Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH 40/50] netfilter: nf_tables: add stateful object reference to set elements, (continued)
- [PATCH 40/50] netfilter: nf_tables: add stateful object reference to set elements, Pablo Neira Ayuso
- [PATCH 39/50] netfilter: nft_quota: add depleted flag for objects, Pablo Neira Ayuso
- [PATCH 38/50] netfilter: nf_tables: notify internal updates of stateful objects, Pablo Neira Ayuso
- [PATCH 34/50] netfilter: nft_quota: add stateful object type, Pablo Neira Ayuso
- [PATCH 32/50] netfilter: nf_tables: add stateful objects, Pablo Neira Ayuso
- [PATCH 20/50] netfilter: introduce accessor functions for hook entries, Pablo Neira Ayuso
- [PATCH 31/50] netfilter: add and use nf_fwd_netdev_egress, Pablo Neira Ayuso
- [PATCH 25/50] netfilter: x_tables: pack percpu counter allocations, Pablo Neira Ayuso
- [PATCH 30/50] netfilter: ingress: translate 0 nf_hook_slow retval to -1, Pablo Neira Ayuso
- [PATCH 19/50] netfilter: defrag: only register defrag functionality if needed, Pablo Neira Ayuso
- [PATCH 23/50] netfilter: x_tables: pass xt_counters struct instead of packet counter, Pablo Neira Ayuso
- [PATCH 28/50] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields, Pablo Neira Ayuso
- [PATCH 29/50] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports, Pablo Neira Ayuso
- [PATCH 26/50] netfilter: nft_fib: convert htonl to ntohl properly, Pablo Neira Ayuso
- [PATCH 27/50] netfilter: nft_fib_ipv4: initialize *dest to zero, Pablo Neira Ayuso
- [PATCH 22/50] netfilter: convert while loops to for loops, Pablo Neira Ayuso
- [PATCH 18/50] netfilter: conntrack: add nf_conntrack_default_on sysctl, Pablo Neira Ayuso
- [PATCH 16/50] netfilter: nf_tables: add conntrack dependencies for nat/masq/redir expressions, Pablo Neira Ayuso
- [PATCH 15/50] netfilter: nat: add dependencies on conntrack module, Pablo Neira Ayuso
- [PATCH 12/50] netfilter: conntrack: built-in support for UDPlite, Pablo Neira Ayuso
- [PATCH 24/50] netfilter: x_tables: pass xt_counters struct to counter allocator, Pablo Neira Ayuso
- [PATCH 14/50] netfilter: add and use nf_ct_netns_get/put, Pablo Neira Ayuso
- [PATCH 11/50] netfilter: conntrack: built-in support for SCTP, Pablo Neira Ayuso
- [PATCH 09/50] netfilter: nf_conntrack_tuple_common.h: fix #include, Pablo Neira Ayuso
- [PATCH 06/50] netfilter: built-in NAT support for UDPlite, Pablo Neira Ayuso
- [PATCH 08/50] netfilter: nfnetlink_log: add "nf-logger-5-1" module alias name, Pablo Neira Ayuso
- Re: [PATCH 00/50] Netfilter/IPVS updates for net-next, David Miller
- [PATCH nft v2] datatype: Display pre-defined inet_service values in host byte order,
Elise Lennion
- [nf-next:master 36/48] net/netfilter/nft_counter.c:131:9: error: implicit declaration of function 'cmpxchg64', kbuild test robot
- [PATCH nf-next] netfilter: nft_quota: allow to restore consumed quota, Pablo Neira Ayuso
- [PATCH] netfilter: nft_counter: use cmpxchg64 instead of xchg, Pablo Neira Ayuso
- [PATCH nf-next v2] netfilter: xt_bpf: support ebpf,
Willem de Bruijn
- Rebasing nf-next,
Pablo Neira Ayuso
- [nf-next:master 37/48] net/netfilter/nft_counter.c:125:21: error: call to '__xchg_wrong_size' declared with attribute error: Bad argument size for xchg, kbuild test robot
- [nf-next:master 18/48] net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:94:9: error: 'struct net' has no member named 'ct', kbuild test robot
- [PATCH nf-next] netfilter: add list element test to br_netfilter_hooks, Aaron Conole
- [PATCH nf-next] netfilter: nft_quota: don't read quota twice on reset, Pablo Neira Ayuso
- [PATCH nf-next 1/2] netfilter: nf_tables: restore check for NFTA_SET_ELEM_LIST_ELEMENTS,
Pablo Neira Ayuso
- [bug report] netfilter: convert while loops to for loops, Dan Carpenter
- [nf-next:master 37/48] net/netfilter/nft_counter.c:128:18: warning: 'packets' may be used uninitialized in this function, kbuild test robot
- [PATCH nf-next,v2] netfilter: nf_tables: silence gcc warning with stateful object maps, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_tables: silence gcc warning with stateful object maps,
Pablo Neira Ayuso
- [nf-next:master 41/48] net/netfilter/nf_tables_api.c:3003:15: warning: 'objtype' may be used uninitialized in this function, kbuild test robot
