Linux TCP/IP Netfilter
[Prev Page][Next Page]
- How to debug iptables/conntrack?
- From: Dexuan Cui <decui@xxxxxxxxxxxxx>
- conntrackd.conf: multiple IP addresses in the IPv4_Destination_Address field
- From: Sergey Nikitin <oldnick.ru@xxxxxxxxx>
- Re: Using SYN Proxy to protect servers that have different wscale
- From: İbrahim Ercan <ibrahim.metu@xxxxxxxxx>
- Re: Using SYN Proxy to protect servers that have different wscale
- From: Florian Westphal <fw@xxxxxxxxx>
- Using SYN Proxy to protect servers that have different wscale
- From: İbrahim Ercan <ibrahim.metu@xxxxxxxxx>
- Re: What should happen when the size of a nftables set is reached?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: What should happen when the size of a nftables set is reached?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: What should happen when the size of a nftables set is reached?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: What should happen when the size of a nftables set is reached?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Unable to build nftables from git
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: What should happen when the size of a nftables set is reached?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: What should happen when the size of a nftables set is reached?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Unable to build nftables from git
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: What should happen when the size of a nftables set is reached?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Unable to build nftables from git
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Chain outbound
- From: Paul Fontenot <wpfontenot@xxxxxxxxxxx>
- "nft - f <file>" errors unless "nft flush ruleset" called first
- From: H Craig <hicksycle@xxxxxxxxx>
- Re: Chain outbound
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Chain outbound
- From: Paul Fontenot <wpfontenot@xxxxxxxxxxx>
- Re: Chain outbound
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- Chain outbound
- From: Paul Fontenot <wpfontenot@xxxxxxxxxxx>
- Chain outbound
- From: Paul Fontenot <wpfontenot@xxxxxxxxxxx>
- NFTables and Openvpn killswitch
- From: Paul Fontenot <wpfontenot@xxxxxxxxxxx>
- ip6 nat nftables trouble
- From: Frank Carmickle <frank@xxxxxxxxxxxxx>
- Re: loose/strict source route option filtering
- From: Stephen Suryaputra <ssuryaextr@xxxxxxxxx>
- Re: loose/strict source route option filtering
- From: John Haxby <john.haxby@xxxxxxxxxx>
- loose/strict source route option filtering
- From: Stephen Suryaputra <ssuryaextr@xxxxxxxxx>
- Re: filter packet ip|fqdn http destination
- From: Gianluca Gargiulo <gianluca.gargiulo@xxxxxxxxx>
- Re: filter packet ip|fqdn http destination
- From: Humberto Jucá <betolj@xxxxxxxxx>
- Fwd: filter packet ip|fqdn http destination
- From: Gianluca Gargiulo <gianluca.gargiulo@xxxxxxxxx>
- Re: Fwd: Re: iptables: undefined symbol: xtables_find_target_revision
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Fwd: Re: iptables: undefined symbol: xtables_find_target_revision
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- conntrack-tools: conntrackd returns "[ERROR] unknown layer 3 protocol"
- From: Daniel Thiele <dthiele@xxxxxxx>
- Re: iptables: undefined symbol: xtables_find_target_revision
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Fwd: Re: iptables: undefined symbol: xtables_find_target_revision
- From: nhhabsburglothringen <nhhabsburglothringen@xxxxxxxxx>
- Re: Fwd: Re: iptables: undefined symbol: xtables_find_target_revision
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Fwd: Re: iptables: undefined symbol: xtables_find_target_revision
- From: nhhabsburglothringen <nhhabsburglothringen@xxxxxxxxx>
- Writing a userland IP network crypto using netfilter mangling
- From: Kees-Jan Hermans <kees.jan.hermans@xxxxxxxxx>
- Re: iptables: undefined symbol: xtables_find_target_revision
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- ESTABLISHED tcp conntrack timeout
- From: Naruto Nguyen <narutonguyen2018@xxxxxxxxx>
- Re: iptables: undefined symbol: xtables_find_target_revision
- From: nhhabsburglothringen <nhhabsburglothringen@xxxxxxxxx>
- iptables: undefined symbol: xtables_find_target_revision
- From: nhhabsburglothringen <nhhabsburglothringen@xxxxxxxxx>
- Re: Banning IP addresses with extended timeout
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- What should happen when the size of a nftables set is reached?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Questions concerning the netdev table of nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Limiting connections with nft
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Questions concerning the netdev table of nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Banning IP addresses with extended timeout
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Limiting connections with nft
- From: Florian Westphal <fw@xxxxxxxxx>
- Limiting connections with nft
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Moving from ipset to nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Banning IP addresses with extended timeout
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Questions concerning the netdev table of nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- nft delete rule
- From: murugesh pitchaiah <murugesh.pitchaiah@xxxxxxxxx>
- Re: Unable to build nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Unable to build nftables
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Unable to build nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Unable to build nftables
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Unable to build nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: [Q:][IPv6-NAT]How to let inner-host reach outside by IPv6-NAT
- From: 马树超 <shuchao.max@xxxxxxxxx>
- Re: [Q:][IPv6-NAT]How to let inner-host reach outside by IPv6-NAT
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- [Q:][IPv6-NAT]How to let inner-host reach outside by IPv6-NAT
- From: 马树超 <shuchao.max@xxxxxxxxx>
- [PATCH v3 2/2] Keep unpacked directories, and detect latest for rebuilding
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 1/2] Put database into country subdirectory
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 0/2] Further improvements to GeoLite2 migration
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- Re: Translate iptables command to set mss size to nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Translate iptables command to set mss size to nftables
- From: Tobias Tertel <tobias.tertel@xxxxxxxxxx>
- SV: Nftables Hash perturb and general math
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Nftables Hash perturb and general math
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Nftables Hash perturb and general math
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: Netfilter + fail2ban + SSH in docker.... I am doing something wrong
- From: Felix Rubio <felix@xxxxxxxxx>
- Re: iptables to nftables question
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Netfilter + fail2ban + SSH in docker.... I am doing something wrong
- From: n3phr0n <n3ph@xxxxxxxx>
- Netfilter + fail2ban + SSH in docker.... I am doing something wrong
- From: Felix Rubio Dalmau <felix@xxxxxxxxx>
- [ANNOUNCE] nftlb 0.4 release
- From: Laura Garcia <nevola@xxxxxxxxx>
- Netfilter + fail2ban + SSH in docker.... I am doing something wrong
- From: Felix Rubio Dalmau <felix@xxxxxxxxx>
- Re: iptables to nftables question
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: iptables Configured ratelimit is not same as the rule shown in Rule display
- From: "Shivegowda, Naveen (Nokia - IN/Bangalore)" <naveen.shivegowda@xxxxxxxxx>
- Questions concerning the netdev table of nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: iptables to nftables question
- From: VDR User <user.vdr@xxxxxxxxx>
- iptables to nftables question
- From: Paul Fontenot <wpfontenot@xxxxxxxxxxx>
- How to efficiently collect nftables meter values?
