- How to leverage IP & UDP checksum offloading from iptables kernel module?, Llorente Santos Jesus
- Feature request: Load u32 value into packet mark,
Llorente Santos Jesus
- [PATCHv2 net] netfilter: check duplicate config when initializing in ipt_CLUSTERIP,
Xin Long
- [PATCH nft] mnl: add mnl_nft_setelem_batch_flush() and use it from netlink_flush_setelems(), Pablo Neira Ayuso
- [ANNOUNCE] libnftnl 1.0.7 release, Pablo Neira Ayuso
- [PATCH nft] expression: Show the base which pre-defined constants are displayed,
Elise Lennion
- [-stable 4.8.y] Revert NAT conversion to rhashtable,
Pablo Neira Ayuso
- Re: nftables: masquerade sets wrong source address,
Liping Zhang
libmnl compile failure.,
maowenan
[PATCH 0/2] GTP tunneling fixes for net,
Pablo Neira Ayuso
[PATCH] netfilter: use fwmark_reflect in nf_send_reset,
Pau Espin Pedrol
[PATCH net] netfilter: check duplicate config when initializing in ipt_CLUSTERIP,
Xin Long
[PATCH nf] netfilter: nft_payload: mangle ckecksum if NFT_PAYLOAD_L4CSUM_PSEUDOHDR is set, Pablo Neira Ayuso
[PATCH] netfilter: conntrack: Fix ifdef checks for CONFIG_NF_CONNTRACK_MARK,
joseph . j . conley
[PATCH nft] netlink_linearize: fix IPv6 layer 4 checksum mangling, Pablo Neira Ayuso
[PATCH nft] tests: py: update quota and payload, Pablo Neira Ayuso
[PATCH nft] mnl: don't send empty set elements netlink message to kernel, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: fix oob access,
Florian Westphal
[PATCH nft 1/2] segtree: wrong prefix expression length on interval_map_decompose(),
Pablo Neira Ayuso
[PATCH net-next 13/27] bridge: use __vlan_hwaccel helpers,
Michał Mirosław
[PATCH net-next 16/27] nfnetlink/queue: use __vlan_hwaccel helpers, Michał Mirosław
[PATCH 1/2] libxtables: xtables: remove unnecessary debug code,
Shyam Saini
[PATCH nf-next] netfilter: nft_queue: use raw_smp_processor_id(), Pablo Neira Ayuso
[PATCH nf-next] netfilter: nft_quota: reset quota after dump, Pablo Neira Ayuso
Adding element to interval map consumes entire memory,
Richard Mörbitz
[PATCH nft] datatype: Display pre-defined inet_service values in decimal base,
Elise Lennion
[PATCH net-next] netfilter: nft_counter: rework atomic dump and reset,
Pablo Neira Ayuso
[PATCH] ARM: add cmpxchg64 helper for ARMv7-M,
Arnd Bergmann
RFC: nft.8 review,
Phil Sutter
[PATCH nft v3] datatype: Display pre-defined inet_service values in host byte order,
Elise Lennion
Question on match pid owner, Christos
[PATCH libnftnl 1/7] include: fetch stateful object updates for nf_tables.h cache copy,
Pablo Neira Ayuso
[PATCH] libxtables: xtables.c: Use getnameinfo(),
Shyam Saini
[PATCH next] iptables: on revision mismatch, do not call print/save,
Willem de Bruijn
[PATCH] extensions: libxt_bpf: support ebpf pinned objects,
Willem de Bruijn
[nf-next:master 36/49] ERROR: "__cmpxchg_u64" [net/netfilter/nft_counter.ko] undefined!, kbuild test robot
[PATCH 00/50] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH 01/50] ipvs: Use IS_ERR_OR_NULL(svc) instead of IS_ERR(svc) || svc == NULL, Pablo Neira Ayuso
- [PATCH 02/50] ipvs: Decrement ttl, Pablo Neira Ayuso
- [PATCH 03/50] netfilter: update Arturo Borrero Gonzalez email address, Pablo Neira Ayuso
- [PATCH 07/50] netfilter: nf_log: do not assume ethernet header in netdev family, Pablo Neira Ayuso
- [PATCH 04/50] netfilter: built-in NAT support for DCCP, Pablo Neira Ayuso
- [PATCH 05/50] netfilter: built-in NAT support for SCTP, Pablo Neira Ayuso
- [PATCH 10/50] netfilter: conntrack: built-in support for DCCP, Pablo Neira Ayuso
- [PATCH 13/50] netfilter: conntrack: remove unused init_net hook, Pablo Neira Ayuso
- [PATCH 35/50] netfilter: nf_tables: add stateful object reference expression, Pablo Neira Ayuso
- [PATCH 47/50] netfilter: nf_tables: support for set flushing, Pablo Neira Ayuso
- [PATCH 50/50] netfilter: nft_quota: allow to restore consumed quota, Pablo Neira Ayuso
- [PATCH 48/50] netfilter: x_tables: avoid warn and OOM killer on vmalloc call, Pablo Neira Ayuso