- [bug report] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields,
Dan Carpenter
- [PATCH nf-next] netfilter: nft_payload: restrict l4 checksum updates to l3 header mangling, Pablo Neira Ayuso
- Easy way to set NOTRACK for INPUT, FORWARD and OUTPUT independently,
mudrunka
- [PATCH nft] datatype: Display pre-defined inet_service values in host byte order,
Elise Lennion
- [PATCH nft] src: add support to flush sets,
Pablo Neira Ayuso
- [PATCH libnftnl] set_elem: nftnl_set_elems_nlmsg_build_payload_iter(), Pablo Neira Ayuso
- [PATCH nf-next 1/3] netfilter: nf_tables: constify struct nft_ctx * parameter in nft_trans_alloc(),
Pablo Neira Ayuso
- Kernel panic in netfilter 4.8.10 probably on conntrack -L, Denys Fedoryshchenko
- [PATCH nf-next] netfilter: xt_bpf: support ebpf,
Willem de Bruijn
- [PATCH nf-next] NAT: skip checksum on offload SCTP packets,
Davide Caratti
- [PATCH nft] parser: Add glob support to include directive,
Kohei Suzuki
- linux-next: build warnings after merge of the netfilter-next tree,
Stephen Rothwell
- [nf-next:master 18/28] net/ipv4/netfilter/nf_defrag_ipv4.c:110:9: error: 'struct net' has no member named 'ct',
kbuild test robot
- [PATCN net-next] net_sched: gen_estimator: complete rewrite of rate estimators,
Eric Dumazet
- [PATCH nf-next] netfilter: rpfilter: bypass ipv4 lbcast packets with zeronet source,
Liping Zhang
- [PATCH nf-next 0/2] netfilter: merge udp and udplite helpers,
Florian Westphal
- [PATCH v2,nf-next 00/11] nf_tables: add stateful objects,
Pablo Neira Ayuso
- [PATCH v2,nf-next 03/11] netfilter: nft_quota: add stateful object type, Pablo Neira Ayuso
- [PATCH v2,nf-next 05/11] netfilter: nf_tables: atomic dump and reset for stateful objects, Pablo Neira Ayuso
- [PATCH v2,nf-next 06/11] netfilter: nf_tables: notify internal updates of stateful objects, Pablo Neira Ayuso
- [PATCH v2,nf-next 10/11] netfilter: nft_objref: support for stateful object maps, Pablo Neira Ayuso
- [PATCH v2,nf-next 08/11] netfilter: nft_quota: add depleted flag for objects, Pablo Neira Ayuso
- [PATCH nf-next 11/11] netfilter: nf_tables: allow to filter stateful object dumps by type, Pablo Neira Ayuso
- [PATCH v2,nf-next 02/11] netfilter: nft_counter: add stateful object type, Pablo Neira Ayuso
- [PATCH v2,nf-next 07/11] netfilter: nft_quota: dump consumed quota, Pablo Neira Ayuso
- [PATCH v2,nf-next 04/11] netfilter: nf_tables: add stateful object reference expression, Pablo Neira Ayuso
- [PATCH v2,nf-next 01/11] netfilter: nf_tables: add stateful objects, Pablo Neira Ayuso
- [PATCH v2,nf-next 09/11] netfilter: nf_tables: add stateful object reference to set elements, Pablo Neira Ayuso
- [conntrack-tools PATCH] config: drop old/obsolete/deprecated conntrackd.conf config options,
Arturo Borrero Gonzalez
- [conntrack-tools PATCH] systemd: fix missing log.h include,
Arturo Borrero Gonzalez
- [PATCH v2] netfilter: avoid warn and OOM killer on vmalloc call,
Marcelo Ricardo Leitner
- [PATCH nft] evaluate: return ctx->table from table_lookup_global(), Pablo Neira Ayuso
- [PATCH nft 1/2] rule: Introduce helper function cache_flush,
Anatole Denis
- [conntrack-tools PATCH] src: add log message when resync is requested by other node,
Arturo Borrero Gonzalez
- [PATCH nft] datatype: honor -nn option from inet_service_type_print(), Pablo Neira Ayuso
- [PATCH 00/11] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH 01/11] netfilter: Update ip_route_me_harder to consider L3 domain, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: fix nf_conntrack_helper documentation, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: Update nf_send_reset6 to consider L3 domain, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: nat: fix crash when conntrack entry is re-used, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in 64bit kernel, Pablo Neira Ayuso
- [PATCH 06/11] netfilter: nat: switch to new rhlist interface, Pablo Neira Ayuso
- [PATCH 10/11] netfilter: ipv6: nf_defrag: drop mangled skb on ream error, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: nft_hash: validate maximum value of u32 netlink hash attribute, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: nft_range: add the missing NULL pointer check, Pablo Neira Ayuso
