Linux TCP/IP Netfilter

Thread Index

[Prev Page][Next Page]

Re: connection track helpers in partially virtualized machines
- From: Christoph Pleger <christoph.pleger@xxxxxxxxxxxxxxxxxx>
Re: connection track helpers in partially virtualized machines
- From: Florian Westphal <fw@xxxxxxxxx>
connection track helpers in partially virtualized machines
- From: Christoph Pleger <christoph.pleger@xxxxxxxxxxxxxxxxxx>
[nftables] non regression tests status
- From: Maxime de Roucy <maxime.deroucy@xxxxxxxxx>
Re: Ulogd in pcap format is not logging any prefix
- From: darius <dram@xxxxxxxxxxx>
Re: Ulogd in pcap format is not logging any prefix
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
Ulogd in pcap format is not logging any prefix
- From: darius <dram@xxxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.37 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[ANNOUNCE] ipset 6.37 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Concatenation + Interval => Broken Parser or Broken Concept
- From: Robert White <rwhite@xxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
Re: nftables: first rate limit on IP, then filter on port
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: nftables: first rate limit on IP, then filter on port
- From: Alexander Dahl <ada@xxxxxxxxxxx>
Re: nftables: first rate limit on IP, then filter on port
- From: Florian Westphal <fw@xxxxxxxxx>
nftables: first rate limit on IP, then filter on port
- From: Alexander Dahl <ada@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
NAT requires an output hook to be registered
- From: Konstantinos Tsakiltzidis <ktsakiltzidis@xxxxxxxxxx>
[ANNOUNCE] 14th Netfilter Workshop in Berlin, Germany
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Meaning of network name in Iptables rules
- From: "Paul Guijt" <paul.guijt@xxxxxxxxx>
Re: Meaning of network name in Iptables rules
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
Meaning of network name in Iptables rules
- From: <paul.guijt@xxxxxxxxx>
Re: nft - no equivalency to ipset hash:port:hash for differing sized subnets
- From: Fran Fitzpatrick <francis.x.fitzpatrick@xxxxxxxxx>
Re: Nftables: timeout > 24d20h31m23s becomes 49d17h2m47s
- From: Marco De Benedetto <debe@xxxxxxxxxxx>
Re: Nftables: timeout > 24d20h31m23s becomes 49d17h2m47s
- From: nft.ml@xxxxxxxx
Nftables: timeout > 24d20h31m23s becomes 49d17h2m47s
- From: Marco De Benedetto <debe@xxxxxxxxxxx>
Re: iptables based load balancing doesn't work on lo interface
- From: salil GK <gksalil@xxxxxxxxx>
iptables based load balancing doesn't work on lo interface
- From: salil GK <gksalil@xxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
RE: Log statement seems to be not working
- From: "Raymond Burkholder" <ray@xxxxxxxxxxxxxx>
Re: Collect Flow Stats: libmnl vs libnetfilter-conntrack
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
Re: Collect Flow Stats: libmnl vs libnetfilter-conntrack
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Collect Flow Stats: libmnl vs libnetfilter-conntrack
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Yves <yves@xxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
Re: SYNPROXY, packet loss, and window sizes
- From: Joshua Vijsma / True <Joshua.Vijsma@xxxxxxx>
Re: SYNPROXY, packet loss, and window sizes
- From: Remy de Boer <remydb@xxxxxxxxxxx>
Re: defining new RELATED associations
- From: Robby Workman <robby@xxxxxxxxxxxxx>
defining new RELATED associations
- From: "Brian J. Murrell" <brian@xxxxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Darius <dram@xxxxxxxxxxx>
Re: Log statement seems to be not working
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Log statement seems to be not working
- From: darius <dram@xxxxxxxxxxx>
Re: Nft list counters is not returning anything
- From: darius <dram@xxxxxxxxxxx>
Re: Nft list counters is not returning anything
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Nft list counters is not returning anything
- From: darius <dram@xxxxxxxxxxx>
Re: nftables: device or resource busy while adding element in named sets
- From: Laura Garcia <nevola@xxxxxxxxx>
nftables: device or resource busy while adding element in named sets
- From: "Ninad N. Shaha" <ninad@xxxxxxxxxx>
RE: SYNPROXY, packet loss, and window sizes
- From: Llorente Santos Jesus <jesus.llorente.santos@xxxxxxxx>
nftables: device or resource busy while adding element in named sets
- From: Ninad <ninad@xxxxxxxxxx>
SYNPROXY, packet loss, and window sizes
- From: Remy de Boer <remydb@xxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet (what you are missing)
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Nftables Patch proposal: debug_mask propagate through cache_update() just as it is.
- From: nozzy123nozzy@xxxxxxxxx
Re: Query the verdict for a hypothetical packet (what you are missing)
- From: Robert White <rwhite@xxxxxxxxx>
Re: nft - no equivalency to ipset hash:port:hash for differing sized subnets
- From: Robert White <rwhite@xxxxxxxxx>
Re: nft - no equivalency to ipset hash:port:hash for differing sized subnets
- From: Robert White <rwhite@xxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: Robert White <rwhite@xxxxxxxxx>
nft - no equivalency to ipset hash:port:hash for differing sized subnets
- From: Fran Fitzpatrick <francis.x.fitzpatrick@xxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: How to reset package's TTL in nftables
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: Robert White <rwhite@xxxxxxxxx>
How to reset package's TTL in nftables
- From: Zheng konia <konianet@xxxxxxxxx>
Re: Nftables Patch proposal: debug_mask propagate through cache_update() just as it is.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Problem in setting up netfilter repository
- From: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
Problem in setting up netfilter repository
- From: SIMRAN SINGHAL <singhalsimran0@xxxxxxxxx>
Nftables Patch proposal: debug_mask propagate through cache_update() just as it is.
