Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH nf 1/2] netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroy, (continued)
- [PATCH nf-next] netfilter: nfnetlink_log: add "nf-logger-3-1" module alias name,
Liping Zhang
- [PATCH V3 nf-next] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht,
Liping Zhang
- [PATCH nf-next,v2] netfilter: remove ip_conntrack* sysctl compat code, Pablo Neira Ayuso
- [PATCH v2 libnftnl] expr: add hash expression,
Laura Garcia Liebana
- [nft PATCH 0/4] A round of covscan indicated fixes,
Phil Sutter
- [libnftnl PATCH] utils: Don't return directly from SNPRINTF_BUFFER_SIZE,
Phil Sutter
- [PATCH] netfilter: remove ip_conntrack* sysctl compat code,
Pablo Neira Ayuso
- [libnftnl PATCH 0/7] A bunch of covscan detected fixes,
Phil Sutter
- [PATCH v5] netfilter: nf_tables: add hash expression,
Laura Garcia Liebana
- nfacct: setting quotas does not seem to work.,
Josue Alvarez
- [PATCH 1/2, libnftnl] tests: Consolidate printing error utilities,
Carlos Falgueras García
- [PATCH 2/2, libnftnl] Use libnftnl comparators in all tests, Carlos Falgueras García
- Re: [PATCH 2/2, libnftnl] Use libnftnl comparators in all tests, Pablo Neira Ayuso
- Re: [PATCH 2/2, libnftnl] Use libnftnl comparators in all tests, Carlos Falgueras García
- [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access, Carlos Falgueras García
- [PATCH 2/4, V2, libnftnl] tests: Fix wrong expression creation, Carlos Falgueras García
- [PATCH 3/4, V2, libnftnl] tests: Consolidate printing error utilities, Carlos Falgueras García
- [PATCH 4/4, V2, libnftnl] tests: Use libnftnl comparators in all tests, Carlos Falgueras García
- Re: [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access, Pablo Neira Ayuso
- Re: [PATCH 1/2, libnftnl] tests: Consolidate printing error utilities, Pablo Neira Ayuso
- [PATCH v4] netfilter: nf_tables: add hash expression,
Laura Garcia Liebana
- [PATCH 1/3, libnftnl] tests: Add missing tests to test-script.sh,
Carlos Falgueras García
- [PATCH] nf-next: x_tables: Replace kmalloc(s*n) with kmalloc_array(n,s),
Loganaden Velvindron
- [PATCH] x_tables: Replace kmalloc(s*n) with kmalloc_array(n,s), Loganaden Velvindron
- [PATCH netfilter] extensions/libxt_bpf.man: clarify BPF code generation with tcpdump,
Willem de Bruijn
- [ANNOUNCE] Netdev 1.2 updates, Hajime Tazaki
- [PATCH 0/5] Check u32 load in u8 attributes,
Laura Garcia Liebana
- [PATCH v3] netfilter: nf_tables: add hash expression,
Laura Garcia Liebana
- [PATCH nft] tests: tests to include files, Pablo Neira Ayuso
- [PATCH] netfilter: nf_tables: Add size check on u8 nft_exthdr attributes,
Laura Garcia Liebana
- [PATCH v2] netfilter: nf_tables: add hash expression,
Laura Garcia Liebana
- 4.7.0: RCU stall in nf_conntrack, Johannes Stezenbach
- Drop pings to other VLAN interfaces, vDev
- [PATCH] netfilter: nf_tables: rename set implementations, Pablo Neira Ayuso
- [PATCH libnftnl] expr: hash: Jenkins hash expression support,
Laura Garcia Liebana
- [PATCH] netfilter: nft_hash: generate Jenkins Hash per source register,
Laura Garcia Liebana
- [PATCH nft 1/3] scanner: honor absolute and relative paths via include file,
Pablo Neira Ayuso
- [PATCH nf] netfilter: ctnetlink: reject new conntrack request with different l4proto,
Liping Zhang
- [PATCH nf] netfilter: nfnetlink_queue: reject verdict request from different portid,
Liping Zhang
- [PATCH nf] netfilter: nfnetlink_queue: fix memory leak when attach expectation successfully,
Liping Zhang
- [PATCH nf] netfilter: nf_expect_proc: remove the redundant slash when policy name is empty,
Liping Zhang
- [PATCH 1/4, libnftnl] rule: Implement internal expression iterator,
