Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

[PATCH v2 3/5] ipset: add set match "inner" flag support, Dash Four
[PATCH v2 2/5] ipset: add "inner" flag implementation, Dash Four
- Re: [PATCH v2 2/5] ipset: add "inner" flag implementation, Jozsef Kadlecsik
  - Re: [PATCH v2 2/5] ipset: add "inner" flag implementation, Dash Four
    - RE: [PATCH v2 2/5] ipset: add "inner" flag implementation, Jeff Haran
      - Re: [PATCH v2 2/5] ipset: add "inner" flag implementation, Dash Four
      - RE: [PATCH v2 2/5] ipset: add "inner" flag implementation, Jozsef Kadlecsik
        
        RE: [PATCH v2 2/5] ipset: add "inner" flag implementation, Jeff Haran
    - Re: [PATCH v2 2/5] ipset: add "inner" flag implementation, Jozsef Kadlecsik
      - Re: [PATCH v2 2/5] ipset: add "inner" flag implementation, Dash Four
        
        Re: [PATCH v2 2/5] ipset: add "inner" flag implementation, Jozsef Kadlecsik
[PATCH v2 1/5] iptables: bugfix: prevent wrong syntax being accepted by the set match, Dash Four
[PATCH v2 0/5] ipset: add "inner" flag support, Dash Four
libnetfilter_queue: Another Valgrind complaint with nfq_set_mode, Tamas Lengyel
[libnftables PATCH 1/3] nat: xml: fix xml_snprintf buffer offset, Arturo Borrero
- [libnftables PATCH 2/3] nat: xml: fix non-mandatory element, Arturo Borrero
  - Re: [libnftables PATCH 2/3] nat: xml: fix non-mandatory element, Pablo Neira Ayuso
- [libnftables PATCH 3/3] rule: xml: delete trailing space, Arturo Borrero
  - Re: [libnftables PATCH 3/3] rule: xml: delete trailing space, Pablo Neira Ayuso
- Re: [libnftables PATCH 1/3] nat: xml: fix xml_snprintf buffer offset, Pablo Neira Ayuso
[libnftables PATCH] expr: bitwise: xml_parse: fix casting, Arturo Borrero
- Re: [libnftables PATCH] expr: bitwise: xml_parse: fix casting, Pablo Neira Ayuso
[libnftables PATCH 0/2] Series to add JSON output support for rules, Alvaro Neira
- [libnftables PATCH 1/2] Add function for exporting rule to JSON format, Alvaro Neira
- [libnftables PATCH 2/2] Add code for testing the new functions for exporting rules to JSON Format, Alvaro Neira
- <Possible follow-ups>
- [libnftables PATCH 0/2] Series to add JSON output support for rules, Alvaro Neira
  - [libnftables PATCH 2/2] Add code for testing the new functions for exporting rules to JSON Format, Alvaro Neira
    - Re: [libnftables PATCH 2/2] Add code for testing the new functions for exporting rules to JSON Format, Pablo Neira Ayuso
  - [libnftables PATCH 1/2] Add function for exporting rule to JSON format and Order the switch values in the right order, Alvaro Neira
    - Re: [libnftables PATCH 1/2] Add function for exporting rule to JSON format and Order the switch values in the right order, Pablo Neira Ayuso
[PATCH next] netfilter: conntrack: avoid large timeout for mid-stream pickup, Florian Westphal
- Re: [PATCH next] netfilter: conntrack: avoid large timeout for mid-stream pickup, Jozsef Kadlecsik
- Re: [PATCH next] netfilter: conntrack: avoid large timeout for mid-stream pickup, Pablo Neira Ayuso
Huge timeout with loose=1 pickup tcp connections, Florian Westphal
- Re: Huge timeout with loose=1 pickup tcp connections, Pablo Neira Ayuso
- Re: Huge timeout with loose=1 pickup tcp connections, Jozsef Kadlecsik
[PATCH nf-next] netfilter: ct: check return code from nla_parse_tested, Daniel Borkmann
- Re: [PATCH nf-next] netfilter: ct: check return code from nla_parse_tested, Pablo Neira Ayuso
  - Re: [PATCH nf-next] netfilter: ct: check return code from nla_parse_tested, Daniel Borkmann
[PATCH] netfilter: xt_TCPMSS: Add IPv6 default MSS, Phil Oester
- Re: [PATCH] netfilter: xt_TCPMSS: Add IPv6 default MSS, Pablo Neira Ayuso
[PATCH] iptables: Fix connlabel.conf install location, Phil Oester
- Re: [PATCH] iptables: Fix connlabel.conf install location, Florian Westphal
  - Re: [PATCH] iptables: Fix connlabel.conf install location, Pablo Neira Ayuso
    - Re: [PATCH] iptables: Fix connlabel.conf install location, Pablo Neira Ayuso
      - Re: [PATCH] iptables: Fix connlabel.conf install location, Florian Westphal
        
        Re: [PATCH] iptables: Fix connlabel.conf install location, Pablo Neira Ayuso
        
        Re: [PATCH] iptables: Fix connlabel.conf install location, Florian Westphal
        
        Re: [PATCH] iptables: Fix connlabel.conf install location, Pablo Neira Ayuso
- Re: [PATCH] iptables: Fix connlabel.conf install location, Pablo Neira Ayuso
[PATCH] netfilter: xt_TCPOPTSTRIP: don't use tcp_hdr(), Pablo Neira Ayuso
[PATCH] netfilter: xt_TCPMSS: Add safe fragmentation handling, Phil Oester
- Re: [PATCH] netfilter: xt_TCPMSS: Add safe fragmentation handling, Pablo Neira Ayuso
[PATCH] Remove redundant TCP header checks from xt_TCPOPTSTRIP, Phil Oester
- Re: [PATCH] Remove redundant TCP header checks from xt_TCPOPTSTRIP, Pablo Neira Ayuso
  - Re: [PATCH] Remove redundant TCP header checks from xt_TCPOPTSTRIP, Florian Westphal
[PATCH 0/5] netfilter fixes for 3.10-rc5, Pablo Neira Ayuso
- [PATCH 4/5] netfilter: nfnetlink_queue: fix missing HW protocol, Pablo Neira Ayuso
- [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Pablo Neira Ayuso
  - RE: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, David Laight
    - Re: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Phil Oester
      - RE: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, David Laight
        
