Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: [PATCH bpf-next] net: netfilter: Make ct zone id configurable for bpf ct helper functions, (continued)
- (re-send): Convert libnetfilter_queue to not need libnfnetlink],
Duncan Roe
- [PATCH v2 0/4] sysctl: Remove sentinel elements from networking,
Joel Granados via B4 Relay
- Convert libnetfilter_queue to not need libnfnetlink, Duncan Roe
- [nft PATCH v2 0/2] Add support for table's persist flag,
Phil Sutter
- [PATCH v2 net] inet: inet_defrag: prevent sk release while still in use,
Florian Westphal
- [PATCH] samples/landlock: Fix incorrect free in populate_ruleset_net,
Ivanov Mikhail
- [PATCH v1 nf] netfilter: arptables: Select NETFILTER_FAMILY_ARP when building arp_tables.c,
Kuniyuki Iwashima
- [PATCH net-next v2] netfilter: use NF_DROP instead of -NF_DROP,
Jason Xing
- [PATCH net-next 0/3] netfilter: use NF_DROP instead of -NF_DROP,
Jason Xing
- [PATCH RESEND net-next] netfilter: conntrack: dccp: try not to drop skb in conntrack, Jason Xing
- [PATCH nftables] evaluate: add support for variables in map expressions,
Jeremy Sowden
- Re: [PATCH 1/3] leds: trigger: legtrig-bpf: Add ledtrig-bpf module,
Alexei Starovoitov
- nftables documentation improvement?,
Harald Welte
- [PATCH iptables] libxtables: Fix xtables_ipaddr_to_numeric calls with xtables_ipmask_to_numeric,
Vitaly Chikunov
- [nft PATCH] tests: shell: Avoid escape chars when printing to non-terminals,
Phil Sutter
- [nft PATCH v2 0/5] json: Accept more than two operands in binary expressions,
Phil Sutter
- [nft PATCH 0/2] Add support for table's persist flag,
Phil Sutter
- [PATCH nft] datatype: leave DTYPE_F_PREFIX only for IP address datatype, Pablo Neira Ayuso
- [PATCH net 0/3,v2] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH nf 1/3] netfilter: nf_tables: reject destroy command to remove basechain hooks,
Pablo Neira Ayuso
- [nft PATCH] doc: libnftables-json: Drop invalid ops from match expression,
Phil Sutter
- [nft PATCH] json: Accept more than two operands in binary expressions,
Phil Sutter
- [nft PATCH] tests: shell: Fix one json-nft dump for reordered output,
Phil Sutter
- xtables-addons RAWDNAT bug,
Sagatov, Evgeniy
- [PATCH nf 1/2] netfilter: flowtable: infer TCP state and timeout before flow teardown,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_set_pipapo: release elements in clone only from destroy path, Pablo Neira Ayuso
- [PATCH nft] tests: shell: update packetpath/flowtables after flow teardown changes, Pablo Neira Ayuso
- [PATCH nft] netlink_delinearize: reverse cross-day meta hour range,
Pablo Neira Ayuso
- [PATCH nft] evaluate: display "Range negative size" error,
Pablo Neira Ayuso
- [libnftnl PATCH 00/17] obj: Introduce attribute policies,
Phil Sutter
- [libnftnl PATCH 06/17] table: Validate NFTNL_TABLE_OWNER, too, Phil Sutter
- [libnftnl PATCH 05/17] set: Validate NFTNL_SET_ID, too, Phil Sutter
- [libnftnl PATCH 07/17] obj: Do not call nftnl_obj_set_data() with zero data_len, Phil Sutter
- [libnftnl PATCH 11/17] obj: Repurpose struct obj_ops::max_attr field, Phil Sutter
- [libnftnl PATCH 15/17] utils: Introduce and use nftnl_set_str_attr(), Phil Sutter
- [libnftnl PATCH 13/17] obj: Introduce struct obj_ops::attr_policy, Phil Sutter
- [libnftnl PATCH 02/17] table: Validate NFTNL_TABLE_USE, too, Phil Sutter
- [libnftnl PATCH 17/17] expr: Respect data_len when setting attributes, Phil Sutter
- [libnftnl PATCH 10/17] obj: Return value on setters, Phil Sutter
- [libnftnl PATCH 08/17] obj: synproxy: Use memcpy() to handle potentially unaligned data, Phil Sutter
- [libnftnl PATCH 16/17] obj: Respect data_len when setting attributes, Phil Sutter