Carlos Falgueras García
- [PATCH 2/4, libnfntl] Implement rule comparison, Carlos Falgueras García
- [PATCH 3/4, nft] Simplify parser rule_spec tree, Carlos Falgueras García
- [PATCH 4/4, nft] Implement deleting rule by description, Carlos Falgueras García
- Re: [PATCH 1/4, libnftnl] rule: Implement internal expression iterator, Pablo Neira Ayuso
- [PATCH 1/5, V2, libnftnl] rule: Add const modifier to rule field of expression iterator, Carlos Falgueras García
- [PATCH 3/5, V2, libnftnl] Implement rule comparison, Carlos Falgueras García
- [PATCH 2/5, V2, libnftnl] rule: Implement internal expression iterator, Carlos Falgueras García
- [PATCH 4/5, V2, nft] Simplify parser rule_spec tree, Carlos Falgueras García
- [PATCH 5/5, V2, nft] Implement deleting rule by description, Carlos Falgueras García
- Re: [PATCH 1/5, V2, libnftnl] rule: Add const modifier to rule field of expression iterator, Pablo Neira Ayuso
- [PATCH] rule: Constify rule iterators, Carlos Falgueras García
- [PATCH 1/4, V3, libnftnl] rule: Implement internal expression iterator, Carlos Falgueras García
- [PATCH 3/4, V3, nft] Simplify parser rule_spec tree, Carlos Falgueras García
- [PATCH 2/4, V3, libnftnl] Implement rule comparison, Carlos Falgueras García
- [PATCH 4/4, V3, nft] Implement deleting rule by description, Carlos Falgueras García
- Re: [PATCH 1/4, V3, libnftnl] rule: Implement internal expression iterator, Pablo Neira Ayuso
- [PATCH nf-next v2] ipvs: use nf_ct_kill helper,
Florian Westphal
- [PATCH libmnl] callback: mark cb_ctl_array 'const' in mnl_cb_run2(),
Guillaume Nault
- [PATCH v2] netfilter: nf_conntrack_sip: CSeq 0 is a valid CSeq,
Christophe Leroy
- [PATCH nf-next] netfilter: use_nf_conn_expires helper in more places,
Florian Westphal
- [PATCH nf-next] ipvs: use nf_ct_kill helper,
Florian Westphal
- [PATCH iptables] xtables-compat: fix comments listing,
Pablo M. Bermudo Garay
- [PATCH 1100/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1120/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1129/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1118/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1123/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1119/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1121/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1128/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1122/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1125/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1117/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1116/1285] Replace numeric parameter like 0444 with macro,
Baole Ni
- [PATCH 1127/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1124/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1130/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1126/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [PATCH 1115/1285] Replace numeric parameter like 0444 with macro,
Baole Ni
- [PATCH 1099/1285] Replace numeric parameter like 0444 with macro, Baole Ni
- [stable, xtables] fix validation of jumps,
Florian Westphal
- [PATCH libnftnl] src: don't set data_len to zero when returning pointers, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_rbtree: ignore inactive matching element with no descendants,
Pablo Neira Ayuso
- [PATCH 3/3] netfilter: nat: don't assign a null snat rule to bridged traffic if no matching,
fxp2001640163
- [PATCH 2/3] netfilter: nat: snat created in route process just apply to routed traffic,
fxp2001640163
- [PATCH 1/3] netfilter: nat: update hash bucket if nat changed after ct confirmed,
fxp2001640163
