Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- Re: nft rules processed in wrong network namespace, (continued)
- iptables nftables compat weirdness,
Andreas Schultz
- [PATCH nf-next 1/2] netfilter: xtables: use percpu rule counters,
Florian Westphal
- [PATCH nft 1/2] datatype: default to display bitmask in hexadecimal,
Pablo Neira Ayuso
- Possible bug when bridging traffic we just SNATed and sent to another router,
Daniel Collins
- [PATCH nft 0/9] concat support,
Patrick McHardy
- nft netdev family bindings,
Patrick McHardy
- [PATCH nf-next] net: ip_fragment: remove BRIDGE_NETFILTER mtu special handling,
Florian Westphal
- [PATCH] netfilter: bridge: restore vlan tag when refragmenting,
Florian Westphal
- [patch] ipvs: prevent some underflows,
Dan Carpenter
- xtables-addons 64-bit counter patch,
Neal P. Murphy
- [PATCH nft] netlink_delinearize: restore listing of host byteorder set elements,
Pablo Neira Ayuso
- netlink multi-thread / libmnl / nfq,
Ryan Johnston
- [PATCH 0/6 nft] improvements for the range printing,
Pablo Neira Ayuso
- [PATCH 1/3] netlink_linearize: fix range cmp instruction generation,
Patrick McHardy
- [PATCH net] Netfilter fix for net,
Pablo Neira Ayuso
- [PATCH] remove unused 'numbytes',
Paul Aitken
- [PATCH] Optimise nfq_queue_cb,
Paul Aitken
- [PATCH 00/11] Replace module_init with an alternate initcall in non modules,
Paul Gortmaker
- [PATCH 71/98] include/uapi/linux/netfilter/xt_TEE.h: include linux/netfilter.h, Mikko Rapeli
- [PATCH 56/98] include/uapi/linux/netfilter.h: include in.h and in6.h, Mikko Rapeli
- [PATCH 76/98] include/uapi/linux/netfilter/xt_recent.h: include linux/netfilter.h, Mikko Rapeli
- [PATCH 75/98] include/uapi/linux/netfilter/xt_sctp.h: use _Bool type, 1 for true and 0 for false, Mikko Rapeli
- [PATCH 57/98] include/uapi/linux/netfilter_bridge.h: include in.h, Mikko Rapeli
- [PATCH 63/98] include/uapi/linux/netfilter/xt_policy.h: include linux/in.h and linux/in6.h, Mikko Rapeli
- [PATCH 68/98] include/uapi/linux/netfilter/ipset/ip_set_hash.h: include linux/netfilter/ipset/ip_set.h, Mikko Rapeli
- [PATCH 70/98] include/uapi/linux/netfilter/xt_HMARK.h: include linux/netfilter.h, Mikko Rapeli
- [PATCH 73/98] include/uapi/linux/netfilter/xt_ipvs.h: include linux/netfilter.h, Mikko Rapeli
- [PATCH 74/98] include/uapi/linux/netfilter/xt_mac.h: include linux/if_ether.h, Mikko Rapeli
- [PATCH 69/98] include/uapi/linux/netfilter/ipset/ip_set_list.h: include linux/netfilter/ipset/ip_set.h, Mikko Rapeli
- [PATCH 67/98] include/uapi/linux/netfilter/ipset/ip_set_bitmap.h: include linux/netfilter/ipset/ip_set.h,
Mikko Rapeli
- [PATCH 60/98] include/uapi/linux/netfilter/xt_osf.h: include linux/ip.h and linux/tcp.h, Mikko Rapeli
- [PATCH 72/98] include/uapi/linux/netfilter/xt_TPROXY.h: include linux/netfilter.h, Mikko Rapeli
- [PATCH 59/98] include/uapi/linux/netfilter: include linux/if.h in several headers, Mikko Rapeli
- [PATCH 44/98] nf_conntrack_tuple_common.h: include linux/types.h and linux/netfilter.h, Mikko Rapeli
- [PATCHv7 4/4] netfilter: bridge: forward IPv6 fragmented packets,