- [libnftnl PATCH 01/17] chain: Validate NFTNL_CHAIN_USE, too, Phil Sutter
- [libnftnl PATCH 09/17] utils: Fix for wrong variable use in nftnl_assert_validate(), Phil Sutter
- [libnftnl PATCH 14/17] obj: Enforce attr_policy compliance in nftnl_obj_set_data(), Phil Sutter
- [libnftnl PATCH 04/17] obj: Validate NFTNL_OBJ_TYPE, too, Phil Sutter
- [libnftnl PATCH 12/17] obj: Call obj_ops::set with legal attributes only, Phil Sutter
- [libnftnl PATCH 03/17] flowtable: Validate NFTNL_FLOWTABLE_SIZE, too, Phil Sutter
- Re: [libnftnl PATCH 00/17] obj: Introduce attribute policies, Phil Sutter
- [PATCH net] inet: inet_defrag: prevent sk release while still in use,
Florian Westphal
- [PATCH net] MAINTAINERS: step down as netfilter maintainer,
Florian Westphal
- [PATCH nft] netlink_delinearize: restore binop syntax when listing ruleset for flags,
Pablo Neira Ayuso
- [PATCH nf 2/2] netfilter: flowtable: use UDP timeout after flow teardown, Pablo Neira Ayuso
- [BUG] kernel warning from br_nf_local_in+0x157/0x180,
Jianbo Liu
- [PATCH nf] netfilter: flowtable: infer TCP state and timeout before flow teardown,
Pablo Neira Ayuso
- [PATCH 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers,
Thomas Weißschuh
- [PATCH 01/11] stackleak: don't modify ctl_table argument, Thomas Weißschuh
- [PATCH 02/11] cgroup: bpf: constify ctl_table arguments and fields, Thomas Weißschuh
- [PATCH 03/11] hugetlb: constify ctl_table arguments of utility functions, Thomas Weißschuh
- [PATCH 04/11] utsname: constify ctl_table arguments of utility function, Thomas Weißschuh
- [PATCH 05/11] neighbour: constify ctl_table arguments of utility function, Thomas Weißschuh
- [PATCH 06/11] ipv4/sysctl: constify ctl_table arguments of utility functions, Thomas Weißschuh
- [PATCH 11/11] sysctl: treewide: constify the ctl_table argument of handlers, Thomas Weißschuh
- [PATCH 07/11] ipv6/addrconf: constify ctl_table arguments of utility functions, Thomas Weißschuh
- [PATCH 10/11] sysctl: constify ctl_table arguments of utility function, Thomas Weißschuh
- [PATCH 09/11] ipvs: constify ctl_table arguments of utility functions, Thomas Weißschuh
- [PATCH 08/11] ipv6/ndisc: constify ctl_table arguments of utility function, Thomas Weißschuh
- [PATCH nf] netfilter: nf_tables: do not reject dormant flag update for table with owner,
Quan Tian
- [PATCH nf] netfilter: nf_tables: do not compare internal table flags on updates,
Pablo Neira Ayuso
- [PATCH 0/4] sysctl: Remove sentinel elements from networking,
Joel Granados via B4 Relay
- [PATCH nft] tests: py: remove meter tests,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: fix consistent table updates being rejected, Quan Tian
- [PATCH nft] tests/py: remove flow table json test cases,
Florian Westphal
- [PATCH] iptables: Fixed the issue with combining the payload in case of invert filter for tcp src and dst ports,
Sriram Rajagopalan
- [PATCH] nftables: Fixed the issue with merging the payload in case of invert filter for tcp src and dst ports,
Sriram Rajagopalan
- Flowtable race condition error,
Sven Auhagen
- [PATCH v3 nf-next 1/2] netfilter: nf_tables: use struct nlattr * to store userdata for nft_table,
Quan Tian
- [PATCH nf-next v2] netfilter: conntrack: avoid sending RST to reply out-of-window skb,
Jason Xing
- [PATCH nf] netfilter: nf_tables: fix updating/deleting devices in an existing netdev chain,
Pablo Neira Ayuso
- [PATCH v2 nf-next 1/2] netfilter: nf_tables: use struct nlattr * to store userdata for nft_table,
Quan Tian
- [PATCH nf-next] netfilter: nf_tables: support updating userdata for nft_table,
Quan Tian