- From: nozzy123nozzy@xxxxxxxxx
Re: Query the verdict for a hypothetical packet
- From: Robert White <rwhite@xxxxxxxxx>
[PATCH v1 3/3] geoip: add database query tool for use with ipsets
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
[PATCH v1 1/3] geoip: adapt to GeoLite2 database
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
[PATCH v1 2/3] geoip: update man page for xt_geoip_build
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: Robert White <rwhite@xxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: Robert White <rwhite@xxxxxxxxx>
Re: nftables vs iptables+ipset
- From: Robert White <rwhite@xxxxxxxxx>
Re: nftables vs iptables+ipset
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
nftables vs iptables+ipset
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Merlin Büge <toni@xxxxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
RE: build tagging bridge based on SRC/DST Mac
- From: Llorente Santos Jesus <jesus.llorente.santos@xxxxxxxx>
RE: build tagging bridge based on SRC/DST Mac
- From: IMMO WETZEL <IMMO.WETZEL@xxxxxxxxxx>
build tagging bridge based on SRC/DST Mac
- From: IMMO WETZEL <IMMO.WETZEL@xxxxxxxxxx>
TCP failover doesn't work as expected
- From: Donat Zenichev <donat@xxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
[ANNOUNCE] nftables 0.8.3 release
- From: Florian Westphal <fw@xxxxxxxxx>
[ANNOUNCE] ipset 6.36 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
NAT doesn't forward TCP ACKs with sack option
- From: Mark <zxm927@xxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
nftables with two WAN, dnat not working
- From: ?????? ????? <krey@xxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Query the verdict for a hypothetical packet
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: nftables inet family not working with the type nat chain ( ip family works )
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
nftables inet family not working with the type nat chain ( ip family works )
- From: "ad^2" <adsquaired@xxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Michal Kubecek <mkubecek@xxxxxxx>
Query the verdict for a hypothetical packet
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Fwd: iptables PREROUTING to-destination hit but no hit in FORWARD (advanced)
- From: Alex Dubois <bowabos@xxxxxxxxx>
iptables PREROUTING to-destination hit but no hit in FORWARD (advanced)
- From: Alex Dubois <bowabos@xxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [ANNOUNCE] ipset 6.28 released
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: IPSET in DNAT rule
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
IPSET in DNAT rule
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
[PATCH v1 1/1] geoip: cleanup intermediate files and run quieter
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
Re: SV: using iptables to route between subnets
- From: A <publicface@xxxxxxxxxx>
Re: SV: using iptables to route between subnets
- From: A <publicface@xxxxxxxxxx>
[PATCH v1 1/1] geoip: store database in network byte order
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
SV: using iptables to route between subnets
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
Re: using iptables to route between subnets
- From: A <publicface@xxxxxxxxxx>
Re: using iptables to route between subnets
- From: zrm <zrm@xxxxxxxxxxxxxxx>
using iptables to route between subnets
- From: A <publicface@xxxxxxxxxx>
2 questions about rules for Multicast and ICMP
- From: "toml@xxxxxxx" <toml@xxxxxxx>
Re: How to check why HTTP proxy is not accessible from outside?
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
SV: How to check why HTTP proxy is not accessible from outside?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
How to check why HTTP proxy is not accessible from outside?
- From: Peng Yu <pengyu.ut@xxxxxxxxx>
xtables-addons maintainers... specifically xt_geoip
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
Re: ENOENT when adding conntrack rule
- From: "Andreas Koller" <kollergefahr@xxxxxx>
Re: ENOENT when adding conntrack rule
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
ENOENT when adding conntrack rule
- From: "Andreas Koller" <kollergefahr@xxxxxx>
Re: Unable to query reply direction with conntrack-tools / libnetfilter_conntrack
- From: Omri Bahumi <omri.il@xxxxxxxxx>
TCPMSS packet modification
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
Re: Unable to query reply direction with conntrack-tools / libnetfilter_conntrack
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Unable to query reply direction with conntrack-tools / libnetfilter_conntrack
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: linux martian packets
- From: John Ratliff <john@xxxxxxxxxxxxxx>
Unable to query reply direction with conntrack-tools / libnetfilter_conntrack
- From: Omri Bahumi <omri.il@xxxxxxxxx>
Re: linux martian packets
- From: Rob Thomas <xrobau@xxxxxxxxx>
Re: nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Merlin Büge <toni@xxxxxxxxxxxx>
Re: linux martian packets
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
linux martian packets
- From: John Ratliff <john@xxxxxxxxxxxxxx>
Re: nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
nftables: How to filter only ipv6 SSH traffic in an inet table?
- From: Merlin Büge <toni@xxxxxxxxxxxx>
How to retrieve original source address with FTP/NAT/TPROXY
- From: Gregory Vander Schueren <gregory.vanderschueren@xxxxxxxxxxxx>
Re: How to add rules to ip6/inet tables without getting unknown [invalid type] with nft list?
- From: Eric Grunt <gruntblue@xxxxxxxxx>
[ANNOUNCE] nftables 0.8.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] iptables 1.6.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: How to get rule handle when adding a rule using libnftnl?
- From: Eric Grunt <gruntblue@xxxxxxxxx>
How to add rules to ip6/inet tables without getting unknown [invalid type] with nft list?
- From: Eric Grunt <gruntblue@xxxxxxxxx>
Re: nftables set - network/netmask
- From: Hüsnü Demir <hdemir@xxxxxxxxxxx>
Re: How to get rule handle when adding a rule using libnftnl?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: How to get rule handle when adding a rule using libnftnl?
- From: Eric Grunt <gruntblue@xxxxxxxxx>
Re: How to get rule handle when adding a rule using libnftnl?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
How to get rule handle when adding a rule using libnftnl?
- From: Eric Grunt <gruntblue@xxxxxxxxx>
RE: How to trace IPSec packets?
- From: "Raymond Burkholder" <ray@xxxxxxxxxxxxxx>
Re: nftables set - network/netmask
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables set - network/netmask
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables set - network/netmask
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: nftables set - network/netmask
- From: hdemir <hdemir@xxxxxxxxxxx>
nftables set - network/netmask
- From: hdemir <hdemir@xxxxxxxxxxx>
Re: How to trace IPSec packets?
- From: Glen Huang <heyhgl@xxxxxxxxx>
Re: How to trace IPSec packets?
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: How to trace IPSec packets?
- From: Glen Huang <heyhgl@xxxxxxxxx>
Re: How to trace IPSec packets?
- From: Glen Huang <heyhgl@xxxxxxxxx>
Re: filter all outgoing frames with specific client hardware address
- From: Mark Coetser <mark@xxxxxxxxxxxx>
filter all outgoing frames with specific client hardware address
- From: IMMO WETZEL <IMMO.WETZEL@xxxxxxxxxx>
Re: How to trace IPSec packets?
- From: Glen Huang <heyhgl@xxxxxxxxx>
Re: How to trace IPSec packets?
- From: Humberto Jucá <betolj@xxxxxxxxx>
Re: How to trace IPSec packets?
- From: Glen Huang <heyhgl@xxxxxxxxx>
How to trace IPSec packets?