- [PATCH nf-next] netfilter: nf_dup4: remove redundant checksum recalculation,
Liping Zhang
- [PATCH nf-next V2] netfilter: conntrack: simplify the code by using nf_conntrack_get_ht,
Liping Zhang
- [PATCH iptables] iptables-translate: add in/out ifname wildcard match translation to nft,
Liping Zhang
- [PATCH RESEND nf] netfilter: avoid a race between nf_register_hook() and cleanup_net(),
Michal Kubecek
- NFQUEUE panic bug,
Daniel Collins
- [PATCH v4] doc: Complete documentation of statements, Shivani Bhardwaj
- [PATCH libnftnl v2] expr: nth: match every n packets, Laura Garcia Liebana
- [PATCH v2] netfilter: nft_nth: match every n packets,
Laura Garcia Liebana
- Re: PROBLEM: TPROXY and DNAT broken (bisected to 079096f103fa),
Eric Dumazet
- [PATCH nft] parser: compact list of rhs keyword expressions,
Florian Westphal
- [PATCH nft] parser_bison: keep map flag around when flags are specified, Pablo Neira Ayuso
- [RFC nft] meta: deprecate unqualified meta statements,
Florian Westphal
- [nft PATCH 0/7] add payload set support for sub-byte sizes,
Florian Westphal
- [PATCH iptables 1/2] include: xtables: fix struct definitions grepability,
Pablo M. Bermudo Garay
- [PATCH libnftnl] expr: nth: match every n packets, Laura Garcia Liebana
- [PATCH] netfilter: nft_nth: match every n packets,
Laura Garcia Liebana
- [PATCH] manpages: do not adjust reject-with type footnote indentation,
Sami Kerola
- nft_rbtree_lookup: BUG: unable to handle kernel NULL pointer dereference,
Anders K. Pedersen
- [NetDev] [ANNOUNCE] Netdev 1.2 updates (Tokyo, Japan, October 5-7), Hajime Tazaki
- [PATCH nf-next] netfilter: physdev: add missed blank,
Hangbin Liu
- [PATCH] netfilter: nf_tables: s/MFT_REG32_01/NFT_REG32_01, Pablo Neira Ayuso
- [RFC] l2tp for nftables,
Pablo Neira Ayuso
- [PATCH nft] xt: use struct xt_xlate_{mt,tg}_params, Pablo Neira Ayuso
- [PATCH iptables] src: introduce struct xt_xlate_{mt,tg}_params, Pablo Neira Ayuso
- [ISSUE] nftables: !=range doesn't really work,
Xin Long
- [PATCH nf-next] netfilter: nf_ct_h323: do not re-activate already expired timer,
Liping Zhang
- [PATCH 1/1] netfilter: Only need first 4 bytes to get l4proto ports,
fgao
- [PATCH 00/25] Netfilter/IPVS updates for net-next,
Pablo Neira Ayuso
- [PATCH 01/25] ipvs: count pre-established TCP states as active, Pablo Neira Ayuso
- [PATCH 02/25] netfilter: conntrack: fix race between nf_conntrack proc read and hash resize, Pablo Neira Ayuso
- [PATCH 03/25] netfilter: cttimeout: unlink timeout obj again when hash resize happen, Pablo Neira Ayuso
- [PATCH 04/25] netfilter: nf_ct_helper: unlink helper again when hash resize happen, Pablo Neira Ayuso
- [PATCH 05/25] netfilter: conntrack: simplify early_drop, Pablo Neira Ayuso
- [PATCH 06/25] netfilter: move nat hlist_head to nf_conn, Pablo Neira Ayuso
- [PATCH 07/25] netfilter: nat: convert nat bysrc hash to rhashtable, Pablo Neira Ayuso
- [PATCH 08/25] netfilter: physdev: physdev-is-out should not work with OUTPUT chain, Pablo Neira Ayuso
- [PATCH 09/25] netfilter: nft_ct: make byte/packet expr more friendly, Pablo Neira Ayuso
- [PATCH 10/25] netfilter: constify arg to is_dying/confirmed, Pablo Neira Ayuso
- [PATCH 11/25] netfilter: nf_tables: get rid of possible_net_t from set and basechain, Pablo Neira Ayuso
- [PATCH 13/25] netfilter: conntrack: protect early_drop by rcu read lock, Pablo Neira Ayuso
- [PATCH 12/25] netfilter: nf_conntrack_h323: fix off-by-one in DecodeQ931, Pablo Neira Ayuso
- [PATCH 14/25] netfilter: x_tables: speed up jump target validation, Pablo Neira Ayuso
- [PATCH 15/25] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call, Pablo Neira Ayuso
