Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH 0/2] Add support for ttl translation, (continued)
[nft PATCH 1/4] rule: don't list anonymous sets, Arturo Borrero Gonzalez
- [nft PATCH 2/4] rule: when listing all sets, don't print empty tables, Arturo Borrero Gonzalez
  - Re: [nft PATCH 2/4] rule: when listing all sets, don't print empty tables, Pablo Neira Ayuso
  - Re: [nft PATCH 2/4] rule: when listing all sets, don't print empty tables, Pablo Neira Ayuso
    - Re: [nft PATCH 2/4] rule: when listing all sets, don't print empty tables, Pablo Neira Ayuso
      - Re: [nft PATCH 2/4] rule: when listing all sets, don't print empty tables, Arturo Borrero Gonzalez
- [nft PATCH 3/4] rule: delete extra space in sets printing, Arturo Borrero Gonzalez
  - Re: [nft PATCH 3/4] rule: delete extra space in sets printing, Pablo Neira Ayuso
    - Re: [nft PATCH 3/4] rule: delete extra space in sets printing, Arturo Borrero Gonzalez
- [nft PATCH 4/4] tests/operations: add some listing tests, Arturo Borrero Gonzalez
  - Re: [nft PATCH 4/4] tests/operations: add some listing tests, Arturo Borrero Gonzalez
- Re: [nft PATCH 1/4] rule: don't list anonymous sets, Pablo Neira Ayuso
[PATCH 1/3 nf-next] netfilter: nf_ct_helper: define pr_fmt(), Pablo Neira Ayuso
- [PATCH 2/3 nf-next] netfilter: nf_ct_helper: Add new function nf_ct_helper_init(), Pablo Neira Ayuso
- [PATCH 3/3 nf-next] netfilter: nf_ct_helper: Add nf_conntrack_helpers_register(), Pablo Neira Ayuso
  - Re: [PATCH 3/3 nf-next] netfilter: nf_ct_helper: Add nf_conntrack_helpers_register(), kbuild test robot
    - Message not available
      - Re: 答复: [PATCH 3/3 nf-next] netfilter: nf_ct_helper: Add nf_conntrack_helpers_register(), Pablo Neira Ayuso
        
        Re: 答复: [PATCH 3/3 nf-next] netfilter: nf_ct_helper: Add nf_conntrack_helpers_register(), Pablo Neira Ayuso
        
        Message not available
        
        Message not available
        
        Message not available
        
        Re: 答复: 答复: [PATCH 3/3 nf-next] netfilter: nf_ct_helper: Add nf_conntrack_helpers_register(), Pablo Neira Ayuso
        