- From: Glen Huang <heyhgl@xxxxxxxxx>
Re: Slow 'connection refused' on REJECT rules
- From: Renaud Drousies <renaudd@xxxxxxxxx>
SV: Slow 'connection refused' on REJECT rules
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
Re: How to get conntrack statics from proc system?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Slow 'connection refused' on REJECT rules
- From: Renaud Drousies <renaudd@xxxxxxxxx>
Re: How to get conntrack statics from proc system?
- From: hdemir <hdemir@xxxxxxxxxxx>
How to get conntrack statics from proc system?
- From: hdemir <hdemir@xxxxxxxxxxx>
Re: Differences in FTP-Handling (Client-Sender) between iptables/nftables?
- From: "toml@xxxxxxx" <toml@xxxxxxx>
Re: Differences in FTP-Handling (Client-Sender) between iptables/nftables?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Differences in FTP-Handling (Client-Sender) between iptables/nftables?
- From: "toml@xxxxxxx" <toml@xxxxxxx>
question about UNDEFINE/REDEFINE
- From: David Fabian <david.fabian@xxxxxxx>
introduction
- From: Kommuru jai shankar reddy <kommurujaishankarreddy@xxxxxxxxx>
Re: Error: interval overlaps with previous one (with previously valid configuration)
- From: Jeff <jmk@xxxxxxxxxx>
Re: Error: interval overlaps with previous one (with previously valid configuration)
- From: James <vger_tracker@xxxxxxxxxxxxxx>
Re: Error: interval overlaps with previous one (with previously valid configuration)
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Error: interval overlaps with previous one (with previously valid configuration)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Error: interval overlaps with previous one (with previously valid configuration)
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Symmetric / Asymmetric Connection Tracking
- From: "Raymond Burkholder" <ray@xxxxxxxxxxxxxx>
Re: IPSET persistence on Ubuntu 16.04
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
Re: IPSET persistence on Ubuntu 16.04
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
[ANNOUNCE] nftables 0.8.1 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
NFLOG with threads
- From: icovnik <icovnik@xxxxxxxxx>
Re: IPSET persistence on Ubuntu 16.04
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
Re: IPSET persistence on Ubuntu 16.04
- From: Joerg Dorchain <joerg@xxxxxxxxxxxx>
Re: IPSET persistence on Ubuntu 16.04
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
Re: IPSET persistence on Ubuntu 16.04
- From: Mark Coetser <mark@xxxxxxxxxxxx>
ulogd2 doc
- From: volga629@xxxxxxxxxxxxx
IPSET persistence on Ubuntu 16.04
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: Dave Osbourne <dave@xxxxxxxxxxxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: Joerg Dorchain <joerg@xxxxxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: Mauro Santos <registo.mailling@xxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: Dave Osbourne <dave@xxxxxxxxxxxxxxxxxx>
Re: Using dynamic IP lists to block forwarding
- From: Joerg Dorchain <joerg@xxxxxxxxxxxx>
Using dynamic IP lists to block forwarding
- From: Dave Osbourne <dave@xxxxxxxxxxxxxxxxxx>
[ANNOUNCE] ipset 6.35 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
Re: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
Re: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: Humberto Jucá <betolj@xxxxxxxxx>
Re: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
RE: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
Re: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
RE: conntrack and ICMP echo replies not showing as ESTABLISHED
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
conntrack and ICMP echo replies not showing as ESTABLISHED
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
[ANNOUNCE] libnftnl 1.0.9 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
RE: Lots of initial TCP packets with same sequence number
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
Lots of initial TCP packets with same sequence number
- From: James <vger_tracker@xxxxxxxxxxxxxx>
OT: tracking default route
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: nftables wiki
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
nftables wiki
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: limit + log + tcp not working ?
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: limit + log + tcp not working ?
- From: Robert White <rwhite@xxxxxxxxx>
Re: limit + log + tcp not working ?
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: limit + log + tcp not working ?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Service names
- From: Jeremy Audet <ichimonji10@xxxxxxxxx>
limit + log + tcp not working ?
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: Service names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Service names
- From: Jeremy Audet <ichimonji10@xxxxxxxxx>
Service names
- From: JereBear <jerebear@xxxxxxxxxxxxxx>
Re: Nftables atomic reload at reboot
- From: Robert White <rwhite@xxxxxxxxx>
Re: Nftables atomic reload at reboot
- From: Robert White <rwhite@xxxxxxxxx>
Re: Nftables atomic reload at reboot
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Nftables atomic reload at reboot
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Nftables atomic reload at reboot
- From: Jeff <jarvis@xxxxxxxxxx>
debug a --connlimit-above rule
- From: Toralf Förster <toralf.foerster@xxxxxx>
[conntrack-tools] - Multiple Routing Tables
- From: Isabell Cowan <izzi@xxxxxxxxxxx>
RE: SNMP mangling anybody?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
RE: SNMP mangling anybody?
- From: "FAIR, ED" <ef7193@xxxxxxx>
RE: SNMP mangling anybody?
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
RE: SNMP mangling anybody?
- From: "FAIR, ED" <ef7193@xxxxxxx>
Re: SNMP mangling anybody?
- From: Robert White <rwhite@xxxxxxxxx>
RE: SNMP mangling anybody?
- From: "FAIR, ED" <ef7193@xxxxxxx>
Re: CGNAT - Deterministic port ranges RFC7422
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
netfilter, libiptc and QUEUEing
- From: mat rowlands <mat@xxxxxxxxxxxxx>
Re: SNMP mangling anybody?
- From: Robert White <rwhite@xxxxxxxxx>
RE: SNMP mangling anybody?
- From: "FAIR, ED" <ef7193@xxxxxxx>
How to reduce insert_failed error on conntrack ?
- From: Max Laverse <max@xxxxxxxxxxx>
RE: SNMP mangling anybody?
- From: "FAIR, ED" <ef7193@xxxxxxx>
Re: SNMP mangling anybody?
- From: Robert White <rwhite@xxxxxxxxx>
SNMP mangling anybody?
- From: "FAIR, ED" <ef7193@xxxxxxx>
CGNAT - Deterministic port ranges RFC7422
- From: Rafael Ganascim <rganascim@xxxxxxxxx>
Re: [Fwd: How to enable Xen VM traffic using nft]
- From: Leonardo Bruno <leonardo@xxxxxxxxxx>
Re: packages leaving interface wrongly using loadbalance
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: Why is the bugzilla private?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Ingress by adapter group ID instead of just adapter?
- From: Robert White <rwhite@xxxxxxxxx>
Why is the bugzilla private?