        Re: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Phil Oester
        
        RE: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, David Laight
        
        Re: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Pablo Neira Ayuso
        
        RE: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Jeff Haran
        
        Re: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Rick Jones
        
        RE: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Jeff Haran
        
        RE: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, Jan Engelhardt
  - Re: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS option, John Heffner
- [PATCH 5/5] ipvs: info leak in __ip_vs_get_dest_entries(), Pablo Neira Ayuso
- [PATCH 2/5] netfilter: nfnetlink_cttimeout: fix incomplete dumping of objects, Pablo Neira Ayuso
- [PATCH 1/5] netfilter: nfnetlink_acct: fix incomplete dumping of objects, Pablo Neira Ayuso
- Re: [PATCH 0/5] netfilter fixes for 3.10-rc5, David Miller
[nftables PATCH 0/2] work on restoration, Eric Leblond
- [nftables PATCH 1/2] rule: display hook info, Eric Leblond
  - Re: [nftables PATCH 1/2] rule: display hook info, Pablo Neira Ayuso
- [nftables PATCH 2/2] counter: fix restoration, Eric Leblond
  - Re: [nftables PATCH 2/2] counter: fix restoration, Pablo Neira Ayuso
[libnftables PATCH] data_reg: xml: delete unreachable code in _veredict_xml_parse(), Arturo Borrero
- Re: [libnftables PATCH] data_reg: xml: delete unreachable code in _veredict_xml_parse(), Pablo Neira Ayuso
[PATCH] fix leak of iter in nft_rule_list, Giuseppe Longo
- Re: [PATCH] fix leak of iter in nft_rule_list, Pablo Neira Ayuso
[PATCH v2] nft: fix leak of iterators, Giuseppe Longo
- Re: [PATCH v2] nft: fix leak of iterators, Pablo Neira Ayuso
[libnftables PATCH] src: xml: implement helper function nft_strtol, Arturo Borrero
[PATCH] netfilter: nfnetlink_queue: fix missing HW protocol, Pablo Neira Ayuso
[libnftables PATCH v3] src: add _unset functions, Arturo Borrero
- Re: [libnftables PATCH v3] src: add _unset functions, Pablo Neira Ayuso
  - Re: [libnftables PATCH v3] src: add _unset functions, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH v3] src: add _unset functions, Pablo Neira Ayuso
[libnftables PATCH 0/2] Series short description, Alvaro Neira
- [libnftables PATCH 1/2] Add functions for exporting tables to JSON format, Alvaro Neira
  - Re: [libnftables PATCH 1/2] Add functions for exporting tables to JSON format, Pablo Neira Ayuso
- [libnftables PATCH 2/2] Add implementation for to proof the JSON export function, Alvaro Neira
  - Re: [libnftables PATCH 2/2] Add implementation for to proof the JSON export function, Pablo Neira Ayuso
- <Possible follow-ups>
- [libnftables PATCH 0/2] Series short description, Alvaro Neira
  - [libnftables PATCH 1/2] Add function for exporting chain to JSON Format, Alvaro Neira
    - Re: [libnftables PATCH 1/2] Add function for exporting chain to JSON Format, Pablo Neira Ayuso
  - [libnftables PATCH 2/2] Implementation for to test the function for exporting chains to JSON format, Alvaro Neira
    - Re: [libnftables PATCH 2/2] Implementation for to test the function for exporting chains to JSON format, Pablo Neira Ayuso
[libnftables PATCH v2] src: add _unset functions, Arturo Borrero
[libnftables PATCH 1/4] Add functions for to export tables to JSON format, Alvaro Neira
- [libnftables PATCH 2/4] Add implementation for to proof the JSON export function, Alvaro Neira
- [libnftables PATCH 3/4] Add JSON Constant for to use the Json export function, Alvaro Neira
  - Re: [libnftables PATCH 3/4] Add JSON Constant for to use the Json export function, Pablo Neira Ayuso
- [libnftables PATCH 4/4] Add a constant for to put the JSON Version, Alvaro Neira
[libnftables PATCH 0/4] Series short description, Alvaro Neira
[PATCH] datatype: concat expression only releases dynamically allocated datatype, Pablo Neira Ayuso
- Re: [PATCH] datatype: concat expression only releases dynamically allocated datatype, Eric Leblond
  - Re: [PATCH] datatype: concat expression only releases dynamically allocated datatype, Pablo Neira Ayuso
[libnftables PATCH 1/2] src: add _unset functions, Arturo Borrero
- [libnftables PATCH 2/2] examples: unset chain & rule handle, Arturo Borrero
- Re: [libnftables PATCH 1/2] src: add _unset functions, Pablo Neira Ayuso
  - Re: [libnftables PATCH 1/2] src: add _unset functions, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH 1/2] src: add _unset functions, Pablo Neira Ayuso
[PATCH 09/12] netfilter: nfnetlink_queue: avoid peer_portid test, Pablo Neira Ayuso
[PATCH 00/12] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
- [PATCH 01/12] netfilter: xt_CT: optimize XT_CT_NOTRACK, Pablo Neira Ayuso
- [PATCH 05/12] netfilter: {ipt,ebt}_ULOG: rise warning on deprecation, Pablo Neira Ayuso
- [PATCH 06/12] sched: add cond_resched_rcu() helper, Pablo Neira Ayuso
  - Re: [PATCH 06/12] sched: add cond_resched_rcu() helper, Paul E. McKenney
- [PATCH 12/12] netfilter: nfnetlink_queue: only add CAP_LEN attr when needed, Pablo Neira Ayuso
- [PATCH 08/12] ipvs: change type of netns_ipvs->sysctl_sync_qlen_max, Pablo Neira Ayuso
- [PATCH 11/12] netfilter: nfnetlink_queue: cleanup copy_range usage, Pablo Neira Ayuso
- [PATCH 07/12] ipvs: use cond_resched_rcu() helper when walking connections, Pablo Neira Ayuso
- [PATCH 10/12] netfilter: Implement RFC 1123 for FTP conntrack, Pablo Neira Ayuso
- [PATCH 04/12] netfilter: don't panic on error while walking through the init path, Pablo Neira Ayuso
- [PATCH 03/12] bridge: netfilter: using strlcpy() instead of strncpy(), Pablo Neira Ayuso
- [PATCH 02/12] netfilter: xt_socket: use IP early demux, Pablo Neira Ayuso
- Re: [PATCH 00/12] Netfilter/IPVS updates for net-next, David Miller
- <Possible follow-ups>
- [PATCH 00/12] netfilter/IPVS updates for net-next, Pablo Neira Ayuso
  - [PATCH 01/12] netfilter: avoid get_random_bytes calls, Pablo Neira Ayuso
  - [PATCH 02/12] netfilter: ctnetlink: honor CTA_MARK_MASK when setting ctmark, Pablo Neira Ayuso
  - [PATCH 03/12] netfilter: nfnetlink_queue: enable UID/GID socket info retrieval, Pablo Neira Ayuso
  - [PATCH 06/12] netfilter: nf_nat: add full port randomization support, Pablo Neira Ayuso
  - [PATCH 08/12] netfilter: nf_conntrack: remove dead code, Pablo Neira Ayuso
  - [PATCH 04/12] netfilter: add IPv4/6 IPComp extension match support, Pablo Neira Ayuso
  - [PATCH 05/12] ipvs: Remove unused variable ret from sync_thread_master(), Pablo Neira Ayuso
  - [PATCH 09/12] netfilter: xt_CT: fix error value in xt_ct_tg_check(), Pablo Neira Ayuso
  - [PATCH 11/12] net: netprio: rename config to be more consistent with cgroup configs, Pablo Neira Ayuso
  - [PATCH 10/12] net: net_cls: move cgroupfs classid handling into core, Pablo Neira Ayuso
  - [PATCH 12/12] netfilter: x_tables: lightweight process control group matching, Pablo Neira Ayuso
  - [PATCH 07/12] netfilter: ipset: remove unused code, Pablo Neira Ayuso
  - Re: [PATCH 00/12] netfilter/IPVS updates for net-next, David Miller
- [PATCH 00/12] Netfilter/IPVS updates for net-next, Pablo Neira Ayuso
  - [PATCH 01/12] netfilter: introduce support for reject at prerouting stage, Pablo Neira Ayuso
  - [PATCH 03/12] ipvs: register hooks only with services, Pablo Neira Ayuso
  - [PATCH 07/12] netfilter: nf_tables: add NFTA_RULE_CHAIN_ID attribute, Pablo Neira Ayuso
