Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [nftables 1/3] erec: fix buffer overflow, (continued)
- [nftables 2/3] erec: fix logic when reading from file, Eric Leblond
  - Re: [nftables 2/3] erec: fix logic when reading from file, Pablo Neira Ayuso
- [nftables 3/3] mnl: improve select timeout logic, Eric Leblond
  - Re: [nftables 3/3] mnl: improve select timeout logic, Eric Leblond
[ulogd2 PATCHv2] Use stdint types everywhere, Felix Janda
- Re: [ulogd2 PATCHv2] Use stdint types everywhere, Eric Leblond
Kernel 4.1.0 broke the TARPIT & DELUGE targets in xtables-addons-2.6, Alexander Petrenas
- Re: Kernel 4.1.0 broke the TARPIT & DELUGE targets in xtables-addons-2.6, Florian Westphal
- <Possible follow-ups>
- RE: Kernel 4.1.0 broke the TARPIT & DELUGE targets in xtables-addons-2.6, Alexander Petrenas
  - RE: Kernel 4.1.0 broke the TARPIT & DELUGE targets in xtables-addons-2.6, Alexander Petrenas
    - RE: Kernel 4.1.0 broke the TARPIT & DELUGE targets in xtables-addons-2.6, Jan Engelhardt
[PATCH net] netfilter: nf_queue: Don't recompute the hook_list head, Eric W. Biederman
- Re: [PATCH net] netfilter: nf_queue: Don't recompute the hook_list head, Pablo Neira Ayuso
  - Re: [PATCH net] netfilter: nf_queue: Don't recompute the hook_list head, Eric W. Biederman
    - Re: [PATCH net] netfilter: nf_queue: Don't recompute the hook_list head, Pablo Neira Ayuso
      - Re: [PATCH net] netfilter: nf_queue: Don't recompute the hook_list head, Eric W. Biederman
        
        Re: [PATCH net] netfilter: nf_queue: Don't recompute the hook_list head, Pablo Neira Ayuso
        
        Re: [PATCH net] netfilter: nf_queue: Don't recompute the hook_list head, Eric W. Biederman
Re: [PATCH net] netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook, Eric W. Biederman
- Re: [PATCH net] netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook, Pablo Neira Ayuso
  - Re: [PATCH net] netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook, Patrick McHardy
    - Re: [PATCH net] netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook, Eric W. Biederman
      - Re: [PATCH net] netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook, Patrick McHardy
    - Re: [PATCH net] netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook, Pablo Neira Ayuso
  - Re: [PATCH net] netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook, Eric W. Biederman
[PATCH net] netfilter: nftables: Do not run chains in the wrong network namespace, Eric W. Biederman
- Re: [PATCH net] netfilter: nftables: Do not run chains in the wrong network namespace, Pablo Neira Ayuso
- Re: [PATCH net] netfilter: nftables: Do not run chains in the wrong network namespace, David Miller
[PATCH nft 1/3] rule: use netlink_add_setelems() when creating literal sets, Pablo Neira Ayuso
- [PATCH nft 2/3] segtree: pass element expression as parameter to set_to_intervals(), Pablo Neira Ayuso
- [PATCH nft 3/3] rule: fix use of intervals in set declarations, Pablo Neira Ayuso
  - Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Patrick McHardy
    - Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Pablo Neira Ayuso
      - Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Patrick McHardy
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Pablo Neira Ayuso
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Patrick McHardy
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Pablo Neira Ayuso
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Patrick McHardy
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Patrick McHardy
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Pablo Neira Ayuso
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Patrick McHardy
        
        Re: [PATCH nft 3/3] rule: fix use of intervals in set declarations, Pablo Neira Ayuso
[PATCH nf-next, v4] netfilter: nft_counter: convert it to use per-cpu counters, Pablo Neira Ayuso
- Re: [PATCH nf-next, v4] netfilter: nft_counter: convert it to use per-cpu counters, Eric Dumazet
[PATCH nf-next, v3] netfilter: nft_counter: convert it to use per-cpu counters, Pablo Neira Ayuso
[PATCH nft] src: add tee statement, Pablo Neira Ayuso
- Re: [PATCH nft] src: add tee statement, Patrick McHardy
  - Re: [PATCH nft] src: add tee statement, Patrick Schaaf
    - Re: [PATCH nft] src: add tee statement, Jan Engelhardt
      - Re: [PATCH nft] src: add tee statement, Patrick McHardy
        
        Re: [PATCH nft] src: add tee statement, Jan Engelhardt
        
        Re: [PATCH nft] src: add tee statement, Bjørnar Ness
    - Re: [PATCH nft] src: add tee statement, Patrick McHardy
  - Re: [PATCH nft] src: add tee statement, Pablo Neira Ayuso
    - Re: [PATCH nft] src: add tee statement, Patrick McHardy
      - Re: [PATCH nft] src: add tee statement, Pablo Neira Ayuso
[PATCH libnftnl] expr: add new nft_tee expression, Pablo Neira Ayuso
[PATCH nf-next,v2] netfilter: nft_counter: convert it to use per-cpu counters, Pablo Neira Ayuso
- Re: [PATCH nf-next,v2] netfilter: nft_counter: convert it to use per-cpu counters, Patrick McHardy
  - Re: [PATCH nf-next,v2] netfilter: nft_counter: convert it to use per-cpu counters, Pablo Neira Ayuso
    - Re: [PATCH nf-next,v2] netfilter: nft_counter: convert it to use per-cpu counters, Patrick McHardy
      - Re: [PATCH nf-next,v2] netfilter: nft_counter: convert it to use per-cpu counters, Pablo Neira Ayuso
        