- From: Louis Sautier <sautier.louis@xxxxxxxxx>
Re: Counters for individual elements in maps and sets?
- From: Raymond Burkholder <ray@xxxxxxxxxxxxxx>
Re: Counters for individual elements in maps and sets?
- From: Tomas Mudrunka <mudrunka@xxxxxxxxx>
Re: [Fwd: How to enable Xen VM traffic using nft]
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Counters for individual elements in maps and sets?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
ipset support for nftables?
- From: Thomas Winter <Thomas.Winter@xxxxxxxxxxxxxxxxxxx>
Re: [Fwd: How to enable Xen VM traffic using nft]
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: packages leaving interface wrongly using loadbalance
- From: paulo bruck <paulobruck1@xxxxxxxxx>
[Fwd: How to enable Xen VM traffic using nft]
- From: Leonardo Bruno <leonardo@xxxxxxxxxx>
Re: packages leaving interface wrongly using loadbalance
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: packages leaving interface wrongly using loadbalance
- From: Mark Coetser <mark@xxxxxxxxxxxx>
Re: packages leaving interface wrongly using loadbalance
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: Counters for individual elements in maps and sets?
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: packages leaving interface wrongly using loadbalance
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Counters for individual elements in maps and sets?
- From: Tomas Mudrunka <mudrunka@xxxxxxxxx>
packages leaving interface wrongly using loadbalance
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Is libnetfilter_queue works in container?
- From: Muneyuki KAWATANI <kawatani.muneyuki@xxxxxxxxxxxxx>
Why NFQUEUE doesn't use source port number on hashing.
- From: Muneyuki KAWATANI <kawatani.muneyuki@xxxxxxxxxxxxx>
Re: Traffic shaping with nftables maps and tc
- From: Tomas Mudrunka <mudrunka@xxxxxxxxx>
Re: Traffic shaping with nftables maps and tc
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Matching daddr and saddr in single rule?
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Matching daddr and saddr in single rule?
- From: Tomas Mudrunka <mudrunka@xxxxxxxxx>
Re: Traffic shaping with nftables maps and tc
- From: Tomas Mudrunka <mudrunka@xxxxxxxxx>
Re: Traffic shaping with nftables maps and tc
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Traffic shaping with nftables maps and tc
- From: Tomas Mudrunka <mudrunka@xxxxxxxxx>
Traffic shaping with nftables maps and tc
- From: Tomas Mudrunka <mudrunka@xxxxxxxxx>
HW accelerated DPI hardware and software for module x86 ?
- From: Jan Rovner <jan.rovner@xxxxxxxxxx>
How to enable Xen VM traffic using nft
- From: Leonardo Bruno <leonardo@xxxxxxxxxx>
Re: How to enable jhash for nftables v0.8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: How to enable jhash for nftables v0.8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: How to enable jhash for nftables v0.8
- From: Laura García Liébana <laura.garcia@xxxxxxxxxxx>
How to enable jhash for nftables v0.8
- From: Zheng konia <konianet@xxxxxxxxx>
Re: CONNMARK not working ?
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: Is "--ctstate RELATED" deprecated ?
- From: Knute Johnson <groups@xxxxxxxxxxxx>
Re: CONNMARK not working ?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Is "--ctstate RELATED" deprecated ?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Is "--ctstate RELATED" deprecated ?
- From: marcfun@xxxxxxx
nfqueue "match"
- From: James <vger_tracker@xxxxxxxxxxxxxx>
CONNMARK not working ?
- From: paulo bruck <paulobruck1@xxxxxxxxx>
What is the best way to contribute to wiki.nftables.org?
- From: "Frank A. Cancio Bello" <frank@xxxxxxxxxxxxxxxxxxxxxx>
Re: conntrack and NAT rules behaviour on return path
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: conntrack and NAT rules behaviour on return path
- From: modano <modano@xxxxxxxxx>
Re: conntrack and NAT rules behaviour on return path
- From: zrm <zrm@xxxxxxxxxxxxxxx>
conntrack and NAT rules behaviour on return path
- From: LB <netfilter@xxxxxxxxx>
Re: Can I use iptables instead of hosts to block adservers?
- From: Imran Geriskovan <imran.geriskovan@xxxxxxxxx>
Re: Can I use iptables instead of hosts to block adservers?
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: Can I use iptables instead of hosts to block adservers?
- From: Jean Weisbuch <jean@xxxxxxxxxx>
Can I use iptables instead of hosts to block adservers?
- From: "Walter Dnes" <waltdnes@xxxxxxxxxxxx>
Re: Probably bug detected with ip6tables in CentOS6 ...
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Probably bug detected with ip6tables in CentOS6 ...
- From: "Walter H." <Walter.H@xxxxxxxxxxxxxxxxx>
Re: Probably bug detected with ip6tables ...
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: Probably bug detected with ip6tables ...
- From: "Walter H." <Walter.H@xxxxxxxxxxxxxxxxx>
Re: Probably bug detected with ip6tables ...
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Probably bug detected with ip6tables ...
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
Re: [ANNOUNCE] libnftnl 1.0.8 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
[ANNOUNCE] nftables 0.8 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] libnftnl 1.0.8 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
nftables equivalent for ebtables BROUTING trick?
- From: "Deposite Pirate" <dpirate@xxxxxxxxxxxxxxx>
Re: Why I can not use physdev module on iptables POSTROUTING chain?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Will Sewell <me@xxxxxxxxxxxxxx>
Why I can not use physdev module on iptables POSTROUTING chain?
- From: İbrahim Ercan <ibrahim.metu@xxxxxxxxx>
Re: [nftables][ipv6] Header examination
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Possible nftables U32 equivalent to read packet's data contents
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Will Sewell <me@xxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Will Sewell <me@xxxxxxxxxxxxxx>
Re: [nftables][ipv6] Header examination
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Will Sewell <me@xxxxxxxxxxxxxx>
[nftables][ipv6] Header examination
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Will Sewell <me@xxxxxxxxxxxxxx>
Nftables bridge interface redirect to local machine
- From: "Evan Davies" <evan.davies@xxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why are two hash tuples stored for each connection in the connection tracking system?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Why are two hash tuples stored for each connection in the connection tracking system?
- From: Will Sewell <me@xxxxxxxxxxxxxx>
[ANNOUNCE] ipset 6.34 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Blog post: Per-IP rate limiting with iptables
- From: Will Sewell <me@xxxxxxxxxxxxxx>
Re: How to use Netlink to create a concatination based verdict-map element in nftables?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: IPtables and HTTP/2-Push?