- [PATCH 17/25] netfilter: nft_log: fix possible memory leak if log expr init fail, Pablo Neira Ayuso
- [PATCH 16/25] netfilter: Add helper array register/unregister functions, Pablo Neira Ayuso
- [PATCH 19/25] netfilter: nft_log: fix snaplen does not truncate packets, Pablo Neira Ayuso
- [PATCH 18/25] netfilter: nft_log: check the validity of log level, Pablo Neira Ayuso
- [PATCH 21/25] netfilter: conntrack: support a fixed size of 128 distinct labels, Pablo Neira Ayuso
- [PATCH 20/25] netfilter: nf_tables: allow to filter out rules by table and chain, Pablo Neira Ayuso
- [PATCH 23/25] netfilter: h323: Use mod_timer instead of set_expect_timeout, Pablo Neira Ayuso
- [PATCH 22/25] netfilter: connlabels: move set helper to xt_connlabel, Pablo Neira Ayuso
- [PATCH 24/25] netfilter: nft_compat: put back match/target module if init fail, Pablo Neira Ayuso
- [PATCH 25/25] netfilter: nft_compat: fix crash when related match/target module is removed, Pablo Neira Ayuso
- Re: [PATCH 00/25] Netfilter/IPVS updates for net-next, David Miller
- <Possible follow-ups>
- [PATCH 00/25] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 02/25] netfilter: conntrack: fix race between nf_conntrack proc read and hash resize, Pablo Neira Ayuso
- [PATCH 01/25] ipvs: count pre-established TCP states as active, Pablo Neira Ayuso
- [PATCH 03/25] netfilter: cttimeout: unlink timeout obj again when hash resize happen, Pablo Neira Ayuso
- [PATCH 04/25] netfilter: nf_ct_helper: unlink helper again when hash resize happen, Pablo Neira Ayuso
- [PATCH 07/25] netfilter: nat: convert nat bysrc hash to rhashtable, Pablo Neira Ayuso
- [PATCH 08/25] netfilter: physdev: physdev-is-out should not work with OUTPUT chain, Pablo Neira Ayuso
- [PATCH 11/25] netfilter: nf_tables: get rid of possible_net_t from set and basechain, Pablo Neira Ayuso
- [PATCH 16/25] netfilter: Add helper array register/unregister functions, Pablo Neira Ayuso
- [PATCH 18/25] netfilter: nft_log: check the validity of log level, Pablo Neira Ayuso
- [PATCH 24/25] netfilter: nft_compat: put back match/target module if init fail, Pablo Neira Ayuso
- [PATCH 25/25] netfilter: nft_compat: fix crash when related match/target module is removed, Pablo Neira Ayuso
- [PATCH 17/25] netfilter: nft_log: fix possible memory leak if log expr init fail, Pablo Neira Ayuso
- [PATCH 23/25] netfilter: h323: Use mod_timer instead of set_expect_timeout, Pablo Neira Ayuso
- [PATCH 22/25] netfilter: connlabels: move set helper to xt_connlabel, Pablo Neira Ayuso
- [PATCH 10/25] netfilter: constify arg to is_dying/confirmed, Pablo Neira Ayuso
- [PATCH 21/25] netfilter: conntrack: support a fixed size of 128 distinct labels, Pablo Neira Ayuso
- [PATCH 09/25] netfilter: nft_ct: make byte/packet expr more friendly, Pablo Neira Ayuso
- [PATCH 20/25] netfilter: nf_tables: allow to filter out rules by table and chain, Pablo Neira Ayuso
- [PATCH 19/25] netfilter: nft_log: fix snaplen does not truncate packets, Pablo Neira Ayuso
- [PATCH 06/25] netfilter: move nat hlist_head to nf_conn, Pablo Neira Ayuso
- [PATCH 15/25] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call, Pablo Neira Ayuso
- [PATCH 05/25] netfilter: conntrack: simplify early_drop, Pablo Neira Ayuso
- [PATCH 14/25] netfilter: x_tables: speed up jump target validation, Pablo Neira Ayuso
- [PATCH 12/25] netfilter: nf_conntrack_h323: fix off-by-one in DecodeQ931, Pablo Neira Ayuso
- [PATCH 13/25] netfilter: conntrack: protect early_drop by rcu read lock, Pablo Neira Ayuso
- [PATCH nf-next 1/2] netfilter: nft_compat: put back match/target module if init fail,
Liping Zhang
- [PATCH iptables] extensions: libxt_connlabel: add unit test,