- [nft PATCH 0/7] A bunch of JSON printer/parser fixes,
Phil Sutter
- [PATCH arptables] Fix a couple of spelling errors,
Jeremy Sowden
- [PATCH v2 xtables] extensions: xt_TPROXY: add txlate support,
Florian Westphal
- [PATCH net-next] netfilter: conntrack: dccp: try not to drop skb in conntrack,
Jason Xing
- iptables-nft: Wrong payload merge of rule filter - "! --sport xx ! --dport xx",
Sriram Rajagopalan
- [RFC nftables PATCH]: fix a2x: ERROR: missing --destination-dir: ./doc,
Neels Hofmeyr
- [PATCH] ipvs: allow netlink configuration from non-initial user namespace,
Michael Weiß
- [PATCH xtables] extensions: xt_TPROXY: add txlate support,
Florian Westphal
- [PATCH nft 0/5] parser_json: fix up transaction ordering,
Florian Westphal
- [PATCH net-next] netfilter: conntrack: avoid sending RST to reply out-of-window skb,
Jason Xing
- [PATCH nf-next 0/9] netfilter: nf_tables: rewrite gc again,
Florian Westphal
- [PATCH nf] netfilter: nf_tables: skip netdev hook unregistration if table is dormant,
Pablo Neira Ayuso
- [PATCH nft,v2] evaluate: translate meter into dynamic set, Pablo Neira Ayuso
- [PATCH nft] evaluate: translate meter into dynamic set, Pablo Neira Ayuso
- [PATCH net] netfilter: nf_tables: Fix a memory leak in nf_tables_updchain, Quan Tian
- Issues with netdev egress hooks,
Daniel Mack
- [PATCH net] netfilter: conntrack: fix ct-state for ICMPv6 Multicast Router Discovery,
Linus Lüssing
- [syzbot] [netfilter?] KASAN: slab-use-after-free Read in ip_skb_dst_mtu, syzbot
- [PATCH xtables-nft v2] extensions: xt_socket: add txlate support for socket match,
Florian Westphal
- [PATCH xtables-nft] extensions: xt_socket: add txlate support for sk match v3, Florian Westphal
- [iptables PATCH 1/2] xlate: Improve redundant l4proto match avoidance,
Phil Sutter
- [PATCH net v3] netfilter: Add protection for bmp length out of range,
Lena Wang (王娜)
- [PATCH nf-next] netfilter: nf_tables: remove NETDEV_CHANGENAME from netdev chain event handler, Pablo Neira Ayuso
- [PATCH nf-next] netfilter: nf_tables: skip transaction if update object is not implemented, Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_tables: mark set as dead when deactivating anonymous set with timeout, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: mark set as dead when deactivating anonymous set,
Pablo Neira Ayuso
- [PATCH conntrack-tools v2 0/3] fix potential memory loss and exit codes,
Donald Yandt
- [PATCH conntrack-tools 0/3] fix potential memory loss and exit codes,
Donald Yandt
- [PATCH net v2] netfilter: Add protection for bmp length out of range,
Lena Wang (王娜)
- [PATCH nft 0/3] parser: allow to define maps that contain ct objects,
Florian Westphal
- [PATCH nf v2] netfilter: nft_ct: fix l3num expectations with inet pseudo family, Florian Westphal
- [PATCH nf] netfilter: nft_ct: fix l3num expectations with inet pseudo family, Florian Westphal
- [PATCH nf,v2 1/2] netfilter: nf_tables: disallow anonymous set with timeout flag,
Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nf_tables: disallow anonymous set with NFT_SET_{TIMEOUT,EVAL} flags,
Pablo Neira Ayuso
- [iptables PATCH] xtables-translate: Leverage stored protocol names,
Phil Sutter
- [PATCH nft] rule: fix ASAN errors in priority to string conversion, Pablo Neira Ayuso
- [PATCH nft 0/3] nftables: add typeof support for objref maps,
Florian Westphal
- [iptables PATCH] nft: Fix for broken recover_rule_compat(),
Phil Sutter
- [PATCH v2 nf] netfilter: bridge: confirm multicast packets before passing them up the stack, Florian Westphal
- [PATCH nft] parser: compact type/typeof set rules, Florian Westphal
- [PATCH nft] parser: compact interval typeof rules, Florian Westphal