        Message not available
        
        Re: 答复: 答复: 答复: [PATCH 3/3 nf-next] netfilter: nf_ct_helper: Add nf_conntrack_helpers_register(), Pablo Neira Ayuso
[PATCH nft 1/6] tests/py: remove unused variables, Pablo M. Bermudo Garay
- [PATCH nft 3/6] tests/py: simplify use of globals, Pablo M. Bermudo Garay
- [PATCH nft 2/6] tests/py: fix style, Pablo M. Bermudo Garay
  - Re: [PATCH nft 2/6] tests/py: fix style, Pablo Neira Ayuso
    - Re: [PATCH nft 2/6] tests/py: fix style, Pablo M. Bermudo Garay
- [PATCH nft 5/6] tests/py: modify supported test file syntax, Pablo M. Bermudo Garay
- [PATCH nft 4/6] tests/py: convert chains and tables to objects, Pablo M. Bermudo Garay
- [PATCH nft 6/6] tests/py: update test files syntax, Pablo M. Bermudo Garay
[PATCH 1/4] nf: netfilter: nf_tables_api: Add new attributes into nft_set to store user data., Carlos Falgueras García
- [PATCH 2/4] libnftnl: set: Add new attribute into 'set' to store an arbitrary length user data., Carlos Falgueras García
- [PATCH 3/4] libnftnl: set: Implement new buffer of TLV objects., Carlos Falgueras García
  - Re: [PATCH 3/4] libnftnl: set: Implement new buffer of TLV objects., Patrick McHardy
- [PATCH 4/4] libnftnl: examples: Modify the example to allow add TLV objects as user data., Carlos Falgueras García
- Re: [PATCH 1/4] nf: netfilter: nf_tables_api: Add new attributes into nft_set to store user data., Patrick McHardy
- Re: [PATCH 1/4] nf: netfilter: nf_tables_api: Add new attributes into nft_set to store user data., Pablo Neira Ayuso
[PATCH nft] scanner: disable most rules when we expect literal symbol, Florian Westphal
- Re: [PATCH nft] scanner: disable most rules when we expect literal symbol, Florian Westphal
  - Re: [PATCH nft] scanner: disable most rules when we expect literal symbol, Florian Westphal
[PATCH] sqlite3: Remove unused "buffer" option., Alex Xu
- Re: [PATCH] sqlite3: Remove unused "buffer" option., Eric Leblond
- <Possible follow-ups>
- [PATCH] sqlite3: Remove unused "buffer" option., Alex Xu (Hello71)
  - Re: [PATCH] sqlite3: Remove unused "buffer" option., Eric Leblond
[PATCH] extensions: libip6t_ah: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libip6t_ah: Add translation to nft, Pablo Neira Ayuso
[PATCH] iptables: add xtables-config-parser.h to BUILT_SOURCES, Gustavo Zacarias
- Re: [PATCH] iptables: add xtables-config-parser.h to BUILT_SOURCES, Pablo Neira Ayuso
[PATCH] extensions: libip6t_SNAT: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libip6t_SNAT: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libip6t_DNAT: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libip6t_DNAT: Add translation to nft, Pablo Neira Ayuso
[PATCH v2] iptables: nft-ipv6: Replace ip with ip6, Shivani Bhardwaj
- Re: [PATCH v2] iptables: nft-ipv6: Replace ip with ip6, Pablo Neira Ayuso
ipset v6.24: Comment string is too long!, Drunkard Zhang
- Re: ipset v6.24: Comment string is too long!, Jozsef Kadlecsik
  - Re: ipset v6.24: Comment string is too long!, Drunkard Zhang
Re: ulogd's SQLITE3 "buffer" option, Pablo Neira Ayuso
- Re: ulogd's SQLITE3 "buffer" option, Eric Leblond
Re: nf_unregister_net_hook: hook not found!, Pablo Neira Ayuso
- Re: nf_unregister_net_hook: hook not found!, Eric W. Biederman
  - Re: nf_unregister_net_hook: hook not found!, Sander Eikelenboom
    - Re: nf_unregister_net_hook: hook not found!, Joe Stringer
[RFC PATCH nft] parser: re-try unexpected tokens as symbol expression, Florian Westphal
- Re: [RFC PATCH nft] parser: re-try unexpected tokens as symbol expression, Pablo Neira Ayuso
[PATCH 1/3 nft] parser: get rid of multiton_expr from lhs relational expression, Pablo Neira Ayuso
- [PATCH 2/3 nft] parser: rename multiton_expr to multiton_rhs_expr, Pablo Neira Ayuso
- [PATCH 3/3 nft] parser: restore bitwise operations from the rhs of relational expressions, Pablo Neira Ayuso
- Re: [PATCH 1/3 nft] parser: get rid of multiton_expr from lhs relational expression, Patrick McHardy
[PATCH v2] extensions: libxt_length: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libxt_length: Add translation to nft, Pablo Neira Ayuso
[PATCH] iptables: nft-ipv6: Replace ip with ip6, Shivani Bhardwaj
[PATCH] extensions: libxt_length: Add translation to nft, Shivani Bhardwaj
[PATCH nft] doc: update meta and ct expression keyword lists, Florian Westphal
- Re: [PATCH nft] doc: update meta and ct expression keyword lists, Pablo Neira Ayuso
[PATCH v2] extensions: libipt_DNAT: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libipt_DNAT: Add translation to nft, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nft_limit: allow to invert matching criteria, Pablo Neira Ayuso
[PATCH 1/3 nft] src: add new netdev protocol description, Pablo Neira Ayuso
- [PATCH 3/3 nft] parser: add redirect constant to rhs_expr rule, Pablo Neira Ayuso
- [PATCH 2/3 nft] parser: restrict relational rhs expression recursion, Pablo Neira Ayuso
[PATCH] extensions: libipt_REJECT: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libipt_REJECT: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libipt_DNAT: Add translation to nft, Shivani Bhardwaj
[PATCH] extensions: libipt_SNAT: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libipt_SNAT: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH] extensions: libipt_SNAT: Add translation to nft, Shivani Bhardwaj
- <Possible follow-ups>
- [PATCH] extensions: libipt_SNAT: Add translation to nft, Shivani Bhardwaj
  - Re: [PATCH] extensions: libipt_SNAT: Add translation to nft, Pablo Neira Ayuso
[PATCH v2] extensions: libxt_pkttype: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libxt_pkttype: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libipt_realm: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libipt_realm: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libipt_ah: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libipt_ah: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libxt_pkttype: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_pkttype: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH] extensions: libxt_pkttype: Add translation to nft, Shivani Bhardwaj
[PATCH] extensions: libxt_cpu: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_cpu: Add translation to nft, Pablo Neira Ayuso
[PATCH v4] extensions: libxt_devgroup: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v4] extensions: libxt_devgroup: Add translation to nft, Pablo Neira Ayuso
[PATCH] include: xtables: Add enum for better nft translation code, Shivani Bhardwaj
- Re: [PATCH] include: xtables: Add enum for better nft translation code, Shivani Bhardwaj
- Re: [PATCH] include: xtables: Add enum for better nft translation code, Pablo Neira Ayuso
[PATCH v2] extensions: libxt_mark: Fix inversion code, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libxt_mark: Fix inversion code, Pablo Neira Ayuso
[nft PATCH] tests/shell: add tests for handles and comments, Arturo Borrero Gonzalez
- Re: [nft PATCH] tests/shell: add tests for handles and comments, Pablo Neira Ayuso
[PATCH v2] extensions: libxt_helper: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libxt_helper: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libxt_helper: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_helper: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH] extensions: libxt_helper: Add translation to nft, Shivani Bhardwaj
[PATCH v2] extensions: libxt_limit: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libxt_limit: Add translation to nft, Pablo Neira Ayuso
[no subject], Luuk Paulussen
- [PATCH v2] net-next: Add tcindex to conntrack and add netfilter target/matches, Luuk Paulussen
[PATCH] extensions: libxt_mark: Fix inversion code, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_mark: Fix inversion code, Pablo Neira Ayuso
[PATCH v3] extensions: libxt_connmark: Add translation to nft, Shivani Bhardwaj
- <Possible follow-ups>
- [PATCH v3] extensions: libxt_connmark: Add translation to nft, Shivani Bhardwaj
  - Re: [PATCH v3] extensions: libxt_connmark: Add translation to nft, Pablo Neira Ayuso
    - Re: [PATCH v3] extensions: libxt_connmark: Add translation to nft, Shivani Bhardwaj
      - Re: [PATCH v3] extensions: libxt_connmark: Add translation to nft, Pablo Neira Ayuso
[PATCH v3] extensions: libxt_devgroup: Add translation to nft, Shivani Bhardwaj
[PATCH v2] extensions: libxt_connmark: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libxt_connmark: Add translation to nft, Shivani Bhardwaj
[PATCH] extensions: libxt_NFLOG: Add group_info and remove multiple keywords, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_NFLOG: Add group_info and remove multiple keywords, Pablo Neira Ayuso
  - Re: [PATCH] extensions: libxt_NFLOG: Add group_info and remove multiple keywords, Shivani Bhardwaj
[PATCH 1/2] libxt_cgroup: prepare for multi revisions, Tejun Heo
- [PATCH 2/2] libxt_cgroup2: add support for cgroup2 path matching, Tejun Heo
  - Re: [PATCH 2/2] libxt_cgroup2: add support for cgroup2 path matching, Pablo Neira Ayuso
    - Re: [PATCH 2/2] libxt_cgroup2: add support for cgroup2 path matching, Pablo Neira Ayuso
      - Re: [PATCH 2/2] libxt_cgroup2: add support for cgroup2 path matching, Tejun Heo
      - [PATCH iptables] extensions: libxt_cgroup: add unit test, Tejun Heo
        