- From: Piotr Jurkiewicz <piotr.jerzy.jurkiewicz@xxxxxxxxx>
- How to efficiently collect nftables meter values?
- From: Piotr Jurkiewicz <piotr.jerzy.jurkiewicz@xxxxxxxxx>
- Re: conntrackd - active/active asymmetric multi-path cluster - TCP SYN_SENT UNREPLIED
- From: Michael Gerlach | Reservix GmbH <michael.gerlach@xxxxxxxxxxx>
- Re: Nftables, netdev table, ingress hook and cgroup classes
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nft_osf: Add version option support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 2/5 nft] json: osf: add version json support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH 4/5 nft] doc: add osf version option to man page
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH 3/5 nft] tests: py: add osf tests with versions
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH 1/5 nft] osf: add version fingerprint support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH 2/5 nft] json: osf: add version json support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH 5/5 nft] files: osf: update pf.os with newer OS fingerprints
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- Re: [PATCH 2/5 nft] json: osf: add version json support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH libnftnl] expr: osf: add version option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH nf-next] netfilter: nft_osf: Add version option support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- Re: Nftables, netdev table, ingress hook and cgroup classes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Nftables, netdev table, ingress hook and cgroup classes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Nftables, netdev table, ingress hook and cgroup classes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: A few questions concerning the "nft set" syntax
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Nftables, netdev table, ingress hook and cgroup classes
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- How to log network traffic through reading conntrack logging.
- From: Wambui Karuga <wambui.dev@xxxxxxxxx>
- SV: conntrackd - active/active asynchronous multi-path cluster - TCP SYN_SENT UNREPLIED
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Florian Westphal <fw@xxxxxxxxx>
- RE: [ANNOUNCE] ipset 7.1 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: unclear documentation with ipsec policy matcher
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Re: unclear documentation with ipsec policy matcher
- From: Pierre Colombier <pcdwarf@xxxxxxxxxxx>
- Re: conntrackd - active/active asynchronous multi-path cluster - TCP SYN_SENT UNREPLIED
- From: n3phr0n <n3ph@xxxxxxxx>
- conntrackd - active/active asymmetric multi-path cluster - TCP SYN_SENT UNREPLIED
- From: n3phr0n <n3ph@xxxxxxxx>
- conntrackd - active/active asynchronous multi-path cluster - TCP SYN_SENT UNREPLIED
- From: n3phr0n <n3ph@xxxxxxxx>
- Re: iptables Configured ratelimit is not same as the rule shown in Rule display
- From: John Haxby <john.haxby@xxxxxxxxxx>
- iptables Configured ratelimit is not same as the rule shown in Rule display
- From: "Shivegowda, Naveen (Nokia - IN/Bangalore)" <naveen.shivegowda@xxxxxxxxx>
- Re: unclear documentation with ipsec policy matcher
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- unclear documentation with ipsec policy matcher
- From: Pierre Colombier <pcdwarf@xxxxxxxxxxx>
- Re: looking for help on applying fec to packets on an interface
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- Re: looking for help on applying fec to packets on an interface
- From: dan <dandenson@xxxxxxxxx>
- A few questions concerning the "nft set" syntax
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: looking for help on applying fec to packets on an interface
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- RE: [ANNOUNCE] ipset 7.1 released
- From: <eliezer@xxxxxxxxxxxx>
- looking for help on applying fec to packets on an interface
- From: dan <dandenson@xxxxxxxxx>
- File handle leak in libnftables - nft_run_cmd_from_filename
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Nftables help fordwarding lan traffic to namespace
- From: VDR User <user.vdr@xxxxxxxxx>
- Re: flowtable in only one direction ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- update on netdev 0x13 conference
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- Re: flowtable in only one direction ?
- From: Florian Westphal <fw@xxxxxxxxx>
- [ANNOUNCE] 15th Netfilter Workshop in Malaga, Spain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- flowtable in only one direction ?
- From: Sean Darcy <seandarcy2@xxxxxxxxx>
- conditional flowtable ??
- From: sean darcy <seandarcy2@xxxxxxxxx>
- "--weekdays Thu" seems to always trigger a match (even if it's not a Thursday)
- From: "K. de Jong" <kees.dejong+dev@xxxxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Re: Question concerning expressions in the nftables rules
- From: Florian Westphal <fw@xxxxxxxxx>
- Question concerning expressions in the nftables rules
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Englobe interfaces
- From: Miriam Rico <miriam.rico@xxxxxxxxxxxx>
- Re: nftables - unable to delete last element of map
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- nftables - unable to delete last element of map
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Re: How to use SYNPROXY with nftables?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: How to use SYNPROXY with nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: How to use SYNPROXY with nftables?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Unable to build nftables from git
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: How to use SYNPROXY with nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Unable to build nftables from git
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Unable to build nftables from git
- From: Florian Westphal <fw@xxxxxxxxx>
- How to use SYNPROXY with nftables?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Unable to build nftables from git
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Nftables - can't flush table ip filter + expired certificate for netfilter.org
- From: Václav Zindulka <zindulka.vaclav@xxxxxxxxx>
- Re: Nftables - can't flush table ip filter + expired certificate for netfilter.org
- From: Florian Westphal <fw@xxxxxxxxx>
- Nftables - can't flush table ip filter + expired certificate for netfilter.org
- From: Václav Zindulka <zindulka.vaclav@xxxxxxxxx>
- Englobe interfaces
- From: Miriam Rico <miriam.rico@xxxxxxxxxxxx>
- Re: Use "flow-table" (meter) to block IPs
- From: Thomas Luening <toml@xxxxxxx>
- Re: Use "flow-table" (meter) to block IPs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: weird issue with ebtables-restore
- From: Michael Taboada <michael@michaels.world>
- Re: synack packet invalid when client reconnecting with same src port because out of window?
- From: Dominique Martinet <asmadeus@xxxxxxxxxxxxx>
- Re: weird issue with ebtables-restore
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Use "flow-table" (meter) to block IPs
- From: Florian Westphal <fw@xxxxxxxxx>
- Use "flow-table" (meter) to block IPs
- From: Thomas Luening <toml@xxxxxxx>
- weird issue with ebtables-restore
- From: Michael Taboada <michael@michaels.world>
- Re: nftables "Set member cannot be prefix"
- From: "ad^2" <adsquaired@xxxxxxxxx>
- Re: synack packet invalid when client reconnecting with same src port because out of window?