Bernhard Thaler
- [PATCH 3/4] netfilter: bridge: re-order check_hbh_len(),
Bernhard Thaler
- [PATCHv6 2/4] netfilter: bridge: rename br_parse_ip_options,
Bernhard Thaler
- [PATCHv2 1/4] netfilter: bridge: refactor frag_max_size,
Bernhard Thaler
- [PATCHv4 3/3] netfilter: bridge: detect NAT66 correctly and change MAC address,
Bernhard Thaler
- [PATCH 2/3] netfilter: bridge: re-order br_nf_pre_routing_finish_ipv6(),
Bernhard Thaler
- [PATCH 1/3] netfilter: bridge: refactor clearing BRNF_NF_BRIDGE_PREROUTING,
Bernhard Thaler
- [RESEND PATCH V2] Add element count to hash headers,
Eric B Munson
- [PATCH conntrackd] expect: Fix wrong memset usage, Pablo Neira Ayuso
- libnetfilter_queue multi-threaded nfq_handle shared or unique?, Ryan Johnston
- [PATCH v2 -next 1/2] netfilter: iptables: separate counters from iptables rules,
Florian Westphal
- Re: conntrack-tools bugs, Paul Aitken
- [PATCH] Revert "netfilter: ensure number of counters is >0 in do_replace()",
Bernhard Thaler
- [PATCH 4/4] netfilter: bridge: refactor frag_max_size, Bernhard Thaler
- [PATCHv5 3/4] netfilter: bridge: rename br_parse_ip_options,
Bernhard Thaler
- [PATCHv6 2/4] netfilter: bridge: forward IPv6 fragmented packets,
Bernhard Thaler
- [PATCHv3 1/4] netfilter: bridge: detect NAT66 correctly and change MAC address,
Bernhard Thaler
- REOUTE target extenstion,
Eddi Linder
- [PATCH -next 1/2] netfilter: iptables: separate counters from iptables rules,
Florian Westphal
- ebtables not working correctly with 1086bbe97a074844188c6c988fa0b1a98c3ccbb9,
Bernhard Thaler
- [PATCH 1/1] Added a vlan id and pcp matching extension, Eddie Linder
- [PATCH 1/1] netfilter: Added vlan matching extension,
Eddie Linder
- [PATCH libmnl] example: netfilter: get rid of aligned_be64 definitions, Pablo Neira Ayuso
- [PATCH 0/3 nf-next] nf_tables support at ingress,
Pablo Neira Ayuso
- [PATCH] libnetfitler_queue: receive security context info,
Roman Kubiak
- [PATCH] Security context information added to netfilter_queue,
Roman Kubiak
- [PATCH -next] netfilter: remove unused comefrom hookmask argument,
Florian Westphal
- Mangling packets & routing in kernels>3.17, Юрий Пухальский
- Harden iptables memory allocator,
Loganaden Velvindron
- [PATCH nf] netfilter: conntrack: warn the user if there is a better helper to use,
Marcelo Ricardo Leitner
- Re: Conntrack to support secondary end points,
Marcelo Ricardo Leitner
- [PATCH COLO-Frame v5 00/29] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service,
zhanghailiang
- [PATCH] cthelper: don't pass up a 0 length queue,
Chas Williams III
- [PATCH -nf] Revert "netfilter: bridge: query conntrack about skb dnat",
Florian Westphal
- [PATCH nf] netfilter: nfnetlink_{log,queue}: Register pernet in first place,
Pablo Neira Ayuso
iptables: ensure number of counters is >0 in do_replace(),
Dave Jones
[PATCH 1/1] netfilter: Fix kernel panic in nfulnl_rcv_nl_event,
Francesco Ruggeri
[PATCH -stable] netfilter: nf_tables: fix error handling of rule replacement,
Pablo Neira Ayuso