Liping Zhang
- [PATCH 1/1] netfilter: tcp/udp: Only get 4 bytes to get tcp/udp ports,
fgao
- [PATCH iptables 1/2] xtables-translate: add new field to identify the caller,
Pablo M. Bermudo Garay
- [PATCH 1/1] netfilter: h323: Use mod_timer instead of set_expect_timeout,
fgao
- [PATCH libnftnl] expr: lookup: print flags only if they are available, Pablo Neira Ayuso
- [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct,
fgao
- netfilter: connlabels: get rid of variable-size support,
Florian Westphal
- [PATCH 1/1] netfilter: udp: Remove a bit misleading comment in udp_pkt_to_tuple,
fgao
- [PATCH 1/1] netfilter: udp: Only get 8 bytes header in udp_pkt_to_tuple to keep consistent with tcp_pkt_to_tuple and comments,
fgao
- [PATCH limnl] Fix test building on musl libc, Kylie McClain
- [PATCH] Fix test building on musl libc,
Kylie McClain
- [PATCH v2 iptables] connlabel: clarify default config path,
Florian Westphal
- [PATCH lnf_conntrack] conntrack: labels: add function to fetch default config file location,
Florian Westphal
- [PATCH nf-next,v2] netfilter: nf_tables: allow to filter out rules by table and chain, Pablo Neira Ayuso
- [PATCH libnftnl] examples: selective rule dumping,
jalvarez
- [PATCH iptables] extensions: libxt_NFLOG: add unit test to cover nflog-size with zero,
Liping Zhang
- [PATCH nft] ct: use nftables sysconf location for connlabel configuration,
Florian Westphal
- [PATCH iptables] connlabel: clarify default config path,
Florian Westphal
- [PATCH nf-next] netfilter: nf_tables: allow to filter out rules by table and chain,
Pablo Neira Ayuso
- [PATCH stable-4.1] netfilter: x_tables: fix stable backport,
Michal Kubecek
- [ANNOUNCE] Suspending Patrick McHardy as coreteam member, Pablo Neira Ayuso
- [PATCH iptables 1/2] extensions: libxt_NFLOG: display nflog-size even if it is zero,
Liping Zhang
- [PATCH nf-next 0/3] netfilter: fix some small bugs related to nft_log,
Liping Zhang
- [PATCH 1/1] netfilter: Add helper array register/unregister functions,
fgao
- Re: [PATCH 1/1] netfilter: Add helper array register/unregister functions, Liping Zhang
[PATCH iptables] extensions: libxt_connlabel: fix crash when connlabel.conf is empty,
Liping Zhang
[PATCH V2 iptables] extensions: libxt_connlabel: Add translation to nft,
Liping Zhang
[PATCH nf] netfilter: nft_ct: fix unpaired nf_connlabels_get/put call,
Liping Zhang
[PATCH iptables] extensions: libxt_connlabel: Add translation to nft,
Liping Zhang
[PATCH v3 nf] netfilter: x_tables: speed up jump target validation,
Florian Westphal
[PATCH 1/2 nft] parser_bison: fix typo in symbol redefinition error reporting,
Pablo Neira Ayuso
[PATCH v2 nf] netfilter: x_tables: speed up jump target validation,
Florian Westphal
[PATCH nft v5 1/3] include: cache ip_tables.h, ip6_tables.h, arp_tables.h and ebtables.h,
Pablo M. Bermudo Garay
[PATCH nf] netfilter: x_tables: speed up jump target validation,
Florian Westphal
[PATCH nf-next v2 0/3] Compact netfilter hooks list,
Aaron Conole
[PATCH nft 1/2] parser_bison: restore parsing of dynamic set element updates,
Pablo Neira Ayuso
iptables bypass via raw ethernet frames and other networking protocols, ivan . vettese
[PATCH nf-next 1/2] netfilter: conntrack: protect early_drop by rcu read lock,
Liping Zhang
[PATCH iptables] xtables-translate: fix multiple spaces issue,
Pablo M. Bermudo Garay
[PATCH nft v4 1/3] include: cache ip_tables.h, ip6_tables.h, arp_tables.h and ebtables.h,
Pablo M. Bermudo Garay
[PATCH 2/2] netfilter: add missing macro,
Eric Engestrom
[PATCH nf-next] netfilter: nf_tables: get rid of possible_net_t from set and basechain,
Pablo Neira Ayuso