        Re: [PATCH iptables] extensions: libxt_cgroup: add unit test, Pablo Neira Ayuso
- Re: [PATCH 1/2] libxt_cgroup: prepare for multi revisions, Pablo Neira Ayuso
[PATCH 1/3,nf] netfilter: nf_tables_api: Add new attributes into, Carlos Falgueras García
- [PATCH 2/3,libnftnl] set: Add new attribute into 'set' to store an, Carlos Falgueras García
- [PATCH 3/3,libnftnl] examples: Modify the example 'nft-set-add' to, Carlos Falgueras García
New xlate3 branch in iptables, Pablo Neira Ayuso
[PATCH] extensions: libxt_mac: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_mac: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libxt_connmark: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_connmark: Add translation to nft, Pablo Neira Ayuso
[PATCH 0/2] Add syntax and translation for comment module, Shivani Bhardwaj
- [PATCH 1/2] iptables: nft-ipv4: Remove suffix counter for comment module, Shivani Bhardwaj
- [PATCH 2/2] extensions: libxt_comment: Add translation to nft, Shivani Bhardwaj
  - Re: [PATCH 2/2] extensions: libxt_comment: Add translation to nft, Pablo Neira Ayuso
    - Re: [PATCH 2/2] extensions: libxt_comment: Add translation to nft, Shivani Bhardwaj
[PATCH] extensions: libxt_limit: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_limit: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libxt_iprange: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_iprange: Add translation to nft, Pablo Neira Ayuso
[PATCH 1/2] netfilter: prepare xt_cgroup for multi revisions, Tejun Heo
- [PATCH 2/2] netfilter: implement xt_cgroup cgroup2 path match, Tejun Heo
- Re: [PATCH 1/2] netfilter: prepare xt_cgroup for multi revisions, Pablo Neira Ayuso
  - Re: [PATCH 1/2] netfilter: prepare xt_cgroup for multi revisions, Tejun Heo
[PATCH] extensions: libxt_NFLOG: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_NFLOG: Add translation to nft, Arturo Borrero Gonzalez
- Re: [PATCH] extensions: libxt_NFLOG: Add translation to nft, Arturo Borrero Gonzalez
  - Re: [PATCH] extensions: libxt_NFLOG: Add translation to nft, Pablo Neira Ayuso
- Re: [PATCH] extensions: libxt_NFLOG: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libxt_NFQUEUE: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_NFQUEUE: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH] extensions: libxt_NFQUEUE: Add translation to nft, Shivani Bhardwaj
    - Re: [PATCH] extensions: libxt_NFQUEUE: Add translation to nft, Pablo Neira Ayuso
Syn proxy causes vcenter traffic not working properly, İbrahim Ercan
[PATCH] extensions: libxt_esp: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_esp: Add translation to nft, Pablo Neira Ayuso
[PATCH] extensions: libxt_devgroup: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_devgroup: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH] extensions: libxt_devgroup: Add translation to nft, Shivani Bhardwaj
    - Re: [PATCH] extensions: libxt_devgroup: Add translation to nft, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH] extensions: libxt_devgroup: Add translation to nft, Shivani Bhardwaj
  - Re: [PATCH] extensions: libxt_devgroup: Add translation to nft, Shivani Bhardwaj
Support of different targets in nftables, Shivani Bhardwaj
- Re: Support of different targets in nftables, Pablo Neira Ayuso
  - Re: Support of different targets in nftables, Shivani Bhardwaj
About a bug reported, Shivani Bhardwaj
[PATCH v4] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v4] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH v4] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
nftables symbols, Shivani Bhardwaj
- Re: nftables symbols, Pablo Neira Ayuso
  - Re: nftables symbols, Shivani Bhardwaj
    - Re: nftables symbols, Pablo Neira Ayuso
      - Re: nftables symbols, Shivani Bhardwaj
[PATCH v3] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v3] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
[PATCH nft 0/5] ct: add support for directional keys, Florian Westphal
- [PATCH nft 1/5] ct: add support for directional keys, Florian Westphal
  - Re: [PATCH nft 1/5] ct: add support for directional keys, Pablo Neira Ayuso
    - Re: [PATCH nft 1/5] ct: add support for directional keys, Florian Westphal
- [PATCH nft 2/5] netlink: don't handle lhs zero-length expression as concat type, Florian Westphal
- [PATCH nft 5/5] tests: add ct tests for ip family, Florian Westphal
- [PATCH nft 4/5] src: ct: make ct l3proto work, Florian Westphal
- [PATCH nft 3/5] netlink: only drop mask if it matches left known-size operand, Florian Westphal
[ANNOUNCE] iptables 1.6.0 release, Pablo Neira Ayuso
- Re: [ANNOUNCE] iptables 1.6.0 release, Jan Engelhardt
  - Re: [ANNOUNCE] iptables 1.6.0 release, Pablo Neira Ayuso
[PATCH] ila: add NETFILTER dependency, Arnd Bergmann
- Re: [PATCH] ila: add NETFILTER dependency, Pablo Neira Ayuso
  - Re: [PATCH] ila: add NETFILTER dependency, Florian Westphal
    - Re: [PATCH] ila: add NETFILTER dependency, Pablo Neira Ayuso
- Re: [PATCH] ila: add NETFILTER dependency, David Miller
[PATCH nf] netfilter: nft_ct: include direction when dumping NFT_CT_L3PROTOCOL key, Florian Westphal
- Re: [PATCH nf] netfilter: nft_ct: include direction when dumping NFT_CT_L3PROTOCOL key, Pablo Neira Ayuso
[RFC nft] ct expr: make directional keys work, Florian Westphal
- Re: [RFC nft] ct expr: make directional keys work, Pablo Neira Ayuso
  - Re: [RFC nft] ct expr: make directional keys work, Florian Westphal
    - Re: [RFC nft] ct expr: make directional keys work, Florian Westphal
      - Re: [RFC nft] ct expr: make directional keys work, Pablo Neira Ayuso
[PATCH net-next v5 0/8] openvswitch: NAT support., Jarno Rajahalme
- [PATCH net-next v5 4/8] openvswitch: Update the CT state key only after nf_conntrack_in()., Jarno Rajahalme
- [PATCH net-next v5 5/8] openvswitch: Find existing conntrack entry after upcall., Jarno Rajahalme
- [PATCH net-next v5 8/8] openvswitch: Interface with NAT., Jarno Rajahalme
- [PATCH net-next v5 7/8] openvswitch: Delay conntrack helper call for new connections., Jarno Rajahalme
  - Re: [PATCH net-next v5 7/8] openvswitch: Delay conntrack helper call for new connections., Sergei Shtylyov
- [PATCH net-next v5 6/8] openvswitch: Handle NF_REPEAT in conntrack action., Jarno Rajahalme
- [PATCH net-next v5 3/8] netfilter: Allow calling into nat helper without skb_dst., Jarno Rajahalme
- [PATCH net-next v5 2/8] netfilter: Factor out nf_ct_get_info()., Jarno Rajahalme
  - Re: [PATCH net-next v5 2/8] netfilter: Factor out nf_ct_get_info()., Sergei Shtylyov
  - Re: [PATCH net-next v5 2/8] netfilter: Factor out nf_ct_get_info()., Pablo Neira Ayuso
- [PATCH net-next v5 1/8] netfilter: Remove IP_CT_NEW_REPLY definition., Jarno Rajahalme
[PATCH nft] netlink_delinearize: add previous statement to rule_pp_ctx, Pablo Neira Ayuso
- Re: [PATCH nft] netlink_delinearize: add previous statement to rule_pp_ctx, Pablo M. Bermudo Garay
[PATCH nf] netfilter: nf_tables: use skb->protocol instead of assuming ethernet header, Pablo Neira Ayuso
[PATCH 4/5,nf-next] netfilter: nfnetlink: pass down netns pointer to call() and call_rcu(), Pablo Neira Ayuso
- [PATCH 5/5,nf-next] netfilter: nfnetlink: pass down netns pointer to commit() and abort() callbacks, Pablo Neira Ayuso
[PATCH 2/5,nf-next] netfilter: nf_tables: destroy basechain and rules on netdevice removal, Pablo Neira Ayuso
- [PATCH 3/5,nf-next] netfilter: nf_tables: remove check against removal of inactive objects, Pablo Neira Ayuso
[PATCH 1/5 nf,v3] netfilter: nf_tables: release objects on netns destruction, Pablo Neira Ayuso
IPTables connection mark rule stops working, Justin Michael Schwartzbeck
[ANNOUNCE] Another round of NetDev 1.1 updates, Pablo Neira Ayuso
[PATCH -stable] netfilter: ctnetlink: put back references to master ct and expect objects, Pablo Neira Ayuso
[PATCH -stable-*] netfilter: nf_conntrack: Support expectations in different zones, Pablo Neira Ayuso
[PATCH -stable] netfilter: nf_log: don't zap all loggers on unregister, Pablo Neira Ayuso
- [PATCH -stable] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference, Pablo Neira Ayuso
- [PATCH -stable] netfilter: nf_tables: fix bogus warning in nft_data_uninit(), Pablo Neira Ayuso
- [PATCH -stable-3.18] netfilter: nft_compat: fix module refcount underflow, Pablo Neira Ayuso
- [PATCH -stable] netfilter: nft_compat: skip family comparison in case of NFPROTO_UNSPEC, Pablo Neira Ayuso
- [PATCH -stable] netfilter: ipt_rpfilter: remove the nh_scope test in rpfilter_lookup_reverse, Pablo Neira Ayuso
  - Re: [PATCH -stable] netfilter: ipt_rpfilter: remove the nh_scope test in rpfilter_lookup_reverse, Luis Henriques
rebasing nf tree, Pablo Neira Ayuso
- <Possible follow-ups>
- rebasing nf tree, Pablo Neira Ayuso
Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jozsef Kadlecsik
- Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Remzi AKYÜZ
  - Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jozsef Kadlecsik
    - Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Noel Kuntze
      - Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Dâniel Fraga
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Pablo Neira Ayuso
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Dâniel Fraga
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Dâniel Fraga
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Florian Westphal
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Dâniel Fraga
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jan Engelhardt
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Dâniel Fraga
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jan Engelhardt
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Dâniel Fraga
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jan Engelhardt
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jozsef Kadlecsik
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Pablo Neira Ayuso
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jozsef Kadlecsik
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Jozsef Kadlecsik
      - Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Pablo Neira Ayuso
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Noel Kuntze
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Noel Kuntze
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Pablo Neira Ayuso
        