[ulogd2 PATCHv2] ulogd: Use /dev/null as dummy logfile when logging to syslog, Felix Janda
[ulogd2 PATCH 4/4] Define _GNU_SOURCE to get members of tcphdr, Felix Janda
[ulogd2 PATCH 3/4] ulogd: Use (FILE *)(-1) as dummy logfile when logging to syslog,
Felix Janda
[ulogd2 PATCH 2/4] Use stdint types everywhere,
Felix Janda
[ulogd2 PATCH 1/4] Sync with kernel headers, Felix Janda
[nfacct PATCH] Sync with kernel headers, Felix Janda
[libnfnetlink PATCH 3/3] Use stdint types everywhere, Felix Janda
[libnfnetlink PATCH 2/3] Convert kernel to userspace types, Felix Janda
[libnfnetlink PATCH 1/3] Sync with kernel headers, Felix Janda
[libnetfilter_queue PATCH 4/4] tcp.c udp.c: Define _GNU_SOURCE to get members of tcphdr&ucphdr, Felix Janda
[libnetfilter_queue PATCH 3/4] Use stdint types everywhere, Felix Janda
[libnetfilter_queue PATCH 2/4] Convert kernel to userspace types, Felix Janda
[libnetfilter_queue PATCH 1/4] Sync with kernel headers, Felix Janda
[libnetfilter_log PATCH 3/3] Use stdint types everywhere, Felix Janda
[libnetfilter_log PATCH 2/3] Convert kernel to stdint types,
Felix Janda
[libnetfilter_log PATCH 1/3] Sync with current kernel headers, Felix Janda
[libnetfilter_cthelper PATCH] Sync with kernel headers, Felix Janda
[libnetfilter_conntrack PATCH 2/2] Use stdint types everywhere, Felix Janda
[libnetfilter_conntrack PATCH 1/2] Sync with kernel headers,
Felix Janda
[libnetfilter_acct PATCH] Sync with kernel headers, Felix Janda
[libmnl PATCH 2/2] examples/netfilter: Include <endian.h> for be64toh,
Felix Janda
[libmnl PATCH 1/2] examples/netfilter: Use stdint types, Felix Janda
[ebtables PATCH 2/2] ethernetdb.h: Remove C++ specific compiler hint macro _THROW, Felix Janda
[ebtables PATCH 1/2] extensions: Use stdint types,
Felix Janda
[conntrack-tools PATCH 6/6] src/netlink: Use <fcntl.h> instead of legacy synonym <sys/fcntl.h>, Felix Janda
[conntrack-tools PATCH 5/6] Define _GNU_SOURCE to get members of tcphdr&ucphdr, Felix Janda
[conntrack-tools PATCH 4/6] Include <sys/select.h> for fd_set, Felix Janda
[conntrack-tools PATCH 3/6] include: Use stdint types, Felix Janda
[conntrack-tools PATCH 2/6] Sync with kernel headers, Felix Janda
[conntrack-tools PATCH 1/6] configure: Add AM_PROG_AR to silence automake warning,
Felix Janda
[arptables PATCH 2/2] Remove support for libc5, Felix Janda
[arptables PATCH 1/2] Use stdint types,
Felix Janda
[libnetfilter_cttimeout PATCH] Sync with kernel headers,
Felix Janda
[PATCH nf] nf_tables: fix bogus warning in nft_data_uninit(),
Pablo Neira Ayuso
libnetfilter_*: Use uint*_t instead of u_int*_t,
Felix Janda
[libnetfilter_log PATCH] Make it possible to build libipulog,
Felix Janda
[PATCH 0/5 net-next] Netfilter ingress support (v4),
Pablo Neira Ayuso
[PATCH net-next] netfilter: Use correct return for seq_show functions,
Joe Perches
Kernel panic with skb_alloc during post_routing, Praveen Kumar
[PATCH] net: deinline netif_tx_stop_all_queues(), remove WARN_ON in netif_tx_stop_queue(),
Denys Vlasenko
Probably bug in netfilter hashlimit extension,
Klaus Ethgen