[PATCH nf-next] netfilter: constify arg to is_dying/confirmed, Florian Westphal
[PATCH v2 2/2] libxt_hashlimit: Create revision 2 of xt_hashlimit to support higher pps rates, Vishwanath Pai
[PATCH v2 1/2] libxt_hashlimit: Prepare libxt_hashlimit.c for revision 2,
Vishwanath Pai
[PATCH v2 2/2] netfilter: Create revision 2 of xt_hashlimit to support higher pps rates, Vishwanath Pai
[PATCH v2 1/2] netfilter: Prepare xt_hashlimit.c for revision 2, Vishwanath Pai
[GIT PULL nf-next] IPVS Updates for v4.8,
Simon Horman
[GIT PULL nf] Second Round of IPVS Fixes for v4.7,
Simon Horman
[PATCH 00/26] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH 01/26] bridge: netfilter: checkpatch data type fixes, Pablo Neira Ayuso
- [PATCH 02/26] netfilter: helper: avoid extra expectation iterations on unregister, Pablo Neira Ayuso
- [PATCH 03/26] netfilter: x_tables: fix possible ZERO_SIZE_PTR pointer dereferencing error., Pablo Neira Ayuso
- [PATCH 05/26] netfilter: xt_TRACE: add explicitly nf_logger_find_get call, Pablo Neira Ayuso
- [PATCH 12/26] netfilter: xt_NFLOG: nflog-range does not truncate packets, Pablo Neira Ayuso
- [PATCH 18/26] netfilter: nft_hash: support deletion of inactive elements, Pablo Neira Ayuso
- [PATCH 19/26] netfilter: conntrack: allow increasing bucket size via sysctl too, Pablo Neira Ayuso
- [PATCH 25/26] netfilter: Convert FWINV<[foo]> macros and uses to NF_INVF, Pablo Neira Ayuso
- [PATCH 26/26] netfilter: nf_log: fix error on write NONE to logger choice sysctl, Pablo Neira Ayuso
- [PATCH 20/26] netfilter: nf_tables: get rid of NFT_BASECHAIN_DISABLED, Pablo Neira Ayuso
- [PATCH 24/26] netfilter: Remove references to obsolete CONFIG_IP_ROUTE_FWMARK, Pablo Neira Ayuso
- [PATCH 23/26] etherdevice.h & bridge: netfilter: Add and use ether_addr_equal_masked, Pablo Neira Ayuso
- [PATCH 21/26] netfilter: nf_tables: add support for inverted logic in nft_lookup, Pablo Neira Ayuso
- [PATCH 22/26] netfilter: x_tables: simplify ip{6}table_mangle_hook(), Pablo Neira Ayuso
- [PATCH 17/26] netfilter: nft_rbtree: check for next generation when deactivating elements, Pablo Neira Ayuso
- [PATCH 15/26] netfilter: nf_tables: add generation mask to chains, Pablo Neira Ayuso
- [PATCH 16/26] netfilter: nf_tables: add generation mask to sets, Pablo Neira Ayuso
- [PATCH 13/26] netfilter: nf_tables: add generic macros to check for generation mask, Pablo Neira Ayuso
- [PATCH 11/26] netfilter: nf_reject_ipv4: don't send tcp RST if the packet is non-TCP, Pablo Neira Ayuso
- [PATCH 14/26] netfilter: nf_tables: add generation mask to tables, Pablo Neira Ayuso
- [PATCH 10/26] netfilter: Allow xt_owner in any user namespace, Pablo Neira Ayuso
- [PATCH 09/26] netfilter: move zone info into struct nf_conn, Pablo Neira Ayuso
- [PATCH 07/26] netfilter: make comparision helpers stub functions in ZONES=n case, Pablo Neira Ayuso
- [PATCH 08/26] netfilter: nf_log: Remove NULL check, Pablo Neira Ayuso
- [PATCH 04/26] netfilter: nf_log: handle NFPROTO_INET properly in nf_logger_[find_get|put], Pablo Neira Ayuso
- [PATCH 06/26] netfilter: conntrack: align nf_conn on cacheline boundary, Pablo Neira Ayuso
- Re: [PATCH 00/26] Netfilter updates for net-next, David Miller
- <Possible follow-ups>
- [PATCH 00/26] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH 05/26] netfilter: ipset: Fix the last missing check of nla_parse_deprecated(), Pablo Neira Ayuso
- [PATCH 16/26] netfilter: synproxy: extract SYNPROXY infrastructure from {ipt, ip6t}_SYNPROXY, Pablo Neira Ayuso
- [PATCH 24/26] netfilter: bridge: Fix non-untagged fragment packet, Pablo Neira Ayuso
- [PATCH 26/26] netfilter: nf_tables: add support for matching IPv4 options, Pablo Neira Ayuso