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: synack packet invalid when client reconnecting with same src port because out of window?
- From: Dominique Martinet <asmadeus@xxxxxxxxxxxxx>
- Re: synack packet invalid when client reconnecting with same src port because out of window?
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: synack packet invalid when client reconnecting with same src port because out of window?
- From: Dominique Martinet <asmadeus@xxxxxxxxxxxxx>
- Re: synack packet invalid when client reconnecting with same src port because out of window?
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: nftables "Set member cannot be prefix"
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- synack packet invalid when client reconnecting with same src port because out of window?
- From: Dominique Martinet <asmadeus@xxxxxxxxxxxxx>
- General protection fault on boot.
- From: Daniel Palmer <daniel@xxxxxxxx>
- Fwd: nftables "Set member cannot be prefix"
- From: "ad^2" <adsquaired@xxxxxxxxx>
- Re: Forcing to accept packets on lower priorities
- From: Philipp Richter <richterphilipp.pops@xxxxxxxxx>
- Re: Flushing of the nftables rules takes a long time
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: No traction on default verdicts?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: No traction on default verdicts?
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: Forcing to accept packets on lower priorities
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: Flushing of the nftables rules takes a long time
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: nft 'ruleset'?
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: Conntrackd Fail Over Causing loss of network traffic
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: libnftables - undefined reference
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Re: libnftables - undefined reference
- From: Florian Westphal <fw@xxxxxxxxx>
- libnftables - undefined reference
- From: Václav Zindulka <vaclav.zindulka@xxxxxxxxxx>
- Forcing to accept packets on lower priorities
- From: Philipp Richter <richterphilipp.pops@xxxxxxxxx>
- Re: 4.19.12 (debian): nf_conncount_destroy: general protection fault
- From: Harald Dunkel <harald.dunkel@xxxxxxxxx>
- Re: 4.19.12 (debian): nf_conncount_destroy: general protection fault
- From: Florian Westphal <fw@xxxxxxxxx>
- 4.19.12 (debian): nf_conncount_destroy: general protection fault
- From: Harald Dunkel <harald.dunkel@xxxxxxxxx>
- Re: nftables equivalent for ebtables BROUTING trick?
- From: Sergey Venkov <sergey.venkov@xxxxxxxxx>
- Re: Checking amount of connections in New state
- From: Jurek Golonko <jgolonko@xxxxxxxxxx>
- Re: Checking amount of connections in New state
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- Checking amount of connections in New state
- From: Jurek Golonko <jgolonko@xxxxxxxxxx>
- Re: Mismatch in Rules-Translation?
- From: Thomas Luening <toml@xxxxxxx>
- Re: Deleting tables from included files causes a kernel BUG
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- Re: Deleting tables from included files causes a kernel BUG
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Deleting tables from included files causes a kernel BUG
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Deleting tables from included files causes a kernel BUG
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Deleting tables from included files causes a kernel BUG
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Mismatch in Rules-Translation?
- From: Thomas Luening <toml@xxxxxxx>
- Re: Deleting tables from included files causes a kernel BUG
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Syntax-Error with a Rule?
- From: Thomas Luening <toml@xxxxxxx>
- Re: Deleting tables from included files causes a kernel BUG
- From: Florian Westphal <fw@xxxxxxxxx>
- Deleting tables from included files causes a kernel BUG
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: netfilter/iptable change interferes with lo interface rules
- From: J B <jb.1234abcd@xxxxxxxxx>
- Conntrackd Fail Over Causing loss of network traffic
- From: "Mathew Duggan" <mat@xxxxxxxxxxxxx>
- Re: Syntax-Error with a Rule?
- From: Florian Westphal <fw@xxxxxxxxx>
- Syntax-Error with a Rule?
- From: Thomas Luening <toml@xxxxxxx>
- Connection tracking packet accounting off by one
- From: halfdog <me@xxxxxxxxxxx>
- Re: netfilter/iptable change interferes with lo interface rules
- From: J B <jb.1234abcd@xxxxxxxxx>
- netfilter/iptable change interferes with lo interface rules
- From: J B <jb.1234abcd@xxxxxxxxx>
- ebtables dnat mac rewrite bonding interface
- From: F L <ackowa@xxxxxxxxx>
- Re: Weird priorities: priority filter, priority raw - 1, priority mangle, etc
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Question about log rate limiting
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Nftables consumes 500M+ of RAM
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Weird priorities: priority filter, priority raw - 1, priority mangle, etc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Question about log rate limiting
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nftables won't accept default very simple empty filter chains on Armbian/espressobin
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nftables won't accept default very simple empty filter chains on Armbian/espressobin
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: nftables won't accept default very simple empty filter chains on Armbian/espressobin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables won't accept default very simple empty filter chains on Armbian/espressobin
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables won't accept default very simple empty filter chains on Armbian/espressobin
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: Question about log rate limiting
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- nftables won't accept default very simple empty filter chains on Armbian/espressobin
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: Question about log rate limiting
- From: Florian Westphal <fw@xxxxxxxxx>
- Question about log rate limiting
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Passive FTP not working with iptables
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- Weird priorities: priority filter, priority raw - 1, priority mangle, etc
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Flushing of the nftables rules takes a long time
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Nftables consumes 500M+ of RAM
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Passive FTP not working with iptables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Passive FTP not working with iptables
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Passive FTP not working with iptables
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
- How to port "-m multiport ! --sports 80,443" to nftables?
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Moving from ipset to nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Moving from ipset to nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: Moving from ipset to nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Passive FTP not working with iptables
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
- Re: Moving from ipset to nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Passive FTP not working with iptables
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- Re: Moving from ipset to nftables
- From: Amish <anon.amish@xxxxxxxxx>
- Re: Moving from ipset to nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: problem with limit rate
- From: GM <grzesiek20@xxxxxx>
- Re: Moving from ipset to nftables
- From: Amish <anon.amish@xxxxxxxxx>
- Moving from ipset to nftables
- From: Mikhail Morfikov <mmorfikov@xxxxxxxxx>
- Re: problem with limit rate
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: problem with limit rate
- From: GM <grzesiek20@xxxxxx>
- Re: problem with limit rate
- From: Florian Westphal <fw@xxxxxxxxx>
- problem with limit rate
- From: GM <grzesiek20@xxxxxx>
- Re: How to use named quota in filter rule?