  - [PATCH 09/12] netfilter: nf_tables: expose enum nft_chain_flags through UAPI, Pablo Neira Ayuso
  - [PATCH 10/12] netfilter: nf_tables: add nft_chain_add(), Pablo Neira Ayuso
  - [PATCH 12/12] netfilter: nf_tables: reject unsupported chain flags, Pablo Neira Ayuso
  - [PATCH 11/12] netfilter: nf_tables: add NFT_CHAIN_BINDING, Pablo Neira Ayuso
  - [PATCH 08/12] netfilter: nf_tables: add NFTA_VERDICT_CHAIN_ID attribute, Pablo Neira Ayuso
  - [PATCH 05/12] ipvs: allow connection reuse for unconfirmed conntrack, Pablo Neira Ayuso
  - [PATCH 06/12] netfilter: nf_tables: add NFTA_CHAIN_ID attribute, Pablo Neira Ayuso
  - [PATCH 04/12] ipvs: avoid expiring many connections from timer, Pablo Neira Ayuso
  - [PATCH 02/12] netfilter: nft_set_pipapo: Drop useless assignment of scratch map index on insert, Pablo Neira Ayuso
  - Re: [PATCH 00/12] Netfilter/IPVS updates for net-next, David Miller
[PATCH 1/2] conntrack: nfct_cmp: also compare labels, Florian Westphal
- [PATCH 2/2] qa: nfct_cmp: verify individual attr comparision, Florian Westphal
[PATCH] nft: fix leak of iterators, Giuseppe Longo
Locally transmitted Multicast packets are being looped back, even if IP_MULTICAST_LOOP option is set to zero, Vijay Tandeker
- Re: Locally transmitted Multicast packets are being looped back, even if IP_MULTICAST_LOOP option is set to zero, Eric Dumazet
  - Re: Locally transmitted Multicast packets are being looped back, even if IP_MULTICAST_LOOP option is set to zero, Vijay Tandeker
    - Re: Locally transmitted Multicast packets are being looped back, even if IP_MULTICAST_LOOP option is set to zero, Eric Dumazet
[PATCH -next 1/2] netfilter: nf_queue: cleanup copy_range usage, Florian Westphal
- [PATCH -next 2/2] netfilter: nfnetlink_queue: only add CAP_LEN attr when needed, Florian Westphal
  - Re: [PATCH -next 2/2] netfilter: nfnetlink_queue: only add CAP_LEN attr when needed, Pablo Neira Ayuso
- Re: [PATCH -next 1/2] netfilter: nf_queue: cleanup copy_range usage, Pablo Neira Ayuso
[PATCH 1/2] netfilter: nfnetlink_acct: fix incomplete dumping of objects, Pablo Neira Ayuso
- [PATCH 2/2] netfilter: nfnetlink_cttimeout: fix incomplete dumping of objects, Pablo Neira Ayuso
[libnftables] nft_*_attr_unset() functions, Arturo Borrero Gonzalez
[RFC PATCH -next] netfilter: nfqueue: add ability to dump list of supported attributes, Florian Westphal
- Re: [RFC PATCH -next] netfilter: nfqueue: add ability to dump list of supported attributes, Pablo Neira Ayuso
  - Re: [RFC PATCH -next] netfilter: nfqueue: add ability to dump list of supported attributes, Florian Westphal
[PATCH] netfilter: xt_TCPMSS: Avoid violating RFC 879 in absence of MSS option, Phil Oester
- Re: [PATCH] netfilter: xt_TCPMSS: Avoid violating RFC 879 in absence of MSS option, Pablo Neira Ayuso
[libnftables PATCH 0/3] small fixes, Eric Leblond
- [libnftables PATCH 2/3] nft-events: add newline to output, Eric Leblond
  - Re: [libnftables PATCH 2/3] nft-events: add newline to output, Pablo Neira Ayuso
- [libnftables PATCH 1/3] examples: delete payload code in nft-chain-add, Eric Leblond
  - Re: [libnftables PATCH 1/3] examples: delete payload code in nft-chain-add, Pablo Neira Ayuso
- [libnftables PATCH 3/3] expr: fix display of dreg expression, Eric Leblond
  - Re: [libnftables PATCH 3/3] expr: fix display of dreg expression, Pablo Neira Ayuso
- Re: [libnftables PATCH 0/3] small fixes, Arturo Borrero Gonzalez
[PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Eric Dumazet
- Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Jesper Dangaard Brouer
  - Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Eric Dumazet
    - Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Jesper Dangaard Brouer
- Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Eric Dumazet
  - Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Pablo Neira Ayuso
    - Re: [PATCH nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Eric Dumazet
- [PATCH v2 nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Eric Dumazet
  - Re: [PATCH v2 nf-next] netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag, Pablo Neira Ayuso
- [PATCH iptables] xt_socket: add --nowildcard flag, Eric Dumazet
  - Re: [PATCH iptables] xt_socket: add --nowildcard flag, Pablo Neira Ayuso
[libnftables PATCH 1/5] data_reg: xml: fix bytes movements, Arturo Borrero
- [libnftables PATCH 2/5] rule: fix snprintf return value, Arturo Borrero
  - Re: [libnftables PATCH 2/5] rule: fix snprintf return value, Pablo Neira Ayuso
- [libnftables PATCH 3/5] src: xml: set errno to EINVAL when invalid parsing, Arturo Borrero
  - Re: [libnftables PATCH 3/5] src: xml: set errno to EINVAL when invalid parsing, Pablo Neira Ayuso
- [libnftables PATCH 4/5] expr: xml: don't print target&match info, Arturo Borrero
- [libnftables PATCH 5/5] examples: get XML ruleset, Arturo Borrero
[libnftables PATCH] data_reg: delete unreachable code, Arturo Borrero
- Re: [libnftables PATCH] data_reg: delete unreachable code, Pablo Neira Ayuso
[libnftables PATCH v3] src: xml: add versioning, Arturo Borrero
- Re: [libnftables PATCH v3] src: xml: add versioning, Pablo Neira Ayuso
  - Re: [libnftables PATCH v3] src: xml: add versioning, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH v3] src: xml: add versioning, Pablo Neira Ayuso
[PATCH 1/1] netfilter: nf_ct_tcp: extend CLOSE_WAIT timeout, Zang MingJie
- Re: [PATCH 1/1] netfilter: nf_ct_tcp: extend CLOSE_WAIT timeout, Jozsef Kadlecsik
[PATCH] xtables-addons: xt_DHCPMAC: correct mac setting and comparing, Boris Figovsky
[PATCH 1/2] conntrackd: fix compiler warnings, Florian Westphal
- [PATCH 2/2] include: kill unused PLD_* macros, Florian Westphal
  - Re: [PATCH 2/2] include: kill unused PLD_* macros, Pablo Neira Ayuso
- Re: [PATCH 1/2] conntrackd: fix compiler warnings, Pablo Neira Ayuso
[patch] ipvs: info leak in __ip_vs_get_dest_entries(), Dan Carpenter
- Re: [patch] ipvs: info leak in __ip_vs_get_dest_entries(), Julian Anastasov
- Re: [patch] ipvs: info leak in __ip_vs_get_dest_entries(), Simon Horman
  - Re: [patch] ipvs: info leak in __ip_vs_get_dest_entries(), Dan Carpenter
- Re: [patch] ipvs: info leak in __ip_vs_get_dest_entries(), Simon Horman
  - Re: [patch] ipvs: info leak in __ip_vs_get_dest_entries(), Pablo Neira Ayuso
[nftables PATCH 0/5] misc fixes, Eric Leblond
- [nftables PATCH 1/5] doc: fix inversion of operator and object., Eric Leblond
- [nftables PATCH 2/5] expression: don't free TYPE_INVALID datatype, Eric Leblond
- [nftables PATCH 3/5] rule: list elements in set in any case, Eric Leblond
- [nftables PATCH 4/5] cli: add quit command, Eric Leblond
- [nftables PATCH 5/5] cli: reset terminal when CTRL+d is pressed, Eric Leblond
- Re: [nftables PATCH 0/5] misc fixes, Pablo Neira Ayuso
  - Re: [nftables PATCH 0/5] misc fixes, Pablo Neira Ayuso
    - Re: [nftables PATCH 0/5] misc fixes, Eric Leblond
ulog: ulogd.conf.5 man page, Chris Boot
- Re: ulog: ulogd.conf.5 man page, Eric Leblond
[PATCH lnf-conntrack 1/3] qa: add api test for nfct_cmp and nfct_exp functions, Florian Westphal
- [PATCH 3/3] expect: consider all expect attributes when comparing, Florian Westphal
  - Re: [PATCH 3/3] expect: consider all expect attributes when comparing, Pablo Neira Ayuso
    - Re: [PATCH 3/3] expect: consider all expect attributes when comparing, Florian Westphal
      - Re: [PATCH 3/3] expect: consider all expect attributes when comparing, Florian Westphal
        