        Re: Linux 4.3.1 regression: -m state returns "Protocol wrong type for socket", Dâniel Fraga
[PATCH 0/5] new testsuite for nft, Arturo Borrero Gonzalez
- [PATCH 3/5] tests/shell: add maps tests cases, Arturo Borrero Gonzalez
- [PATCH 4/5] tests/shell: add tests for handles and comments, Arturo Borrero Gonzalez
  - Re: [PATCH 4/5] tests/shell: add tests for handles and comments, Arturo Borrero Gonzalez
- [PATCH 1/5] tests/: rearrange tests directory, Arturo Borrero Gonzalez
  - Re: [PATCH 1/5] tests/: rearrange tests directory, Pablo Neira Ayuso
- [PATCH 5/5] tests/shell: add test case for cache bug, Arturo Borrero Gonzalez
- [PATCH 2/5] tests/: add shell test-suite, Arturo Borrero Gonzalez
- Re: [PATCH 0/5] new testsuite for nft, Pablo Neira Ayuso
[PATCH V2 nf-next] netfilter: meta: add support for setting skb->pkttype, Florian Westphal
- Re: [PATCH V2 nf-next] netfilter: meta: add support for setting skb->pkttype, Pablo Neira Ayuso
  - Re: [PATCH V2 nf-next] netfilter: meta: add support for setting skb->pkttype, Florian Westphal
    - Re: [PATCH V2 nf-next] netfilter: meta: add support for setting skb->pkttype, Pablo Neira Ayuso
      - Re: [PATCH V2 nf-next] netfilter: meta: add support for setting skb->pkttype, Pablo Neira Ayuso
[PATCH 1/4] list: introduce list_is_first(), Geliang Tang
- [PATCH 2/4] livepatch: use list_is_first(), Geliang Tang
  - [PATCH 3/4] netfilter: ipset: use list_is_first(), Geliang Tang
    - [PATCH 4/4] elevator: use list_is_{first,last}, Geliang Tang
- Re: [PATCH 1/4] list: introduce list_is_first(), Jens Axboe
  - Re: [PATCH 1/4] list: introduce list_is_first(), Josh Poimboeuf
    - Re: [PATCH 1/4] list: introduce list_is_first(), Jens Axboe
      - Re: [PATCH 1/4] list: introduce list_is_first(), Jiri Kosina
    - Re: [PATCH 1/4] list: introduce list_is_first(), Christoph Hellwig
Re: undefined reference to `nf_conntrack_untracked', Pablo Neira Ayuso
[PATCH nf] netfilter: nf_dup: add missing dependencies with NF_CONNTRACK, Pablo Neira Ayuso
[PATCH nf,v2] netfilter: nf_tables: release objects on netns destruction, Pablo Neira Ayuso
- Re: [PATCH nf,v2] netfilter: nf_tables: release objects on netns destruction, Arturo Borrero Gonzalez
- Re: [PATCH nf,v2] netfilter: nf_tables: release objects on netns destruction, Pablo Neira Ayuso
[PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Florian Westphal
- Re: [PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Florian Westphal
- Re: [PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Florian Westphal
  - Re: [PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Pablo Neira Ayuso
    - Re: [PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Florian Westphal
- <Possible follow-ups>
- [PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Florian Westphal
  - Re: [PATCH nf] netfilter: conntrack: resched in nf_ct_iterate_cleanup, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_tables: fix nf_log_trace based tracing, Florian Westphal
- Re: [PATCH nf-next] netfilter: nf_tables: fix nf_log_trace based tracing, Pablo Neira Ayuso
[PATCH nf-next] netfilter: cttimeout: add netns support, Pablo Neira Ayuso
[PATCH nf 1/2] netfilter: nfnetlink: avoid recurrent netns lookups in call_batch, Pablo Neira Ayuso
- [PATCH nf 2/2] nfnetlink: fix splat due to incorrect socket memory accounting in skbuff clones, Pablo Neira Ayuso
  - Re: [PATCH nf 2/2] nfnetlink: fix splat due to incorrect socket memory accounting in skbuff clones, Arturo Borrero Gonzalez
    - Re: [PATCH nf 2/2] nfnetlink: fix splat due to incorrect socket memory accounting in skbuff clones, Pablo Neira Ayuso
- Re: [PATCH nf 1/2] netfilter: nfnetlink: avoid recurrent netns lookups in call_batch, Arturo Borrero Gonzalez
nf_conntrack_count is increasing, Гаврилов Игорь
- Re: nf_conntrack_count is increasing, Florian Westphal
  - Re: nf_conntrack_count is increasing, Гаврилов Игорь
[PATCH net-next v4 0/8] openvswitch: NAT support., Jarno Rajahalme
- [PATCH net-next v4 1/8] netfilter: Remove IP_CT_NEW_REPLY definition., Jarno Rajahalme
- [PATCH net-next v4 4/8] openvswitch: Update the CT state key only after nf_conntrack_in()., Jarno Rajahalme
  - Re: [PATCH net-next v4 4/8] openvswitch: Update the CT state key only after nf_conntrack_in()., Sergei Shtylyov
- [PATCH net-next v4 2/8] netfilter: Factor out nf_ct_get_info()., Jarno Rajahalme
  - Re: [PATCH net-next v4 2/8] netfilter: Factor out nf_ct_get_info()., Pablo Neira Ayuso
    - Re: [PATCH net-next v4 2/8] netfilter: Factor out nf_ct_get_info()., Jarno Rajahalme
- [PATCH net-next v4 6/8] openvswitch: Handle NF_REPEAT in conntrack action., Jarno Rajahalme
- [PATCH net-next v4 3/8] netfilter: Allow calling into nat helper without skb_dst., Jarno Rajahalme
- [PATCH net-next v4 8/8] openvswitch: Interface with NAT., Jarno Rajahalme
  - Re: [PATCH net-next v4 8/8] openvswitch: Interface with NAT., Pablo Neira Ayuso
    - Re: [PATCH net-next v4 8/8] openvswitch: Interface with NAT., Jarno Rajahalme
- [PATCH net-next v4 7/8] openvswitch: Delay conntrack helper call for new connections., Jarno Rajahalme
  - Re: [PATCH net-next v4 7/8] openvswitch: Delay conntrack helper call for new connections., Sergei Shtylyov
- [PATCH net-next v4 5/8] openvswitch: Find existing conntrack entry after upcall., Jarno Rajahalme
[PATCH nf-next] netfilter: ipv6: nf_defrag: fix NULL deref panic, Florian Westphal
- Re: [PATCH nf-next] netfilter: ipv6: nf_defrag: fix NULL deref panic, Pablo Neira Ayuso
libnetfilter_conntrack: set_attr_dnat_ipv4, Sargun Dhillon
- Re: libnetfilter_conntrack: set_attr_dnat_ipv4, Florian Westphal
[PATCH xtables-addons] make xt_ACCOUNT network namespace aware, Andreas Schultz
[PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
- Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
    - Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
      - Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
        
        Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
        
        Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
        
        Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
        
        Re: [PATCH] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
next-20151207 - crash in IPv6 code, Valdis Kletnieks
- Re: next-20151207 - crash in IPv6 code, Florian Westphal
  - Re: next-20151207 - crash in IPv6 code, Valdis . Kletnieks
    - Re: next-20151207 - crash in IPv6 code, David Miller
[PATCH nf-next] netfilter: nftables: Change the return type of nfulnl_set_timeout() and nfulnl_set_qthresh() to be void., Rami Rosen
- Re: [PATCH nf-next] netfilter: nftables: Change the return type of nfulnl_set_timeout() and nfulnl_set_qthresh() to be void., Pablo Neira Ayuso
  - Re: [PATCH nf-next] netfilter: nftables: Change the return type of nfulnl_set_timeout() and nfulnl_set_qthresh() to be void., Pablo Neira Ayuso
[PATCHSET v4] netfilter, cgroup: implement cgroup2 path match in xt_cgroup, Tejun Heo
- [PATCH 5/8] net: wrap sock->sk_cgrp_prioidx and ->sk_classid inside a struct, Tejun Heo
- [PATCH 8/8] netfilter: implement xt_cgroup cgroup2 path match, Tejun Heo
  - Re: [PATCH 8/8] netfilter: implement xt_cgroup cgroup2 path match, Pablo Neira Ayuso
  - Re: [PATCH 8/8] netfilter: implement xt_cgroup cgroup2 path match, Alban Crequy
    - Re: [PATCH 8/8] netfilter: implement xt_cgroup cgroup2 path match, Tejun Heo
- [PATCH 7/8] netfilter: prepare xt_cgroup for multi revisions, Tejun Heo
  - Re: [PATCH 7/8] netfilter: prepare xt_cgroup for multi revisions, Pablo Neira Ayuso
- [PATCH 4/8] netprio_cgroup: limit the maximum css->id to USHRT_MAX, Tejun Heo
- [PATCH 6/8] sock, cgroup: add sock->sk_cgroup, Tejun Heo
- [PATCH 2/8] kernfs: implement kernfs_walk_and_get(), Tejun Heo
  - Re: [PATCH 2/8] kernfs: implement kernfs_walk_and_get(), Geert Uytterhoeven
    - [PATCH] kernfs: make kernfs_walk_ns() use kernfs_pr_cont_buf[], Tejun Heo
      - Re: [PATCH] kernfs: make kernfs_walk_ns() use kernfs_pr_cont_buf[], Greg Kroah-Hartman
- [PATCH 3/8] cgroup: implement cgroup_get_from_path() and expose cgroup_put(), Tejun Heo
  - Re: [PATCH 3/8] cgroup: implement cgroup_get_from_path() and expose cgroup_put(), Serge E. Hallyn
    - Re: [PATCH 3/8] cgroup: implement cgroup_get_from_path() and expose cgroup_put(), Tejun Heo
- [PATCH 1/8] cgroup: record ancestor IDs and reimplement cgroup_is_descendant() using it, Tejun Heo
- Re: [PATCHSET v4] netfilter, cgroup: implement cgroup2 path match in xt_cgroup, David Miller
- RE: [PATCHSET v4] netfilter, cgroup: implement cgroup2 path match in xt_cgroup, Dexuan Cui
  - [PATCH net-next] net, cgroup: cgroup_sk_updat_lock was missing initializer, Tejun Heo
    - Re: [PATCH net-next] net, cgroup: cgroup_sk_updat_lock was missing initializer, David Miller
      - RE: [PATCH net-next] net, cgroup: cgroup_sk_updat_lock was missing initializer, Dexuan Cui
nf_conntrack_ipv4: UDP packets are spuriously dropped on parallel send via loopback device on SMP machines, Matthias Gerstner
[PATCH nf-next 0/3] netfilter: nftables: add set support for conntrack labels, Florian Westphal
- [PATCH nf-next 1/3] netfilter: connlabels: move helpers to xt_connlabel, Florian Westphal
- [PATCH nf-next 2/3] netfilter: labels: don't emit ct event if labels are unchanged, Florian Westphal
- [PATCH nf-next 3/3] netfilter: nftables: add connlabel set support, Florian Westphal
[PATCH net] nftables: use list_for_each_entry_safe_reverse to traversal commit_list in nf_tables_abort, Xin Long
- Re: [PATCH net] nftables: use list_for_each_entry_safe_reverse to traversal commit_list in nf_tables_abort, Pablo Neira Ayuso
  - Re: [PATCH net] nftables: use list_for_each_entry_safe_reverse to traversal commit_list in nf_tables_abort, Xin Long
  - Re: [PATCH net] nftables: use list_for_each_entry_safe_reverse to traversal commit_list in nf_tables_abort, Xin Long
    - Re: [PATCH net] nftables: use list_for_each_entry_safe_reverse to traversal commit_list in nf_tables_abort, Pablo Neira Ayuso
      - Re: [PATCH net] nftables: use list_for_each_entry_safe_reverse to traversal commit_list in nf_tables_abort, Xin Long
        