- [PATCH 05/11] netfilter: nat: fix cmp return value, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: nf_tables: fix inconsistent element expiration calculation, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter fixes for net, David Miller
- <Possible follow-ups>
- [PATCH 00/11] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: flowtable infrastructure depends on NETFILTER_INGRESS, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: nf_flow_offload: fix use-after-free and a resource leak, Pablo Neira Ayuso
- [PATCH 10/11] netfilter: remove useless prototype, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: nf_tables: fix flowtable free, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: nft_flow_offload: move flowtable cleanup routines to nf_flow_table, Pablo Neira Ayuso
- [PATCH 01/11] netfilter: x_tables: make allocation less aggressive, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1(), Pablo Neira Ayuso
- [PATCH 05/11] netfilter: nft_flow_offload: wait for garbage collector to run after cleanup, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert, Pablo Neira Ayuso
- [PATCH 06/11] netfilter: nft_flow_offload: no need to flush entries on module removal, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter fixes for net, David Miller
- [PATCH 00/11] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH 02/11] netfilter: synproxy: synproxy_cpu_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 03/11] netfilter: xt_recent: recent_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 10/11] netfilter: nf_tables: fix infinite loop when expr is not available, Pablo Neira Ayuso
- [PATCH 11/11] netfilter: nft_chain_nat: inet family is missing module ownership, Pablo Neira Ayuso
- [PATCH 08/11] netfilter: nft_tunnel: add missing attribute validation for tunnels, Pablo Neira Ayuso
- [PATCH 09/11] netfilter: nf_tables: dump NFTA_CHAIN_FLAGS attribute, Pablo Neira Ayuso
- [PATCH 07/11] netfilter: nft_payload: add missing attribute validation for payload csum flags, Pablo Neira Ayuso
- [PATCH 04/11] netfilter: x_tables: xt_mttg_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 06/11] netfilter: cthelper: add missing attribute validation for cthelper, Pablo Neira Ayuso
- [PATCH 01/11] netfilter: nf_conntrack: ct_cpu_seq_next should increase position index, Pablo Neira Ayuso
- [PATCH 05/11] netfilter: nf_tables: free flowtable hooks on hook register error, Pablo Neira Ayuso
- Re: [PATCH 00/11] Netfilter fixes for net, David Miller
- [nft PATCH] tests: py: Test TCP flags match with parentheses,
Phil Sutter
- [PATCH] bison: remove old log level tokens,
Florian Westphal
- [PATCH nftables RFC] build: honor Scrooge McDuck in our release names, Pablo Neira Ayuso
- [RFC nft PATCH] tests: shell: add a basic scapy test,
Arturo Borrero Gonzalez
- [PATCH] netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in 64bit kernel,
Hongxu Jia
- [PATCH nft v4] datatype: Replace getnameinfo() by internal lookup table,
Elise Lennion
- [PATCH] expr: call expr->ops->snprintf only if defined, Pablo Neira Ayuso
- [iptables PATCH] tcp_xlate: Enclose LH flag values in parentheses,
Phil Sutter
- [PATCH nf] netfilter: ipv6: nf_defrag: drop mangled skb on ream error,
Florian Westphal
- [PATCH nft v3 2/2] datatype: Implement binary search in symbolic_constant_print(),
Elise Lennion
- [PATCH nft v3 1/2] datatype: Replace getnameinfo() by internal lookup table,
Elise Lennion
- [nft PATCH] parser_bison: Allow parens on RHS of relational_expr,
Phil Sutter
- [PATCH nft 1/3] evaluate: Add set to cache only when well-formed,
Anatole Denis
- net/sctp: vmalloc allocation failure in sctp_setsockopt/xt_alloc_table_info,
Andrey Konovalov
- [nft PATCH 1/2] tests: shell: add a testcase for many defines,
Arturo Borrero Gonzalez
- [iptables PATCH] xtables-translate: Fix chain type when translating nat table,
Phil Sutter
- Re: SNAT --random & fully is not actually random for ips,
Pablo Neira Ayuso
- [PATCH nf-next] netfilter: remove need for skb_clone in nf_fwd_netdev_egress,
Florian Westphal
- Filtering invalid MAC addresses,
jordi guri
- [PATCH nft v2 2/2] datatype: Implement binary search in symbolic_constant_print(),