        Re: [PATCH 3/3] expect: consider all expect attributes when comparing, Pablo Neira Ayuso
        
        Re: [PATCH 3/3] expect: consider all expect attributes when comparing, Florian Westphal
- [PATCH 2/3] conntrack, expect: fix _cmp api with STRICT checking, Florian Westphal
[PATCH] libnetfilter_queue: Fix Valgrind errors of unitialized byte(s) during call to nfq_unbind_pf, Tamas Lengyel
- Re: [PATCH] libnetfilter_queue: Fix Valgrind errors of unitialized byte(s) during call to nfq_unbind_pf, Florian Westphal
[PATCH v4] xtables: Add locking to prevent concurrent instances, Phil Oester
- Re: [PATCH v4] xtables: Add locking to prevent concurrent instances, Pablo Neira Ayuso
[PATCH net-next] sctp: Correct byte order of access to skb->{network, transport}_header, Simon Horman
- Re: [PATCH net-next] sctp: Correct byte order of access to skb->{network, transport}_header, David Miller
[PATCH net-next v3] netfilter: Correct calculation using skb->tail and skb-network_header, Simon Horman
- Re: [PATCH net-next v3] netfilter: Correct calculation using skb->tail and skb-network_header, David Miller
- Re: [PATCH net-next v3] netfilter: Correct calculation using skb->tail and skb-network_header, Chen Gang
[PATCH v2] netfilter: Correct calculation using skb->tail and skb-network_header, Simon Horman
- Re: [PATCH v2] netfilter: Correct calculation using skb->tail and skb-network_header, Simon Horman
[PATCH] netfilter: Correct calculation using skb->tail and skb-network_header, Simon Horman
- Re: [PATCH] netfilter: Correct calculation using skb->tail and skb-network_header, Simon Horman
iptables-nftables: Invalid argument, Giuseppe Longo
- Re: iptables-nftables: Invalid argument, Arturo Borrero Gonzalez
  - Re: iptables-nftables: Invalid argument, Pablo Neira Ayuso
[libnftables PATCH] data_reg: xml: fix invalid veredict validation, Arturo Borrero
- Re: [libnftables PATCH] data_reg: xml: fix invalid veredict validation, Pablo Neira Ayuso
[libnftables PATCH] data_reg: xml: fix using bad temp variable, Arturo Borrero
- Re: [libnftables PATCH] data_reg: xml: fix using bad temp variable, Pablo Neira Ayuso
[PATCH 0/5] netfilter fixes for 3.10-rc3, Pablo Neira Ayuso
- [PATCH 1/5] netfilter: add nf_ipv6_ops hook to fix xt_addrtype with IPv6, Pablo Neira Ayuso
  - Re: [PATCH 1/5] netfilter: add nf_ipv6_ops hook to fix xt_addrtype with IPv6, Lorenzo Colitti
    - Re: [PATCH 1/5] netfilter: add nf_ipv6_ops hook to fix xt_addrtype with IPv6, Florian Westphal
- [PATCH 3/5] ipvs: Fix reuse connection if real server is dead, Pablo Neira Ayuso
- [PATCH 4/5] netfilter: xt_LOG: fix mark logging for IPv6 packets, Pablo Neira Ayuso
- [PATCH 2/5] netfilter: ipt_ULOG: fix non-null terminated string in the nf_log path, Pablo Neira Ayuso
- [PATCH 5/5] ipvs: ip_vs_sh: fix build, Pablo Neira Ayuso
- Re: [PATCH 0/5] netfilter fixes for 3.10-rc3, David Miller
[ANNOUNCE] iptables 1.4.19 release, Pablo Neira Ayuso
- [ANNOUNCE] iptables 1.4.19.1 release, Pablo Neira Ayuso
[PATCH -next] netfilter: nfnetlink_queue: only add CAP_LEN attr when needed, Florian Westphal
- Re: [PATCH -next] netfilter: nfnetlink_queue: only add CAP_LEN attr when needed, Pablo Neira Ayuso
[PATCH nf] netfilter: xt_LOG: fix mark logging for IPv6 packets, Michal Kubecek
- Re: [PATCH nf] netfilter: xt_LOG: fix mark logging for IPv6 packets, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: xt_LOG: fix mark logging for IPv6 packets, Michal Kubecek
[PATCH -next] Revert "netfilter: tproxy: do not assign timewait sockets to skb->sk", Florian Westphal
- Re: [PATCH -next] Revert "netfilter: tproxy: do not assign timewait sockets to skb->sk", Eric Dumazet
- Re: [PATCH -next] Revert "netfilter: tproxy: do not assign timewait sockets to skb->sk", Pablo Neira Ayuso
  - Re: [PATCH -next] Revert "netfilter: tproxy: do not assign timewait sockets to skb->sk", Florian Westphal
[PATCH 4/4] iptables (userspace): add set match "inner" flag support, Dash Four
[PATCH 3/4] iptables: add set match "inner" flag support, Dash Four
[PATCH 2/4] ipset: add "inner" flag implementation, Dash Four
- Re: [PATCH 2/4] ipset: add "inner" flag implementation, Jozsef Kadlecsik
  - Re: [PATCH 2/4] ipset: add "inner" flag implementation, Dash Four
    - Re: [PATCH 2/4] ipset: add "inner" flag implementation, Jozsef Kadlecsik
[PATCH 1/4] ipset: minor variable-naming corrections, Dash Four
[PATCH 0/4] ipset: add "inner" flag support, Dash Four
- Head up [was Re: [PATCH 0/4] ipset: add "inner" flag support], Pablo Neira Ayuso
  - Re: Head up [was Re: [PATCH 0/4] ipset: add "inner" flag support], Jozsef Kadlecsik
    - Re: Head up [was Re: [PATCH 0/4] ipset: add "inner" flag support], Jozsef Kadlecsik
- Re: [PATCH 0/4] ipset: add "inner" flag support, Jozsef Kadlecsik
[Ulogd PATCH] pgsql: add var to specify arbitrary conn params, Eric Leblond
[libnftables PATCH] data_reg: Delete trailing space in snprintf_xml, Arturo Borrero
- Re: [libnftables PATCH] data_reg: Delete trailing space in snprintf_xml, Pablo Neira Ayuso
[libnftables PATCH] data_reg: Add generic interface for parsing: nft_data_reg_parse()., Arturo Borrero
- Re: [libnftables PATCH] data_reg: Add generic interface for parsing: nft_data_reg_parse()., Pablo Neira Ayuso
[libnftables PATCH] data_reg: Fix conditional code in XML parsing functions, Arturo Borrero
- Re: [libnftables PATCH] data_reg: Fix conditional code in XML parsing functions, Pablo Neira Ayuso
[libnftables PATCH] data_reg: conditional XML code for snprintf_xml, Arturo Borrero
- Re: [libnftables PATCH] data_reg: conditional XML code for snprintf_xml, Pablo Neira Ayuso
[libnftables PATCH] rule: fix table flag not being set at XML parsing, Arturo Borrero
- Re: [libnftables PATCH] rule: fix table flag not being set at XML parsing, Pablo Neira Ayuso
[nftables] handle when adding new chain/rule, Arturo Borrero Gonzalez
[libnftables PATCH] data_reg: fix XML operations, Arturo Borrero
- Re: [libnftables PATCH] data_reg: fix XML operations, Pablo Neira Ayuso
[libnftables PATCH v2] src: xml: add versioning, Arturo Borrero
- Re: [libnftables PATCH v2] src: xml: add versioning, Arturo Borrero Gonzalez
[PATCH] xtables: improve get_modprobe handling, Phil Oester
- Re: [PATCH] xtables: improve get_modprobe handling, Pablo Neira Ayuso
[PATCH v3] xtables: Add locking to prevent concurrent instances, Phil Oester
- Re: [PATCH v3] xtables: Add locking to prevent concurrent instances, Pablo Neira Ayuso
  - Re: [PATCH v3] xtables: Add locking to prevent concurrent instances, Phil Oester
    - Re: [PATCH v3] xtables: Add locking to prevent concurrent instances, Pablo Neira Ayuso
Re: [PATCH -resend 4/6] netfilter: Implement RFC 1123 for FTP conntrack, Pablo Neira Ayuso
nfqueue: detect when packet has already been checksummed?, Florian Westphal
- [PATCH] netfilter: nf_queue: add NFQA_SKB_CSUM_NOTVERIFIED info flag, Florian Westphal
  - Re: [PATCH] netfilter: nf_queue: add NFQA_SKB_CSUM_NOTVERIFIED info flag, Pablo Neira Ayuso
- Re: nfqueue: detect when packet has already been checksummed?, Pablo Neira Ayuso
  - Re: nfqueue: detect when packet has already been checksummed?, Florian Westphal
    - Re: nfqueue: detect when packet has already been checksummed?, Pablo Neira Ayuso
      - Re: nfqueue: detect when packet has already been checksummed?, Florian Westphal
        