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- Re: How to use named quota in filter rule?
- From: Florian Westphal <fw@xxxxxxxxx>
- How to use named quota in filter rule?
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
- nft 'ruleset'?
- From: Howard Johnson <hwj@xxxxxxxxxxxxxxxxxxxxxxxx>
- Re: Quotation marks and meta iif(name) interface names/indices
- From: Florian Westphal <fw@xxxxxxxxx>
- Quotation marks and meta iif(name) interface names/indices
- From: Adrian <thehim@xxxxxxxxx>
- Re: How to forward traffic through created tunnel
- From: Josiah Chinedu <josiahaccounts@xxxxxxxxx>
- Re: How to forward traffic through created tunnel
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- Re: How to forward traffic through created tunnel
- From: Josiah Chinedu <josiahaccounts@xxxxxxxxx>
- Re: How to forward traffic through created tunnel
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- Re: How to forward traffic through created tunnel
- From: Josiah Chinedu <josiahaccounts@xxxxxxxxx>
- Re: How to forward traffic through created tunnel
- From: Dave Osbourne <dave@xxxxxxxxxxxxxxxxxx>
- How to forward traffic through created tunnel
- From: Josiah Chinedu <josiahaccounts@xxxxxxxxx>
- [ANNOUNCE] ipset 7.1 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: A delay mechanism for iptables?
- From: Robert White <rwhite@xxxxxxxxx>
- No traction on default verdicts?
- From: Robert White <rwhite@xxxxxxxxx>
- "jump" vs "goto" vs "call"
- From: Robert White <rwhite@xxxxxxxxx>
- Re: connlimit support in nftables v0.9
- From: Florian Westphal <fw@xxxxxxxxx>
- connlimit support in nftables v0.9
- From: Darius <dram@xxxxxxxxxxx>
- Re: nftables nft nested loops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables nft nested loops
- From: Jeremy Jackson <jerj@xxxxxxxxxxxx>
- Re: UDP Load balancing
- From: Laura Garcia <nevola@xxxxxxxxx>
- UDP Load balancing
- From: Simon Bernard <contact@xxxxxxxxxxxxxxx>
- TLS certificate expired for wiki.nftables.org
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: Duplicating packets 'dup' to host outside same subnet
- From: Ricardo Fraile <rfraile@xxxxxxxxxxxxx>
- Re: Duplicating packets 'dup' to host outside same subnet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Duplicating packets 'dup' to host outside same subnet
- From: Ricardo Fraile <rfraile@xxxxxxxxxxxxx>
- Re: libnetfilter_conntrack example crashes
- From: Florian Westphal <fw@xxxxxxxxx>
- libnetfilter_conntrack example crashes
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
- Re: nftables equivalent for ebtables BROUTING trick?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables equivalent for ebtables BROUTING trick?
- From: Sergey Venkov <sergey.venkov@xxxxxxxxx>
- Re: A delay mechanism for iptables?
- From: "Paul Hoffman" <phoffman@xxxxxxxxxx>
- Re: A delay mechanism for iptables?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: A delay mechanism for iptables?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables equivalent for ebtables BROUTING trick?
- From: Florian Westphal <fw@xxxxxxxxx>
- nftables equivalent for ebtables BROUTING trick?
- From: Sergey Venkov <sergey.venkov@xxxxxxxxx>
- Re: A delay mechanism for iptables?
- From: Dave Osbourne <dave@xxxxxxxxxxxxxxxxxx>
- A delay mechanism for iptables?
- From: "Paul Hoffman" <phoffman@xxxxxxxxxx>
- Re: nftables nft nested loops
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables nft nested loops
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nftables nft nested loops
- From: Jeremy Jackson <jerj@xxxxxxxxxxxx>
- Re: nftables nft nested loops
- From: Florian Westphal <fw@xxxxxxxxx>
- nftables nft nested loops
- From: Jeremy Jackson <jerj@xxxxxxxxxxxx>
- [ANNOUNCE] nftlb 0.3 release
- From: Laura Garcia <nevola@xxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- Re: cant get ftp forwarding working
- From: Laura Garcia <nevola@xxxxxxxxx>
- AW: cant get ftp forwarding working
- From: Thomas Bätzler <t.baetzler@xxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.1.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] iptables 1.8.2 release
- From: Florian Westphal <fw@xxxxxxxxx>
- Any way to match all ports in ipset hash?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- Adding fields to conntrack
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
- How to defend tcp syn attack when using snat
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- How to defend tcp syn attack when using snat
- From: Zheng konia <konianet@xxxxxxxxx>
- ICMP error does not go to the correct interface
- From: Marc SCHAEFER <schaefer@xxxxxxxxxxx>
- Re: nftables & strongswan - how to?
- From: Florian Westphal <fw@xxxxxxxxx>
- nftables & strongswan - how to?
- From: kjonca@xxxxx (Kamil Jońca)
- [ANNOUNCE] ipset 7.0 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [ANNOUNCE] iptables 1.8.1 release
- From: Florian Westphal <fw@xxxxxxxxx>
- Question about hashlimit module settings
- From: Jason Rabel <jasonrabel99@xxxxxxxxx>
- Re: SV: Module conntrack question
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- SV: Module conntrack question
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Module conntrack question
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Module conntrack question
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- Re: Fwd: nftables NAT stops working (trace included)
- From: Thorsten Knabe <linux@xxxxxxxxxxxxxxxxx>
- Fwd: nftables NAT stops working (trace included)
- From: "ad^2" <adsquaired@xxxxxxxxx>
- Re: nftables NAT stops working (trace included)
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nftables NAT stops working (trace included)
- From: Florian Westphal <fw@xxxxxxxxx>
- nftables NAT stops working (trace included)
- From: "ad^2" <adsquaired@xxxxxxxxx>
- Re: SV: SV: "straggler" packets being logged
- From: "Brian J. Murrell" <brian@xxxxxxxxxxxxxxx>
- SV: SV: "straggler" packets being logged
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: SV: "straggler" packets being logged
- From: "Brian J. Murrell" <brian@xxxxxxxxxxxxxxx>
- Re: SV: "straggler" packets being logged
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: SV: SV: "straggler" packets being logged
- From: "Brian J. Murrell" <brian@xxxxxxxxxxxxxxx>
- SV: SV: "straggler" packets being logged
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: SV: "straggler" packets being logged
- From: "Brian J. Murrell" <brian@xxxxxxxxxxxxxxx>
- SV: "straggler" packets being logged
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Struggling with tc syntax for VLAN interfaces
- From: Tim Jones <b631093f-779b-4d67-9ffe-5f6d5b1d3f8a@xxxxxxxxxxxxx>
- "straggler" packets being logged
- From: "Brian J. Murrell" <brian@xxxxxxxxxxxxxxx>
- Re: Potential Key Decision Makers-IT/Security/Storage/Finance/HR/Marketing/Telecom
- From: Mihai Tanasescu <mihai@xxxxxxxx>
- Potential Key Decision Makers-IT/Security/Storage/Finance/HR/Marketing/Telecom
- From: marie.miller@xxxxxxxxxxx
- Re: netfilter - conntrack helper: nf_conntrack_proto_gre does not support IPv6.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: netfilter - conntrack helper: nf_conntrack_proto_gre does not support IPv6.