        Re: [PATCH nf-next,v2] netfilter: nft_counter: convert it to use per-cpu counters, Patrick McHardy
    - Re: [PATCH nf-next,v2] netfilter: nft_counter: convert it to use per-cpu counters, Marcelo Ricardo Leitner
[PATCH nf-next 1/2] netfilter: nft_counter: split out counters from nft_counter, Pablo Neira Ayuso
- [PATCH nf-next 2/2] netfilter: nft_counter: add per-cpu support, Pablo Neira Ayuso
  - Re: [PATCH nf-next 2/2] netfilter: nft_counter: add per-cpu support, Patrick McHardy
    - Re: [PATCH nf-next 2/2] netfilter: nft_counter: add per-cpu support, Pablo Neira Ayuso
      - Re: [PATCH nf-next 2/2] netfilter: nft_counter: add per-cpu support, Patrick McHardy
[PATCH nf-next, v2 1/3] netfilter: xt_TEE: always allocate private area, Pablo Neira Ayuso
- [PATCH nf-next, v2 3/3] netfilter: nf_tables: add nft_tee expression, Pablo Neira Ayuso
- =?y?q?=5BPATCH=20nf-next=2C=20v2=202/3=5D=20netfilter=3A=20move=20generic=20TEE=20code=20from=20xtables=20to=20nf=5Ftee=5Fipv=7B4=2C6=7D=20modules?=, Pablo Neira Ayuso
Kedves Email felhasználói;, "rendszer Administrator®"
[PATCH COLO-Frame v6 00/31] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, zhanghailiang
- Re: [PATCH COLO-Frame v6 00/31] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
  - Re: [PATCH COLO-Frame v6 00/31] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, zhanghailiang
[RFC] COLO Proxy Module, Li Zhijian
- Message not available
  - Re: [RFC] COLO Proxy Module, Patrick McHardy
    - Re: [RFC] COLO Proxy Module, Wen Congyang
[PATCH -next] netfilter: xtables: fix warnings on 32bit platforms, Florian Westphal
- Re: [PATCH -next] netfilter: xtables: fix warnings on 32bit platforms, Pablo Neira Ayuso
[PATCH 0/5] nft trace, Markus Koetter
- [PATCH 2/5] netlink: delinarize chain policy, Markus Koetter
  - Re: [PATCH 2/5] netlink: delinarize chain policy, Pablo Neira Ayuso
- [PATCH 1/5] parser: add trace command, Markus Koetter
- [PATCH 3/5] rule: make cache creation a function, Markus Koetter
- [PATCH 5/5] trace: add log for packets, Markus Koetter
  - Re: [PATCH 5/5] trace: add log for packets, Pablo Neira Ayuso
- [PATCH 4/5] trace: implement commands action, Markus Koetter
  - Re: [PATCH 4/5] trace: implement commands action, Pablo Neira Ayuso
[PATCH nf-next 0/3] netfilter: socket lookup function refactoring, cgroup match fixes, Daniel Mack
- [PATCH nf-next 3/3] netfilter: nft_meta: fix cgroup socket lookups, Daniel Mack
- [PATCH nf-next 2/3] netfilter: x_tables: fix cgroup's NF_INET_LOCAL_IN sk lookups, Daniel Mack
- [PATCH nf-next 1/3] netfilter: factor out helpers from xt_socket into separate modules, Daniel Mack
- Re: [PATCH nf-next 0/3] netfilter: socket lookup function refactoring, cgroup match fixes, Pablo Neira Ayuso
  - Re: [PATCH nf-next 0/3] netfilter: socket lookup function refactoring, cgroup match fixes, Daniel Mack
    - Re: [PATCH nf-next 0/3] netfilter: socket lookup function refactoring, cgroup match fixes, Pablo Neira Ayuso
      - Re: [PATCH nf-next 0/3] netfilter: socket lookup function refactoring, cgroup match fixes, Daniel Borkmann
[PATCH iptables RFC 4/4] libxt_TCPOPTSTRIP: Use local copy of TCPOPTS constants, Felix Janda
- Re: [musl] [PATCH iptables RFC 4/4] libxt_TCPOPTSTRIP: Use local copy of TCPOPTS constants, Rich Felker
[PATCH iptables 3/4] ip*_tables.h: Sync with upstream, Felix Janda
[PATCH iptables 2/4] xtables.h: Use <stdint.h> types, Felix Janda
[PATCH iptables 1/4] Sync with ethernetdb.h from ebtables, Felix Janda
- Re: [PATCH iptables 1/4] Sync with ethernetdb.h from ebtables, Pablo Neira Ayuso
[PATCH nft-sync] event.c: Include <signal.h> for signal names, Felix Janda
[PATCH libnetfilter_queue] libnetfilter_queue.h: Include <sys/time.h> for struct timeval, Felix Janda
- Re: [PATCH libnetfilter_queue] libnetfilter_queue.h: Include <sys/time.h> for struct timeval, Pablo Neira Ayuso
[PATCH nft,next-4.2,v2] src: add netdev family support, Pablo Neira Ayuso
- Re: [PATCH nft,next-4.2,v2] src: add netdev family support, Patrick McHardy
[PATCH nft] netlink: fix use-after-free netlink_events_cache_deltable(), Pablo Neira Ayuso
[PATCH nft] parser_bison: allow to use mark as datatype for maps and sets, Pablo Neira Ayuso
- Re: [PATCH nft] parser_bison: allow to use mark as datatype for maps and sets, Patrick McHardy
  - Re: [PATCH nft] parser_bison: allow to use mark as datatype for maps and sets, Pablo Neira Ayuso
    - Re: [PATCH nft] parser_bison: allow to use mark as datatype for maps and sets, Miroslav Kratochvil
      - Re: [PATCH nft] parser_bison: allow to use mark as datatype for maps and sets, Pablo Neira Ayuso
[PATCH nft,next-4.2] src: add netdev family support, Pablo Neira Ayuso
- Re: [PATCH nft,next-4.2] src: add netdev family support, Patrick McHardy
  - Re: [PATCH nft,next-4.2] src: add netdev family support, Pablo Neira Ayuso
[PATCH libnfnl] chain: add netdev family support, Pablo Neira Ayuso
[PATCH nf-next 1/2] netfilter: bridge: rename br_netfilter.c to br_netfilter_hooks.c, Pablo Neira Ayuso
- [PATCH nf-next 2/2] netfilter: bridge: split ipv6 code out of the core, Pablo Neira Ayuso
  - Re: [PATCH nf-next 2/2] netfilter: bridge: split ipv6 code out of the core, Pablo Neira Ayuso
[PATCH net-next] x_table: align per cpu xt_counter, Eric Dumazet
- Re: [PATCH net-next] x_table: align per cpu xt_counter, Florian Westphal
  - Re: [PATCH net-next] x_table: align per cpu xt_counter, Pablo Neira Ayuso
- Re: [PATCH net-next] x_table: align per cpu xt_counter, David Miller
  - Re: [PATCH net-next] x_table: align per cpu xt_counter, Pablo Neira Ayuso
[PATCH iptables] xt_socket: add --restore-skmark option, Harout Hedeshian
- Re: [PATCH iptables] xt_socket: add --restore-skmark option, Pablo Neira Ayuso
- Re: [PATCH iptables] xt_socket: add --restore-skmark option, Pablo Neira Ayuso
  - RE: [PATCH iptables] xt_socket: add --restore-skmark option, Harout Hedeshian
[PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_RESTORESKMARK flag, Harout Hedeshian
- RE: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_RESTORESKMARK flag, Harout Hedeshian
  - Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_RESTORESKMARK flag, Pablo Neira Ayuso
[PATCH 00/32] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH 01/32] netfilter: conntrack: warn the user if there is a better helper to use, Pablo Neira Ayuso
- [PATCH 03/32] netfilter: bridge: re-order br_nf_pre_routing_finish_ipv6(), Pablo Neira Ayuso
- [PATCH 04/32] netfilter: bridge: detect NAT66 correctly and change MAC address, Pablo Neira Ayuso
- [PATCH 02/32] netfilter: bridge: refactor clearing BRNF_NF_BRIDGE_PREROUTING, Pablo Neira Ayuso
- [PATCH 06/32] netfilter: bridge: rename br_parse_ip_options, Pablo Neira Ayuso
- [PATCH 05/32] netfilter: bridge: refactor frag_max_size, Pablo Neira Ayuso
- [PATCH 08/32] netfilter: bridge: forward IPv6 fragmented packets, Pablo Neira Ayuso
- [PATCH 26/32] netfilter: ipset: Introduce RCU locking in list type, Pablo Neira Ayuso
- [PATCH 24/32] netfilter: ipset: Introduce RCU locking in bitmap:* types, Pablo Neira Ayuso
- [PATCH 28/32] netfilter: Kconfig: get rid of parens around depends on, Pablo Neira Ayuso
- [PATCH 29/32] netfilter: x_tables: remove XT_TABLE_INFO_SZ and a dereference., Pablo Neira Ayuso
- [PATCH 25/32] netfilter: ipset: Introduce RCU locking in hash:* types, Pablo Neira Ayuso
- [PATCH 30/32] netfilter: nf_tables: attach net_device to basechain, Pablo Neira Ayuso
- [PATCH 22/32] netfilter:ipset Remove rbtree from hash:net,iface, Pablo Neira Ayuso
- [PATCH 23/32] netfilter: ipset: Prepare the ipset core to use RCU at set level, Pablo Neira Ayuso
- [PATCH 32/32] netfilter: nf_tables_netdev: unregister hooks on net_device removal, Pablo Neira Ayuso
- [PATCH 31/32] netfilter: nf_tables: add nft_register_basechain() and nft_unregister_basechain(), Pablo Neira Ayuso
- [PATCH 27/32] netfilter: ipset: Fix coding styles reported by checkpatch.pl, Pablo Neira Ayuso
- [PATCH 21/32] netfilter: ipset: Make sure listing doesn't grab a set which is just being destroyed., Pablo Neira Ayuso
- [PATCH 20/32] netfilter: ipset: Fix parallel resizing and listing of the same set, Pablo Neira Ayuso
- [PATCH 07/32] netfilter: bridge: re-order check_hbh_len(), Pablo Neira Ayuso
- [PATCH 19/32] netfilter: ipset: Fix cidr handling for hash:*net* types, Pablo Neira Ayuso
- [PATCH 10/32] netfilter: bridge: restore vlan tag when refragmenting, Pablo Neira Ayuso
- [PATCH 17/32] netfilter: ipset: Make sure we always return line number on batch, Pablo Neira Ayuso
- [PATCH 18/32] netfilter: ipset: Check CIDR value only when attribute is given, Pablo Neira Ayuso
- [PATCH 15/32] netfilter: ipset: Check extensions attributes before getting extensions., Pablo Neira Ayuso
- [PATCH 12/32] netfilter: xtables: avoid percpu ruleset duplication, Pablo Neira Ayuso
- [PATCH 11/32] netfilter: xtables: use percpu rule counters, Pablo Neira Ayuso
- [PATCH 13/32] netfilter: ipset: Use MSEC_PER_SEC consistently, Pablo Neira Ayuso
- [PATCH 14/32] netfilter: ipset: Use SET_WITH_*() helpers to test set extensions, Pablo Neira Ayuso
- [PATCH 09/32] net: ip_fragment: remove BRIDGE_NETFILTER mtu special handling, Pablo Neira Ayuso
- [PATCH 16/32] netfilter: ipset: Permit CIDR equal to the host address CIDR in IPv6, Pablo Neira Ayuso
- Re: [PATCH 00/32] Netfilter updates for net-next, David Miller
- Re: [PATCH 00/32] Netfilter updates for net-next, Jakub Kiciński
  - Re: [PATCH 00/32] Netfilter updates for net-next, Pablo Neira Ayuso
[PATCH nf-next] x_tables: remove XT_TABLE_INFO_SZ and a dereference., Eric Dumazet
- Re: [PATCH nf-next] x_tables: remove XT_TABLE_INFO_SZ and a dereference., Pablo Neira Ayuso
[PATCH RFC 00/15] Netfilter pernet hook support, Pablo Neira Ayuso
- [PATCH RFC 01/15] net: include missing headers in net/net_namespace.h, Pablo Neira Ayuso
- [PATCH RFC 02/15] netfilter: use forward declaration instead of including linux/proc_fs.h, Pablo Neira Ayuso
- [PATCH RFC 05/15] netfilter: ipt_CLUSTERIP: adapt it to support pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 04/15] netfilter: add pernet hook support, Pablo Neira Ayuso
  - Re: [PATCH RFC 04/15] netfilter: add pernet hook support, Eric W. Biederman
- [PATCH RFC 06/15] netfilter: x_tables: adapt xt_hook_link() to support pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 03/15] netfilter: don't pull include/linux/netfilter.h from netns headers, Pablo Neira Ayuso
- [PATCH RFC 08/15] netfilter: nf_conntrack: adapt IPv4 and IPv6 trackers to pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 09/15] netfilter: synproxy: adapt IPv4 and IPv6 targets to pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 10/15] netfilter: defrag: add pernet hook support, Pablo Neira Ayuso
- [PATCH RFC 11/15] ipvs: adapt it to pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 12/15] netfilter: ebtables: adapt the filter and nat table to pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 07/15] netfilter: x_tables: adapt tables to pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 13/15] netfilter: nf_tables: adapt it to pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 14/15] security: adapt it to pernet hooks, Pablo Neira Ayuso
- [PATCH RFC 15/15] netfilter: bridge: adapt it to pernet hooks, Pablo Neira Ayuso
[PATCH nf-next 1/3, v2] netfilter: nf_tables: attach net_device to basechain, Pablo Neira Ayuso
- [PATCH nf-next 2/3] netfilter: nf_tables: add nft_register_basechain() and nft_unregister_basechain(), Pablo Neira Ayuso
- [PATCH nf-next 3/3] netfilter: nf_tables_netdev: unregister hooks on net_device removal, Pablo Neira Ayuso
[PATCH] net: fix search limit handling in skb_find_text(), Roman I Khimov
- Re: [PATCH] net: fix search limit handling in skb_find_text(), Pablo Neira Ayuso
  - Re: [PATCH] net: fix search limit handling in skb_find_text(), Roman Khimov
    - Re: [PATCH] net: fix search limit handling in skb_find_text(), Pablo Neira Ayuso
      - Re: [PATCH] net: fix search limit handling in skb_find_text(), Roman Khimov
        