[ANNOUNCE] ulogd 2.0.5 release, Eric Leblond
ulogd 2.0.5,
Chris Boot
[GIT PULL nf] IPVS Fixes for v4.1,
Simon Horman
cthelper's and default QueueLen -- bug?,
Chas Williams III
[PATCH nf] conntrack: RFC5961 challenge ACK confuse conntrack LAST-ACK transition,
Jesper Dangaard Brouer
[PATCH] netfilter: avoid build error if TPROXY/SOCKET=y && NF_DEFRAG_IPV6=m,
Florian Westphal
[PATCH] ipvs: fix memory leak in ip_vs_ctl.c,
Tommi Rantala
[PATCH] net: deinline netif_tx_stop_queue() and netif_tx_stop_all_queues(),
Denys Vlasenko
[PATCH] netfilter: ipset: deinline ip_set_put_extensions(),
Denys Vlasenko
[PATCH 0/4] Netfilter ingress support (v3),
Pablo Neira Ayuso
[PATCH iptables] libxt_CT: add support for flextuples,
Daniel Borkmann
[PATCH nf-next] netfilter: conntrack: add support for flextuples,
Daniel Borkmann
Re: [PATCH 3.19 176/177] netfilter: x_tables: fix cgroup matching on non-full sks, Pablo Neira Ayuso
[PATCH -next] netfilter: bridge: free nf_bridge info on xmit,
Florian Westphal
[PATCH -next] netfilter: bridge: neigh_head and physoutdev can't be used at same time,
Florian Westphal
[PATCH] configure.ac: Add --without-{mysql,pgsql},
Harald Welte
[PATCH] netfilter: fix dependency issues between IPv6 defragmentation and ip6tables,
Liu Hua
[iptables PATCH 2/2 RFC] Remove Libc5 support code,
Felix Janda
[iptables PATCH 1/2] Consistently use <errno.h>,
Felix Janda
[PATCH 00/34] ipset patches for nf-next,
Jozsef Kadlecsik
- [PATCH 10/34] netfilter: ipset: Missing rcu protection in mtype_list() fixed, Jozsef Kadlecsik
- [PATCH 02/34] netfilter: ipset: Prepare the ipset core to use RCU at set level, Jozsef Kadlecsik
- [PATCH 06/34] netfilter: ipset: Fix parallel resizing and listing of the same set, Jozsef Kadlecsik
- [PATCH 05/34] netfilter: ipset: Introduce RCU locking in list type, Jozsef Kadlecsik
- [PATCH 08/34] netfilter: ipset: Use MSEC_PER_SEC consistently, Jozsef Kadlecsik
- [PATCH 07/34] netfilter: ipset: Fix sparse warning, Jozsef Kadlecsik
- [PATCH 09/34] netfilter: ipset: Give a better name to a macro in ip_set_core.c, Jozsef Kadlecsik
- [PATCH 01/34] netfilter: ipset: Remove rbtree from hash:net,iface, Jozsef Kadlecsik
- [PATCH 03/34] netfilter: ipset: Introduce RCU locking in bitmap:* types, Jozsef Kadlecsik
- [PATCH 14/34] netfilter: ipset: Properly calculate extensions offsets and total length, Jozsef Kadlecsik
- [PATCH 11/34] netfilter: ipset: Make sure listing doesn't grab a set which is just being destroyed., Jozsef Kadlecsik
- [PATCH 16/34] netfilter: ipset: No need to make nomatch bitfield, Jozsef Kadlecsik
- [PATCH 15/34] netfilter: ipset: Make sure bit operations are not reordered, Jozsef Kadlecsik
- [PATCH 23/34] netfilter: ipset: Permit CIDR equal to the host address CIDR in IPv6, Jozsef Kadlecsik
- [PATCH 27/34] netfilter: ipset: Check for comment netlink attribute length, Jozsef Kadlecsik
- [PATCH 18/34] netfilter: ipset: Return ipset error instead of bool, Jozsef Kadlecsik
- [PATCH 21/34] netfilter: ipset: Check IPSET_ATTR_PORT only once, Jozsef Kadlecsik