Elise Lennion
- [PATCH nft v2 1/2] datatype: Replace getnameinfo() by internal lookup table, Elise Lennion
- [PATCH nf-next 00/11] nf_tables: add stateful objects,
Pablo Neira Ayuso
- [PATCH nf-next 01/11] netfilter: nf_tables: add stateful objects, Pablo Neira Ayuso
- [PATCH nf-next 02/11] netfilter: nft_counter: add stateful object type, Pablo Neira Ayuso
- [PATCH nf-next 03/11] netfilter: nft_quota: add stateful object type, Pablo Neira Ayuso
- [PATCH nf-next 04/11] netfilter: nf_tables: add stateful object reference expression, Pablo Neira Ayuso
- [PATCH nf-next 05/11] netfilter: nf_tables: atomic dump and reset for stateful objects, Pablo Neira Ayuso
- [PATCH nf-next 06/11] netfilter: nf_tables: notify internal updates of stateful objects, Pablo Neira Ayuso
- [PATCH nf-next 07/11] netfilter: nft_quota: dump consumed quota, Pablo Neira Ayuso
- [PATCH nf-next 08/11] netfilter: nft_quota: add depleted flag for objects, Pablo Neira Ayuso
- [PATCH nf-next 09/11] netfilter: nf_tables: add stateful object reference to set elements, Pablo Neira Ayuso
- [PATCH nf-next 10/11] netfilter: nft_objref: support for stateful object maps, Pablo Neira Ayuso
- [PATCH nf-next 11/11] netfilter: nf_tables: allow to filter stateful object dumps by type, Pablo Neira Ayuso
- [PATCH nf-next 1/2] netfilter: nf_tables: add chain to pktinfo structure,
Pablo Neira Ayuso
- [PATCH iptables] extensions: LOG: add log flags translation to nft,
Liping Zhang
- Problem with iptables-translate and tcp flags match,
Phil Sutter
- [iptables PATCH] nft_ipv{4,6}_xlate: Respect prefix lengths,
Phil Sutter
- [PATCH] xtables-translate: Support setting standard chain policy,
Phil Sutter
- [PATCH] extensions: libip6t_ah: Fix translation of plain '-m ah',
Phil Sutter
- [PATCH nf-next v3 1/1] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports,
fgao
- [PATCH nf-next v2 1/1] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports, fgao
- [PATCH net-next 1/1] netfilter: xt_multiport: Fix wrong unmatch result with multiple ports,
fgao
- [PATCH nft 1/7] Interpret OP_NEQ against a set as OP_LOOKUP,
Anatole Denis
- [PATCH nft 2/7] tests/py/{arp,any}: Unmask negative set lookup, Anatole Denis
- [PATCH nft 7/7] tests/py/{udp,udplite}: Unmark inverted set lookup, Anatole Denis
- [PATCH nft 5/7] tests/py{ah,esp,comp}: Unmark inverted set lookup, Anatole Denis
- [PATCH nft 3/7] tests/py/ip: Unmark negative set lookup tests, Anatole Denis
- [PATCH nft 6/7] tests/py/{dccp,sctp,tcp}: Unmark inverted lookup, Anatole Denis
- [PATCH nft 4/7] tests/py/ip6: Unmark inverted set lookup testcases, Anatole Denis
- Re: [PATCH nft 1/7] Interpret OP_NEQ against a set as OP_LOOKUP, Pablo Neira Ayuso
- Re: [PATCH nft 1/7] Interpret OP_NEQ against a set as OP_LOOKUP, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nft_fib: store loopback interface to dreg when rt is local,
Liping Zhang
- [PATCH nft] src: trigger layer 4 checksum when pseudoheader fields are modified, Pablo Neira Ayuso
- [PATCH 1/2 libnftnl] include: refresh nf_tables.h cache copy,
Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields, Pablo Neira Ayuso
- [PATCH nft] datatype: Replace getnameinfo() by internal lookup table,
Elise Lennion
- [PATCH nf-next] netfilter: nft_fib: convert htonl to ntohl properly,
Liping Zhang
- [PATCH nf] netfilter: nat: fix crash when conntrack entry is re-used,
Florian Westphal
- [PATCH v3 nf-next 0/3] netfilter: x_tables: pack percpu counter allocations,
Florian Westphal
- [PATCH v2 nf-next 0/3] netfilter: x_tables: pack percpu counter allocations,
Florian Westphal
- [PATCH nf-next 0/3] netfilter: x_tables: pack percpu counter allocations,
Florian Westphal
- [PATCH nf] netfilter: nft_range: add the missing NULL pointer check,
Liping Zhang
- [PATCH nf] netfilter: nf_tables: fix inconsistent element expiration calculation,
Anders K. Pedersen | Cohaesio
- [PATCH nf] netfilter: nft_dynset: fix incorrect element expiration calculation,
Liping Zhang
- [PATCH nft V2] src: add log flags syntax support,
Liping Zhang
- netfilter/nftables oops in 4.8,
Arturo Borrero Gonzalez
- [nft] about commit 3e5b0e406cf2b635200f9ee05ba8a158528fe622,
Arturo Borrero Gonzalez