- From: "Walter H." <Walter.H@xxxxxxxxxxxxxxxxx>
Re: IPtables and HTTP/2-Push?
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
Re: IPtables and HTTP/2-Push?
- From: Imran Geriskovan <imran.geriskovan@xxxxxxxxx>
How to use Netlink to create a concatination based verdict-map element in nftables?
- From: khawar shehzad <shehzad.khawar@xxxxxxxxx>
IPtables and HTTP/2-Push?
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
[ANNOUNCE] ipset 6.33 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: "Thomas Rosenstein" <thomas.rosenstein@xxxxxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: "Thomas Rosenstein" <thomas.rosenstein@xxxxxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: "Thomas Rosenstein" <thomas.rosenstein@xxxxxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: "Thomas Rosenstein" <thomas.rosenstein@xxxxxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: NFLOG Performance issues ...
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: "Thomas Rosenstein" <thomas.rosenstein@xxxxxxxxxxxxxxxx>
Re: Change source or destination for packets arriving locally (for Direct Server Return)
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: An article on writing custom expression for nftables
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
An article on writing custom expression for nftables
- From: Xiang Gao <qasdfgtyuiop@xxxxxxxxx>
Re: nftables: difference between "meta l4proto tcp" and "ip protocol tcp"
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: nftables: difference between "meta l4proto tcp" and "ip protocol tcp"
- From: Louis Sautier <sautier.louis@xxxxxxxxx>
Re: nftables: difference between "meta l4proto tcp" and "ip protocol tcp"
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Change source or destination for packets arriving locally (for Direct Server Return)
- From: "Thomas Rosenstein" <thomas.rosenstein@xxxxxxxxxxxxxxxx>
nftables: difference between "meta l4proto tcp" and "ip protocol tcp"
- From: Louis Sautier <sautier.louis@xxxxxxxxx>
RE: Possible nftables U32 equivalent to read packet's data contents
- From: Raul Martinez <mraul@xxxxxxxxxxxxxxxx>
Re: NFLOG Performance issues ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: Possible nftables U32 equivalent to read packet's data contents
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: NFLOG Performance issues ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
RE: Possible nftables U32 equivalent to read packet's data contents
- From: Raul Martinez <mraul@xxxxxxxxxxxxxxxx>
Re: Possible nftables U32 equivalent to read packet's data contents
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: NFLOG Performance issues ...
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: NFLOG Performance issues ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: NFCT writing localhost conntrack entries too
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Possible nftables U32 equivalent to read packet's data contents
- From: Raul Martinez <mraul@xxxxxxxxxxxxxxxx>
Re: NFCT writing localhost conntrack entries too
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
NFLOG Performance issues ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Getting "OUT OF ORDER" error
- From: pradeep <pradeep.malke@xxxxxxxxxxxxxxxxx>
Re: Can't override filter section OUTPUT DROP / INPUT DROP Policy
- From: gazoxtapod <gazoxtapod@xxxxxxxxxxxxxx>
[nftables][git] Current nftables HEAD requires new version of libnftnl
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Can't override filter section OUTPUT DROP / INPUT DROP Policy
- From: netfilter@xxxxxxxxxxxx
Re: Can't override filter section OUTPUT DROP / INPUT DROP Policy
- From: netfilter@xxxxxxxxxxxx
Can't override filter section OUTPUT DROP / INPUT DROP Policy
- From: gazoxtapod <gazoxtapod@xxxxxxxxxxxxxx>
dup to gretap
- From: Ben Higgins <bhiggins@xxxxxxxxx>
Re: NFTABLES - Can we do filtering based on SRC address before doing DNAT
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Empirically determined limits on identifier name length
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: IPtables and String Match
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
NFCT writing localhost conntrack entries too
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
IPtables and String Match
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
NFTABLES - Can we do filtering based on SRC address before doing DNAT
- From: khawar shehzad <shehzad.khawar@xxxxxxxxx>
Re: Create set and/or chain accessible across multiple tables
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Hints needed to find causes of non-specific error messages
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Empirically determined limits on identifier name length
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Stateful objects and nft version
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Stateful objects and nft version
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Re: Empirically determined limits on identifier name length
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Empirically determined limits on identifier name length
- From: Jeff Kletsky <jmk@xxxxxxxxxx>
Re: Hints needed to find causes of non-specific error messages
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Hints needed to find causes of non-specific error messages
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Hints needed to find causes of non-specific error messages
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Create set and/or chain accessible across multiple tables
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Stateful objects and nft version
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
does nftable support double tagging vlan?‏‏‏‏
- From: Omer Anisfeld <omer.a26@xxxxxxxxx>
Re: Create set and/or chain accessible across multiple tables
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Create set and/or chain accessible across multiple tables
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Create set and/or chain accessible across multiple tables
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Diagnosing "Error: NAT is only supported for IPv4/IPv6"
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: "Test" mode for nft?
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Re: Diagnosing "Error: NAT is only supported for IPv4/IPv6"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Diagnosing "Error: NAT is only supported for IPv4/IPv6"
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: IPv6: unknown packet logged ...
- From: Mark Coetser <mark@xxxxxxxxxxxx>
Re: IPv6: unknown packet logged ...
- From: "Walter H." <Walter.H@xxxxxxxxxxxxxxxxx>
Re: IPv6: unknown packet logged ...
- From: Mark Coetser <mark@xxxxxxxxxxxx>
Re: IPv6: unknown packet logged ...
- From: "Walter H." <Walter.H@xxxxxxxxxxxxxxxxx>
Re: IPv6: unknown packet logged ...
- From: Mark Coetser <mark@xxxxxxxxxxxx>
Re: IPv6: unknown packet logged ...
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
Re: IPv6: unknown packet logged ...
- From: Mark Coetser <mark@xxxxxxxxxxxx>
IPv6: unknown packet logged ...
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
Diagnosing "Error: NAT is only supported for IPv4/IPv6"
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: "Test" mode for nft?
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: "Test" mode for nft?
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: "Test" mode for nft ?
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
"Test" mode for nft?
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Unable to create set -- neftilter v0.5 on Ubuntu
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Why can't we use DNAT in the INPUT Chain?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why can't we use DNAT in the INPUT Chain?
- From: khawar shehzad <shehzad.khawar@xxxxxxxxx>
Re: Unable to create set -- neftilter v0.5 on Ubuntu
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Unable to create set -- neftilter v0.5 on Ubuntu
- From: Jeff Kletsky <netfilter@xxxxxxxxxxxx>
Re: Why can't we use DNAT in the INPUT Chain?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Failure with autogen.sh when building libnftnl
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Failure with autogen.sh when building libnftnl
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Re: Why can't we use DNAT in the INPUT Chain?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why can't we use DNAT in the INPUT Chain?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Why can't we use DNAT in the INPUT Chain?