        Re: nfqueue: detect when packet has already been checksummed?, Pablo Neira Ayuso
        
        Re: nfqueue: detect when packet has already been checksummed?, Florian Westphal
Negative value in /proc/net/netfilter/nfnetlink_queue, Alex Maltinsky
- Re: Negative value in /proc/net/netfilter/nfnetlink_queue, Florian Westphal
  - Re: Negative value in /proc/net/netfilter/nfnetlink_queue, Alex Maltinsky
    - Re: Negative value in /proc/net/netfilter/nfnetlink_queue, Florian Westphal
      - Re: Negative value in /proc/net/netfilter/nfnetlink_queue, Alex Maltinsky
[GIT PULL nf-next v2] IPVS for v3.11, Simon Horman
- [PATCH] ipvs: change type of netns_ipvs->sysctl_sync_qlen_max, Simon Horman
- Re: [GIT PULL nf-next v2] IPVS for v3.11, Pablo Neira Ayuso
[GIT PULL nf] IPVS fixes for v3.10, Simon Horman
- [PATCH] ipvs: Fix reuse connection if real server is dead, Simon Horman
  - Re: [PATCH] ipvs: Fix reuse connection if real server is dead, Pablo Neira Ayuso
    - Re: [PATCH] ipvs: Fix reuse connection if real server is dead, Simon Horman
[PATCH -next, resend] netfilter: nfnetlink_queue: avoid peer_portid test, Florian Westphal
- Re: [PATCH -next, resend] netfilter: nfnetlink_queue: avoid peer_portid test, Pablo Neira Ayuso
[libnftables PATCH 0/2] small fixes for libnftables XML, Arturo Borrero
- [libnftables PATCH 1/2] src: chain: delete useless castings, Arturo Borrero
  - Re: [libnftables PATCH 1/2] src: chain: delete useless castings, Pablo Neira Ayuso
- [libnftables PATCH 2/2] src: xml: add versioning, Arturo Borrero
  - Re: [libnftables PATCH 2/2] src: xml: add versioning, Pablo Neira Ayuso
[PATCH 1/3] netfilter: ctnetlink: attach expectations to unconfirmed conntracks, Pablo Neira Ayuso
- [PATCH 2/3] netfilter: don't panic on error while walking through the init path, Pablo Neira Ayuso
  - Re: [PATCH 2/3] netfilter: don't panic on error while walking through the init path, Gao feng
    - Re: [PATCH 2/3] netfilter: don't panic on error while walking through the init path, Pablo Neira Ayuso
- [PATCH 3/3] netfilter: {ipt,ebt}_ULOG: rise warning on deprecation, Pablo Neira Ayuso
  - Re: [PATCH 3/3] netfilter: {ipt,ebt}_ULOG: rise warning on deprecation, Gao feng
    - Re: [PATCH 3/3] netfilter: {ipt,ebt}_ULOG: rise warning on deprecation, Pablo Neira Ayuso
- Re: [PATCH 1/3] netfilter: ctnetlink: attach expectations to unconfirmed conntracks, Gao feng
[PATCH v2] xtables: Add locking to prevent concurrent instances, Phil Oester
[PATCH net-next] netfilter: xt_socket: use IP early demux, Eric Dumazet
- Re: [PATCH net-next] netfilter: xt_socket: use IP early demux, David Miller
  - Re: [PATCH net-next] netfilter: xt_socket: use IP early demux, Pablo Neira Ayuso
[PATCH] xtables: Add locking to prevent concurrent instances, Phil Oester
- Re: [PATCH] xtables: Add locking to prevent concurrent instances, Patrick McHardy
  - Re: [PATCH] xtables: Add locking to prevent concurrent instances, Phil Oester
    - Re: [PATCH] xtables: Add locking to prevent concurrent instances, Patrick McHardy
[libnftables PATCH v2] examples: XML parsing examples, Arturo Borrero
- Re: [libnftables PATCH v2] examples: XML parsing examples, Pablo Neira Ayuso
[GIT PULL nf-next] IPVS for v3.11, Simon Horman
- [PATCH 1/2] ipvs: change type of netns_ipvs->sysctl_sync_qlen_max, Simon Horman
- [PATCH 2/2] ipvs: Fix reuse connection if real server is dead, Simon Horman
  - Re: [PATCH 2/2] ipvs: Fix reuse connection if real server is dead, Julian Anastasov
  - Re: [PATCH 2/2] ipvs: Fix reuse connection if real server is dead, Sergei Shtylyov
  - Re: [PATCH 2/2] ipvs: Fix reuse connection if real server is dead, Pablo Neira Ayuso
    - Re: [PATCH 2/2] ipvs: Fix reuse connection if real server is dead, Simon Horman
[PATCH ipvs-next v3 0/2] sched: Add cond_resched_rcu_lock() helper, Simon Horman
- [PATCH ipvs-next v3 2/2] ipvs: use cond_resched_rcu() helper when walking connections, Simon Horman
  - Re: [PATCH ipvs-next v3 2/2] ipvs: use cond_resched_rcu() helper when walking connections, Pablo Neira Ayuso
- [PATCH ipvs-next v3 1/2] sched: add cond_resched_rcu() helper, Simon Horman
  - Re: [PATCH ipvs-next v3 1/2] sched: add cond_resched_rcu() helper, Pablo Neira Ayuso
- Re: [PATCH ipvs-next v3 0/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
  - Re: [PATCH ipvs-next v3 0/2] sched: Add cond_resched_rcu_lock() helper, David Miller
    - Re: [PATCH ipvs-next v3 0/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
      - Re: [PATCH ipvs-next v3 0/2] sched: Add cond_resched_rcu_lock() helper, Simon Horman
    - Re: [PATCH ipvs-next v3 0/2] sched: Add cond_resched_rcu_lock() helper, Pablo Neira Ayuso
    - Re: [PATCH ipvs-next v3 0/2] sched: Add cond_resched_rcu_lock() helper, Ingo Molnar
[nftables PATCH] rule: display rule handle as comment, Eric Leblond
- Re: [nftables PATCH] rule: display rule handle as comment, Pablo Neira Ayuso
  - [nftables PATCH] rule: add flag to display rule handle as comment, Eric Leblond
    - Re: [nftables PATCH] rule: add flag to display rule handle as comment, Pablo Neira Ayuso
- Re: [nftables PATCH] rule: display rule handle as comment, Patrick McHardy
- Re: [nftables PATCH] rule: display rule handle as comment, Jesper Dangaard Brouer
  - Re: [nftables PATCH] rule: display rule handle as comment, Patrick McHardy
[RFC 1/2] netfilter: nfnetlink: add commit operation to nfnl_subsystems, Pablo Neira Ayuso