- [PATCH v3 2/2] parser_bison: Use __error() to avoid syntax error message duplication, Elise Lennion
- [PATCH v3 1/2] erec: Make error messages in nft consistent, Elise Lennion
- [PATCH v2] erec: Make error messages in nft consistent,
Elise Lennion
- [PATCH nf 0/2] netfilter: nat: fix regressions introduced by rhashtable conversion,
Florian Westphal
- Re: netfilter question,
Eric Dumazet
[nft PATCH 1/3] tests: shell: testcase for adding many set elements,
Arturo Borrero Gonzalez
[nft PATCH] tests: shell: allow to execute a single testcase,
Arturo Borrero Gonzalez
[PATCH nf-next 0/3] Additional nf_hook_entry compaction,
Aaron Conole
[PATCH v4 nf-next] netfilter: allow disabling conntrack-on-by-default,
Florian Westphal
[PATCH] erec: Make error messages in nft consistent,
Elise Lennion
[PATCH nf-next v2 0/4] netfilter: built-in conntrack support for DCCP, SCTP, UDPlite,
Davide Caratti
[GIT PULL nf-next 0/2] IPVS Updates for v4.10,
Simon Horman
[PATCH nft] mnl: use nftnl_set_elems_nlmsg_build_payload_iter() when deleting elements, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_tables: validate maximum value of u32 netlink hash attribute,
Laura Garcia Liebana
[PATCH 1/2 nft] tests: py: add some testcases for log flags,
Pablo Neira Ayuso
iptables: incorrect package match w/ conntrack_sip, Juergen Schmidt
[PATCH nf-next] netfilter: nfnetlink_log: add "nf-logger-5-1" module alias name,
Liping Zhang
[PATCH nf-next] netfilter: nf_log: do not assume ethernet header in netdev family,
Liping Zhang
[PATCH nf-next,RFC] netfilter: nft_meta: add cgroup version 2 support,
Pablo Neira Ayuso
[PATCH 00/39] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH 01/39] netfilter: get rid of useless debugging from core, Pablo Neira Ayuso
- [PATCH 03/39] netfilter: kill NF_HOOK_THRESH() and state->tresh, Pablo Neira Ayuso
- [PATCH 04/39] netfilter: deprecate NF_STOP, Pablo Neira Ayuso
- [PATCH 02/39] netfilter: remove comments that predate rcu days, Pablo Neira Ayuso
- [PATCH 13/39] netfilter: conntrack: simplify init/uninit of L4 protocol trackers, Pablo Neira Ayuso
- [PATCH 17/39] netfilter: ipset: Mark some helper args as const., Pablo Neira Ayuso
- [PATCH 23/39] netfilter: ipset: Regroup ip_set_put_extensions and add extern, Pablo Neira Ayuso
- [PATCH 26/39] netfilter: ipset: Count non-static extension memory for userspace, Pablo Neira Ayuso
- [PATCH 39/39] netfilter: x_tables: simplify IS_ERR_OR_NULL to NULL test, Pablo Neira Ayuso
- [PATCH 38/39] netfilter: conntrack: remove unused netns_ct member, Pablo Neira Ayuso
- [PATCH 32/39] netfilter: ipset: Make struct htype per ipset family, Pablo Neira Ayuso
- [PATCH 36/39] netfilter: ipset: use setup_timer() and mod_timer()., Pablo Neira Ayuso
- [PATCH 37/39] netfilter: ipset: hash: fix boolreturn.cocci warnings, Pablo Neira Ayuso
- [PATCH 35/39] netfilter: ipset: hash:ipmac type support added to ipset, Pablo Neira Ayuso
- [PATCH 33/39] netfilter: ipset: Collapse same condition body to a single one, Pablo Neira Ayuso
- [PATCH 31/39] netfilter: ipset: Optimize hash creation routine, Pablo Neira Ayuso
- [PATCH 34/39] netfilter: ipset: Fix reported memory size for hash:* types, Pablo Neira Ayuso
- [PATCH 27/39] netfilter: ipset: Remove redundant mtype_expire() arguments, Pablo Neira Ayuso
- [PATCH 30/39] netfilter: ipset: Make sure element data size is a multiple of u32, Pablo Neira Ayuso
- [PATCH 29/39] netfilter: ipset: Make NLEN compile time constant for hash types, Pablo Neira Ayuso
- [PATCH 24/39] netfilter: ipset: Add element count to hash headers, Pablo Neira Ayuso
- [PATCH 28/39] netfilter: ipset: Simplify mtype_expire() for hash types, Pablo Neira Ayuso
- [PATCH 19/39] netfilter: ipset: Improve skbinfo get/init helpers, Pablo Neira Ayuso
- [PATCH 18/39] netfilter: ipset: Headers file cleanup, Pablo Neira Ayuso
- [PATCH 25/39] netfilter: ipset: Add element count to all set types header, Pablo Neira Ayuso
- [PATCH 22/39] netfilter: ipset: Separate memsize calculation code into dedicated function, Pablo Neira Ayuso
- [PATCH 21/39] netfilter: ipset: Split extensions into separate files, Pablo Neira Ayuso
- [PATCH 20/39] netfilter: ipset: Use kmalloc() in comment extension helper, Pablo Neira Ayuso