- From: Ignatius Cheng <ignatius.cheng@xxxxxxxxxxxx>
- netfilter - conntrack helper: nf_conntrack_proto_gre does not support IPv6.
- From: Ignatius Cheng <ignatius.cheng@xxxxxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- BUG -- Misplaced error messages with included files -- nftables v0.8.0
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- SV: Conntrack insertion race conditions -- any workarounds?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- SV: Conntrack insertion race conditions -- any workarounds?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: SV: SV: Conntrack insertion race conditions -- any workarounds?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- SV: SV: Conntrack insertion race conditions -- any workarounds?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Michal Kubecek <mkubecek@xxxxxxx>
- Re: SV: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- Re: SV: Conntrack insertion race conditions -- any workarounds?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- SV: Conntrack insertion race conditions -- any workarounds?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- SV: Conntrack insertion race conditions -- any workarounds?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Conntrack insertion race conditions -- any workarounds?
- From: Florian Westphal <fw@xxxxxxxxx>
- Conntrack insertion race conditions -- any workarounds?
- From: Kyle Larose <kyle@xxxxxxxxxxxx>
- Re: [PATCH v2 5/5] Put database into country subdirectory
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 5/5] Put database into country subdirectory
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH v2 5/5] Put database into country subdirectory
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
- Re: netfilter mailing list abandoned
- From: Wayne Sallee <Wayne@xxxxxxxxxxxxxxx>
- Re: netfilter mailing list abandoned
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- SV: netfilter mailing list abandoned
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: netfilter mailing list abandoned
- From: Wayne Sallee <Wayne@xxxxxxxxxxxxxxx>
- Re: netfilter mailing list abandoned
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: SV: SV: netfilter mailing list abandoned
- From: Wayne Sallee <Wayne@xxxxxxxxxxxxxxx>
- SV: SV: netfilter mailing list abandoned
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: SV: netfilter mailing list abandoned
- From: Wayne Sallee <Wayne@xxxxxxxxxxxxxxx>
- Connection tracking for bridge filtering with nftables
- From: Martin Dickopp <martin.dickopp@xxxxxxxxxxxxxx>
- SV: netfilter mailing list abandoned
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- netfilter mailing list abandoned
- From: Wayne Sallee <Wayne@xxxxxxxxxxxxxxx>
- Understanding Firewall Logs Where to learn?
- From: Wayne Sallee <Wayne@xxxxxxxxxxxxxxx>
- Conntrackd and Linux Namespaces
- From: "Pankaja Dakhane (pdakhane)" <pdakhane@xxxxxxxxx>
- nf_conntrack_sip not respecting sip_timeout? [CORRECTION]
- From: Binarus <lists@xxxxxxxxxx>
- nf_conntrack_sip not respecting sip_timeout?
- From: Binarus <lists@xxxxxxxxxx>
- Re: SV: Please review/comment my firewall script
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- nftables and matching ipsets
- From: John Ramsden <johnramsden@xxxxxxxxxx>
- [PATCH v3 1/6] geoip: store database in network byte order
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 2/6] geoip: adapt to GeoLite2 database
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 5/6] geoip: simplify handling table column names
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 4/6] geoip: add database query tool for use with ipsets
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 3/6] geoip: update man page for xt_geoip_build
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 6/6] geoip: put database into country subdirectory
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 0/6] geoip improvements
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- 2nd Attempt: Query on Conntract module and Linux Namespaces
- From: "Pankaja Dakhane (pdakhane)" <pdakhane@xxxxxxxxx>
- Re: Iptables crash when initialising hashlimit extension with init_extensions with static libs
- From: Florian Westphal <fw@xxxxxxxxx>
- Iptables crash when initialising hashlimit extension with init_extensions with static libs
- From: Heena Sirwani <heenasirwani@xxxxxxxxx>
- SV: Please review/comment my firewall script
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Conntrackd Stats High CPU usage
- From: Adam Nieścierowicz <adam.niescierowicz@xxxxxxxxxx>
- Please review/comment my firewall script
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- Re: SV: IP Spoofing
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- SV: IP Spoofing
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- IP Spoofing
- From: Stefanie Leisestreichler <stefanie.leisestreichler@xxxxxxxxxxxxxx>
- Re: Query on Conntract module and Linux Namespaces
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- Query on Conntract module and Linux Namespaces
- From: "Pankaja Dakhane (pdakhane)" <pdakhane@xxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- Re: Is udp_hdr/tcp_hdr valid in netfilters hook?
- From: Florian Westphal <fw@xxxxxxxxx>
- Is udp_hdr/tcp_hdr valid in netfilters hook?
- From: Amit Dang <dangamit@xxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- Re: cant get ftp forwarding working
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- Re: cant get ftp forwarding working
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
- Re: cant get ftp forwarding working
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
- Re: cant get ftp forwarding working
- From: Humberto Jucá <betolj@xxxxxxxxx>
- RE: cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- Re: cant get ftp forwarding working
- From: Daniel <5960761@xxxxxxxxx>
- cant get ftp forwarding working
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- Re: Linux NATting does not support NAT hole punching?
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Linux NATting does not support NAT hole punching?
- From: Robert White <rwhite@xxxxxxxxx>
- Dynamic forward rules using vmap
- From: "ad^2" <adsquaired@xxxxxxxxx>
- Problem with using nft and "ip vrf" together
- From: Anand Sundaresh Natarajan <anandsnatarajan@xxxxxxxxx>
- Re: nft add chain ... No such file or directory
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: nft add chain ... No such file or directory
- From: Christopher Baines <mail@xxxxxxxxxxx>
- Re: nft add chain ... No such file or directory
- From: Florian Westphal <fw@xxxxxxxxx>
- nft add chain ... No such file or directory
- From: Christopher Baines <mail@xxxxxxxxxxx>
- Change Source IP and source port in a stateless manner
- From: Madhusudhan Ravi <Madhusudhan.Ravi@xxxxxxxxxxxxx>
- Re: Linux NATting does not support NAT hole punching?