        Re: [PATCH net] nftables: use list_for_each_entry_safe_reverse to traversal commit_list in nf_tables_abort, Pablo Neira Ayuso
[PATCH] netfilter: nfnetlink_queue: Unregister pernet subsys in case of init failure, Nikolay Borisov
- Re: [PATCH] netfilter: nfnetlink_queue: Unregister pernet subsys in case of init failure, Sergei Shtylyov
  - Re: [PATCH] netfilter: nfnetlink_queue: Unregister pernet subsys in case of init failure, Nikolay Borisov
    - Re: [PATCH] netfilter: nfnetlink_queue: Unregister pernet subsys in case of init failure, Pablo Neira Ayuso
      - Re: [netfilter-core] [PATCH] netfilter: nfnetlink_queue: Unregister pernet subsys in case of init failure, Pablo Neira Ayuso
[PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
    - Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
      - Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
        
        Message not available
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
        
        Re: [PATCH v2] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
[PATCH nft 1/7,v2] tests: vlan pcp and cfi are located in the first byte, Pablo Neira Ayuso
- [PATCH nft 3/7] netlink_delinearize: postprocess expression before range merge, Pablo Neira Ayuso
- [PATCH nft 6/7] evaluate: transfer right shifts to set reference side, Pablo Neira Ayuso
- [PATCH nft 5/7] evaluate: transfer right shifts to range side, Pablo Neira Ayuso
- [PATCH nft 4/7] evaluate: transfer right shifts to constant side, Pablo Neira Ayuso
- [PATCH nft 2/7,v2] src: fix sub-byte protocol header definitions, Pablo Neira Ayuso
  - Re: [PATCH nft 2/7,v2] src: fix sub-byte protocol header definitions, Pablo Neira Ayuso
- [PATCH nft 7/7] src: move payload sub-byte matching to the evaluation step, Pablo Neira Ayuso
[PATCH] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
- Re: [PATCH] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
  - Re: [PATCH] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
  - Re: [PATCH] extensions: libxt_mark: Add translation to nft, Pablo Neira Ayuso
    - Re: [PATCH] extensions: libxt_mark: Add translation to nft, Shivani Bhardwaj
- <Possible follow-ups>
- [PATCH] extensions: libxt_MARK: Add translation to nft, Shivani Bhardwaj
  - Re: [PATCH] extensions: libxt_MARK: Add translation to nft, Shivani Bhardwaj
    - Re: [PATCH] extensions: libxt_MARK: Add translation to nft, Florian Westphal
  - Re: [PATCH] extensions: libxt_MARK: Add translation to nft, Jan Engelhardt
    - Re: [PATCH] extensions: libxt_MARK: Add translation to nft, Shivani Bhardwaj
  - Re: [PATCH] extensions: libxt_MARK: Add translation to nft, Pablo Neira Ayuso
[PATCH] netfilter: Initialize local variables to NULL, to prevent using them when uninitialized., Tomer Barletz
- Re: [PATCH] netfilter: Initialize local variables to NULL, to prevent using them when uninitialized., Pablo Neira Ayuso
Support marking/matching tc_index in netfilter, Luuk Paulussen
- [PATCH] Add tcindex to conntrack and add netfilter target/matches, Luuk Paulussen
  - Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Luuk Paulussen
    - Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Florian Westphal
      - Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Luuk Paulussen
        
        Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Florian Westphal
        
        Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Luuk Paulussen
        
        Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Daniel Borkmann
        
        Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Luuk Paulussen
        
        Re: [PATCH] Add tcindex to conntrack and add netfilter target/matches, Daniel Borkmann
[PATCH -next] netfilter: meta: add support for setting skb->pkttype, Florian Westphal
- Re: [PATCH -next] netfilter: meta: add support for setting skb->pkttype, Pablo Neira Ayuso
  - Re: [PATCH -next] netfilter: meta: add support for setting skb->pkttype, Florian Westphal
[nft] bug in sets cache, Arturo Borrero Gonzalez
[PATCH v3 nf-next 0/12] netfilter: don't copy init ns hooks to new namespaces, Florian Westphal
- [PATCH v3 nf-next 02/12] netfilter: conntrack: register hooks in netns when needed by ruleset, Florian Westphal
- [PATCH v3 nf-next 03/12] netfilter: xtables: don't register table hooks in namespace at init time, Florian Westphal
- [PATCH v3 nf-next 04/12] netfilter: defrag: only register defrag functionality if needed, Florian Westphal
- [PATCH v3 nf-next 06/12] netfilter: bridge: register hooks only when bridge interface is added, Florian Westphal
- [PATCH v3 nf-next 07/12] netfilter: don't call nf_hook_state_init/_hook_slow unless needed, Florian Westphal
- [PATCH v3 nf-next 05/12] netfilter: nat: add dependencies on conntrack module, Florian Westphal
- [PATCH v3 nf-next 08/12] nftables: add conntrack dependencies for nat/masq/redir expressions, Florian Westphal
- [PATCH v3 nf-next 09/12] nfnetlink: add nfnl_dereference_protected helper, Florian Westphal
  - Re: [PATCH v3 nf-next 09/12] nfnetlink: add nfnl_dereference_protected helper, Pablo Neira Ayuso
- [PATCH v3 nf-next 10/12] netfilter: ctnetlink: make ctnetlink bind register conntrack hooks, Florian Westphal
- [PATCH v3 nf-next 11/12] netfilter: hook up nfnetlink log/queue to register conntrack hooks, Florian Westphal
- [PATCH v3 nf-next 12/12] netfilter: inform ctnetlink about new l3 protocol trackers, Florian Westphal
- [PATCH v3 nf-next 01/12] netfilter: add and use nf_ct_netns_get/put, Florian Westphal
- Re: [PATCH v3 nf-next 0/12] netfilter: don't copy init ns hooks to new namespaces, Pablo Neira Ayuso
  - Re: [PATCH v3 nf-next 0/12] netfilter: don't copy init ns hooks to new namespaces, Florian Westphal
[PATCH nft 1/3] tests: add *.got files to .gitignore, Pablo M. Bermudo Garay
- [PATCH nft 2/3] tests: remove useless logic, Pablo M. Bermudo Garay
- [PATCH nft 3/3] tests: fix crash when rule test is malformed, Pablo M. Bermudo Garay
- Re: [PATCH nft 1/3] tests: add *.got files to .gitignore, Pablo Neira Ayuso
- Re: [PATCH nft 1/3] tests: add *.got files to .gitignore, Pablo Neira Ayuso
[ANNOUNCE] NetDev 1.1 updates (Seville, Spain February 10-12), Pablo Neira Ayuso
[PATCH nft 1/2] tests: vlan pcp and cfi are located in the first byte, Pablo Neira Ayuso
- [PATCH nft 2/2] src: fix sub-bytes protocol header definition, Pablo Neira Ayuso
  - Re: [PATCH nft 2/2] src: fix sub-bytes protocol header definition, Florian Westphal
    - Re: [PATCH nft 2/2] src: fix sub-bytes protocol header definition, Pablo Neira Ayuso
[PATCH] netfilter: ipvs: avoid unused variable warning, Arnd Bergmann
- Re: [PATCH] netfilter: ipvs: avoid unused variable warning, Julian Anastasov
  - Re: [PATCH] netfilter: ipvs: avoid unused variable warning, Simon Horman
[PATCH nf] netfilter: nf_tables: release objects on netns destruction, Pablo Neira Ayuso
[PATCH v4 nf-next 1/2] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
- [PATCH v4 nf-next 2/2] netfilter: nf_tables: wrap tracing with a static key, Florian Westphal
  - Re: [PATCH v4 nf-next 2/2] netfilter: nf_tables: wrap tracing with a static key, Pablo Neira Ayuso
- Re: [PATCH v4 nf-next 1/2] netfilter: nf_tables: extend tracing infrastructure, Pablo Neira Ayuso
[PATCH nft] src: perform sub-byte length matching from the evaluation step, Pablo Neira Ayuso
- Re: [PATCH nft] src: perform sub-byte length matching from the evaluation step, Patrick McHardy
  - Re: [PATCH nft] src: perform sub-byte length matching from the evaluation step, Pablo Neira Ayuso
[PATCH nft] null pointer exception, Linmujia
- Re: [PATCH nft] null pointer exception, Patrick McHardy
GIT: [PATCH v3 0/3] netfilter trace infrastructure support, Florian Westphal
- [PATCH v3 libnftnl 1/3] src: add trace infrastructure support, Florian Westphal
  - Re: [PATCH v3 libnftnl 1/3] src: add trace infrastructure support, Pablo Neira Ayuso
    - Re: [PATCH v3 libnftnl 1/3] src: add trace infrastructure support, Florian Westphal
- [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
  - Re: [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
- [PATCH v3 nf-next 3/3] netfilter: nf_tables: wrap tracing with a static key, Florian Westphal
- Re: GIT: [PATCH v3 0/3] netfilter trace infrastructure support, Patrick McHardy
[PATCH nft] netlink: fix up indentation damage, Patrick McHardy
[RFC PATCH nft] datatype: add scaled integer types, Patrick McHardy
[RFC PATCH nft] parser: add typeof keyword for declarations, Patrick McHardy
[PATCH nft,v2] netlink_delinearize: fix use-after-free, Pablo Neira Ayuso
[PATCH nft] netlink_delinearize: fix use-after-free, Pablo Neira Ayuso
- Re: [PATCH nft] netlink_delinearize: fix use-after-free, Patrick McHardy
[PATCH nft]evaluate function should have a explicitly return value, Linmujia
- Re: [PATCH nft]evaluate function should have a explicitly return value, Pablo Neira Ayuso
[PATCH nft] proto: fix VLAN header definition, Patrick McHardy
- Re: [PATCH nft] proto: fix VLAN header definition, Florian Westphal
  - Re: [PATCH nft] proto: fix VLAN header definition, Patrick McHardy
    - Re: [PATCH nft] proto: fix VLAN header definition, Florian Westphal
      - Re: [PATCH nft] proto: fix VLAN header definition, Florian Westphal
        