- [PATCH 22/26] netfilter: bridge: prevent UAF in brnf_exit_net(), Pablo Neira Ayuso
- [PATCH 23/26] netfilter: fix nf_conntrack_bridge/ipv6 link error, Pablo Neira Ayuso
- [PATCH 25/26] netfilter: synproxy: fix manual bump of the reference counter, Pablo Neira Ayuso
- [PATCH 17/26] netfilter: synproxy: ensure zero is returned on non-error return path, Pablo Neira Ayuso
- [PATCH 21/26] netfilter: synproxy: use nf_cookie_v6_check() from core, Pablo Neira Ayuso
- [PATCH 19/26] netfilter: nf_tables: enable set expiration time for set elements, Pablo Neira Ayuso
- [PATCH 13/26] netfilter: bridge: namespace bridge netfilter sysctls, Pablo Neira Ayuso
- [PATCH 18/26] netfilter: nft_ct: fix null pointer in ct expectations support, Pablo Neira Ayuso
- [PATCH 20/26] netfilter: synproxy: fix building syncookie calls, Pablo Neira Ayuso
- [PATCH 08/26] Update my email address, Pablo Neira Ayuso
- [PATCH 09/26] netfilter: nft_ct: add ct expectations support, Pablo Neira Ayuso
- [PATCH 10/26] netfilter: conntrack: small conntrack lookup optimization, Pablo Neira Ayuso
- [PATCH 15/26] netfilter: synproxy: remove module dependency on IPv6 SYNPROXY, Pablo Neira Ayuso
- [PATCH 14/26] netfilter: synproxy: add common uapi for SYNPROXY infrastructure, Pablo Neira Ayuso
- [PATCH 12/26] netfilter: bridge: port sysctls to use brnf_net, Pablo Neira Ayuso
- [PATCH 11/26] netfilter: xt_owner: bail out with EINVAL in case of unsupported flags, Pablo Neira Ayuso
- [PATCH 07/26] ipset: Fix memory accounting for hash types on resize, Pablo Neira Ayuso
- [PATCH 04/26] netfilter: ipset: fix a missing check of nla_parse, Pablo Neira Ayuso
- [PATCH 02/26] netfilter: ipset: remove useless memset() calls, Pablo Neira Ayuso
- [PATCH 06/26] netfilter: ipset: Fix error path in set_target_v3_checkentry(), Pablo Neira Ayuso
- [PATCH 03/26] netfilter: ipset: merge uadd and udel functions, Pablo Neira Ayuso
- [PATCH 01/26] netfilter: ipv6: Fix undefined symbol nf_ct_frag6_gather, Pablo Neira Ayuso
- Re: [PATCH 00/26] Netfilter updates for net-next, David Miller
[PATCH nf] netfilter: nft_ct: fix expiration getter,
Florian Westphal
[ANNOUNCE] Netdev 1.2 Registration open, Hajime Tazaki
DoS attack mitigation in netfilter,
Vikas
[RFC 0/7] netlink: Add allocation flag to netlink_unicast(),
Masashi Honma
Re: [RFC 0/7] netlink: Add allocation flag to netlink_unicast(), Masashi Honma
[PATCH nf-next] netfilter: nft_ct: make byte/packet expr more friendly,
Liping Zhang
[PATCH] netfilter: physdev: physdev-is-out should not work with OUTPUT chain,
Hangbin Liu
Re: Multi-thread udp 4.7 regression, bisected to 71d8c47fc653,
Pablo Neira Ayuso
[PATCH nf-next 0/2] netfilter: nat: simplify & convert bysrc hash to rhashtable,
Florian Westphal
[PATCH nft 1/3] meta: add random and probability match,
Florian Westphal
libxtables backward compatibility,
Neal P. Murphy
[PATCH] fix off-by-one in DecodeQ931,
Toby DiPasquale
[PATCH -next] netfilter: conntrack: simplify early_drop,
Florian Westphal
[PATCH libnetfilter_queue] src: check result of malloc when creating queue,
lists
[PATCH V2,nf 0/3] netfilter: conntrack: fix race condition associated with hash resize,
Liping Zhang
[PATCH 1/1 rev. 1] nft: configure.ac: Replace magic dblatex dep.,
Nicholas Vinson
Re: nftables: Dynamically updating sets gives syntax error,
Anders K. Pedersen
[PATCH nf 0/3] netfilter: conntrack: fix race condition associated with hash resize,
Liping Zhang
[ANNOUNCE] libmnl 1.0.4 release, Pablo Neira Ayuso
[PATCH libmnl] src: cleanup function definitions, Pablo Neira Ayuso
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