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
- Re: Linux NATting does not support NAT hole punching?
- Re: Linux NATting does not support NAT hole punching?
- From: Dima Kogan <dkogan@xxxxxxxxxxxxxxx>
- Re: Reject UDP Packets with nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Reject UDP Packets with nftables
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Reject UDP Packets with nftables
- From: "Williams, Gareth" <gareth@xxxxxxxxxxxxxxxxxxxx>
- Re: How to delete the rules that have been added before
- From: Florian Westphal <fw@xxxxxxxxx>
- How to delete the rules that have been added before
- From: 韩爱东 <yywfqq@xxxxxxxxxx>
- Re: Linux NATting does not support NAT hole punching?
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
- Re: Failed to run nft script with ingress hook for netdev family
- From: "Rosysong" <rosysong@xxxxxxxxxxxx>
- Re: libnl-route to implement ip route get
- From: Martin Bednar <martin@xxxxxxxxxxx>
- Re: libnl-route to implement ip route get
- From: Laura Garcia <nevola@xxxxxxxxx>
- libnl-route to implement ip route get
- From: Bednár Martin <martin@xxxxxxxxxxx>
- Re: Failed to run nft script with ingress hook for netdev family
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Failed to run nft script with ingress hook for netdev family
- From: "Rosysong" <rosysong@xxxxxxxxxxxx>
- Re: Linux NATting does not support NAT hole punching?
- From: Christian Worm Mortensen <opensource@xxxxxxxx>
- Re: [ANNOUNCE] iptables 1.8.0 release
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [ANNOUNCE] iptables 1.8.0 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Linux NATting does not support NAT hole punching?
- From: Christian Worm Mortensen <opensource@xxxxxxxx>
- [ANNOUNCE] iptables 1.8.0 release
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Netfilter hook doesn't see mDNS packets
- From: zrm <zrm@xxxxxxxxxxxxxxx>
- Netfilter hook doesn't see mDNS packets
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
- Re: nft 0.8.2 - fails start at boot since staring before iface are up
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft 0.8.2 - fails start at boot since staring before iface are up
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft 0.8.2 - fails start at boot since staring before iface are up
- From: Florian Westphal <fw@xxxxxxxxx>
- nft 0.8.2 - fails start at boot since staring before iface are up
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- SV: SV: Best practice for packet filtering
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: SV: Best practice for packet filtering
- From: darius <dram@xxxxxxxxxxx>
- SV: Best practice for packet filtering
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: --comment gives me iptables: No chain/target/match by that name.
- From: Brent Clark <brentgclarklist@xxxxxxxxx>
- ulogd 1.x 2.x deprecated, we going backwards...
- Re: --comment gives me iptables: No chain/target/match by that name.
- From: Florian Westphal <fw@xxxxxxxxx>
- SV: SV: --comment gives me iptables: No chain/target/match by that name.
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: SV: --comment gives me iptables: No chain/target/match by that name.
- From: Brent Clark <brentgclarklist@xxxxxxxxx>
- Re: Interface to set netfilter rules from a C program
- From: Robert White <rwhite@xxxxxxxxx>
- SV: --comment gives me iptables: No chain/target/match by that name.
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- --comment gives me iptables: No chain/target/match by that name.
- From: Brent Clark <brentgclarklist@xxxxxxxxx>
- Re: Best practice for packet filtering
- From: darius <dram@xxxxxxxxxxx>
- Re: Best practice for packet filtering
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Best practice for packet filtering
- From: darius <dram@xxxxxxxxxxx>
- Re: nft 0.8..2 - maps - Error: Could not process rule: Device or resource busy
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft 0.8..2 - maps - Error: Could not process rule: Device or resource busy
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft 0.8..2 - maps - Error: Could not process rule: Device or resource busy
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- RE: Interface to set netfilter rules from a C program
- From: "Johennecken, Peter" <P.Johennecken@xxxxxxxxxxx>
- Re: nft 0.8..2 - maps - Error: Could not process rule: Device or resource busy
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft 0.8..2 - maps - Error: Could not process rule: Device or resource busy
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft 0.8..2 - maps - Error: Could not process rule: Device or resource busy
- From: Florian Westphal <fw@xxxxxxxxx>
- nft 0.8.2 - literal map clashing with meter?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- nft 0.8..2 - maps - Error: Could not process rule: Device or resource busy
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- nft - maps at raw prerouting?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- RE: Interface to set netfilter rules from a C program
- From: "Johennecken, Peter" <P.Johennecken@xxxxxxxxxxx>
- Re: Interface to set netfilter rules from a C program
- From: Laura Garcia <nevola@xxxxxxxxx>
- RE: Interface to set netfilter rules from a C program
- From: "Johennecken, Peter" <P.Johennecken@xxxxxxxxxxx>
- Re: Interface to set netfilter rules from a C program
- From: Florian Westphal <fw@xxxxxxxxx>
- Interface to set netfilter rules from a C program
- From: "Johennecken, Peter" <P.Johennecken@xxxxxxxxxxx>
- Re: is nftables compatible with kernel 4.14
- From: darius <dram@xxxxxxxxxxx>
- Re: possible bug: ip6tables rpfilter filters IPv6 link local traffic
- From: Florian Westphal <fw@xxxxxxxxx>
- possible bug: ip6tables rpfilter filters IPv6 link local traffic
- From: Andreas Steinmetz <ast@xxxxxxxx>
- Re: is nftables compatible with kernel 4.14
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nf offline
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: is nftables compatible with kernel 4.14
- From: darius <dram@xxxxxxxxxxx>
- is nftables compatible with kernel 4.14
- From: darius <dram@xxxxxxxxxxx>
- Re: nf offline
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nf offline
- From: Florian Westphal <fw@xxxxxxxxx>
- SV: nf offline
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- nf offline
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft 0.8.2 - conntrack on ll with netdev
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft 0.8.2 - conntrack on ll with netdev
- From: Florian Westphal <fw@xxxxxxxxx>
- nft 0.8.2 - conntrack on ll with netdev
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft 0.8.2 - conntrack on ll with netdev
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft 0.8.2 - conntrack on ll with netdev
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft 0.8.2 - conntrack on ll with netdev
- From: Florian Westphal <fw@xxxxxxxxx>
- nft 0.8.2 - conntrack on ll with netdev
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- nft - address family hierachy
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft - address family hierachy
- From: Florian Westphal <fw@xxxxxxxxx>
- nft - address family hierachy
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft - concatenate ifaces
- From: Robert White <rwhite@xxxxxxxxx>
- Re: nft 0.8.2 - icmp missing verdict
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft 0.8.2 - icmp missing verdict
- From: Florian Westphal <fw@xxxxxxxxx>
- nft 0.8.2 - icmp missing verdict
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft - concatenate ifaces