        Re: [PATCH] net: fix search limit handling in skb_find_text(), Pablo Neira Ayuso
- Re: [PATCH] net: fix search limit handling in skb_find_text(), David Miller
[PATCH net-next 00/15] Simplify netfilter and network namespaces, Eric W. Biederman
- [PATCH net-next 01/15] netfilter: Kill unused copies of RCV_SKB_FAIL, Eric W. Biederman
- [PATCH net-next 02/15] netfilter: Pass struct net into the netfilter hooks, Eric W. Biederman
- [PATCH net-next 03/15] netfilter: Use nf_hook_state.net, Eric W. Biederman
- [PATCH net-next 04/15] ebtables: Simplify the arguments to ebt_do_table, Eric W. Biederman
- [PATCH net-next 05/15] inet netfilter: Remove hook from ip6t_do_table, arp_do_table, ipt_do_table, Eric W. Biederman
- [PATCH net-next 06/15] inet netfilter: Prefer state->hook to ops->hooknum, Eric W. Biederman
- [PATCH net-next 07/15] nftables: kill nft_pktinfo.ops, Eric W. Biederman
- [PATCH net-next 08/15] tc: Simplify em_ipset_match, Eric W. Biederman
- [PATCH net-next 10/15] x_tables: Use par->net instead of computing from the passed net devices, Eric W. Biederman
- [PATCH net-next 09/15] x_tables: Pass struct net in xt_action_param, Eric W. Biederman
- [PATCH net-next 15/15] ipv6: Pass struct net into nf_ct_frag6_gather, Eric W. Biederman
- [PATCH net-next 13/15] nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple, Eric W. Biederman
- [PATCH net-next 12/15] nf_tables: Use pkt->net instead of computing net from the passed net_devices, Eric W. Biederman
- [PATCH net-next 11/15] nftables: Pass struct net in nft_pktinfo, Eric W. Biederman
- [PATCH net-next 14/15] ipv4: Pass struct net into ip_defrag and ip_check_defrag, Eric W. Biederman
- Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Pablo Neira Ayuso
  - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Eric W. Biederman
    - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Pablo Neira Ayuso
- Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, David Miller
  - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Eric W. Biederman
    - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, David Miller
    - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Pablo Neira Ayuso
      - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Eric W. Biederman
- [PATCH net-next 00/43] Simplify netfilter and network namespaces (take 2), Eric W. Biederman
  - [PATCH net-next 01/43] netfilter: Kill unused copies of RCV_SKB_FAIL, Eric W. Biederman
  - [PATCH net-next 03/43] netfilter: Use nf_hook_state.net, Eric W. Biederman
  - [PATCH net-next 05/43] inet netfilter: Remove hook from ip6t_do_table, arp_do_table, ipt_do_table, Eric W. Biederman
  - [PATCH net-next 06/43] inet netfilter: Prefer state->hook to ops->hooknum, Eric W. Biederman
  - [PATCH net-next 09/43] x_tables: Pass struct net in xt_action_param, Eric W. Biederman
  - [PATCH net-next 10/43] x_tables: Use par->net instead of computing from the passed net devices, Eric W. Biederman
  - [PATCH net-next 07/43] nftables: kill nft_pktinfo.ops, Eric W. Biederman
  - [PATCH net-next 04/43] ebtables: Simplify the arguments to ebt_do_table, Eric W. Biederman
  - [PATCH net-next 08/43] tc: Simplify em_ipset_match, Eric W. Biederman
  - [PATCH net-next 02/43] netfilter: Pass struct net into the netfilter hooks, Eric W. Biederman
  - [PATCH net-next 21/43] netfilter: Add a network namespace Kconfig conflict, Eric W. Biederman
  - [PATCH net-next 34/43] netfilter: bridge: adapt it to pernet hooks, Eric W. Biederman
  - [PATCH net-next 32/43] netfilter: ipt_CLUSTERIP: adapt it to support pernet hooks, Eric W. Biederman
  - [PATCH net-next 33/43] netfilter: ebtables: adapt the filter and nat table to pernet hooks, Eric W. Biederman
  - [PATCH net-next 15/43] ipv6: Pass struct net into nf_ct_frag6_gather, Eric W. Biederman
  - [PATCH net-next 18/43] netfilter: don't pull include/linux/netfilter.h from netns headers, Eric W. Biederman
  - [PATCH net-next 11/43] nftables: Pass struct net in nft_pktinfo, Eric W. Biederman
  - [PATCH net-next 26/43] netfitler: Remove spurios included of netfilter.h, Eric W. Biederman
  - [PATCH net-next 36/43] netfilter: nf_conntract: Register netfilter hooks in all network namespaces, Eric W. Biederman
  - [PATCH net-next 37/43] netfilter: nf_defrag: Register netfilter hooks in all network namespaces, Eric W. Biederman
  - [PATCH net-next 27/43] x_tables: Add magical hook registration in the common case, Eric W. Biederman
  - [PATCH net-next 43/43] netfilter: Skip unnecessary calls to synchronize_net, Eric W. Biederman
    - Re: [PATCH net-next 43/43] netfilter: Skip unnecessary calls to synchronize_net, Patrick McHardy
      - Re: [PATCH net-next 43/43] netfilter: Skip unnecessary calls to synchronize_net, Eric W. Biederman
  - [PATCH net-next 41/43] netfilter: Remove the network namespace Kconfig conflict, Eric W. Biederman
  - [PATCH net-next 30/43] x_tables: Update ip?table_nat to register their hooks in all network namespaces, Eric W. Biederman
  - [PATCH net-next 39/43] selinux: adapt it to pernet hooks, Eric W. Biederman
  - [PATCH net-next 12/43] nf_tables: Use pkt->net instead of computing net from the passed net_devices, Eric W. Biederman
  - [PATCH net-next 22/43] netfilter: Add a struct net parameter to nf_register_hook[s], Eric W. Biederman
  - [PATCH net-next 31/43] netfilter: nf_tables: adapt it to pernet hooks, Eric W. Biederman
  - [PATCH net-next 20/43] netfilter: Pass priv instead of nf_hook_ops to netfilter hooks, Eric W. Biederman
  - [PATCH net-next 40/43] smack: adapt it to pernet hooks, Eric W. Biederman
  - [PATCH net-next 35/43] ipvs: Register netfilter hooks in all network namespaces, Eric W. Biederman
  - [PATCH net-next 16/43] net: include missing headers in net/net_namespace.h, Eric W. Biederman
  - [PATCH net-next 29/43] x_tables: Kill xt_[un]hook_link, Eric W. Biederman
  - [PATCH net-next 17/43] netfilter: use forward declaration instead of including linux/proc_fs.h, Eric W. Biederman
  - [PATCH net-next 24/43] netfilter: Make the netfilter hooks per network namespace, Eric W. Biederman
  - [PATCH net-next 25/43] netfilter: Make nf_hook_ops just a parameter structure, Eric W. Biederman
  - [PATCH net-next 42/43] netfilter bridge: Make the sysctl knobs per network namespace, Eric W. Biederman
  - [PATCH net-next 38/43] netfilter: synproxy: Register netfilter hooks in all network namespaces, Eric W. Biederman
  - [PATCH net-next 13/43] nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple, Eric W. Biederman
  - [PATCH net-next 14/43] ipv4: Pass struct net into ip_defrag and ip_check_defrag, Eric W. Biederman
  - [PATCH net-next 19/43] ipvs: Read hooknum from state rather than ops->hooknum, Eric W. Biederman
  - [PATCH net-next 23/43] netfilter: Add a struct net parameter to nf_unregister_hook[s], Eric W. Biederman
  - [PATCH net-next 28/43] x_tables: Where possible convert to the new hook registration method, Eric W. Biederman
  - Re: [PATCH net-next 00/43] Simplify netfilter and network namespaces (take 2), Andreas Schultz
  - Re: [PATCH net-next 00/43] Simplify netfilter and network namespaces (take 2), Pablo Neira Ayuso
  - [PATCH -next 0/6] Per network namespace netfilter chains, Eric W. Biederman
    - [PATCH -next 1/6] netfilter: nf_queue: Don't recompute the hook_list head, Eric W. Biederman
    - [PATCH -next 2/6] netfilter: kill nf_hooks_active, Eric W. Biederman
    - [PATCH -next 3/6] netfilter: Simply the tests for enabling and disabling the ingress queue hook, Eric W. Biederman
    - [PATCH -next 4/6] netfilter: Factor out the hook list selection from nf_register_hook, Eric W. Biederman
    - [PATCH -next 5/6] netfilter: Per network namespace netfilter hooks., Eric W. Biederman
      - Re: [PATCH -next 5/6] netfilter: Per network namespace netfilter hooks., Pablo Neira Ayuso
        