- [PATCH 12/39] netfilter: nf_tables: simplify the basic expressions' init routine, Pablo Neira Ayuso
- [PATCH 16/39] netfilter: ipset: Remove extra whitespaces in ip_set.h, Pablo Neira Ayuso
- [PATCH 15/39] netfilter: conntrack: fix NF_REPEAT handling, Pablo Neira Ayuso
- [PATCH 08/39] netfilter: remove hook_entries field from nf_hook_state, Pablo Neira Ayuso
- [PATCH 14/39] udp: provide udp{4,6}_lib_lookup for nf_socket_ipv{4,6}, Pablo Neira Ayuso
- [PATCH 10/39] netfilter: handle NF_REPEAT from nf_conntrack_in(), Pablo Neira Ayuso
- [PATCH 11/39] netfilter: nft_hash: get random bytes if seed is not specified, Pablo Neira Ayuso
- [PATCH 09/39] netfilter: merge nf_iterate() into nf_hook_slow(), Pablo Neira Ayuso
- [PATCH 07/39] netfilter: use switch() to handle verdict cases from nf_hook_slow(), Pablo Neira Ayuso
- [PATCH 06/39] netfilter: nf_tables: use hook state from xt_action_param structure, Pablo Neira Ayuso
- [PATCH 05/39] netfilter: x_tables: move hook state into xt_action_param structure, Pablo Neira Ayuso
- Re: [PATCH 00/39] Netfilter updates for net-next, David Miller
[PATCH] netfilter: x_tables: simplify IS_ERR_OR_NULL to NULL test,
Julia Lawall
question about xt_find_table_lock,
Julia Lawall
[PATCH nf-next 0/4] netfilter: built-in conntrack support for DCCP, SCTP, UDPlite,
Davide Caratti
[PATCH nf] netfilter: fix nf_conntrack_helper documentation, Florian Westphal
[PATCH nf-next] netfilter: conntrack: remove unused netns_ct member,
Florian Westphal
[PATCH 00/22] ipset patches for nf-next, v3,
Jozsef Kadlecsik
- [PATCH 01/22] netfilter: ipset: Remove extra whitespaces in ip_set.h, Jozsef Kadlecsik
- [PATCH 02/22] netfilter: ipset: Mark some helper args as const., Jozsef Kadlecsik
- [PATCH 06/22] netfilter: ipset: Split extensions into separate files, Jozsef Kadlecsik
- [PATCH 05/22] netfilter: ipset: Use kmalloc() in comment extension helper, Jozsef Kadlecsik
- [PATCH 12/22] netfilter: ipset: Remove redundant mtype_expire() arguments, Jozsef Kadlecsik
- [PATCH 08/22] netfilter: ipset: Regroup ip_set_put_extensions and add extern, Jozsef Kadlecsik
- [PATCH 09/22] netfilter: ipset: Add element count to hash headers, Jozsef Kadlecsik
- [PATCH 21/22] netfilter: ipset: use setup_timer() and mod_timer()., Jozsef Kadlecsik
- [PATCH 20/22] netfilter: ipset: hash:ipmac type support added to ipset, Jozsef Kadlecsik
- [PATCH 14/22] netfilter: ipset: Make NLEN compile time constant for hash types, Jozsef Kadlecsik
- [PATCH 10/22] netfilter: ipset: Add element count to all set types header, Jozsef Kadlecsik
- [PATCH 22/22] netfilter: ipset: hash: fix boolreturn.cocci warnings, Jozsef Kadlecsik
- [PATCH 13/22] netfilter: ipset: Simplify mtype_expire() for hash types, Jozsef Kadlecsik
- [PATCH 18/22] netfilter: ipset: Collapse same condition body to a single one, Jozsef Kadlecsik
- [PATCH 11/22] netfilter: ipset: Count non-static extension memory for userspace, Jozsef Kadlecsik
- [PATCH 19/22] netfilter: ipset: Fix reported memory size for hash:* types, Jozsef Kadlecsik
- [PATCH 17/22] netfilter: ipset: Make struct htype per ipset family, Jozsef Kadlecsik
- [PATCH 07/22] netfilter: ipset: Separate memsize calculation code into dedicated function, Jozsef Kadlecsik
- [PATCH 04/22] netfilter: ipset: Improve skbinfo get/init helpers, Jozsef Kadlecsik
- [PATCH 15/22] netfilter: ipset: Make sure element data size is a multiple of u32, Jozsef Kadlecsik
- [PATCH 03/22] netfilter: ipset: Headers file cleanup, Jozsef Kadlecsik
- [PATCH 16/22] netfilter: ipset: Optimize hash creation routine, Jozsef Kadlecsik
- Re: [PATCH 00/22] ipset patches for nf-next, v3, Pablo Neira Ayuso
[PATCH 00/14] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH 01/14] netfilter: nft_dynset: fix panic if NFT_SET_HASH is not enabled, Pablo Neira Ayuso
- [PATCH 06/14] netfilter: conntrack: avoid excess memory allocation, Pablo Neira Ayuso
- [PATCH 14/14] netfilter: nf_tables: fix oops when inserting an element into a verdict map, Pablo Neira Ayuso
- [PATCH 13/14] netfilter: conntrack: refine gc worker heuristics, Pablo Neira Ayuso
- [PATCH 11/14] netfilter: connmark: ignore skbs with magic untracked conntrack objects, Pablo Neira Ayuso
- [PATCH 08/14] netfilter: nf_tables: destroy the set if fail to add transaction, Pablo Neira Ayuso