- From: khawar shehzad <shehzad.khawar@xxxxxxxxx>
Re: Why can't we use DNAT in the INPUT Chain?
- From: /dev/rob0 <rob0@xxxxxxxxx>
Why can't we use DNAT in the INPUT Chain?
- From: khawar shehzad <shehzad.khawar@xxxxxxxxx>
Omission in wiki.nftables.org
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Question regarding flow table selectors
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Re: [PATCH] man: use https for wiki link
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] man: use https for wiki link
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: nft and sip with debian 9 stretch
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: nft and sip with debian 9 stretch
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Using sets for protocols ?
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Re: Question regarding meta skuid
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Re: Netfilter Study material
- From: Raymond Burkholder <ray@xxxxxxxxxxxxxx>
Re: Bridge Logging
- From: "Chris" <chris2014@xxxxxxxxxxx>
How to Filtering and Queue the Packets of a Process using Iptable
- From: "Moh'd Reza Abbasi" <mr.mrabbasi@xxxxxxxxx>
Netfilter Study material
- From: Sina Owolabi <notify.sina@xxxxxxxxx>
Bridge Logging
- From: "Chris" <chris2014@xxxxxxxxxxx>
Re: Error in IPSET : Unknown argument `skbinfo'
- From: /dev/rob0 <rob0@xxxxxxxxx>
Re: Error in IPSET : Unknown argument `skbinfo'
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: Error in IPSET : Unknown argument `skbinfo'
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Error in IPSET : Unknown argument `skbinfo'
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
Re: nft and sip with debian 9 stretch
- From: Eric Leblond <eric@xxxxxxxxx>
nft and sip with debian 9 stretch
- From: Marc Neudorfer <marc.neudorfer@xxxxxxxxxxxxxxxxx>
Re: LXC and netfilter log
- From: aeris <aeris@xxxxxxxxxx>
Re: Error on wiki.nftables.org
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: Using sets for protocols ?
- From: Eric Leblond <eric@xxxxxxxxx>
Error on wiki.nftables.org
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Using sets for protocols ?
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Question regarding meta skuid
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
[PATCH] man: use https for wiki link
- From: Daniel Kahn Gillmor <dkg@xxxxxxxxxxxxxxxxx>
Re: Routing some packets different?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Routing some packets different?
- From: "Walter H." <Walter.H@xxxxxxxxxxxxxxxxx>
Re: Question regarding nft and tables
- From: Anatole Denis <anatole@xxxxxxxxx>
Re: LXC and netfilter log
- From: Michal Kubecek <mkubecek@xxxxxxx>
LXC and netfilter log
- From: aeris <aeris@xxxxxxxxxx>
Ampersand operator in wiki
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
Question regarding nft and tables
- From: J Doe <general@xxxxxxxxxxxxxxxxx>
tc show rate over ceil value
- From: "Paolo Malfatti" <paolo@xxxxxxxx>
Adding verdict-map elements with concatenation using C
- From: khawar shehzad <shehzad.khawar@xxxxxxxxx>
Re: recent module in nftables
- From: Perry Thompson <contact@xxxxxxxxx>
Transport protocol agnostic way to multiplex ports and forward metainfo?
- From: Alexander Huemer <alexander.huemer@xxxxx>
Re: recent module in nftables
- From: Martin Bednar <martin@xxxxxxxxxxx>
Re: recent module in nftables
- From: James <vger_tracker@xxxxxxxxxxxxxx>
Re: recent module in nftables
- From: /dev/rob0 <rob0@xxxxxxxxx>
recent module in nftables
- From: Perry Thompson <contact@xxxxxxxxx>
Re: conntrackd exits during failover when there are around 30000 connections
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
RE: conntrackd exits during failover when there are around 30000 connections
- From: "PATEL, SAMEER" <sameer.patel@xxxxxxxxxxx>
Re: conntrackd exits during failover when there are around 30000 connections
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: User defined chains to reduce/make more readable
- From: /dev/rob0 <rob0@xxxxxxxxx>
RE: conntrackd exits during failover when there are around 30000 connections
- From: "PATEL, SAMEER" <sameer.patel@xxxxxxxxxxx>
User defined chains to reduce/make more readable
- From: "Walter H." <walter.h@xxxxxxxxxxxxxxxxx>
Re: conntrackd exits during failover when there are around 30000 connections
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
conntrackd exits during failover when there are around 30000 connections
- From: "PATEL, SAMEER" <sameer.patel@xxxxxxxxxxx>
Re: quick cut-over iptables to firewalld
- From: /dev/rob0 <rob0@xxxxxxxxx>
Re: quick cut-over iptables to firewalld
- From: iptables@xxxxxxxxxxx
quick cut-over iptables to firewalld
- From: iptables@xxxxxxxxxxx
Questionable cBPF behaviour
- From: i.chudov@xxxxxxxxxxxx
Re: FTP NAT fails after kernel upgrade
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
Re: FTP NAT fails after kernel upgrade
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
Re: FTP NAT fails after kernel upgrade
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
Re: FTP NAT fails after kernel upgrade
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
Re: What wrong with snat in nftables?
- From: sorcus@xxxxxxxxxxx
Re: FTP NAT fails after kernel upgrade
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
RE: Distinguishing NAT(PAT) inbound frames when using IPsec Transport mode from multiple NAT(PAT) systems
- From: "Rajcan, Steven L" <Steven.Rajcan@xxxxxxxxxx>
Re: FTP NAT fails after kernel upgrade
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
[ANNOUNCE]: New Coreteam Member Arturo Borrero
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: What wrong with snat in nftables?
- From: sorcus@xxxxxxxxxxx
Re: FTP NAT fails after kernel upgrade
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
RE: Distinguishing NAT(PAT) inbound frames when using IPsec Transport mode from multiple NAT(PAT) systems
- From: "Rajcan, Steven L" <Steven.Rajcan@xxxxxxxxxx>
Re: What wrong with snat in nftables?