        Re: [PATCH -next 5/6] netfilter: Per network namespace netfilter hooks., Eric W. Biederman
    - [PATCH -next 6/6] netfilter: nftables: Only run the nftables chains in the proper netns, Eric W. Biederman
    - Re: [PATCH -next 0/6] Per network namespace netfilter chains, Pablo Neira Ayuso
      - Re: [PATCH -next 0/6] Per network namespace netfilter chains, Eric W. Biederman
        
        Re: [PATCH -next 0/6] Per network namespace netfilter chains, Pablo Neira Ayuso
- Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Julian Anastasov
  - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Eric W. Biederman
    - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Julian Anastasov
      - Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Eric W. Biederman
        
        Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Julian Anastasov
        
        Re: [PATCH net-next 00/15] Simplify netfilter and network namespaces, Eric W. Biederman
[PATCH nft] tests: regression: ip6: reduce warning noise, Pablo Neira Ayuso
Does arptables support adding new extensions dinamically like iptables does?, Roberto Santalla Fdez.
[PATCH iptables] xt_socket: add --mark option, Harout Hedeshian
[PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_MATCHSOCKMARK flag and mark fields, Harout Hedeshian
- Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_MATCHSOCKMARK flag and mark fields, Pablo Neira Ayuso
  - RE: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_MATCHSOCKMARK flag and mark fields, Harout Hedeshian
  - RE: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_MATCHSOCKMARK flag and mark fields, Harout Hedeshian
    - Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_MATCHSOCKMARK flag and mark fields, Pablo Neira Ayuso
      - RE: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_MATCHSOCKMARK flag and mark fields, Harout Hedeshian
[PATCH nf-next 2/4] netfilter: xt_TEE: always allocate private area, Pablo Neira Ayuso
- =?y?q?=5BPATCH=20nf-next=203/4=5D=20netfilter=3A=20move=20generic=20TEE=20code=20from=20xtables=20to=20nf=5Ftee=5Fipv=7B4=2C6=7D=20modules?=, Pablo Neira Ayuso
  - Re: [PATCH nf-next 3/4] netfilter: move generic TEE code from xtables to nf_tee_ipv{4,6} modules, Pablo Neira Ayuso
    - Re: [PATCH nf-next 3/4] netfilter: move generic TEE code from xtables to nf_tee_ipv{4,6} modules, Pablo Neira Ayuso
      - Re: [PATCH nf-next 3/4] netfilter: move generic TEE code from xtables to nf_tee_ipv{4,6} modules, Patrick McHardy
- [PATCH nf-next 4/4] netfilter: nf_tables: add nft_tee expression, Pablo Neira Ayuso
[PATCH nf-next 1/4] netfilter: Kconfig: get rid of parens around depends on, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_tables: attach net_device to basechain, Pablo Neira Ayuso
[PATCH v3 nf-next 1/2] netfilter: xtables: use percpu rule counters, Florian Westphal
- [PATCH v3 nf-next 2/2] netfilter: xtables: avoid percpu ruleset duplication, Florian Westphal
  - Re: [PATCH v3 nf-next 2/2] netfilter: xtables: avoid percpu ruleset duplication, Eric Dumazet
    - Re: [PATCH v3 nf-next 2/2] netfilter: xtables: avoid percpu ruleset duplication, Pablo Neira Ayuso
      - Re: [PATCH v3 nf-next 2/2] netfilter: xtables: avoid percpu ruleset duplication, Eric Dumazet
- Re: [PATCH v3 nf-next 1/2] netfilter: xtables: use percpu rule counters, Eric Dumazet
[PATCH v2 nf-next 1/2] netfilter: xtables: use percpu rule counters, Florian Westphal
- [PATCH v2 nf-next 2/2] netfilter: xtables: avoid percpu ruleset duplication, Florian Westphal
- Re: [PATCH v2 nf-next 1/2] netfilter: xtables: use percpu rule counters, Eric Dumazet
nft rules processed in wrong network namespace, Andreas Schultz
- Re: nft rules processed in wrong network namespace, Andreas Schultz
- <Possible follow-ups>
- Re: nft rules processed in wrong network namespace, Andreas Schultz
  - Re: nft rules processed in wrong network namespace, Jan Engelhardt
  - Re: nft rules processed in wrong network namespace, Pablo Neira Ayuso
    - Re: nft rules processed in wrong network namespace, Andreas Schultz
      - Re: nft rules processed in wrong network namespace, Patrick McHardy
        