- [PATCH 49/50] netfilter: xt_bpf: support ebpf, Pablo Neira Ayuso
- [PATCH 37/50] netfilter: nf_tables: atomic dump and reset for stateful objects, Pablo Neira Ayuso
- [PATCH 45/50] netfilter: nf_tables: constify struct nft_ctx * parameter in nft_trans_alloc(), Pablo Neira Ayuso
- [PATCH 44/50] netfilter: nat: skip checksum on offload SCTP packets, Pablo Neira Ayuso
- [PATCH 46/50] netfilter: nft_set: introduce nft_{hash, rbtree}_deactivate_one(), Pablo Neira Ayuso
- [PATCH 42/50] netfilter: nf_tables: allow to filter stateful object dumps by type, Pablo Neira Ayuso
- [PATCH 33/50] netfilter: nft_counter: add stateful object type, Pablo Neira Ayuso
- [PATCH 43/50] netfilter: rpfilter: bypass ipv4 lbcast packets with zeronet source, Pablo Neira Ayuso
- [PATCH 36/50] netfilter: nft_quota: dump consumed quota, Pablo Neira Ayuso
- [PATCH 17/50] netfilter: conntrack: register hooks in netns when needed by ruleset, Pablo Neira Ayuso
- [PATCH 21/50] netfilter: decouple nf_hook_entry and nf_hook_ops, Pablo Neira Ayuso
- [PATCH 41/50] netfilter: nft_objref: support for stateful object maps, Pablo Neira Ayuso
- [PATCH 40/50] netfilter: nf_tables: add stateful object reference to set elements, Pablo Neira Ayuso
- [PATCH 39/50] netfilter: nft_quota: add depleted flag for objects, Pablo Neira Ayuso
- [PATCH 38/50] netfilter: nf_tables: notify internal updates of stateful objects, Pablo Neira Ayuso
- [PATCH 34/50] netfilter: nft_quota: add stateful object type, Pablo Neira Ayuso
- [PATCH 32/50] netfilter: nf_tables: add stateful objects, Pablo Neira Ayuso
- [PATCH 20/50] netfilter: introduce accessor functions for hook entries, Pablo Neira Ayuso
- [PATCH 31/50] netfilter: add and use nf_fwd_netdev_egress, Pablo Neira Ayuso
- [PATCH 25/50] netfilter: x_tables: pack percpu counter allocations, Pablo Neira Ayuso
- [PATCH 30/50] netfilter: ingress: translate 0 nf_hook_slow retval to -1, Pablo Neira Ayuso
- [PATCH 19/50] netfilter: defrag: only register defrag functionality if needed, Pablo Neira Ayuso
- [PATCH 23/50] netfilter: x_tables: pass xt_counters struct instead of packet counter, Pablo Neira Ayuso
- [PATCH 28/50] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields, Pablo Neira Ayuso
- [PATCH 29/50] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports, Pablo Neira Ayuso
- [PATCH 26/50] netfilter: nft_fib: convert htonl to ntohl properly, Pablo Neira Ayuso
- [PATCH 27/50] netfilter: nft_fib_ipv4: initialize *dest to zero, Pablo Neira Ayuso
- [PATCH 22/50] netfilter: convert while loops to for loops, Pablo Neira Ayuso
- [PATCH 18/50] netfilter: conntrack: add nf_conntrack_default_on sysctl, Pablo Neira Ayuso
- [PATCH 16/50] netfilter: nf_tables: add conntrack dependencies for nat/masq/redir expressions, Pablo Neira Ayuso
- [PATCH 15/50] netfilter: nat: add dependencies on conntrack module, Pablo Neira Ayuso
- [PATCH 12/50] netfilter: conntrack: built-in support for UDPlite, Pablo Neira Ayuso
- [PATCH 24/50] netfilter: x_tables: pass xt_counters struct to counter allocator, Pablo Neira Ayuso
- [PATCH 14/50] netfilter: add and use nf_ct_netns_get/put, Pablo Neira Ayuso
- [PATCH 11/50] netfilter: conntrack: built-in support for SCTP, Pablo Neira Ayuso
- [PATCH 09/50] netfilter: nf_conntrack_tuple_common.h: fix #include, Pablo Neira Ayuso
- [PATCH 06/50] netfilter: built-in NAT support for UDPlite, Pablo Neira Ayuso
- [PATCH 08/50] netfilter: nfnetlink_log: add "nf-logger-5-1" module alias name, Pablo Neira Ayuso
- Re: [PATCH 00/50] Netfilter/IPVS updates for net-next, David Miller
[PATCH nft v2] datatype: Display pre-defined inet_service values in host byte order,
Elise Lennion
[nf-next:master 36/48] net/netfilter/nft_counter.c:131:9: error: implicit declaration of function 'cmpxchg64', kbuild test robot
[PATCH nf-next] netfilter: nft_quota: allow to restore consumed quota, Pablo Neira Ayuso