- [PATCH 12/14] netfilter: conntrack: fix CT target for UNSPEC helpers, Pablo Neira Ayuso
- [PATCH 10/14] ipvs: use IPVS_CMD_ATTR_MAX for family.maxattr, Pablo Neira Ayuso
- [PATCH 09/14] netfilter: nft_dup: do not use sreg_dev if the user doesn't specify it, Pablo Neira Ayuso
- [PATCH 07/14] netfilter: ip_vs_sync: fix bogus maybe-uninitialized warning, Pablo Neira Ayuso
- [PATCH 03/14] netfilter: nf_tables: fix race when create new element in dynset, Pablo Neira Ayuso
- [PATCH 02/14] netfilter: nf_tables: fix *leak* when expr clone fail, Pablo Neira Ayuso
- [PATCH 04/14] netfilter: nf_conntrack_sip: extend request line validation, Pablo Neira Ayuso
- [PATCH 05/14] netfilter: nf_tables: fix type mismatch with error return from nft_parse_u32_check, Pablo Neira Ayuso
- Re: [PATCH 00/14] Netfilter fixes for net, David Miller
- <Possible follow-ups>
- [PATCH 00/14] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH 07/14] netfilter: ipt_CLUSTERIP: fix build error without procfs, Pablo Neira Ayuso
- [PATCH 09/14] netfilter: conntrack: refine gc worker heuristics, redux, Pablo Neira Ayuso
- [PATCH 05/14] netfilter: nf_tables: fix possible oops when dumping stateful objects, Pablo Neira Ayuso
- [PATCH 14/14] netfilter: nf_tables: bump set->ndeact on set flush, Pablo Neira Ayuso
- [PATCH 13/14] netfilter: nf_tables: deconstify walk callback function, Pablo Neira Ayuso
- [PATCH 11/14] netfilter: nft_log: restrict the log prefix length to 127, Pablo Neira Ayuso
- [PATCH 10/14] netfilter: nf_tables: validate the name size when possible, Pablo Neira Ayuso
- [PATCH 06/14] netfilter: Fix typo in NF_CONNTRACK Kconfig option description, Pablo Neira Ayuso
- [PATCH 03/14] netfilter: nf_tables: fix spelling mistakes, Pablo Neira Ayuso
- [PATCH 04/14] netfilter: rpfilter: fix incorrect loopback packet judgment, Pablo Neira Ayuso
- [PATCH 08/14] netfilter: conntrack: remove GC_MAX_EVICTS break, Pablo Neira Ayuso
- [PATCH 12/14] netfilter: nf_tables: fix set->nelems counting with no NLM_F_EXCL, Pablo Neira Ayuso
- [PATCH 02/14] tcp: fix mark propagation with fwmark_reflect enabled, Pablo Neira Ayuso
- [PATCH 01/14] netfilter: use fwmark_reflect in nf_send_reset, Pablo Neira Ayuso
- Re: [PATCH 00/14] Netfilter fixes for net, David Miller
- [PATCH 00/14] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH 01/14] netfilter: ipv6: fix oops when defragmenting locally generated fragments, Pablo Neira Ayuso
- [PATCH 04/14] Revert "netfilter: nft_numgen: add map lookups for numgen random operations", Pablo Neira Ayuso
- [PATCH 03/14] netfilter: bridge: define INT_MIN & INT_MAX in userspace, Pablo Neira Ayuso
- [PATCH 02/14] netfilter: nft_osf: check if attribute is present, Pablo Neira Ayuso
- [PATCH 14/14] netfilter: conntrack: fix calculation of next bucket number in early_drop, Pablo Neira Ayuso
- [PATCH 07/14] netfilter: ipset: fix ip_set_list allocation failure, Pablo Neira Ayuso
- [PATCH 13/14] netfilter: nft_compat: ebtables 'nat' table is normal chain type, Pablo Neira Ayuso
- [PATCH 12/14] netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr, Pablo Neira Ayuso
- [PATCH 11/14] netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet(), Pablo Neira Ayuso
- [PATCH 10/14] netfilter: ipset: Fix calling ip_set() macro at dumping, Pablo Neira Ayuso
- [PATCH 09/14] netfilter: xt_IDLETIMER: add sysfs filename checking routine, Pablo Neira Ayuso
- [PATCH 08/14] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment(), Pablo Neira Ayuso
- [PATCH 05/14] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace, Pablo Neira Ayuso
- [PATCH 06/14] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net, Pablo Neira Ayuso
- Re: [PATCH 00/14] Netfilter fixes for net, David Miller
- [PATCH 00/14] Netfilter fixes for net, Pablo Neira Ayuso
- [PATCH 01/14] netfilter: nfnetlink: avoid deadlock due to synchronous request_module, Pablo Neira Ayuso
- [PATCH 02/14] netfilter: Fix rpfilter dropping vrf packets by mistake, Pablo Neira Ayuso
- [PATCH 05/14] netfilter: nf_tables: fix module autoload for redir, Pablo Neira Ayuso
- [PATCH 04/14] netfilter: Update obsolete comments referring to ip_conntrack, Pablo Neira Ayuso