- Ulogd2 Mysql KO,
Yves Metivier
- [PATCH libnftnl 1/3] expr: immediate: check for chain attribute to release chain name,
Pablo Neira Ayuso
- [PATCH 0/2] netfilter: bridge_netfilter:,
Florian Westphal
- [PATCH nft] parser_json: allow 0 offsets again, Florian Westphal
- [PATCH net] netlink: validate length of NLA_{BE16,BE32} types,
Pablo Neira Ayuso
- [PATCH] netfilter: xtables: fix IP6_NF_IPTABLES_LEGACY typo,
Arnd Bergmann
- [PATCH v3] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate(),
Ignat Korchagin
- [PATCH nf] netfilter: nf_tables: use kzalloc for hook allocation, Florian Westphal
- [PATCH nf] netfilter: nf_tables: register hooks last when adding new chain/flowtable, Pablo Neira Ayuso
- [PATCH nf 1/2] netfilter: nft_flow_offload: reset dst in route object after setting up flow,
Pablo Neira Ayuso
- [nft PATCH] src: improve error reporting for destroy command, 谢致邦 (XIE Zhibang)
- [PATCH net-next 00/12] netfilter updates for net-next,
Florian Westphal
- [PATCH net-next 02/12] netfilter: nf_log: consolidate check for NULL logger in lookup function, Florian Westphal
- [PATCH net-next 01/12] netfilter: expect: Simplify the allocation of slab caches in nf_conntrack_expect_init, Florian Westphal
- [PATCH net-next 03/12] netfilter: nf_log: validate nf_logger_find_get(), Florian Westphal
- [PATCH net-next 06/12] netfilter: nft_set_pipapo: constify lookup fn args where possible, Florian Westphal
- [PATCH net-next 04/12] netfilter: nft_osf: simplify init path, Florian Westphal
- [PATCH net-next 07/12] netfilter: nft_set_pipapo: do not rely on ZERO_SIZE_PTR, Florian Westphal
- [PATCH net-next 08/12] netfilter: nft_set_pipapo: shrink data structures, Florian Westphal
- [PATCH net-next 09/12] netfilter: nft_set_pipapo: speed up bulk element insertions, Florian Westphal
- [PATCH net-next 05/12] netfilter: xtables: fix up kconfig dependencies, Florian Westphal
- [PATCH net-next 10/12] netfilter: nft_set_pipapo: use GFP_KERNEL for insertions, Florian Westphal
- [PATCH net-next 11/12] netfilter: move nf_reinject into nfnetlink_queue modules, Florian Westphal
- [PATCH net-next 12/12] netfilter: x_tables: Use unsafe_memcpy() for 0-sized destination, Florian Westphal
- [PATCH v2] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate(),
Ignat Korchagin
- [syzbot] [netfilter?] KMSAN: uninit-value in __nla_validate_parse (3),
syzbot
- Re: [RFC] nftables 0.9.8 -stable backports,
Pablo Neira Ayuso
- [PATCH libnftnl] obj: ct_timeout: setter checks for timeout array boundaries, Pablo Neira Ayuso
- [PATCH] Add protection for bmp length out of range,
Lena Wang (王娜)
- CFS for Netdev Conf 0x18 open!, Jamal Hadi Salim
- [PATCH nf] netfilter: nf_tables: set dormant flag on hook register failure, Florian Westphal
- [linux-next:master] BUILD REGRESSION d37e1e4c52bc60578969f391fb81f947c3e83118, kernel test robot
- [PATCH] netfilter: x_tables: Use unsafe_memcpy() for 0-sized destination,
Kees Cook
- [PATCH nf-next] netfilter: nft_set_pipapo: use GFP_KERNEL for insertions, Florian Westphal
- [PATCH net] netfilter: nf_tables: fix bidirectional offload regression,
Felix Fietkau
- [PATCH nf-next] netfilter: move nf_reinject into nfnetlink_queue modules, Florian Westphal
- [PATCH nf-next] netfilter: nft_byteorder: remove multi-register support, Florian Westphal
- [PATCH libnetfilter_queue 0/1] Convert libnetfilter_queue to use entirely libmnl functions,
Duncan Roe
- [PATCH libnetfilter_queue 1/1] Convert libnetfilter_queue to use entirely libmnl functions, Duncan Roe
- Re: [PATCH libnetfilter_queue 1/1] Convert libnetfilter_queue to use entirely libmnl functions, Pablo Neira Ayuso