        Re: nft rules processed in wrong network namespace, Andreas Schultz
iptables nftables compat weirdness, Andreas Schultz
- Re: iptables nftables compat weirdness, Pablo Neira Ayuso
  - Re: iptables nftables compat weirdness, Andreas Schultz
    - Re: iptables nftables compat weirdness, Andreas Schultz
[PATCH nf-next 1/2] netfilter: xtables: use percpu rule counters, Florian Westphal
- [PATCH nf-next 2/2] netfilter: xtables: avoid percpu ruleset duplication, Florian Westphal
- Re: [PATCH nf-next 1/2] netfilter: xtables: use percpu rule counters, Eric Dumazet
  - Re: [PATCH nf-next 1/2] netfilter: xtables: use percpu rule counters, Florian Westphal
[PATCH nft 1/2] datatype: default to display bitmask in hexadecimal, Pablo Neira Ayuso
- [PATCH nft 2/2] proto: use bitmask_type for comp flags, Pablo Neira Ayuso
Possible bug when bridging traffic we just SNATed and sent to another router, Daniel Collins
- Re: Possible bug when bridging traffic we just SNATed and sent to another router, Florian Westphal
  - Re: Possible bug when bridging traffic we just SNATed and sent to another router, Daniel Collins
    - Re: Possible bug when bridging traffic we just SNATed and sent to another router, Florian Westphal
      - Re: Possible bug when bridging traffic we just SNATed and sent to another router, Daniel Collins
        
        Re: Possible bug when bridging traffic we just SNATed and sent to another router, Florian Westphal
[PATCH nft 0/9] concat support, Patrick McHardy
- [PATCH nft 2/9] headers: sync headers for new register values, Patrick McHardy
- [PATCH nft 1/9] eval: prohibit variable sized types in concat expressions, Patrick McHardy
- [PATCH nft 4/9] netlink_linearize: use NFT_REG32 values internally, Patrick McHardy
- [PATCH nft 3/9] netlink: pass expression to register allocation/release functions, Patrick McHardy
- [PATCH nft 9/9] netlink: handle concat expressions in set data, Patrick McHardy
- [PATCH nft 8/9] netlink_delinearize: handle relational and lookup concat expressions, Patrick McHardy
- [PATCH nft 7/9] netlink_delinearize: introduce register translation helper, Patrick McHardy
- [PATCH nft 6/9] netlink: pad constant concat sub-expressions, Patrick McHardy
- [PATCH nft 5/9] netlink_linearize: generate concat expressions, Patrick McHardy
nft netdev family bindings, Patrick McHardy
- Re: nft netdev family bindings, Pablo Neira Ayuso
  - Re: nft netdev family bindings, Patrick McHardy
    - Re: nft netdev family bindings, Patrick McHardy
      - Re: nft netdev family bindings, Pablo Neira Ayuso
        
        Re: nft netdev family bindings, Patrick McHardy
        
        Re: nft netdev family bindings, Pablo Neira Ayuso
        
        Re: nft netdev family bindings, Patrick McHardy
        
        Re: nft netdev family bindings, Pablo Neira Ayuso
        
        Re: nft netdev family bindings, Patrick McHardy
        
        Re: nft netdev family bindings, Pablo Neira Ayuso
        
        Re: nft netdev family bindings, Patrick McHardy
[PATCH nf-next] net: ip_fragment: remove BRIDGE_NETFILTER mtu special handling, Florian Westphal
- Re: [PATCH nf-next] net: ip_fragment: remove BRIDGE_NETFILTER mtu special handling, Pablo Neira Ayuso
[PATCH] netfilter: bridge: restore vlan tag when refragmenting, Florian Westphal
- Re: [PATCH] netfilter: bridge: restore vlan tag when refragmenting, Eric Dumazet
  - Re: [PATCH] netfilter: bridge: restore vlan tag when refragmenting, Florian Westphal
- Re: [PATCH] netfilter: bridge: restore vlan tag when refragmenting, Pablo Neira Ayuso
[patch] ipvs: prevent some underflows, Dan Carpenter
- Re: [patch] ipvs: prevent some underflows, Julian Anastasov
  - Re: [patch] ipvs: prevent some underflows, Marcelo Ricardo Leitner
    - Re: [patch] ipvs: prevent some underflows, Julian Anastasov
      - Re: [patch] ipvs: prevent some underflows, Marcelo Ricardo Leitner
        
        Re: [patch] ipvs: prevent some underflows, Dan Carpenter
        
        Re: [patch] ipvs: prevent some underflows, Julian Anastasov
xtables-addons 64-bit counter patch, Neal P. Murphy
- Re: xtables-addons 64-bit counter patch, Jan Engelhardt
  - Re: xtables-addons 64-bit counter patch, Neal P. Murphy
  - Re: xtables-addons 64-bit counter patch, Neal P. Murphy
    - Re: xtables-addons 64-bit counter patch, Neal P. Murphy
      - Re: xtables-addons 64-bit counter patch, Jan Engelhardt
        
        Re: xtables-addons 64-bit counter patch, Jan Engelhardt
[PATCH nft] netlink_delinearize: restore listing of host byteorder set elements, Pablo Neira Ayuso
- Re: [PATCH nft] netlink_delinearize: restore listing of host byteorder set elements, Patrick McHardy
  - Re: [PATCH nft] netlink_delinearize: restore listing of host byteorder set elements, Pablo Neira Ayuso
    - Re: [PATCH nft] netlink_delinearize: restore listing of host byteorder set elements, Patrick McHardy
      - Re: [PATCH nft] netlink_delinearize: restore listing of host byteorder set elements, Pablo Neira Ayuso
        