[PATCH] netfilter: nft_counter: use cmpxchg64 instead of xchg, Pablo Neira Ayuso
[PATCH nf-next v2] netfilter: xt_bpf: support ebpf,
Willem de Bruijn
Rebasing nf-next,
Pablo Neira Ayuso
[nf-next:master 37/48] net/netfilter/nft_counter.c:125:21: error: call to '__xchg_wrong_size' declared with attribute error: Bad argument size for xchg, kbuild test robot
[nf-next:master 18/48] net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:94:9: error: 'struct net' has no member named 'ct', kbuild test robot
[PATCH nf-next] netfilter: add list element test to br_netfilter_hooks, Aaron Conole
[PATCH nf-next] netfilter: nft_quota: don't read quota twice on reset, Pablo Neira Ayuso
[PATCH nf-next 1/2] netfilter: nf_tables: restore check for NFTA_SET_ELEM_LIST_ELEMENTS,
Pablo Neira Ayuso
[bug report] netfilter: convert while loops to for loops, Dan Carpenter
[nf-next:master 37/48] net/netfilter/nft_counter.c:128:18: warning: 'packets' may be used uninitialized in this function, kbuild test robot
[PATCH nf-next,v2] netfilter: nf_tables: silence gcc warning with stateful object maps, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_tables: silence gcc warning with stateful object maps,
Pablo Neira Ayuso
[nf-next:master 41/48] net/netfilter/nf_tables_api.c:3003:15: warning: 'objtype' may be used uninitialized in this function, kbuild test robot
[bug report] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields,
Dan Carpenter
[PATCH nf-next] netfilter: nft_payload: restrict l4 checksum updates to l3 header mangling, Pablo Neira Ayuso
Easy way to set NOTRACK for INPUT, FORWARD and OUTPUT independently,
mudrunka
[PATCH nft] datatype: Display pre-defined inet_service values in host byte order,
Elise Lennion
[PATCH nft] src: add support to flush sets,
Pablo Neira Ayuso
[PATCH libnftnl] set_elem: nftnl_set_elems_nlmsg_build_payload_iter(), Pablo Neira Ayuso
[PATCH nf-next 1/3] netfilter: nf_tables: constify struct nft_ctx * parameter in nft_trans_alloc(),
Pablo Neira Ayuso
Kernel panic in netfilter 4.8.10 probably on conntrack -L, Denys Fedoryshchenko
[PATCH nf-next] netfilter: xt_bpf: support ebpf,
Willem de Bruijn
[PATCH nf-next] NAT: skip checksum on offload SCTP packets,
Davide Caratti
[PATCH nft] parser: Add glob support to include directive,
Kohei Suzuki
linux-next: build warnings after merge of the netfilter-next tree,
Stephen Rothwell
[nf-next:master 18/28] net/ipv4/netfilter/nf_defrag_ipv4.c:110:9: error: 'struct net' has no member named 'ct',
kbuild test robot
[PATCN net-next] net_sched: gen_estimator: complete rewrite of rate estimators,
Eric Dumazet
[PATCH nf-next] netfilter: rpfilter: bypass ipv4 lbcast packets with zeronet source,
Liping Zhang
[PATCH nf-next 0/2] netfilter: merge udp and udplite helpers,
Florian Westphal
[PATCH v2,nf-next 00/11] nf_tables: add stateful objects,
Pablo Neira Ayuso
- [PATCH v2,nf-next 03/11] netfilter: nft_quota: add stateful object type, Pablo Neira Ayuso
- [PATCH v2,nf-next 05/11] netfilter: nf_tables: atomic dump and reset for stateful objects, Pablo Neira Ayuso
- [PATCH v2,nf-next 06/11] netfilter: nf_tables: notify internal updates of stateful objects, Pablo Neira Ayuso
- [PATCH v2,nf-next 10/11] netfilter: nft_objref: support for stateful object maps, Pablo Neira Ayuso
- [PATCH v2,nf-next 08/11] netfilter: nft_quota: add depleted flag for objects, Pablo Neira Ayuso
- [PATCH nf-next 11/11] netfilter: nf_tables: allow to filter stateful object dumps by type, Pablo Neira Ayuso
- [PATCH v2,nf-next 02/11] netfilter: nft_counter: add stateful object type, Pablo Neira Ayuso
- [PATCH v2,nf-next 07/11] netfilter: nft_quota: dump consumed quota, Pablo Neira Ayuso
- [PATCH v2,nf-next 04/11] netfilter: nf_tables: add stateful object reference expression, Pablo Neira Ayuso
- [PATCH v2,nf-next 01/11] netfilter: nf_tables: add stateful objects, Pablo Neira Ayuso
- [PATCH v2,nf-next 09/11] netfilter: nf_tables: add stateful object reference to set elements, Pablo Neira Ayuso