- [PATCH 26/34] netfilter: ipset: Return bool values instead of int, Jozsef Kadlecsik
- [PATCH 29/34] netfilter: ipset: Fix hashing for ipv6 sets, Jozsef Kadlecsik
- [PATCH 30/34] netfilter: ipset: Improve preprocessor macros checks, Jozsef Kadlecsik
- [PATCH 32/34] netfilter: ipset: RCU safe comment extension handling, Jozsef Kadlecsik
- [PATCH 31/34] netfilter: ipset: Make sure dumping can't grab set being just destroyed, Jozsef Kadlecsik
- [PATCH 22/34] netfilter: ipset: Use HOST_MASK literal to represent host address CIDR len, Jozsef Kadlecsik
- [PATCH 28/34] netfilter: ipset: Fix ext_*() macros, Jozsef Kadlecsik
- [PATCH 20/34] netfilter: ipset: Check extensions attributes before getting extensions., Jozsef Kadlecsik
- [PATCH 17/34] netfilter: ipset: Preprocessor directices cleanup, Jozsef Kadlecsik
- [PATCH 19/34] netfilter: ipset: Use SET_WITH_*() helpers to test set extensions, Jozsef Kadlecsik
- [PATCH 13/34] netfilter: ipset: Fix cidr handling for hash:*net* types, Jozsef Kadlecsik
- [PATCH 12/34] netfilter: ipset: make ip_set_get_ip*_port to use skb_network_offset, Jozsef Kadlecsik
- [PATCH 04/34] netfilter: ipset: Introduce RCU locking in hash:* types, Jozsef Kadlecsik
- [PATCH 33/34] netfilter: ipset: Fix coding styles reported by checkpatch.pl, Jozsef Kadlecsik
- [PATCH 34/34] netfilter: ipset: Use better include files in xt_set.c, Jozsef Kadlecsik
- [PATCH 25/34] netfilter: ipset: Check CIDR value only when attribute is given, Jozsef Kadlecsik
- [PATCH 24/34] netfilter: ipset: Make sure we always return line number on batch, Jozsef Kadlecsik
Matching MLD with ip6tables,
Linus Lüssing
[PATCH 0/6 RFC] Netfilter ingress support (v2),
Pablo Neira Ayuso
Q on contribution to Netfilter,
Ravi Kerur
[PATCH] nf_tables: silence needless warning on element delete, Miroslav Kratochvil
[PATCH nft] datatype: fix packet mark type name,
Miroslav Kratochvil
[PATCH libnetfilter_log] Add include needed for integer type definition.,
Natanael Copa
[PATCH] netfilter; Add some missing default cases to switch statements in nft_reject., David Miller
Re: [PATCH net-next 0/6] ipv6: netfilter - coding style improvements, Pablo Neira Ayuso
roadmap of the nftables development,
Nikita Klimov
[PATCH nf] netfilter: bridge: fix NULL deref in physin/out ifindex helpers,
Florian Westphal
[PATCH] Allow use of 'socket' match in OUTPUT,
Daniel Collins
[PATCH] Add arpt_MARK to xt_mark,
Zhang Chunyu
[PATCH libnftnl 1/2] src: add batch abstraction,
Pablo Neira Ayuso
[PATCH -next] netfilter: nf_tables: fix wrong length for jump/goto verdicts,
Florian Westphal
nftables: oob crash w. verdict maps & jumps,
Florian Westphal
[PATCH libnftnl 0/5] concatenation and dynamic expression instantiation,
Patrick McHardy
[libnftnl PATCH v2] expr: dynset: fix json/xml parsing,
Arturo Borrero Gonzalez
[libnftnl PATCH] expr: dynset: fix json/xml parsing, Arturo Borrero Gonzalez
[PATCH nf-next] netfilter: nf_tables: get rid of the expression example code,
Pablo Neira Ayuso
[PATCH 1/5 v4] netlink: Fix portid type in netlink_notify,
Richard Weinberger
[PATCH 0/3] libnftnl: dynset dynamic expression instantiation,