- [RFC 2/2] netfilter: nf_tables: improvements for the existing transaction approach, Pablo Neira Ayuso
  - Re: [RFC 2/2] netfilter: nf_tables: improvements for the existing transaction approach, Pablo Neira Ayuso
[PATCH] iptables: use autoconf to process .in man pages, Andy Spencer
- Re: [PATCH] iptables: use autoconf to process .in man pages, Pablo Neira Ayuso
[PATCH] doc: mention SNAT in INPUT chain since kernel 2.6.36, Michael Roth
- Re: [PATCH] doc: mention SNAT in INPUT chain since kernel 2.6.36, Florian Westphal
[PATCH v2] netfilter: add and use nf_ipv6_ops in xt_addrtype, Florian Westphal
- Re: [PATCH v2] netfilter: add and use nf_ipv6_ops in xt_addrtype, Pablo Neira Ayuso
Re: [PATCH 1/2] ulogd: Perform nice() before giving up root, Eric Leblond
[PATCH] ipv4: netfilter: always let NUL terminated string ended by '\0', Chen Gang
- Re: [PATCH] ipv4: netfilter: always let NUL terminated string ended by '\0', Pablo Neira Ayuso
  - Re: [PATCH] ipv4: netfilter: always let NUL terminated string ended by '\0', Chen Gang
    - Re: [PATCH] ipv4: netfilter: always let NUL terminated string ended by '\0', Pablo Neira Ayuso
      - Re: [PATCH] ipv4: netfilter: always let NUL terminated string ended by '\0', Chen Gang
  - [PATCH v2] ipv4: netfilter: always let NUL terminated string ended by '\0', Chen Gang
    - Re: [PATCH v2] ipv4: netfilter: always let NUL terminated string ended by '\0', Pablo Neira Ayuso
      - Re: [PATCH v2] ipv4: netfilter: always let NUL terminated string ended by '\0', Chen Gang
[PATCH] bridge: netfilter: using strlcpy() instead of strncpy(), Chen Gang
- Re: [PATCH] bridge: netfilter: using strlcpy() instead of strncpy(), Bart De Schuymer
  - Re: [PATCH] bridge: netfilter: using strlcpy() instead of strncpy(), Chen Gang
- Re: [PATCH] bridge: netfilter: using strlcpy() instead of strncpy(), Pablo Neira Ayuso
  - Re: [PATCH] bridge: netfilter: using strlcpy() instead of strncpy(), Chen Gang
[PATCH next v2] libnetfilter_conntrack: don't ignore ATTR_CONNLABELS, Afschin Hormozdiary
- Re: [PATCH next v2] libnetfilter_conntrack: don't ignore ATTR_CONNLABELS, Florian Westphal
MSRP Protocol, twear
[PATCH 0/4] Netfilter fixes for net (3.10-rc1), Pablo Neira Ayuso
- [PATCH 1/4] netfilter: nf_{log,queue}: fix compilation without CONFIG_PROC_FS, Pablo Neira Ayuso
- [PATCH 3/4] netfilter: log: netns NULL ptr bug when calling from conntrack, Pablo Neira Ayuso
- [PATCH 4/4] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Pablo Neira Ayuso
- [PATCH 2/4] netfilter: update MAINTAINERS file, Pablo Neira Ayuso
- Re: [PATCH 0/4] Netfilter fixes for net (3.10-rc1), David Miller
[PATCH next] libnetfilter_conntrack: don't ignore ATTR_CONNLABELS, Afschin Hormozdiary
- Re: [PATCH next] libnetfilter_conntrack: don't ignore ATTR_CONNLABELS, Pablo Neira Ayuso
  - Re: [PATCH next] libnetfilter_conntrack: don't ignore ATTR_CONNLABELS, Afschin Hormozdiary
Suspicious iptables snapshot in NF FTP, Jan Engelhardt
- Re: Suspicious iptables snapshot in NF FTP, Jozsef Kadlecsik
[PATCH v4] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Pablo Neira Ayuso
[PATCH v3] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Pablo Neira Ayuso
[PATCH v2] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Pablo Neira Ayuso
[PATCH] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Pablo Neira Ayuso
- Re: [PATCH] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Florian Westphal
  - Re: [PATCH] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Pablo Neira Ayuso
    - Re: [PATCH] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Florian Westphal
      - Re: [PATCH] netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundary, Pablo Neira Ayuso
[PATCH] netfilter: log: netns NULL ptr bug when calling from conntrack., Hans Schillstrom
- Re: [PATCH] netfilter: log: netns NULL ptr bug when calling from conntrack., Pablo Neira Ayuso
  - Re: [PATCH] netfilter: log: netns NULL ptr bug when calling from conntrack., Hans Schillstrom
- Re: [PATCH] netfilter: log: netns NULL ptr bug when calling from conntrack., Gao feng
[libnftables PATCH] examples: XML parsing examples, Arturo Borrero
[PATCH] cli: complete basic functionality of the interactive mode, Pablo Neira Ayuso
v3.10-rc1 regression notice. (bug #818: NULL pointer dereference ipt_log_packet+0x2e/0x2b0), Ronald
- Re: v3.10-rc1 regression notice. (bug #818: NULL pointer dereference ipt_log_packet+0x2e/0x2b0), Hans Schillstrom
  - Re: v3.10-rc1 regression notice. (bug #818: NULL pointer dereference ipt_log_packet+0x2e/0x2b0), Florian Westphal
Query: No-flush support for ebtables-restore in v2.0.10-4, Ankit
- Re: Query: No-flush support for ebtables-restore in v2.0.10-4, Bart De Schuymer
[libnftables PATCH v4] src: support for XML parsing, Arturo Borrero
- Re: [libnftables PATCH v4] src: support for XML parsing, Pablo Neira Ayuso
- Re: [libnftables PATCH v4] src: support for XML parsing, Pablo Neira Ayuso
  - Re: [libnftables PATCH v4] src: support for XML parsing, Arturo Borrero Gonzalez
Delivery Status Notification, pradipta
[iptables-nftables/libnfables PATCHES] Target translation to nftables, Tomasz Bursztyka
- [libnftables PATCH 0/7] Fixes and features, Tomasz Bursztyka
  - [libnftables PATCH 1/7] git: add a .gitignore file, Tomasz Bursztyka
    - Re: [libnftables PATCH 1/7] git: add a .gitignore file, Pablo Neira Ayuso
      - Re: [libnftables PATCH 1/7] git: add a .gitignore file, Tomasz Bursztyka
        