[conntrack-tools PATCH] config: drop old/obsolete/deprecated conntrackd.conf config options,
Arturo Borrero Gonzalez
[conntrack-tools PATCH] systemd: fix missing log.h include,
Arturo Borrero Gonzalez
[PATCH v2] netfilter: avoid warn and OOM killer on vmalloc call,
Marcelo Ricardo Leitner
[PATCH nft] evaluate: return ctx->table from table_lookup_global(), Pablo Neira Ayuso
[PATCH nft 1/2] rule: Introduce helper function cache_flush,
Anatole Denis
[conntrack-tools PATCH] src: add log message when resync is requested by other node,
Arturo Borrero Gonzalez
[PATCH nft] datatype: honor -nn option from inet_service_type_print(), Pablo Neira Ayuso
[PATCH 00/11] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH 01/11] netfilter: Update ip_route_me_harder to consider L3 domain, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: fix nf_conntrack_helper documentation, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: Update nf_send_reset6 to consider L3 domain, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: nat: fix crash when conntrack entry is re-used, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in 64bit kernel, Pablo Neira Ayuso
- [PATCH 06/11] netfilter: nat: switch to new rhlist interface, Pablo Neira Ayuso
- [PATCH 10/11] netfilter: ipv6: nf_defrag: drop mangled skb on ream error, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: nft_hash: validate maximum value of u32 netlink hash attribute, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: nft_range: add the missing NULL pointer check, Pablo Neira Ayuso
- [PATCH 05/11] netfilter: nat: fix cmp return value, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: nf_tables: fix inconsistent element expiration calculation, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter fixes for net, David Miller
- <Possible follow-ups>
- [PATCH 00/11] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: flowtable infrastructure depends on NETFILTER_INGRESS, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: nf_flow_offload: fix use-after-free and a resource leak, Pablo Neira Ayuso
- [PATCH 10/11] netfilter: remove useless prototype, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: nf_tables: fix flowtable free, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: nft_flow_offload: move flowtable cleanup routines to nf_flow_table, Pablo Neira Ayuso
- [PATCH 01/11] netfilter: x_tables: make allocation less aggressive, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1(), Pablo Neira Ayuso
- [PATCH 05/11] netfilter: nft_flow_offload: wait for garbage collector to run after cleanup, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert, Pablo Neira Ayuso
- [PATCH 06/11] netfilter: nft_flow_offload: no need to flush entries on module removal, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter fixes for net, David Miller
- [PATCH 00/11] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: synproxy: synproxy_cpu_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: xt_recent: recent_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 10/11] netfilter: nf_tables: fix infinite loop when expr is not available, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: nft_chain_nat: inet family is missing module ownership, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: nft_tunnel: add missing attribute validation for tunnels, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: nf_tables: dump NFTA_CHAIN_FLAGS attribute, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: nft_payload: add missing attribute validation for payload csum flags, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: x_tables: xt_mttg_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 06/11] netfilter: cthelper: add missing attribute validation for cthelper, Pablo Neira Ayuso