- Re: [PATCH libnetfilter_queue 1/1] Convert libnetfilter_queue to use entirely libmnl functions, Duncan Roe
- [PATCH libnetfilter_queue 00/32] Convert libnetfilter_queue to not need libnfnetlink, Duncan Roe
- [PATCH libnetfilter_queue 01/32] src: Convert nfq_open() to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 02/32] src: Convert nfq_open_nfnl() to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 04/32] src: Convert nfq_create_queue(), nfq_bind_pf() & nfq_unbind_pf() to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 03/32] src: Convert nfq_close() to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 05/32] src: Convert nfq_set_queue_flags() & nfq_set_queue_maxlen() to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 06/32] src: Convert nfq_handle_packet(), nfq_get_secctx(), nfq_get_payload() and all the nfq_get_ functions to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 08/32] src: Incorporate nfnl_rcvbufsiz() in libnetfilter_queue, Duncan Roe
- [PATCH libnetfilter_queue 07/32] src: Convert nfq_set_verdict() and nfq_set_verdict2() to use libmnl if there is no data, Duncan Roe
- [PATCH libnetfilter_queue 09/32] src: Convert nfq_fd() to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 10/32] src: Convert remaining nfq_* functions to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 11/32] src: Fix checkpatch whitespace and block comment warnings, Duncan Roe
- [PATCH libnetfilter_queue 12/32] src: Copy nlif-related code from libnfnetlink, Duncan Roe
- [PATCH libnetfilter_queue 13/32] include: Cherry-pick macros and functions that nlif will need, Duncan Roe
- [PATCH libnetfilter_queue 14/32] doc: Add linux_list.h to the doxygen system, Duncan Roe
- [PATCH libnetfilter_queue 16/32] doc: Eliminate doxygen warnings from iftable.c, Duncan Roe
- [PATCH libnetfilter_queue 15/32] doc: Eliminate doxygen warnings from linux_list.h, Duncan Roe
- [PATCH libnetfilter_queue 17/32] whitespace: remove trailing spaces from iftable.c, Duncan Roe
- [PATCH libnetfilter_queue 19/32] src: Convert all nlif_* functions to use libmnl, Duncan Roe
- [PATCH libnetfilter_queue 18/32] include: Use libmnl.h instead of libnfnetlink.h, Duncan Roe
- [PATCH libnetfilter_queue 20/32] src: Delete rtnl.c, Duncan Roe
- [PATCH libnetfilter_queue 21/32] build: Remove libnfnetlink from the build, Duncan Roe
- [PATCH libnetfilter_queue 22/32] include: Remove the last remaining use of a libnfnetlink header, Duncan Roe
- [PATCH libnetfilter_queue 23/32] doc: Get doxygen to document useful static inline functions, Duncan Roe
- [PATCH libnetfilter_queue 24/32] doc: SYNOPSIS of linux_list.h nominates libnetfilter_queue/libnetfilter_queue.h, Duncan Roe
- [PATCH libnetfilter_queue 25/32] doc: Move nlif usage description from libnetfilter_queue.c to iftable.c, Duncan Roe
- [PATCH libnetfilter_queue 26/32] build: Shave some time off build, Duncan Roe
- [PATCH libnetfilter_queue 28/32] build: Get real & user times back to what they were, Duncan Roe
- [PATCH libnetfilter_queue 27/32] doc: Resolve most issues with man page generated from linux_list.h, Duncan Roe
- [PATCH libnetfilter_queue 30/32] doc: Fix list_empty() doxygen comments, Duncan Roe
- [PATCH libnetfilter_queue 29/32] doc: Cater for doxygen variants w.r.t. #define stmts, Duncan Roe
- [PATCH libnetfilter_queue 31/32] src: Use a cast in place of convoluted construct, Duncan Roe
- [PATCH libnetfilter_queue 32/32] whitespace: Fix more checkpatch errors & warnings, Duncan Roe
- [syzbot] [netfilter?] WARNING: ODEBUG bug in ip_set_free,
syzbot
- [PATCH nft] expression: missing line in describe command with invalid expression, Pablo Neira Ayuso