        Re: [PATCH nft] netlink_delinearize: restore listing of host byteorder set elements, Patrick McHardy
netlink multi-thread / libmnl / nfq, Ryan Johnston
- Re: netlink multi-thread / libmnl / nfq, Florian Westphal
  - Re: netlink multi-thread / libmnl / nfq, Ryan Johnston
    - Re: netlink multi-thread / libmnl / nfq, Florian Westphal
      - Re: netlink multi-thread / libmnl / nfq, Ryan Johnston
[PATCH 0/6 nft] improvements for the range printing, Pablo Neira Ayuso
- [PATCH 3/6 nft] netlink_delinearize: add payload_match_expand(), Pablo Neira Ayuso
- [PATCH 1/6 nft] netlink_delinearize: pass ctx pointer to stmt_reject_postprocess(), Pablo Neira Ayuso
- [PATCH 2/6 nft] netlink_delinearize: keep pointer to current statement from rule_pp_ctx, Pablo Neira Ayuso
- [PATCH 4/6 nft] netlink_delinearize: consolidate range printing, Pablo Neira Ayuso
- [PATCH 5/6 nft] tests: regression: reduce code duplication a bit on error reporting, Pablo Neira Ayuso
- [PATCH 6/6 nft] tests: regression: fix warnings related to range listing, Pablo Neira Ayuso
[PATCH 1/3] netlink_linearize: fix range cmp instruction generation, Patrick McHardy
- [PATCH 2/3] ct: add maximum helper length value, Patrick McHardy
- [PATCH 3/3] netlink_delinearize: remove obsolete fixme, Patrick McHardy
[PATCH net] Netfilter fix for net, Pablo Neira Ayuso
- [PATCH net] Revert "netfilter: ensure number of counters is >0 in do_replace()", Pablo Neira Ayuso
- Re: [PATCH net] Netfilter fix for net, David Miller
[PATCH] remove unused 'numbytes', Paul Aitken
- <Possible follow-ups>
- [PATCH] remove unused 'numbytes', Paul Aitken
  - Re: [PATCH] remove unused 'numbytes', Pablo Neira Ayuso
[PATCH] Optimise nfq_queue_cb, Paul Aitken
- Re: [PATCH] Optimise nfq_queue_cb, Pablo Neira Ayuso
  - Re: [PATCH] Optimise nfq_queue_cb, Paul Aitken
    - Re: [PATCH] Optimise nfq_queue_cb, Pablo Neira Ayuso
      - Re: [PATCH] Optimise nfq_queue_cb, Paul Aitken
- <Possible follow-ups>
- [PATCH] Optimise nfq_queue_cb, Paul Aitken
  - Re: [PATCH] Optimise nfq_queue_cb, Pablo Neira Ayuso
[PATCH 00/11] Replace module_init with an alternate initcall in non modules, Paul Gortmaker
- [PATCH 03/11] netfilter: don't use module_init/exit in core IPV4 code, Paul Gortmaker
  - Re: [PATCH 03/11] netfilter: don't use module_init/exit in core IPV4 code, Pablo Neira Ayuso
    - Re: [PATCH 03/11] netfilter: don't use module_init/exit in core IPV4 code, Paul Gortmaker
[PATCH 71/98] include/uapi/linux/netfilter/xt_TEE.h: include linux/netfilter.h, Mikko Rapeli
[PATCH 56/98] include/uapi/linux/netfilter.h: include in.h and in6.h, Mikko Rapeli
[PATCH 76/98] include/uapi/linux/netfilter/xt_recent.h: include linux/netfilter.h, Mikko Rapeli
[PATCH 75/98] include/uapi/linux/netfilter/xt_sctp.h: use _Bool type, 1 for true and 0 for false, Mikko Rapeli
[PATCH 57/98] include/uapi/linux/netfilter_bridge.h: include in.h, Mikko Rapeli
[PATCH 63/98] include/uapi/linux/netfilter/xt_policy.h: include linux/in.h and linux/in6.h, Mikko Rapeli
[PATCH 68/98] include/uapi/linux/netfilter/ipset/ip_set_hash.h: include linux/netfilter/ipset/ip_set.h, Mikko Rapeli
[PATCH 70/98] include/uapi/linux/netfilter/xt_HMARK.h: include linux/netfilter.h, Mikko Rapeli
[PATCH 73/98] include/uapi/linux/netfilter/xt_ipvs.h: include linux/netfilter.h, Mikko Rapeli
[PATCH 74/98] include/uapi/linux/netfilter/xt_mac.h: include linux/if_ether.h, Mikko Rapeli
[PATCH 69/98] include/uapi/linux/netfilter/ipset/ip_set_list.h: include linux/netfilter/ipset/ip_set.h, Mikko Rapeli
[PATCH 67/98] include/uapi/linux/netfilter/ipset/ip_set_bitmap.h: include linux/netfilter/ipset/ip_set.h, Mikko Rapeli
- Re: [PATCH 67/98] include/uapi/linux/netfilter/ipset/ip_set_bitmap.h: include linux/netfilter/ipset/ip_set.h, Jozsef Kadlecsik
  - Re: [PATCH 67/98] include/uapi/linux/netfilter/ipset/ip_set_bitmap.h: include linux/netfilter/ipset/ip_set.h, Mikko Rapeli
[PATCH 60/98] include/uapi/linux/netfilter/xt_osf.h: include linux/ip.h and linux/tcp.h, Mikko Rapeli
[PATCH 72/98] include/uapi/linux/netfilter/xt_TPROXY.h: include linux/netfilter.h, Mikko Rapeli
[PATCH 59/98] include/uapi/linux/netfilter: include linux/if.h in several headers, Mikko Rapeli
[PATCH 44/98] nf_conntrack_tuple_common.h: include linux/types.h and linux/netfilter.h, Mikko Rapeli
[PATCHv7 4/4] netfilter: bridge: forward IPv6 fragmented packets, Bernhard Thaler
- Re: [PATCHv7 4/4] netfilter: bridge: forward IPv6 fragmented packets, Pablo Neira Ayuso
[PATCH 3/4] netfilter: bridge: re-order check_hbh_len(), Bernhard Thaler
- Re: [PATCH 3/4] netfilter: bridge: re-order check_hbh_len(), Pablo Neira Ayuso
[PATCHv6 2/4] netfilter: bridge: rename br_parse_ip_options, Bernhard Thaler
- Re: [PATCHv6 2/4] netfilter: bridge: rename br_parse_ip_options, Pablo Neira Ayuso
[PATCHv2 1/4] netfilter: bridge: refactor frag_max_size, Bernhard Thaler
- Re: [PATCHv2 1/4] netfilter: bridge: refactor frag_max_size, Pablo Neira Ayuso
[PATCHv4 3/3] netfilter: bridge: detect NAT66 correctly and change MAC address, Bernhard Thaler
- Re: [PATCHv4 3/3] netfilter: bridge: detect NAT66 correctly and change MAC address, Pablo Neira Ayuso
[PATCH 2/3] netfilter: bridge: re-order br_nf_pre_routing_finish_ipv6(), Bernhard Thaler
- Re: [PATCH 2/3] netfilter: bridge: re-order br_nf_pre_routing_finish_ipv6(), Pablo Neira Ayuso
[PATCH 1/3] netfilter: bridge: refactor clearing BRNF_NF_BRIDGE_PREROUTING, Bernhard Thaler
- Re: [PATCH 1/3] netfilter: bridge: refactor clearing BRNF_NF_BRIDGE_PREROUTING, Pablo Neira Ayuso
[RESEND PATCH V2] Add element count to hash headers, Eric B Munson
- Re: [RESEND PATCH V2] Add element count to hash headers, Pablo Neira Ayuso
  - Re: [RESEND PATCH V2] Add element count to hash headers, Jozsef Kadlecsik
- Re: [RESEND PATCH V2] Add element count to hash headers, Jozsef Kadlecsik
[PATCH conntrackd] expect: Fix wrong memset usage, Pablo Neira Ayuso
libnetfilter_queue multi-threaded nfq_handle shared or unique?, Ryan Johnston
[PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Florian Westphal
- [PATCH v2 -next 2/2] netfilter: store rules per NUMA node instead of per cpu, Florian Westphal
  - Re: [PATCH v2 -next 2/2] netfilter: store rules per NUMA node instead of per cpu, Eric Dumazet
    - Re: [PATCH v2 -next 2/2] netfilter: store rules per NUMA node instead of per cpu, Florian Westphal
      - Re: [PATCH v2 -next 2/2] netfilter: store rules per NUMA node instead of per cpu, Eric Dumazet
        
        Re: [PATCH v2 -next 2/2] netfilter: store rules per NUMA node instead of per cpu, Florian Westphal
- Re: [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Eric Dumazet
  - Re: [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Florian Westphal
    - Re: [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Eric Dumazet
      - Re: [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Florian Westphal
        
        Re: [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Eric Dumazet
- Re: [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Patrick Schaaf
  - Re: [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules, Florian Westphal
Re: conntrack-tools bugs, Paul Aitken
[PATCH] Revert "netfilter: ensure number of counters is >0 in do_replace()", Bernhard Thaler
- Re: [PATCH] Revert "netfilter: ensure number of counters is >0 in do_replace()", Pablo Neira Ayuso
[PATCH 4/4] netfilter: bridge: refactor frag_max_size, Bernhard Thaler
[PATCHv5 3/4] netfilter: bridge: rename br_parse_ip_options, Bernhard Thaler
- Re: [PATCHv5 3/4] netfilter: bridge: rename br_parse_ip_options, Pablo Neira Ayuso
[PATCHv6 2/4] netfilter: bridge: forward IPv6 fragmented packets, Bernhard Thaler
- Re: [PATCHv6 2/4] netfilter: bridge: forward IPv6 fragmented packets, Pablo Neira Ayuso
[PATCHv3 1/4] netfilter: bridge: detect NAT66 correctly and change MAC address, Bernhard Thaler
- Re: [PATCHv3 1/4] netfilter: bridge: detect NAT66 correctly and change MAC address, Pablo Neira Ayuso
REOUTE target extenstion, Eddi Linder
- Re: REOUTE target extenstion, Jan Engelhardt
- Re: REOUTE target extenstion, Florian Westphal
  - Re: REOUTE target extenstion, Eddi Linder
    - Re: REOUTE target extenstion, Florian Westphal
      - Re: REOUTE target extenstion, Pablo Neira Ayuso
        