- [PATCH 01/11] netfilter: nf_conntrack: ct_cpu_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 05/11] netfilter: nf_tables: free flowtable hooks on hook register error, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter fixes for net, David Miller
[nft PATCH] tests: py: Test TCP flags match with parentheses,
Phil Sutter
[PATCH] bison: remove old log level tokens,
Florian Westphal
[PATCH nftables RFC] build: honor Scrooge McDuck in our release names, Pablo Neira Ayuso
[RFC nft PATCH] tests: shell: add a basic scapy test,
Arturo Borrero Gonzalez
[PATCH] netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in 64bit kernel,
Hongxu Jia
[PATCH nft v4] datatype: Replace getnameinfo() by internal lookup table,
Elise Lennion
[PATCH] expr: call expr->ops->snprintf only if defined, Pablo Neira Ayuso
[iptables PATCH] tcp_xlate: Enclose LH flag values in parentheses,
Phil Sutter
[PATCH nf] netfilter: ipv6: nf_defrag: drop mangled skb on ream error,
Florian Westphal
[PATCH nft v3 2/2] datatype: Implement binary search in symbolic_constant_print(),
Elise Lennion
[PATCH nft v3 1/2] datatype: Replace getnameinfo() by internal lookup table,
Elise Lennion
[nft PATCH] parser_bison: Allow parens on RHS of relational_expr,
Phil Sutter
[PATCH nft 1/3] evaluate: Add set to cache only when well-formed,
Anatole Denis
net/sctp: vmalloc allocation failure in sctp_setsockopt/xt_alloc_table_info,
Andrey Konovalov
[nft PATCH 1/2] tests: shell: add a testcase for many defines,
Arturo Borrero Gonzalez
[iptables PATCH] xtables-translate: Fix chain type when translating nat table,
Phil Sutter
Re: SNAT --random & fully is not actually random for ips,
Pablo Neira Ayuso
[PATCH nf-next] netfilter: remove need for skb_clone in nf_fwd_netdev_egress,
Florian Westphal
Filtering invalid MAC addresses,
jordi guri
[PATCH nft v2 2/2] datatype: Implement binary search in symbolic_constant_print(),
Elise Lennion
[PATCH nft v2 1/2] datatype: Replace getnameinfo() by internal lookup table, Elise Lennion
[PATCH nf-next 00/11] nf_tables: add stateful objects,
Pablo Neira Ayuso
- [PATCH nf-next 01/11] netfilter: nf_tables: add stateful objects, Pablo Neira Ayuso
- [PATCH nf-next 02/11] netfilter: nft_counter: add stateful object type, Pablo Neira Ayuso
- [PATCH nf-next 03/11] netfilter: nft_quota: add stateful object type, Pablo Neira Ayuso
- [PATCH nf-next 04/11] netfilter: nf_tables: add stateful object reference expression, Pablo Neira Ayuso
- [PATCH nf-next 05/11] netfilter: nf_tables: atomic dump and reset for stateful objects, Pablo Neira Ayuso
- [PATCH nf-next 06/11] netfilter: nf_tables: notify internal updates of stateful objects, Pablo Neira Ayuso
- [PATCH nf-next 07/11] netfilter: nft_quota: dump consumed quota, Pablo Neira Ayuso
- [PATCH nf-next 08/11] netfilter: nft_quota: add depleted flag for objects, Pablo Neira Ayuso
- [PATCH nf-next 09/11] netfilter: nf_tables: add stateful object reference to set elements, Pablo Neira Ayuso
- [PATCH nf-next 10/11] netfilter: nft_objref: support for stateful object maps, Pablo Neira Ayuso
- [PATCH nf-next 11/11] netfilter: nf_tables: allow to filter stateful object dumps by type, Pablo Neira Ayuso
[PATCH nf-next 1/2] netfilter: nf_tables: add chain to pktinfo structure,
Pablo Neira Ayuso
[PATCH iptables] extensions: LOG: add log flags translation to nft,
Liping Zhang
Problem with iptables-translate and tcp flags match,
Phil Sutter
[iptables PATCH] nft_ipv{4,6}_xlate: Respect prefix lengths,
Phil Sutter
[PATCH] xtables-translate: Support setting standard chain policy,
Phil Sutter
[PATCH] extensions: libip6t_ah: Fix translation of plain '-m ah',
Phil Sutter
[PATCH nf-next v3 1/1] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports,
fgao
[PATCH nf-next v2 1/1] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports, fgao
[PATCH net-next 1/1] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports,
fgao
[PATCH nft 1/7] Interpret OP_NEQ against a set as OP_LOOKUP,
Anatole Denis
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