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft - concatenate ifaces
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft - concatenate ifaces
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft - concatenate ifaces
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft - concatenate ifaces
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft - concatenate ifaces
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft - concatenate ifaces
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft - concatenate ifaces
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft version (change) history and implementation status
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: nft version (change) history and implementation status
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft version (change) history and implementation status
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- nft - concatenate ifaces
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: nft version (change) history and implementation status
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: ipt to nft translation - udp checksum fill
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: ipt to nft translation - udp checksum fill
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: ipt to nft translation - udp checksum fill
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: ipt to nft translation - udp checksum fill
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: ipt to nft translation - udp checksum fill
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: ipt to nft translation - udp checksum fill
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: ipt to nft translation - udp checksum fill
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- ipt to nft translation - udp checksum fill
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: l4proto bridge filtering
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: l4proto bridge filtering
- From: Florian Westphal <fw@xxxxxxxxx>
- nft version (change) history and implementation status
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: l4proto bridge filtering
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: l4proto bridge filtering
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: l4proto bridge filtering
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: l4proto bridge filtering
- From: Florian Westphal <fw@xxxxxxxxx>
- l4proto bridge filtering
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
- Re: Error: syntax error, unexpected table
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: helper ftp
- From: Mark Coetser <mark@xxxxxxxxxxxx>
- Re: helper ftp
- From: Ale <mystic@xxxxxx>
- helper ftp
- From: Mark Coetser <mark@xxxxxxxxxxxx>
- Re: ct helper ipv6
- From: Greg KH <greg@xxxxxxxxx>
- Re: ct helper ipv6
- From: Florian Westphal <fw@xxxxxxxxx>
- ct helper ipv6
- From: Ale <mystic@xxxxxx>
- [ANNOUNCE] nftables 0.9.0 release
- From: Florian Westphal <fw@xxxxxxxxx>
- [ANNOUNCE] libnftnl 1.1.1 release
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nftable FTP behind nat
- From: Florian Westphal <fw@xxxxxxxxx>
- nftable FTP behind nat
- From: Ale <mystic@xxxxxx>
- [SOLVED] Error: syntax error, unexpected table
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: [Arptables] How to block flooding and gratuitous arp?
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: [Arptables] How to block flooding and gratuitous arp?
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: [Arptables] How to block flooding and gratuitous arp?
- From: Alvin Lovi <alvinlovi80@xxxxxxxxx>
- Re: [Arptables] How to block flooding and gratuitous arp?
- From: "support@xxxxxxx" <support@xxxxxxx>
- Error: syntax error, unexpected table
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: DIFF between /usr/sbin/nft -f and /usr/local/sbin/nft
- From: "support@xxxxxxx" <support@xxxxxxx>
- [Arptables] How to block flooding and gratuitous arp?
- From: Alvin Lovi <alvinlovi80@xxxxxxxxx>
- Re: DIFF between /usr/sbin/nft -f and /usr/local/sbin/nft
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- DIFF between /usr/sbin/nft -f and /usr/local/sbin/nft
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: $path problem with nftables
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: $path problem with nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- fail2ban should be implemented in general
- From: "support@xxxxxxx" <support@xxxxxxx>
- $path problem with nftables
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: [WIKI][part.solved]-Example: ... rate "over" does not work.
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: [WIKI]-Example: ... rate "over" does not work.
- From: "support@xxxxxxx" <support@xxxxxxx>
- Re: [WIKI]-Example: ... rate "over" does not work.
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [WIKI]-Example: "chain global" does not work.
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- [WIKI]-Example: ... rate "over" does not work.
- From: "support@xxxxxxx" <support@xxxxxxx>
- [WIKI]-Example: "chain global" does not work.
- From: "support@xxxxxxx" <support@xxxxxxx>
- connlimit options and improvement
- From: Carlos Sola <joropito@xxxxxxxxx>
- Re: using flow offload for sip server
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: using specific ip address to restrict traffic flow on mips linux target is not permited ?
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Timeout in meters is not allowed anymore in 0.8.5
- From: Florian Westphal <fw@xxxxxxxxx>
- using specific ip address to restrict traffic flow on mips linux target is not permited ?
- From: "Rosysong" <rosysong@xxxxxxxxxxxx>
- Re: Parts of libnetfilter_queue deprecated?
- From: Daniel Thiele <dthiele@xxxxxxx>
- Re: Helper not working "No such file or directory"
- From: darius <dram@xxxxxxxxxxx>
- Re: Can anybody help me add a vmap element in a dictionary
- From: Khawar Shehzad <shehzad.khawar@xxxxxxxxx>
- Re: Timeout in meters is not allowed anymore in 0.8.5
- From: darius <dram@xxxxxxxxxxx>
- Re: Timeout in meters is not allowed anymore in 0.8.5
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Timeout in meters is not allowed anymore in 0.8.5
- From: darius <dram@xxxxxxxxxxx>
- Re: Timeout in meters is not allowed anymore in 0.8.5
- From: Florian Westphal <fw@xxxxxxxxx>
- Timeout in meters is not allowed anymore in 0.8.5
- From: darius <dram@xxxxxxxxxxx>
- Re: Parts of libnetfilter_queue deprecated?
- From: Florian Westphal <fw@xxxxxxxxx>
- Parts of libnetfilter_queue deprecated?
- From: Daniel Thiele <dthiele@xxxxxxx>
- Re: How to add tcp/udp snat in one line
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- How to add tcp/udp snat in one line
- From: Zheng konia <konianet@xxxxxxxxx>
- Re: using flow offload for sip server
- From: Sean Darcy <seandarcy2@xxxxxxxxx>
- Re: using flow offload for sip server
- From: Laura Garcia <nevola@xxxxxxxxx>
- using flow offload for sip server
- From: Sean Darcy <seandarcy2@xxxxxxxxx>
- Re: Add table of services to wiki
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Add table of services to wiki
- From: Sam Lunt <samueljlunt@xxxxxxxxx>
- Multiple programs for QUEUE target/Close Bind Queue Without Loose Packets
- From: kobi <kobi@xxxxxxxxxxxxxxxxxxxx>
- Re: Howto mangle with NFT
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Howto mangle with NFT
- From: MATT-NFT <matt-nft@xxxxxxxxxxxx>
- Re: Howto mangle with NFT
- From: Florian Westphal <fw@xxxxxxxxx>
- Howto mangle with NFT
- From: MATT-NFT <matt-nft@xxxxxxxxxxxx>
- Nftables does not work in OpenWrt?