- From: sorcus@xxxxxxxxxxx
FTP NAT fails after kernel upgrade
- From: Bruno de Paula Larini <bruno.larini@xxxxxxxxxxxxxx>
Re: Distinguishing NAT(PAT) inbound frames when using IPsec Transport mode from multiple NAT(PAT) systems
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
Re: Distinguishing NAT(PAT) inbound frames when using IPsec Transport mode from multiple NAT(PAT) systems
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
Distinguishing NAT(PAT) inbound frames when using IPsec Transport mode from multiple NAT(PAT) systems
- From: "Rajcan, Steven L" <Steven.Rajcan@xxxxxxxxxx>
Re: What wrong with snat in nftables?
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
Re: cgroup match failing for synack packets
- From: Robert White <rwhite@xxxxxxxxx>
cgroup match failing for synack packets
- From: Amit Limaye <amit.limaye@xxxxxxxxx>
What wrong with snat in nftables?
- From: sorcus@xxxxxxxxxxx
Netfilter performance test dnat and forwarding
- From: Sharma Ganesh <ganesh.sharma@xxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Userspace HMARK sanity check?
- From: Joel Krauska <joel@xxxxxxxxxxx>
Re: Why is --in-interface illegal in POSTROUTING?
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Input interface not showing in iptables-save for mangle table
- From: Stuart Bailey <Stuart.Bailey@xxxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: K <netfilter@xxxxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Why is --in-interface illegal in POSTROUTING?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Hairpin NAT - possible without packet marking?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Øyvind Kaurstad <oyvind@xxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Øyvind Kaurstad <oyvind@xxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Øyvind Kaurstad <oyvind@xxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Robert White <rwhite@xxxxxxxxx>
Re: Full NAT forward and source routing - possible without packet marking?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Full NAT forward and source routing - possible without packet marking?
- From: Øyvind Kaurstad <oyvind@xxxxxxxxxx>
[ANNOUNCE] Netfilter (+folks) userday in Faro, Portugal (Monday, July 3th)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
How to translate iptables hitcount to nftables?
- From: Samuel Williams <space.ship.traveller@xxxxxxxxx>
Re: How to count access attempts per ip and block automatically
- From: Robert White <rwhite@xxxxxxxxx>
How to count access attempts per ip and block automatically
- From: evan <composingmotion@xxxxxxxxx>
nfqueue -> Net::Frame::Layer::ETH? (Perl)
- From: James <vger_tracker@xxxxxxxxxxxxxx>
Server for reordering of NAT packets
- From: Ran Shalit <ranshalit@xxxxxxxxx>
Re: nft list ruleset miss nat config information
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
nft list ruleset miss nat config information
- From: Zheng konia <konianet@xxxxxxxxx>
Re: regression: nf_conntrack_sip: kernel BUG at ../net/netfilter/nf_conntrack_helper.c:384! since linux 4.8
- From: Juergen Schmidt <abcdmail@xxxxxxxxxx>
Re: regression: nf_conntrack_sip: kernel BUG at ../net/netfilter/nf_conntrack_helper.c:384! since linux 4.8
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: regression: nf_conntrack_sip: kernel BUG at ../net/netfilter/nf_conntrack_helper.c:384! since linux 4.8
- From: Juergen Schmidt <abcdmail@xxxxxxxxxx>
regression: nf_conntrack_sip: kernel BUG at ../net/netfilter/nf_conntrack_helper.c:384! since linux 4.8
- From: Juergen Schmidt <abcdmail@xxxxxxxxxx>
Re: About nftable nat rule
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: About nftable nat rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: About nftable nat rule
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
Re: About nftable nat rule
- From: Zheng konia <konianet@xxxxxxxxx>
Re: About nftable nat rule
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx>
About nftable nat rule
- From: Zheng konia <konianet@xxxxxxxxx>
Re: Question on redirection & circumvention reporting
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Question on redirection & circumvention reporting
- From: Thomas Delrue <delrue.thomas@xxxxxxxxx>
Re: nftables: response of nft is rising
- From: Alexander Meinhardt <alexander.meinhardt@xxxxxxxxx>
Re: nf_conntrack_max values
- From: Thomas Bätzler <t.baetzler@xxxxxxxxxx>
nf_conntrack_max values
- From: i.chudov@xxxxxxxxxxxx
[Question/Bug?] Translating ebtables/iptables nat to nftables
- From: Bluec0re <nftables@xxxxxxxxxxx>
RE: Multicast does not work on ebtables
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
Re: Multicast does not work on ebtables
- From: xiegaofeng@xxxxxxxxxxxxx
RE: Multicast does not work on ebtables
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
RE: Multicast does not work on ebtables
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
nftables: Request for comments - packet flow diagram
- From: Maxime de Roucy <maxime.deroucy@xxxxxxxxx>
Re: Fwd: Accept nftables statement doesn't prevent lower priority chains for same hook from execution
- From: Robert White <rwhite@xxxxxxxxx>
Multicast does not work on ebtables
- From: xiegaofeng@xxxxxxxxxxxxx
Fwd: Accept nftables statement doesn't prevent lower priority chains for same hook from execution
- From: Vladimir Lebedev <zeronineseven@xxxxxxxxx>
nftables: arp forward
- From: Maxime de Roucy <maxime.deroucy@xxxxxxxxx>
Re: ulogd start script
- From: Robert White <rwhite@xxxxxxxxx>
Re: PPTP passthrough
- From: Robert White <rwhite@xxxxxxxxx>
Re: PPTP passthrough
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
Re: ulogd start script
- From: Darshan Ghumare <darshan.ghumare@xxxxxxxxx>
Re: PPTP passthrough
- From: "Rob Sterenborg (Lists)" <lists@xxxxxxxxxxxxxxx>
Re: PPTP passthrough
- From: "Rob Sterenborg (Lists)" <lists@xxxxxxxxxxxxxxx>
Re: PPTP passthrough
- From: "Steven O'Connor" <steven@xxxxxxxxxxx>
Re: PPTP passthrough
- From: "Steven O'Connor" <steven@xxxxxxxxxxx>
Re: middleman Raspberry Pi wired to wifi configuration
- From: Jeremy Hansen <jeremy@xxxxxxxxxxxxx>
Re: middleman Raspberry Pi wired to wifi configuration
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: PPTP passthrough
- From: "Rob Sterenborg (lists)" <lists@xxxxxxxxxxxxxxx>
middleman Raspberry Pi wired to wifi configuration
- From: Jeremy Hansen <jeremy@xxxxxxxxxxxxx>
Re: PPTP passthrough
- From: Robert White <rwhite@xxxxxxxxx>
PPTP passthrough
- From: "Steven O'Connor" <steven@xxxxxxxxxxx>
ulogd start script
- From: Darshan Ghumare <darshan.ghumare@xxxxxxxxx>
Need help simplifying network setup
- From: Netfilter Subscription <netfilter@xxxxxxxxxxx>
Re: SYN packet "disappears"
- From: Kevin <kmg952@xxxxxxxxxxx>
Re: SYN packet "disappears"
- From: Robert White <rwhite@xxxxxxxxx>
Re: SYN packet "disappears"
- From: Kevin <kmg952@xxxxxxxxxxx>
Re: SYN packet "disappears"
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
Re: SYN packet "disappears"
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
SYN packet "disappears"
- From: Kevin <kmg952@xxxxxxxxxxx>
RE: Getting rid of false ULOG events once and for all
- From: André Paulsberg-Csibi (IBM Consultant) <Andre.Paulsberg-Csibi@xxxxxxxx>
Getting rid of false ULOG events once and for all
- From: Luescher Claude <stargate@xxxxxxxx>
Is it possible to use ipset match in conntrack module?