        Re: [libnftables PATCH 1/7] git: add a .gitignore file, Pablo Neira Ayuso
        
        Re: [libnftables PATCH 1/7] git: add a .gitignore file, Tomasz Bursztyka
  - [libnftables PATCH 2/7] build: add an autogen.sh script, Tomasz Bursztyka
  - [libnftables PATCH 3/7] rule: declare nft_rule_list structure at a proper place, Tomasz Bursztyka
  - [libnftables PATCH 4/7] expr: remove inconsistent and non implemented function, Tomasz Bursztyka
  - [libnftables PATCH 5/7] map: fix nft_rule_expr_build_payload export, Tomasz Bursztyka
  - [libnftables PATCH 6/7] expr: add support for expr list and capability to add it into a rule, Tomasz Bursztyka
  - [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Tomasz Bursztyka
    - Re: [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Pablo Neira Ayuso
      - Re: [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Tomasz Bursztyka
        
        Re: [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Pablo Neira Ayuso
        
        Re: [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Tomasz Bursztyka
        
        Re: [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Pablo Neira Ayuso
        
        Re: [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Tomasz Bursztyka
        
        Re: [libnftables PATCH 7/7] chain: handle attribute is relevant if only there is no name to use, Pablo Neira Ayuso
  - Re: [libnftables PATCH 0/7] Fixes and features, Pablo Neira Ayuso
- [iptables-nftables PATCH 0/6] Fixes and features, Tomasz Bursztyka
  - [iptables-nftables PATCH 1/6] xtables: initialize xtables defaults even on listing rules, Tomasz Bursztyka
    - Re: [iptables-nftables PATCH 1/6] xtables: initialize xtables defaults even on listing rules, Pablo Neira Ayuso
  - [iptables-nftables PATCH 2/6] xtables: destroy list iterator relevantly, Tomasz Bursztyka
    - Re: [iptables-nftables PATCH 2/6] xtables: destroy list iterator relevantly, Pablo Neira Ayuso
  - [iptables-nftables PATCH 5/6] xtables: add support for translating xtables matches into nft expressions, Tomasz Bursztyka
  - [iptables-nftables PATCH 6/6] xtables: add suport for DNAT rule translation to nft extensions, Tomasz Bursztyka
    - Re: [iptables-nftables PATCH 6/6] xtables: add suport for DNAT rule translation to nft extensions, Pablo Neira Ayuso
      - Re: [iptables-nftables PATCH 6/6] xtables: add suport for DNAT rule translation to nft extensions, Tomasz Bursztyka
        
        Re: [iptables-nftables PATCH 6/6] xtables: add suport for DNAT rule translation to nft extensions, Pablo Neira Ayuso
        
        Re: [iptables-nftables PATCH 6/6] xtables: add suport for DNAT rule translation to nft extensions, Tomasz Bursztyka
        
        Re: [iptables-nftables PATCH 6/6] xtables: add suport for DNAT rule translation to nft extensions, Pablo Neira Ayuso
  - [iptables-nftables PATCH 3/6] xtables: policy can be changed only on builtin chain, Tomasz Bursztyka
    - Re: [iptables-nftables PATCH 3/6] xtables: policy can be changed only on builtin chain, Pablo Neira Ayuso
  - [iptables-nftables PATCH 4/6] xtables: Add support for translating xtables target into nft expressions, Tomasz Bursztyka
Some netfilter compile errors when CONFIG_IPV6=m, Cong Wang
- Re: Some netfilter compile errors when CONFIG_IPV6=m, Cong Wang
  - Re: Some netfilter compile errors when CONFIG_IPV6=m, Pablo Neira Ayuso
- Re: Some netfilter compile errors when CONFIG_IPV6=m, Cong Wang
- Re: Some netfilter compile errors when CONFIG_IPV6=m, Pablo Neira Ayuso
  - Re: Some netfilter compile errors when CONFIG_IPV6=m, Cong Wang
[PATCH] netfilter: add and use nf_afinfo in xt_addrtype, Florian Westphal
- Re: [PATCH] netfilter: add and use nf_afinfo in xt_addrtype, Pablo Neira Ayuso
  - Re: [PATCH] netfilter: add and use nf_afinfo in xt_addrtype, Florian Westphal
[PATCH] ipset: Fix hyphen used as minus sign in manpage, Neutron Soutmun
- Re: [PATCH] ipset: Fix hyphen used as minus sign in manpage, Jozsef Kadlecsik
- <Possible follow-ups>
- [PATCH] ipset: Fix hyphen used as minus sign in manpage, Neutron Soutmun
  - Re: [PATCH] ipset: Fix hyphen used as minus sign in manpage, Jozsef Kadlecsik
[PATCH] ipset: Fix syntax error of bash completion in Debian environment, Neutron Soutmun
- Re: [PATCH] ipset: Fix syntax error of bash completion in Debian environment, Neutron Soutmun
  - Re: [PATCH] ipset: Fix syntax error of bash completion in Debian environment, Bourne Without
    - Re: [PATCH] ipset: Fix syntax error of bash completion in Debian environment, Neutron Soutmun
[PATCH 0/2] Introductions, some tweaks to ulogd, Chris Boot
- [PATCH 1/2] ulogd: Perform nice() before giving up root, Chris Boot
  - Re: [PATCH 1/2] ulogd: Perform nice() before giving up root, Chris Boot
    - Re: [PATCH 1/2] ulogd: Perform nice() before giving up root, Eric Leblond
- [PATCH 2/2] ulogd: Implement PID file writing, Chris Boot
  - Re: [PATCH 2/2] ulogd: Implement PID file writing, Pablo Neira Ayuso
    - Re: [PATCH 2/2] ulogd: Implement PID file writing, Chris Boot
      - Re: [PATCH 2/2] ulogd: Implement PID file writing, Pablo Neira Ayuso
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Chris Boot
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Pablo Neira Ayuso
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Chris Boot
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Pablo Neira Ayuso
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Eric Leblond
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Eric Leblond
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Chris Boot
        
        Re: [PATCH 2/2] ulogd: Implement PID file writing, Pablo Neira Ayuso
  - Re: [PATCH 2/2] ulogd: Implement PID file writing, Eric Leblond
    - Re: [PATCH 2/2] ulogd: Implement PID file writing, Chris Boot
      - [PATCH v2] ulogd: Implement PID file writing, Chris Boot
        
        Re: [PATCH v2] ulogd: Implement PID file writing, Chris Boot
        
        Re: [PATCH v2] ulogd: Implement PID file writing, Eric Leblond
        
        [Ulogd PATCH] Improve pid file handling., Eric Leblond
        
        Re: [Ulogd PATCH] Improve pid file handling., Chris Boot
[PATCH] ipset: fix syntax error in bash completion and hyphen used as minus sign in manpage, Neutron Soutmun
- Re: [PATCH] ipset: fix syntax error in bash completion and hyphen used as minus sign in manpage, Neutron Soutmun
- Re: [PATCH] ipset: fix syntax error in bash completion and hyphen used as minus sign in manpage, Jozsef Kadlecsik
  - Re: [PATCH] ipset: fix syntax error in bash completion and hyphen used as minus sign in manpage, Neutron Soutmun
[PATCH] libipset.pc must be installed via 'make install', Eric Leblond
- Re: [PATCH] libipset.pc must be installed via 'make install', Jozsef Kadlecsik
[PATCH RFC 0/11] ulogd2 db rework, Eric Leblond
- [PATCH 01/11] ulogd: display stack during configuration, Eric Leblond
- [PATCH 02/11] Fix automagic support of dbi, pcap and sqlite3, Eric Leblond
- [PATCH 03/11] postgresql: add sanity checking, Eric Leblond
- [PATCH 04/11] mysql: add sanity checking, Eric Leblond
- [PATCH 05/11] sqlite3: add sanity checking, Eric Leblond
- [PATCH 06/11] db: store data in memory during database downtime, Eric Leblond
- [PATCH 07/11] db: suppress field in db structure, Eric Leblond
- [PATCH 08/11] db: use offset instead of direct pointer., Eric Leblond
- [PATCH 09/11] db: add ring buffer for DB query, Eric Leblond
  - Re: [PATCH 09/11] db: add ring buffer for DB query, Pablo Neira Ayuso
    - Re: [PATCH 09/11] db: add ring buffer for DB query, Eric Leblond
      - Re: [PATCH 09/11] db: add ring buffer for DB query, Pablo Neira Ayuso
- [PATCH 11/11] db: db ring has precedence over backlog., Eric Leblond
- [PATCH 10/11] db: disable SIGHUP if ring buffer is used., Eric Leblond
[PATCH nf-next] netfilter: xt_CT: optimize XT_CT_NOTRACK, Eric Dumazet
- [PATCH resend nf-next] netfilter: xt_CT: optimize XT_CT_NOTRACK, Eric Dumazet
  - Re: [PATCH resend nf-next] netfilter: xt_CT: optimize XT_CT_NOTRACK, Pablo Neira Ayuso
[ANNOUNCE] ipset 6.19 released, Jozsef Kadlecsik
ip6tables: Memory allocation problem with xt_geoip on debian wheezy, Chris
[PATCH nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
- Message not available
  - Re: [PATCH nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
    - Message not available
      - Re: [PATCH nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
- [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
  - Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Joe Perches
    - Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
      - Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Joe Perches
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Joe Perches
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Joe Perches
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, David Miller
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
  - Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Jesper Dangaard Brouer
    - Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Eric Dumazet
      - Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Jesper Dangaard Brouer
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Pablo Neira Ayuso
        
        Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Jesper Dangaard Brouer
  - Re: [PATCH v2 nf-next] netfilter: conntrack: remove the central spinlock, Pablo Neira Ayuso
[PATCH] libxtables: fix parsing of dotted network mask format, Pablo Neira Ayuso
[nfacct PATCH] Improve 'flush' man page entry, Thomas Jarosch
iptables upgrade: netmask parsing trouble, Thomas Jarosch
- Re: iptables upgrade: netmask parsing trouble, Pablo Neira Ayuso
  - Re: iptables upgrade: netmask parsing trouble, Thomas Jarosch
Re: [PATCH 05/15] connection tracking helper for SLP, Pablo Neira Ayuso
nfacct version dependency, Thomas Jarosch
- Re: nfacct version dependency, Pablo Neira Ayuso
  - Re: nfacct version dependency, Thomas Jarosch
[xtables-addons][PATCH 1/1] xt_DHCPMAC: correct mac setting and comparing, Boris Figovsky
[xtables-addons][PATCH 0/1] xt_DHCPMAC: correct mac setting and comparing, Boris Figovsky
[-stable-3.8.y 1/9] ipvs: ip_vs_sip_fill_param() BUG: bad check of return value, Pablo Neira Ayuso
- [-stable-3.8.y 3/9] netfilter: ipset: list:set: fix reference counter update, Pablo Neira Ayuso
- [-stable-3.8.y 2/9] netfilter: nf_nat: fix race when unloading protocol modules, Pablo Neira Ayuso
- [-stable-3.8.y 6/9] netfilter: nf_ct_helper: don't discard helper if it is actually the same, Pablo Neira Ayuso
- [-stable-3.8.y 5/9] netfilter: ipset: "Directory not empty" error message, Pablo Neira Ayuso
- [-stable-3.8.y 9/9] netfilter: ip6t_NPT: Fix translation for non-multiple of 32 prefix lengths, Pablo Neira Ayuso
- [-stable-3.8.y 8/9] netfilter: xt_rpfilter: skip locally generated broadcast/multicast, too, Pablo Neira Ayuso
- [-stable-3.8.y 7/9] netfilter: ctnetlink: don't permit ct creation with random tuple, Pablo Neira Ayuso
- [-stable-3.8.y 4/9] netfilter: nf_ct_sip: don't drop packets with offsets pointing outside the packet, Pablo Neira Ayuso
- Re: [-stable-3.8.y 1/9] ipvs: ip_vs_sip_fill_param() BUG: bad check of return value, Greg KH
  - Re: [-stable-3.8.y 1/9] ipvs: ip_vs_sip_fill_param() BUG: bad check of return value, Pablo Neira Ayuso
    - Re: [-stable-3.8.y 1/9] ipvs: ip_vs_sip_fill_param() BUG: bad check of return value, Greg KH
[ANNOUNCE] Linux Security Summit 2013 - CFP, James Morris
- Re: [ANNOUNCE] Linux Security Summit 2013 - CFP, Casey Schaufler
Allow DNPT target from raw table?, Oliver
- Re: Allow DNPT target from raw table?, Florian Westphal
- Re: Allow DNPT target from raw table?, Patrick McHardy
  - Re: Allow DNPT target from raw table?, Oliver
[PATCH] xtables-addons: xt_RAWNAT: skb writable part might not include whole l4 header (ipv4 case)., Dmitry Popov
- Re: [PATCH] xtables-addons: xt_RAWNAT: skb writable part might not include whole l4 header (ipv4 case)., Dmitry Popov
  - Re: [PATCH] xtables-addons: xt_RAWNAT: skb writable part might not include whole l4 header (ipv4 case)., Jan Engelhardt
    - Re: [PATCH] xtables-addons: xt_RAWNAT: skb writable part might not include whole l4 header (ipv4 case)., Dmitry Popov
      - Re: [PATCH] xtables-addons: xt_RAWNAT: skb writable part might not include whole l4 header (ipv4 case)., Jan Engelhardt
        
        Re: [PATCH] xtables-addons: xt_RAWNAT: skb writable part might not include whole l4 header (ipv4 case)., Dmitry Popov
        
        Re: [PATCH] xtables-addons: xt_RAWNAT: skb writable part might not include whole l4 header (ipv4 case)., Pablo Neira Ayuso
xt_addrtype limit-iface-in is broken for ipv6, Florian Westphal
- Re: xt_addrtype limit-iface-in is broken for ipv6, Pablo Neira Ayuso
  - Re: xt_addrtype limit-iface-in is broken for ipv6, Florian Westphal
[PATCH 0/6] ipset updates for nf-next, Jozsef Kadlecsik
- [PATCH 6/6] netfilter: ipset: Use fix sized type for timeout in the extension part, Jozsef Kadlecsik
- [PATCH 2/6] netfilter: ipset: Sparse warning about shadowed variable fixed, Jozsef Kadlecsik
- [PATCH 1/6] netfilter: ipset: Don't call ip_nest_end needlessly in the error path, Jozsef Kadlecsik
- [PATCH 5/6] netfilter: ipset: Fix "may be used uninitialized" warnings, Jozsef Kadlecsik
  - Re: [PATCH 5/6] netfilter: ipset: Fix "may be used uninitialized" warnings, Pablo Neira Ayuso
- [PATCH 4/6] netfilter: ipset: Rename simple macro names to avoid namespace issues., Jozsef Kadlecsik
- [PATCH 3/6] netfilter: ipset: Fix sparse warnings due to missing rcu annotations, Jozsef Kadlecsik
  - Re: [PATCH 3/6] netfilter: ipset: Fix sparse warnings due to missing rcu annotations, Pablo Neira Ayuso
- Re: [PATCH 0/6] ipset updates for nf-next, Pablo Neira Ayuso
  - Re: [PATCH 0/6] ipset updates for nf-next, Jozsef Kadlecsik
    - Re: [PATCH 0/6] ipset updates for nf-next, Pablo Neira Ayuso
[PATCH v3 0/2] sched: Add cond_resched_rcu_lock() helper, Simon Horman
- [PATCH v3 2/2] ipvs: Use cond_resched_rcu_lock() helper when dumping connections, Simon Horman
- [PATCH v3 1/2] sched: Add cond_resched_rcu_lock() helper, Simon Horman
Re: net/netfilter/nf_log.c:373:38: error: 'struct netns_nf' has no member named 'proc_netfilter', Pablo Neira Ayuso
- Re: net/netfilter/nf_log.c:373:38: error: 'struct netns_nf' has no member named 'proc_netfilter', Gao feng
Re: [PATCH] netfilter: ipset: support package fragments for IPv4 protos without ports, Jozsef Kadlecsik
- [PATCH V2] netfilter: ipset: support package fragments for IPv4 protos without ports, Anders K. Pedersen | Surftown
  - Re: [PATCH V2] netfilter: ipset: support package fragments for IPv4 protos without ports, Pablo Neira Ayuso
    - Re: [PATCH V2] netfilter: ipset: support package fragments for IPv4 protos without ports, Anders K. Pedersen | Surftown
  - Re: [PATCH V2] netfilter: ipset: support package fragments for IPv4 protos without ports, Jozsef Kadlecsik
Bug fixes only now please., David Miller
[PATCH v2 0/2] sched: Add cond_resched_rcu_lock() helper, Simon Horman
- [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Simon Horman
  - Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
    - Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Simon Horman
      - Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Eric Dumazet
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Paul E. McKenney
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Peter Zijlstra
        
        Re: [PATCH v2 1/2] sched: Add cond_resched_rcu_lock() helper, Julian Anastasov

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]