        Re: REOUTE target extenstion, Eddi Linder
        
        Re: REOUTE target extenstion, Jan Engelhardt
        
        Re: REOUTE target extenstion, Eddi Linder
[PATCH -next 1/2] netfilter: iptables: separate counters from iptables rules, Florian Westphal
- [PATCH -next 2/2] netfilter: store rules per NUMA node instead of per cpu, Florian Westphal
- Re: [PATCH -next 1/2] netfilter: iptables: separate counters from iptables rules, Jesper Dangaard Brouer
ebtables not working correctly with 1086bbe97a074844188c6c988fa0b1a98c3ccbb9, Bernhard Thaler
- Re: ebtables not working correctly with 1086bbe97a074844188c6c988fa0b1a98c3ccbb9, Florian Westphal
[PATCH 1/1] Added a vlan id and pcp matching extension, Eddie Linder
[PATCH 1/1] netfilter: Added vlan matching extension, Eddie Linder
- Re: [PATCH 1/1] netfilter: Added vlan matching extension, Florian Westphal
  - Re: [PATCH 1/1] netfilter: Added vlan matching extension, Eddi Linder
    - Re: [PATCH 1/1] netfilter: Added vlan matching extension, Pablo Neira Ayuso
- <Possible follow-ups>
- [PATCH 1/1] netfilter: Added vlan matching extension, Eddie Linder
[PATCH libmnl] example: netfilter: get rid of aligned_be64 definitions, Pablo Neira Ayuso
[PATCH 0/3 nf-next] nf_tables support at ingress, Pablo Neira Ayuso
- [PATCH 1/3 nf-next] netfilter: default CONFIG_NETFILTER_INGRESS to y, Pablo Neira Ayuso
  - Re: [PATCH 1/3 nf-next] netfilter: default CONFIG_NETFILTER_INGRESS to y, Simon Horman
    - Re: [PATCH 1/3 nf-next] netfilter: default CONFIG_NETFILTER_INGRESS to y, Pablo Neira Ayuso
- [PATCH libnftnl] table: add netdev family support, Pablo Neira Ayuso
- [PATCH nft] src: add netdev family support, Pablo Neira Ayuso
  - Re: [PATCH nft] src: add netdev family support, Patrick McHardy
    - Re: [PATCH nft] src: add netdev family support, Pablo Neira Ayuso
- [PATCH 3/3 nf-next] netfilter: nf_tables: add netdev table to filter from ingress, Pablo Neira Ayuso
- [PATCH 2/3 nf-next] netfilter: nf_tables: allow to bind table to net_device, Pablo Neira Ayuso
  - Re: [PATCH 2/3 nf-next] netfilter: nf_tables: allow to bind table to net_device, Simon Horman
    - Re: [PATCH 2/3 nf-next] netfilter: nf_tables: allow to bind table to net_device, Pablo Neira Ayuso
      - Re: [PATCH 2/3 nf-next] netfilter: nf_tables: allow to bind table to net_device, Simon Horman
[PATCH] libnetfitler_queue: receive security context info, Roman Kubiak
- Re: [PATCH] libnetfitler_queue: receive security context info, Florian Westphal
  - Re: [PATCH] libnetfitler_queue: receive security context info, Roman Kubiak
    - Re: [PATCH] libnetfitler_queue: receive security context info, Pablo Neira Ayuso
[PATCH] Security context information added to netfilter_queue, Roman Kubiak
- Re: [PATCH] Security context information added to netfilter_queue, Florian Westphal
- Re: [PATCH] Security context information added to netfilter_queue, Pablo Neira Ayuso
  - [PATCH v2] nfnetlink_queue: add security context information, Roman Kubiak
    - Re: [PATCH v2] nfnetlink_queue: add security context information, Florian Westphal
      - Re: [PATCH v2] nfnetlink_queue: add security context information, Roman Kubiak
        
        Re: [PATCH v2] nfnetlink_queue: add security context information, Florian Westphal
        
        [PATCH v3] nfnetlink_queue: add security context information, Roman Kubiak
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Roman Kubiak
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Pablo Neira Ayuso
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Roman Kubiak
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Florian Westphal
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Roman Kubiak
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Florian Westphal
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Roman Kubiak
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Florian Westphal
        
        Re: [PATCH v3] nfnetlink_queue: add security context informationg, Pablo Neira Ayuso
        
        [PATCH] libmnl: security context retrieval in nf-queue example, Roman Kubiak
        
        Re: [PATCH] libmnl: security context retrieval in nf-queue example, Pablo Neira Ayuso
        
        Re: [PATCH] libmnl: security context retrieval in nf-queue example, Roman Kubiak
        
        Re: [PATCH] libmnl: security context retrieval in nf-queue example, Pablo Neira Ayuso
        
        Re: [PATCH] libmnl: security context retrieval in nf-queue example, Roman Kubiak
        
        Re: [PATCH] libmnl: security context retrieval in nf-queue example, Pablo Neira Ayuso
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Pablo Neira Ayuso
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Florian Westphal
        
        Re: [PATCH v3] nfnetlink_queue: add security context information, Roman Kubiak
[PATCH -next] netfilter: remove unused comefrom hookmask argument, Florian Westphal
- Re: [PATCH -next] netfilter: remove unused comefrom hookmask argument, Pablo Neira Ayuso
Mangling packets & routing in kernels>3.17, Юрий Пухальский
Harden iptables memory allocator, Loganaden Velvindron
- Re: Harden iptables memory allocator, Loganaden Velvindron
- Re: Harden iptables memory allocator, Hannes Frederic Sowa
  - Re: Harden iptables memory allocator, Jan Engelhardt
    - Re: Harden iptables memory allocator, Loganaden Velvindron
      - Re: Harden iptables memory allocator, Jan Engelhardt
  - Re: Harden iptables memory allocator, Loganaden Velvindron
- Re: Harden iptables memory allocator, Pablo Neira Ayuso
  - Re: Harden iptables memory allocator, Loganaden Velvindron
    - Re: Harden iptables memory allocator, Pablo Neira Ayuso
      - Re: Harden iptables memory allocator, Loganaden Velvindron
[PATCH nf] netfilter: conntrack: warn the user if there is a better helper to use, Marcelo Ricardo Leitner
- Re: [PATCH nf] netfilter: conntrack: warn the user if there is a better helper to use, Marcelo Ricardo Leitner
- Re: [PATCH nf] netfilter: conntrack: warn the user if there is a better helper to use, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: conntrack: warn the user if there is a better helper to use, Marcelo Ricardo Leitner
Re: Conntrack to support secondary end points, Marcelo Ricardo Leitner
- Re: Conntrack to support secondary end points, Pablo Neira Ayuso
  - Re: Conntrack to support secondary end points, Marcelo Ricardo Leitner
[PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, zhanghailiang
- Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
  - Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, zhanghailiang
- Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
  - Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Wen Congyang
    - Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
    - Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, zhanghailiang
      - Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
        
        Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Wen Congyang
        
        Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
        
        Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Wen Congyang
        
        Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
  - Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Wen Congyang
    - Re: [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service, Dr. David Alan Gilbert
[PATCH] cthelper: don't pass up a 0 length queue, Chas Williams III
- Re: [PATCH] cthelper: don't pass up a 0 length queue, Pablo Neira Ayuso
[PATCH -nf] Revert "netfilter: bridge: query conntrack about skb dnat", Florian Westphal
- Re: [PATCH -nf] Revert "netfilter: bridge: query conntrack about skb dnat", Florian Westphal
- Re: [PATCH -nf] Revert "netfilter: bridge: query conntrack about skb dnat", Pablo Neira Ayuso
[PATCH nf] netfilter: nfnetlink_{log,queue}: Register pernet in first place, Pablo Neira Ayuso
- Message not available
  - Re: [PATCH nf] netfilter: nfnetlink_{log,queue}: Register pernet in first place, Pablo Neira Ayuso
iptables: ensure number of counters is >0 in do_replace(), Dave Jones
- Re: iptables: ensure number of counters is >0 in do_replace(), Florian Westphal
  - Re: iptables: ensure number of counters is >0 in do_replace(), Dave Jones
    - Re: iptables: ensure number of counters is >0 in do_replace(), David Miller
      - netfilter: ensure number of counters is >0 in do_replace(), Dave Jones
        