- [PATCH v2 nf-next 0/4] netfilter: nft_set_pipapo: speed up bulk element insertions,
Florian Westphal
- [ANNOUNCE] ipset 7.21 released, Jozsef Kadlecsik
- [PATCH nf-next 0/4] netfilter: nft_set_pipapo: speed up bulk element insertions,
Florian Westphal
- [PATCH] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate(),
Ignat Korchagin
- [PATCH 1/1] tests: use common shebang in "packetpath/flowtables" test,
Thomas Haller
- [PATCH 1/1] tests/shell: no longer support unprettified ".json-nft" files,
Thomas Haller
- [syzbot] Monthly netfilter report (Feb 2024), syzbot
- [netfilter-nf:testing 5/13] net/netfilter/ipset/ip_set_hash_gen.h:435:19: sparse: sparse: incorrect type in assignment (different address spaces), kernel test robot
- [PATCH v3] netfilter: nat: restore default DNAT behavior, Kyle Swenson
- [netfilter-nf:testing 8/13] net/netfilter/nft_set_pipapo.c:518: warning: Function parameter or struct member 'tstamp' not described in 'pipapo_get', kernel test robot
- [nft PATCH] cache: Always set NFT_CACHE_TERSE for list cmd with --terse,
Phil Sutter
- [PATCH,v2 nft 1/2] evaluate: skip byteorder conversion for selector smaller than 2 bytes,
Pablo Neira Ayuso
- [nft PATCH] cache: Reduce caching when terse listing a table, Phil Sutter
- [PATCH nft] evaluate: skip byteorder conversion for selector smaller than 2 bytes, Pablo Neira Ayuso
- [PATCH net 00/13] Netfilter fixes for net,
Pablo Neira Ayuso
- [PATCH net 01/13] netfilter: nft_compat: narrow down revision to unsigned 8-bits, Pablo Neira Ayuso
- [PATCH net 02/13] netfilter: nft_compat: reject unused compat flag, Pablo Neira Ayuso
- [PATCH net 04/13] netfilter: nft_set_pipapo: remove static in nft_pipapo_get(), Pablo Neira Ayuso
- [PATCH net 03/13] netfilter: nft_compat: restrict match/target protocol to u16, Pablo Neira Ayuso
- [PATCH net 05/13] netfilter: ipset: Missing gc cancellations fixed, Pablo Neira Ayuso
- [PATCH net 07/13] netfilter: nft_ct: reject direction for ct id, Pablo Neira Ayuso
- [PATCH net 06/13] netfilter: ctnetlink: fix filtering for zone 0, Pablo Neira Ayuso
- [PATCH net 08/13] netfilter: nf_tables: use timestamp to check for set element timeout, Pablo Neira Ayuso
- [PATCH net 10/13] netfilter: nft_set_rbtree: skip end interval element from gc, Pablo Neira Ayuso
- [PATCH net 09/13] netfilter: nfnetlink_queue: un-break NF_REPEAT, Pablo Neira Ayuso
- [PATCH net 12/13] netfilter: nft_set_pipapo: add helper to release pcpu scratch area, Pablo Neira Ayuso
- [PATCH net 11/13] netfilter: nft_set_pipapo: store index in scratch maps, Pablo Neira Ayuso
- [PATCH net 13/13] netfilter: nft_set_pipapo: remove scratch_aligned pointer, Pablo Neira Ayuso
- [PATCH AUTOSEL 5.4 6/7] netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new, Sasha Levin
- [PATCH AUTOSEL 5.10 09/16] netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new, Sasha Levin
- [PATCH AUTOSEL 5.15 12/23] netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new, Sasha Levin
- [PATCH AUTOSEL 6.1 15/29] netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new, Sasha Levin
- [PATCH AUTOSEL 6.6 21/38] netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new, Sasha Levin
- [PATCH AUTOSEL 6.7 23/44] netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new, Sasha Levin
- [PATCH nf v2 0/3] netfilter: nft_set_pipapo: nft_set_pipapo: map_index must be per set,
Florian Westphal
- [nft PATCH] cache: Optimize caching for 'list tables' command,
Phil Sutter
- [nft PATCH v3] evaluate: fix check for unknown in cmd_op_to_name,
谢致邦 (XIE Zhibang)
- [PATCH conntrack] conntrack: don't print [USERSPACE] information in case of XML output,