Patrick McHardy
[PATCH 0/3] libnfnl: support for new set features,
Patrick McHardy
[PATCH 00/10] nftables: set timeouts and dynamic updates,
Patrick McHardy
- [PATCH 01/10] datatype: fix parsing of time type, Patrick McHardy
- [PATCH 02/10] datatype: less strict time parsing, Patrick McHardy
- [PATCH 03/10] datatype: seperate time parsing/printing from time_type, Patrick McHardy
- [PATCH 05/10] parser: fix inconsistencies in set expression rules, Patrick McHardy
- [PATCH 04/10] parser: add a time_spec rule, Patrick McHardy
- [PATCH 06/10] expr: add set_elem_expr as container for set element attributes, Patrick McHardy
- [PATCH 07/10] set: add timeout support for sets, Patrick McHardy
- [PATCH 08/10] setelem: add timeout support for set elements, Patrick McHardy
- [PATCH 09/10] setelem: add support for attaching comments to set elements, Patrick McHardy
- [PATCH 10/10] nftables: add set statement, Patrick McHardy
[PATCH] netlink: kill non-batch compat code, Patrick McHardy
[PATCH] src: restore interface to index cache,
Pablo Neira Ayuso
[PATCH nft v4] src: restore interface to index cache,
Pablo Neira Ayuso
[PATCH RFC 0/2] nftables: fix time parsing,
Patrick McHardy
[PATCH nft v3] src: restore interface to index cache,
Pablo Neira Ayuso
[PATCH 0/5] netfilter: nf_tables: dynamic stateful expression instantiation,
Patrick McHardy
[PATCH 00/14] netfilter: nf_tables: concatenation support,
Patrick McHardy
- [PATCH 01/14] netfilter: nf_tables: validate len in nft_validate_data_load(), Patrick McHardy
- [PATCH 02/14] netfilter: nf_tables: rename nft_validate_data_load(), Patrick McHardy
- [PATCH 03/14] netfilter: nft_lookup: use nft_validate_register_store() to validate types, Patrick McHardy
- [PATCH 04/14] netfilter: nf_tables: kill nft_validate_output_register(), Patrick McHardy
- [PATCH 05/14] netfilter: nf_tables: introduce nft_validate_register_load(), Patrick McHardy
- [PATCH 06/14] netfilter: nf_tables: get rid of NFT_REG_VERDICT usage, Patrick McHardy
- [PATCH 07/14] netfilter: nf_tables: use struct nft_verdict within struct nft_data, Patrick McHardy
- [PATCH 08/14] netfilter: nf_tables: convert expressions to u32 register pointers, Patrick McHardy
- [PATCH 09/14] netfilter: nf_tables: kill nft_data_cmp(), Patrick McHardy
- [PATCH 10/14] netfilter: nf_tables: convert sets to u32 data pointers, Patrick McHardy
- [PATCH 11/14] netfilter: nf_tables: add register parsing/dumping helpers, Patrick McHardy
- [PATCH 12/14] netfilter: nf_tables: switch registers to 32 bit addressing, Patrick McHardy
- [PATCH 13/14] netfilter: nf_tables: support variable sized data in nft_data_init(), Patrick McHardy
- [PATCH 14/14] netfilter: nf_tables: variable sized set element keys / data, Patrick McHardy
- Re: [PATCH 00/14] netfilter: nf_tables: concatenation support, Pablo Neira Ayuso
- Re: [PATCH 00/14] netfilter: nf_tables: concatenation support, Pablo Neira Ayuso
[PATCH 0/7 RFC] Netfilter/nf_tables ingress support,
Pablo Neira Ayuso
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