        Re: netfilter: ensure number of counters is >0 in do_replace(), Pablo Neira Ayuso
[PATCH 1/1] netfilter: Fix kernel panic in nfulnl_rcv_nl_event, Francesco Ruggeri
- Re: [PATCH 1/1] netfilter: Fix kernel panic in nfulnl_rcv_nl_event, Pablo Neira Ayuso
[PATCH -stable] netfilter: nf_tables: fix error handling of rule replacement, Pablo Neira Ayuso
- [PATCH -stable] netfilter: nf_tables: check for overflow of rule dlen field, Pablo Neira Ayuso
- [PATCH -stable] netfilter: nf_tables: allow to change chain policy without hook if it exists, Pablo Neira Ayuso
- [PATCH -stable] netfilter: Zero the tuple in nfnl_cthelper_parse_tuple(), Pablo Neira Ayuso
  - Re: [PATCH -stable] netfilter: Zero the tuple in nfnl_cthelper_parse_tuple(), Jiri Slaby
- [PATCH -stable] netfilter: nft_rbtree: fix locking, Pablo Neira Ayuso
  - Re: [PATCH -stable] netfilter: nft_rbtree: fix locking, Greg KH
    - Re: [PATCH -stable] netfilter: nft_rbtree: fix locking, Pablo Neira Ayuso
- [PATCH -stable] netfilter: nft_compat: set IP6T_F_PROTO flag if protocol is set, Pablo Neira Ayuso
- [PATCH -stable] netfilter: restore rule tracing via nfnetlink_log, Pablo Neira Ayuso
- Re: [PATCH -stable] netfilter: nf_tables: fix error handling of rule replacement, Luis Henriques
[ulogd2 PATCHv2] ulogd: Use /dev/null as dummy logfile when logging to syslog, Felix Janda
[ulogd2 PATCH 4/4] Define _GNU_SOURCE to get members of tcphdr, Felix Janda
[ulogd2 PATCH 3/4] ulogd: Use (FILE *)(-1) as dummy logfile when logging to syslog, Felix Janda
- Re: [ulogd2 PATCH 3/4] ulogd: Use (FILE *)(-1) as dummy logfile when logging to syslog, Jan Engelhardt
  - Re: [ulogd2 PATCH 3/4] ulogd: Use (FILE *)(-1) as dummy logfile when logging to syslog, Felix Janda
[ulogd2 PATCH 2/4] Use stdint types everywhere, Felix Janda
- Re: [ulogd2 PATCH 2/4] Use stdint types everywhere, Eric Leblond
  - Re: [ulogd2 PATCH 2/4] Use stdint types everywhere, Felix Janda
[ulogd2 PATCH 1/4] Sync with kernel headers, Felix Janda
[nfacct PATCH] Sync with kernel headers, Felix Janda
[libnfnetlink PATCH 3/3] Use stdint types everywhere, Felix Janda
[libnfnetlink PATCH 2/3] Convert kernel to userspace types, Felix Janda
[libnfnetlink PATCH 1/3] Sync with kernel headers, Felix Janda
[libnetfilter_queue PATCH 4/4] tcp.c udp.c: Define _GNU_SOURCE to get members of tcphdr&ucphdr, Felix Janda
[libnetfilter_queue PATCH 3/4] Use stdint types everywhere, Felix Janda
[libnetfilter_queue PATCH 2/4] Convert kernel to userspace types, Felix Janda
[libnetfilter_queue PATCH 1/4] Sync with kernel headers, Felix Janda
[libnetfilter_log PATCH 3/3] Use stdint types everywhere, Felix Janda
[libnetfilter_log PATCH 2/3] Convert kernel to stdint types, Felix Janda
- Re: [libnetfilter_log PATCH 2/3] Convert kernel to stdint types, Pablo Neira Ayuso
  - Re: [libnetfilter_log PATCH 2/3] Convert kernel to stdint types, Felix Janda
    - Re: [libnetfilter_log PATCH 2/3] Convert kernel to stdint types, Pablo Neira Ayuso
      - Re: [libnetfilter_log PATCH 2/3] Convert kernel to stdint types, Felix Janda
[libnetfilter_log PATCH 1/3] Sync with current kernel headers, Felix Janda
[libnetfilter_cthelper PATCH] Sync with kernel headers, Felix Janda
[libnetfilter_conntrack PATCH 2/2] Use stdint types everywhere, Felix Janda
[libnetfilter_conntrack PATCH 1/2] Sync with kernel headers, Felix Janda
- Re: [libnetfilter_conntrack PATCH 1/2] Sync with kernel headers, Pablo Neira Ayuso
[libnetfilter_acct PATCH] Sync with kernel headers, Felix Janda
[libmnl PATCH 2/2] examples/netfilter: Include <endian.h> for be64toh, Felix Janda
- Re: [libmnl PATCH 2/2] examples/netfilter: Include <endian.h> for be64toh, Pablo Neira Ayuso
[libmnl PATCH 1/2] examples/netfilter: Use stdint types, Felix Janda
[ebtables PATCH 2/2] ethernetdb.h: Remove C++ specific compiler hint macro _THROW, Felix Janda
[ebtables PATCH 1/2] extensions: Use stdint types, Felix Janda
- Re: [ebtables PATCH 1/2] extensions: Use stdint types, Pablo Neira Ayuso
[conntrack-tools PATCH 6/6] src/netlink: Use <fcntl.h> instead of legacy synonym <sys/fcntl.h>, Felix Janda
[conntrack-tools PATCH 5/6] Define _GNU_SOURCE to get members of tcphdr&ucphdr, Felix Janda
[conntrack-tools PATCH 4/6] Include <sys/select.h> for fd_set, Felix Janda
[conntrack-tools PATCH 3/6] include: Use stdint types, Felix Janda
[conntrack-tools PATCH 2/6] Sync with kernel headers, Felix Janda
[conntrack-tools PATCH 1/6] configure: Add AM_PROG_AR to silence automake warning, Felix Janda
- Re: [conntrack-tools PATCH 1/6] configure: Add AM_PROG_AR to silence automake warning, Pablo Neira Ayuso
[arptables PATCH 2/2] Remove support for libc5, Felix Janda
[arptables PATCH 1/2] Use stdint types, Felix Janda
- Re: [arptables PATCH 1/2] Use stdint types, Pablo Neira Ayuso
[libnetfilter_cttimeout PATCH] Sync with kernel headers, Felix Janda
- Re: [libnetfilter_cttimeout PATCH] Sync with kernel headers, Pablo Neira Ayuso
[PATCH nf] nf_tables: fix bogus warning in nft_data_uninit(), Pablo Neira Ayuso
- Re: [PATCH nf] nf_tables: fix bogus warning in nft_data_uninit(), Pablo Neira Ayuso
libnetfilter_*: Use uint*_t instead of u_int*_t, Felix Janda
- Re: libnetfilter_*: Use uint*_t instead of u_int*_t, Pablo Neira Ayuso
  - Re: libnetfilter_*: Use uint*_t instead of u_int*_t, Felix Janda
[libnetfilter_log PATCH] Make it possible to build libipulog, Felix Janda
- Re: [libnetfilter_log PATCH] Make it possible to build libipulog, Pablo Neira Ayuso
[PATCH 0/5 net-next] Netfilter ingress support (v4), Pablo Neira Ayuso
- [PATCH 2/5] netfilter: add hook list to nf_hook_state, Pablo Neira Ayuso
- [PATCH 3/5] netfilter: add nf_hook_list_active(), Pablo Neira Ayuso
- [PATCH 5/5] netfilter: add netfilter ingress hook after handle_ing() under unique static key, Pablo Neira Ayuso
  - Re: [PATCH 5/5] netfilter: add netfilter ingress hook after handle_ing() under unique static key, Alexei Starovoitov
    - Re: [PATCH 5/5] netfilter: add netfilter ingress hook after handle_ing() under unique static key, Pablo Neira Ayuso

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]