Ignacy Gawędzki
- [nft PATCH v2] evaluate: fix check for unknown in cmd_op_to_name,
谢致邦 (XIE Zhibang)
- [PATCH nf] netfilter: nf_tables: use timestamp to check for set element timeout, Pablo Neira Ayuso
- 0x18: Dates And Location for upcoming conference, Jamal Hadi Salim
- [PATCH] Makefile.am: don't silence -Wimplicit-function-declaration,
Sam James
- [PATCH nf] netfilter: nfnetlink_queue: un-break NF_REPEAT, Florian Westphal
- [PATCH nf-next] netfilter: xtables: fix up kconfig dependencies,
Florian Westphal
- [PATCH nf 0/3] netfilter: nft_set_pipapo: map_index must be per set,
Florian Westphal
- [PATCH] evaluate: fix check for unknown in cmd_op_to_name, 谢致邦 (XIE Zhibang)
- [syzbot] [netfilter?] WARNING: suspicious RCU usage in hash_netportnet6_destroy,
syzbot
- [PATCH] ipvs: generic netlink multicast event group,
Terin Stock
- [PATCH nf] netfilter: nft_ct: reject direction for ct id, Pablo Neira Ayuso
- [PATCH net] net: ctnetlink: fix filtering for zone 0, Felix Huettner
- [PATCH v4.19.y] netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval(),
Ajay Kaher
- iptables: considers incomplete rule in -C and finds an erroneous match,
Roman Mamedov
- [PATCH 1/1] netfilter: ipset: Missing gc cancellations fixed,
Jozsef Kadlecsik
- [iptables PATCH 00/12] Range value related fixes/improvements,
Phil Sutter
- [iptables PATCH 11/12] extensions: tcp/udp: Save/xlate inverted full ranges, Phil Sutter
- [iptables PATCH 09/12] extensions: ipcomp: Save inverted full ranges, Phil Sutter
- [iptables PATCH 12/12] libxtables: xtoptions: Respect min/max values when completing ranges, Phil Sutter
- [iptables PATCH 06/12] extensions: mh: Save/xlate inverted full ranges, Phil Sutter
- [iptables PATCH 07/12] extensions: rt: Save/xlate inverted full ranges, Phil Sutter
- [iptables PATCH 01/12] extensions: *.t/*.txlate: Test range corner-cases, Phil Sutter
- [iptables PATCH 03/12] libxtables: Reject negative port ranges, Phil Sutter
- [iptables PATCH 05/12] extensions: frag: Save/xlate inverted full ranges, Phil Sutter
- [iptables PATCH 04/12] extensions: ah: Save/xlate inverted full ranges, Phil Sutter
- [iptables PATCH 10/12] nft: Do not omit full ranges if inverted, Phil Sutter
- [iptables PATCH 02/12] libxtables: xtoptions: Assert ranges are monotonic increasing, Phil Sutter
- [iptables PATCH 08/12] extensions: esp: Save/xlate inverted full ranges, Phil Sutter
- Re: [iptables PATCH 00/12] Range value related fixes/improvements, Phil Sutter
- [syzbot] [netfilter?] WARNING: ODEBUG bug in hash_netiface4_destroy,
syzbot
- [PATCH nf] netfilter: nft_compat: reject unused compat flag, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_compat: restrict match/target protocol to u16, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_compat: narrow down revision to unsigned 8-bits, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_byteorder: length must be multiple of size, Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_set_pipapo: remove static in nft_pipapo_get(), Pablo Neira Ayuso
- [PATCH v5.10.y] netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval(), Ajay Kaher
- [iptables PATCH 0/7] A number of ASAN-identified fixes,
Phil Sutter
- [nft PATCH] json: Support sets' auto-merge option,
Phil Sutter
- [ANNOUNCE] ipset 7.20 released, Jozsef Kadlecsik
- Re: linux-next: Tree for Jan 30 (netfilter, xtables),
Randy Dunlap
- [PATCH nf,v2] netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations, Pablo Neira Ayuso
- [RFC PATCH v2 0/1] netfilter: nat: restore default DNAT behavior,
Kyle Swenson
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