        Re: [PATCH nft] proto: fix VLAN header definition, Patrick McHardy
        
        Re: [PATCH nft] proto: fix VLAN header definition, Florian Westphal
        
        Re: [PATCH nft] proto: fix VLAN header definition, Patrick McHardy
        
        Re: [PATCH nft] proto: fix VLAN header definition, Pablo Neira Ayuso
        
        Re: [PATCH nft] proto: fix VLAN header definition, Florian Westphal
        
        Re: [PATCH nft] proto: fix VLAN header definition, Pablo Neira Ayuso
        
        Re: [PATCH nft] proto: fix VLAN header definition, Florian Westphal
        
        Re: [PATCH nft] proto: fix VLAN header definition, Pablo Neira Ayuso
        
        Re: [PATCH nft] proto: fix VLAN header definition, Florian Westphal
        
        Re: [PATCH nft] proto: fix VLAN header definition, Pablo Neira Ayuso
Re: Bug#806130: linux: netlink_sock_destruct() crash in netns, Ben Hutchings
- Re: Bug#806130: linux: netlink_sock_destruct() crash in netns, Pablo Neira Ayuso
  - Re: Bug#806130: linux: netlink_sock_destruct() crash in netns, Ben Hutchings
[PATCH v2 0/3] src: trace infrastructure support, Florian Westphal
- [PATCH v2 libnftnl 1/3] src: add trace infrastructure support, Florian Westphal
  - Re: [PATCH v2 libnftnl 1/3] src: add trace infrastructure support, Patrick McHardy
- [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
  - Re: [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
    - Re: [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
      - Re: [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
  - Re: [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
    - Re: [PATCH v2 nf-next 2/3] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
- [PATCH v2 nf-next 3/3] netfilter: nf_tables: wrap tracing with a static key, Florian Westphal
  - Re: [PATCH v2 nf-next 3/3] netfilter: nf_tables: wrap tracing with a static key, Patrick McHardy
- Re: [PATCH v2 0/3] src: trace infrastructure support, Patrick McHardy
- Re: [PATCH v2 0/3] src: trace infrastructure support, Patrick McHardy
[RFC PATCH nft] proto: add missing fields for ARP with IPv4/Ethernet, Patrick McHardy
- Re: [RFC PATCH nft] proto: add missing fields for ARP with IPv4/Ethernet, Florian Westphal
Re: [nft patch]add default branch for code integrality, Pablo Neira Ayuso
[nft] add default branch for code integrality, Linmujia
- Re: [nft] add default branch for code integrality, Florian Westphal
[PATCH net-next v3 0/8] openvswitch: NAT support., Jarno Rajahalme
- [PATCH net-next v3 7/8] openvswitch: Delay conntrack helper call for new connections., Jarno Rajahalme
- [PATCH net-next v3 8/8] openvswitch: Interface with NAT., Jarno Rajahalme
  - Re: [PATCH net-next v3 8/8] openvswitch: Interface with NAT., kbuild test robot
  - Re: [PATCH net-next v3 8/8] openvswitch: Interface with NAT., kbuild test robot
- [PATCH net-next v3 6/8] openvswitch: Handle NF_REPEAT in conntrack action., Jarno Rajahalme
- [PATCH net-next v3 2/8] netfilter: Factor out nf_ct_get_info()., Jarno Rajahalme
  - Re: [ovs-dev] [PATCH net-next v3 2/8] netfilter: Factor out nf_ct_get_info()., Simon Horman
- [PATCH net-next v3 5/8] openvswitch: Find existing conntrack entry after upcall., Jarno Rajahalme
- [PATCH net-next v3 3/8] netfilter: Allow calling into nat helper without skb_dst., Jarno Rajahalme
  - Re: [PATCH net-next v3 3/8] netfilter: Allow calling into nat helper without skb_dst.g, Pablo Neira Ayuso
    - Re: [ovs-dev] [PATCH net-next v3 3/8] netfilter: Allow calling into nat helper without skb_dst.g, Pravin Shelar
- [PATCH net-next v3 4/8] openvswitch: Update the CT state key only after nf_conntrack_in()., Jarno Rajahalme
- [PATCH net-next v3 1/8] netfilter: Remove IP_CT_NEW_REPLY definition., Jarno Rajahalme
  - Re: [ovs-dev] [PATCH net-next v3 1/8] netfilter: Remove IP_CT_NEW_REPLY definition., Simon Horman
    - Re: [ovs-dev] [PATCH net-next v3 1/8] netfilter: Remove IP_CT_NEW_REPLY definition., Jarno Rajahalme
      - Re: [ovs-dev] [PATCH net-next v3 1/8] netfilter: Remove IP_CT_NEW_REPLY definition., Jarno Rajahalme
[PATCH nft 1/2] src: add dscp support, Pablo Neira Ayuso
- [PATCH nft 2/2] src: add ecn support, Pablo Neira Ayuso
  - Re: [PATCH nft 2/2] src: add ecn support, Patrick McHardy
- Re: [PATCH nft 1/2] src: add dscp support, Patrick McHardy
  - Re: [PATCH nft 1/2] src: add dscp support, Pablo Neira Ayuso
    - Re: [PATCH nft 1/2] src: add dscp support, Patrick McHardy
      - Re: [PATCH nft 1/2] src: add dscp support, Pablo Neira Ayuso
        
        Re: [PATCH nft 1/2] src: add dscp support, Patrick McHardy
        
        Re: [PATCH nft 1/2] src: add dscp support, Pablo Neira Ayuso
        
        Re: [PATCH nft 1/2] src: add dscp support, Patrick McHardy
        
        Re: [PATCH nft 1/2] src: add dscp support, Pablo Neira Ayuso
        
        Re: [PATCH nft 1/2] src: add dscp support, Patrick McHardy
  - Re: [PATCH nft 1/2] src: add dscp support, Jan Engelhardt
    - Re: [PATCH nft 1/2] src: add dscp support, Patrick McHardy
[RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
- Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
  - Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
    - Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Michal Kubecek
      - Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Marcelo Ricardo Leitner
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Patrick McHardy
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Florian Westphal
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Patrick McHardy
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Florian Westphal
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Patrick McHardy
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Patrick McHardy
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Patrick McHardy
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Patrick McHardy
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Pablo Neira Ayuso
        
        Re: [RFC PATCH -next] netfilter: nf_ct_sctp: validate vtag for new conntrack entries, Patrick McHardy
[PATCH nft] proto: fix arpop symbol table endianess, Patrick McHardy
[PATCH 1/2 nf-next] netfilter: nf_tables: add packet duplication to the netdev family, Pablo Neira Ayuso
- [PATCH 2/2 nf-next] netfilter: nf_tables: add fwd expression to the netdev family, Pablo Neira Ayuso
[PATCH net] ipv6: distinguish frag queues by device for multicast and link-local packets, Michal Kubecek
- Re: [PATCH net] ipv6: distinguish frag queues by device for multicast and link-local packets, David Miller
  - Re: [PATCH net] ipv6: distinguish frag queues by device for multicast and link-local packets, Hannes Frederic Sowa
[PATCH v2 nft 0/2] payload mangling support, Patrick McHardy
- [PATCH v2 nft 1/2] proto: add checksum key information to struct proto_desc, Patrick McHardy
- [PATCH v2 nft 2/2] payload: add payload statement, Patrick McHardy
[PATCH v2 libnftnl] payload mangling support, Patrick McHardy
- [PATCH libnftnl] payload: add payload mangling support, Patrick McHardy
[PATCH 0/6] nftables trace support, Florian Westphal
- [PATCH nf-next 2/6] netfilter: nf_tables: wrap tracing with a static key, Florian Westphal
  - Re: [PATCH nf-next 2/6] netfilter: nf_tables: wrap tracing with a static key, Patrick McHardy
    - Re: [PATCH nf-next 2/6] netfilter: nf_tables: wrap tracing with a static key, Florian Westphal
      - Re: [PATCH nf-next 2/6] netfilter: nf_tables: wrap tracing with a static key, Patrick McHardy
  - Re: [PATCH nf-next 2/6] netfilter: nf_tables: wrap tracing with a static key, Pablo Neira Ayuso
- [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
  - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Pablo Neira Ayuso
    - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
      - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Pablo Neira Ayuso
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
  - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Pablo Neira Ayuso
    - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
      - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Pablo Neira Ayuso
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Pablo Neira Ayuso
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
      - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Pablo Neira Ayuso
  - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
  - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
    - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
      - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
      - Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Patrick McHardy
        
        Re: [PATCH nf-next 1/6] netfilter: nf_tables: extend tracing infrastructure, Florian Westphal
- [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
  - Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
  - Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Pablo Neira Ayuso
    - Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
      - Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Pablo Neira Ayuso
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Pablo Neira Ayuso
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Florian Westphal
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Jan Engelhardt
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Jan Engelhardt
        
        Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
  - Re: [PATCH nf-next 3/6] netfilter: nf_tables: disable old tracing if listener is present, Patrick McHardy
- [PATCH libnftnl 4/6] src: rename EXPORT_SYMBOL to EXPORT_SYMBOL_ALIAS, Florian Westphal
  - Re: [PATCH libnftnl 4/6] src: rename EXPORT_SYMBOL to EXPORT_SYMBOL_ALIAS, Pablo Neira Ayuso
- [PATCH libnftnl 5/6] src: add trace infrastructure support, Florian Westphal
  - Re: [PATCH libnftnl 5/6] src: add trace infrastructure support, Patrick McHardy
    - Re: [PATCH libnftnl 5/6] src: add trace infrastructure support, Patrick McHardy
- [PATCH nftables 6/6] src: add trace support to nft monitor mode, Florian Westphal

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]