- [PATCH 07/14] netfilter: conntrack: always store window size un-scaled, Pablo Neira Ayuso
- [PATCH 09/14] netfilter: nft_hash: fix symhash with modulus one, Pablo Neira Ayuso
- [PATCH 03/14] netfilter: nf_conntrack_sip: fix expectation clash, Pablo Neira Ayuso
- [PATCH 06/14] netfilter: synproxy: fix erroneous tcp mss option, Pablo Neira Ayuso
- [PATCH 08/14] netfilter: nf_tables: don't fail when updating base chain policy, Pablo Neira Ayuso
- Re: [PATCH 00/14] Netfilter fixes for net, David Miller
linux-next: manual merge of the net-next tree with the netfilter tree,
Stephen Rothwell
nf_nat_tftp broken in 4.8?,
Florian Fainelli
Re: linux-next: Tree for Nov 9 (netdev, netfilter v6), Randy Dunlap
[PATCH] netfilter: Update nf_send_reset6 to consider L3 domain,
David Ahern
[PATCH] netfilter: Update ip_route_me_harder to consider L3 domain,
David Ahern
[nft PATCH] tests: shell: add testcases for comments in set elements, Arturo Borrero Gonzalez
[PATCH nft] segtree: keep element comments in set intervals,
Pablo Neira Ayuso
sip helper doesn't match on calls to myself, Juergen Schmidt
Re: linux-next: Tree for Nov 8 (netdev, netfilter), Randy Dunlap
[PATCH nft] tests: shell: add test case for inserting element into verdict map,
Liping Zhang
[PATCH 1/2] [net-next] udp: provide udp{4,6}_lib_lookup for nf_socket_ipv{4,6},
Arnd Bergmann
"random" syn packets dropped,
Bjørnar Ness
[PATCH nf-next v3] netfilter: conntrack: simplify init/uninit of L4 protocol trackers,
Davide Caratti
[PATCH] net/netfilter: Fix use uninitialized warn in nft_range_eval(),
Shuah Khan
nfqueue: Get pid of socket owner,
David Buchmann
[PATCH] extensions: libxt_mangle: Use getaddrinfo(),
Shivani Bhardwaj
[PATCH] iptables: xtables-arp: Use getaddrinfo(),
Shivani Bhardwaj
[PATCH nf-next] netfilter: nf_tables: simplify the basic expressions' init routine,
Liping Zhang
[PATCH nf] netfilter: nf_tables: fix oops when inserting an element into a verdict map,
Liping Zhang
[nf-next:master 9/12] undefined reference to `udp6_lib_lookup', kbuild test robot
[nf-next:master 9/12] ERROR: "udp4_lib_lookup" [net/ipv4/netfilter/nf_socket_ipv4.ko] undefined!, kbuild test robot
[PATCH nf v4] netfilter: conntrack: refine gc worker heuristics,
Florian Westphal
[PATCH v3 nft 2/4] src: add offset attribute for hash expression,
Laura Garcia Liebana
[PATCH v3 nft 1/4] src: make hash seed attribute optional,
Laura Garcia Liebana
[conntrack-tools PATCH 1/3] log: introduce a mechanism to know if log was initialized,
Arturo Borrero Gonzalez
[PATCH nf v3] netfilter: conntrack: refine gc worker heuristics,
Florian Westphal
[Patch net] ipvs: use IPVS_CMD_ATTR_MAX for family.maxattr,
Cong Wang
[nf-next:master 8/10] net/netfilter/nfnetlink_queue.c:922:16: sparse: incompatible types in comparison expression (different address spaces), kbuild test robot
[PATCH nf-next] netfilter: nft_hash: get random bytes if seed is not specified, Pablo Neira Ayuso
[PATCH nf] netfilter: conntrack: fix CT target for UNSPEC helpers,
Florian Westphal
[PATCH nf-next,v2 01/10] netfilter: get rid of useless debugging from core,
Pablo Neira Ayuso
- [PATCH nf-next,v2 04/10] netfilter: deprecate NF_STOP, Pablo Neira Ayuso
- [PATCH nf-next,v2 07/10] netfilter: use switch() to handle verdict cases from nf_hook_slow(), Pablo Neira Ayuso
- [PATCH nf-next,v2 02/10] netfilter: remove comments that predate rcu days, Pablo Neira Ayuso
- [PATCH nf-next,v2 03/10] netfilter: kill NF_HOOK_THRESH() and state->tresh, Pablo Neira Ayuso
- [PATCH nf-next,v2 05/10] netfilter: x_tables: move hook state into xt_action_param structure, Pablo Neira Ayuso
- [PATCH nf-next,v2 06/10] netfilter: nf_tables: use hook state from xt_action_param structure, Pablo Neira Ayuso
- [PATCH nf-next,v2 08/10] netfilter: remove hook_entries field from nf_hook_state, Pablo Neira Ayuso
- [PATCH nf-next,v2 09/10] netfilter: merge nf_iterate() into nf_hook_slow(), Pablo Neira Ayuso
- [PATCH nf-next 10/10] netfilter: handle NF_REPEAT from nf_conntrack_in(), Pablo Neira Ayuso
[nft PATCH 1/3] tests: shell: delete useless stderr output in testcase,
Arturo Borrero Gonzalez
[PATCH nf v2] netfilter: conntrack: refine gc worker heuristics,
Florian Westphal
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