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Re: nftables: response of nft is rising
- From: Alexander Meinhardt <alexander.meinhardt@xxxxxxxxx>
Re: nftables: response of nft is rising
- From: Robert White <rwhite@xxxxxxxxx>
nftables: response of nft is rising
- From: Alexander Meinhardt <alexander.meinhardt@xxxxxxxxx>
ulogd2 - missing local.hostname
- From: Jochen Dehm <jochen.dehm@xxxxxxxxxx>
nftables: packet payload
- From: as Bari <rondowheel@xxxxxxxxx>
Re: Help/guidance with automatic CT helper assignment
- From: Mauro Santos <registo.mailling@xxxxxxxxx>
Re: Help/guidance with automatic CT helper assignment
- From: Mauro Santos <registo.mailling@xxxxxxxxx>
Re: Help/guidance with automatic CT helper assignment
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
Help/guidance with automatic CT helper assignment
- From: Mauro Santos <registo.mailling@xxxxxxxxx>
Re: Open Ports for Mosh
- From: Robert White <rwhite@xxxxxxxxx>
Open Ports for Mosh
- From: Josh Burghandy <kid1000002000@xxxxxxxxx>
label info missing in conntrack -E output
- From: Pavithra Ramesh <pavithra@xxxxxxxxxxxxxxxxxx>
(suggestion) A common verb for all "inet_service" protocols would be nice and efficient
- From: Robert White <rwhite@xxxxxxxxx>
Re: NFT NAT rule did not take action on the incoming traffics.
- From: Robert White <rwhite@xxxxxxxxx>
NFT NAT rule did not take action on the incoming traffics.
- From: Sun Paul <paulrbk@xxxxxxxxx>
xt_socket.c only PRE_ROUTING and LOCAL_IN hooks
- From: Matt Rivet <mattr@xxxxxxxxxxxxxx>
ANNOUNCE: netdev 2.1 conference Schedule out!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Conntrackd failover problem
- From: Hüseyin ÇOTUK <hcotuk@xxxxxxxxx>
Re: Problem with ipset and --in-interface
- From: Robert White <rwhite@xxxxxxxxx>
Re: Problem with ipset and --in-interface
- From: Nick Howitt <nick@xxxxxxxxxxxxx>
Re: Problem with ipset and --in-interface
- From: Robert White <rwhite@xxxxxxxxx>
Re: Allow connection on specific port only when other port is used
- From: Robert White <rwhite@xxxxxxxxx>
Allow connection on specific port only when other port is used
- From: "Sam Basan" <sbasan@xxxxxxxxx>
[Netdev ANNOUNCE]: New sponsors and workshop workshop accepted
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Problem with ipset and --in-interface
- From: Nick Howitt <nick@xxxxxxxxxxxxx>
[Netdev ANNOUNCE]: New talk accepted debug pipe
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: TCP flags syntax in nftables
- From: Robert White <rwhite@xxxxxxxxx>
[ANNOUNCE]: New sponsor and accepted talk
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: Kernel panic when using IPset with counters
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
TCP flags syntax in nftables
- From: Brian Filipek <bfilipek@xxxxxxxxxxxxxxxxxxxx>
Kernel panic when using IPset with counters
- From: Scott Bonar <sbonar@xxxxxxxxx>
Re: (discussion) Why are "flow tables" syntactically unique?
- From: Robert White <rwhite@xxxxxxxxx>
[Netdev] ANNOUNCE: New silver sponsor!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: (discussion) Why are "flow tables" syntactically unique?
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: (discussion) Why are "flow tables" syntactically unique?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables: vmaps and atomic update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables: vmaps and atomic update
- From: Andreas Schultz <aschultz@xxxxxxxx>
Question: Why can't non-hooked chains have policies?
- From: Robert White <rwhite@xxxxxxxxx>
Re: nftables: vmaps and atomic update
- From: Robert White <rwhite@xxxxxxxxx>
nftables: vmaps and atomic update
- From: Andreas Schultz <aschultz@xxxxxxxx>
[Netdev ANNOUNCE]: Two new talks on network emulators and zero copy sendmsg
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [NetDev-tech] [NetDev] [Netdev ANNOUNCE]: New tc workshop accepted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [NetDev] [Netdev ANNOUNCE]: New tc workshop accepted
- From: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>
[Netdev ANNOUNCE]: New tc workshop accepted
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Can't see IP address for a redirection in nft list table output
- From: Edoardo Panfili <edoardo@xxxxxxxx>
ANNOUNCE: New talk accepted! Droplet: DDoS countermeasures powered by BPF + XDP
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [NetDev] [NetDev-tech] ANNOUNCE: New sponsor Netronome
- From: Alexander Alemayhu <alexander@xxxxxxxxxxxx>
Re: [NetDev-tech] [NetDev] ANNOUNCE: New sponsor Netronome
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [NetDev-tech] [NetDev] ANNOUNCE: New sponsor Netronome
- From: Alexis Green <agreen@xxxxxxxxxxxxx>
Re: [NetDev-tech] [NetDev] ANNOUNCE: New sponsor Netronome
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [NetDev-tech] [NetDev] ANNOUNCE: New sponsor Netronome
- From: Amine Aouled Hamed <amine.ahd@xxxxxxxxx>
Re: [NetDev] ANNOUNCE: New sponsor Netronome
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
ANNOUNCE: New talk accepted on TCP algorithms performance on wireless LTE networks
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: [NetDev] ANNOUNCE: New sponsor Netronome
- From: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>
Re: ANNOUNCE: New sponsor Netronome
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: ANNOUNCE: New sponsor Netronome
- From: Amine Aouled Hamed <amine.ahd@xxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]