- From: "Rosysong" <rosysong@xxxxxxxxxxxx>
- [ANNOUNCE] nftlb 0.2 release
- From: Laura Garcia Liebana <nevola@xxxxxxxxx>
- [ANNOUNCE] nftables 0.8.5 release
- From: Florian Westphal <fw@xxxxxxxxx>
- SV: iptables / conntrack - state engine question
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- SV: iptables / conntrack - state engine question
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: iptables / conntrack - state engine question
- From: Florian Westphal <fw@xxxxxxxxx>
- iptables / conntrack - state engine question
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Capacity of METERS in spoofed packets
- From: Florian Westphal <fw@xxxxxxxxx>
- Capacity of METERS in spoofed packets
- From: Renzo cHv <renzochv@xxxxxxxxxx>
- Re: iptables / connlimit with --connlimit-above allows more connections than configured
- From: Dmitry Andrianov <dmitry.andrianov@xxxxxxxxxxxx>
- Re: iptables / connlimit with --connlimit-above allows more connections than configured
- From: Florian Westphal <fw@xxxxxxxxx>
- iptables / connlimit with --connlimit-above allows more connections than configured
- From: Dmitry Andrianov <dmitry.andrianov@xxxxxxxxxxx>
- Re: [ANNOUNCE] libnftnl 1.1.0 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Masquerade replaces outgoing IP with the default route IP, not the interface IP
- From: Lars Berntzon <lars.berntzon@xxxxxxxxxxxxxxxxxxxxxxx>
- Re: NAT requires an output hook to be registered
- From: Florian Westphal <fw@xxxxxxxxx>
- RE: NAT requires an output hook to be registered
- From: Sean Darcy <seandarcy2@xxxxxxxxx>
- Re: [ANNOUNCE] libnftnl 1.1.0 release
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Various questions
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Transport protocol agnostic way to multiplex ports and forward metainfo?
- From: Florian Westphal <fw@xxxxxxxxx>
- Various questions
- From: Christian Schneider <christian@xxxxxxxx>
- Re: [ANNOUNCE] libnftnl 1.1.0 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ANNOUNCE] libnftnl 1.1.0 release
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Transport protocol agnostic way to multiplex ports and forward metainfo?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [ANNOUNCE] nftables 0.8.4 release
- From: Florian Westphal <fw@xxxxxxxxx>
- [ANNOUNCE] libnftnl 1.1.0 release
- From: Florian Westphal <fw@xxxxxxxxx>
- Transport protocol agnostic way to multiplex ports and forward metainfo?
- From: Alexander Huemer <alexander.huemer@xxxxx>
- Re: [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
- [ANNOUNCE] libnetfilter-conntrack 1.0.7 release
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- [ANNOUNCE] conntrack-tools 1.4.5 release
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Helper not working "No such file or directory"
- From: darius <dram@xxxxxxxxxxx>
- Re: Helper not working "No such file or directory"
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Helper not working "No such file or directory"
- From: darius <dram@xxxxxxxxxxx>
- Re: [PATCH v2 5/5] Put database into country subdirectory
- From: Philip Prindeville <philipp@xxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 5/5] Put database into country subdirectory
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
- Re: [PATCH v2 5/5] Put database into country subdirectory
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [PATCH v2 1/5] geoip: adapt to GeoLite2 database
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v2 4/5] Simplify handling table column names
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v2 3/5] geoip: add database query tool for use with ipsets
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v2 5/5] Put database into country subdirectory
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- [PATCH v2 2/5] geoip: update man page for xt_geoip_build
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
- Re: Helper not working "No such file or directory"
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Helper not working "No such file or directory"
- From: darius <dram@xxxxxxxxxxx>
- Re: Helper not working "No such file or directory"
- From: Florian Westphal <fw@xxxxxxxxx>
- Helper not working "No such file or directory"
- From: darius <dram@xxxxxxxxxxx>
- Re: [nftables] Deleting element from set from packet path
- From: rypervenche <sub@xxxxxxxxx>
- Re: [nftables] Deleting element from set from packet path
- From: rypervenche <sub@xxxxxxxxx>
- Re: [nftables] Deleting element from set from packet path
- [ANNOUNCE] ulogd2 2.0.7 release
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: How to use limit rate on ip address through nft command ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: How to use limit rate on ip address through nft command ?
- From: "Rosysong" <rosysong@xxxxxxxxxxxx>
- Re: How to use limit rate on ip address through nft command ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- How to use limit rate on ip address through nft command ?
- From: "黄邦浪" <rosysong@xxxxxxxxxxxx>
- Re: [nftables] Deleting element from set from packet path
- Re: [nftables] pre/postrouting chain: Could not process rule: Device or resource busy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nftables] How to rate limit 1 packet every 10 minutes
- From: rypervenche <sub@xxxxxxxxx>
- [nftables] Deleting element from set from packet path
- From: rypervenche <sub@xxxxxxxxx>
- Re: [nftables] pre/postrouting chain: Could not process rule: Device or resource busy
- From: Christian Schneider <christian@xxxxxxxx>
- Re: [nftables] pre/postrouting chain: Could not process rule: Device or resource busy
- From: Florian Westphal <fw@xxxxxxxxx>
- [nftables] pre/postrouting chain: Could not process rule: Device or resource busy
- From: Christian Schneider <christian@xxxxxxxx>
- Re: Can anybody help me add a vmap element in a dictionary
- From: Khawar Shehzad <shehzad.khawar@xxxxxxxxx>
- Re: Can anybody help me add a vmap element in a dictionary
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Can anybody help me add a vmap element in a dictionary
- From: Khawar Shehzad <shehzad.khawar@xxxxxxxxx>
- Re: Fwd: nftables ipv6 and NAT
- From: Florian Westphal <fw@xxxxxxxxx>
- Fwd: nftables ipv6 and NAT
- From: "ad^2" <adsquaired@xxxxxxxxx>
- Fw: Forward chains with different priorities
- From: matthias.krauss@xxxxxxx
- Re: Forward chains with different priorities
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- Forward chains with different priorities
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
