Linux TCP/IP Netfilter
[Prev Page][Next Page]
- nftables DNAT not working
- From: palica <palica+netfiler@xxxxxxxxxx>
- Re: Re: Re: nft 'script' not working
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Aw: Re: Re: nft 'script' not working
- From: giorgio.nicole@xxxxxxxx
- Re: Re: nft 'script' not working
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Aw: Re: nft 'script' not working
- From: giorgio.nicole@xxxxxxxx
- Re: How to use NFT inet sets???
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- How to use NFT inet sets???
- From: "sabitov@xxxxxxxxxx" <sabitov@xxxxxxxxxx>
- Re: nft 'script' not working
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- nft 'script' not working
- From: giorgio.nicole@xxxxxxxx
- Re: linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Ani Sinha <ani@xxxxxxxxxx>
- Re: linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Ani Sinha <ani@xxxxxxxxxx>
- Re: linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Ani Sinha <ani@xxxxxxxxxx>
- Re: nftables segv while trying to use nat redirection with map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- nftables segv while trying to use nat redirection with map
- From: Steve Horsley <steve.horsley@xxxxxxxxx>
- Re: linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Ani Sinha <ani@xxxxxxxxxx>
- Lots of WARNINGs in sch_hfsc with attached codel or fq_codel
- From: Miroslav Kratochvil <exa.exa@xxxxxxxxx>
- Using NPTv6 with stateful firewall
- From: Ben Swartzlander <ben@xxxxxxxxxxxxxxxx>
- Re: Kernel panic in 4.1.6 in nf_nat_redirect
- From: Andrew <nitr0@xxxxxxxxxx>
- Re: Kernel panic in 4.1.6 in nf_nat_redirect
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: The differences between hash:ip and hash:net.
- From: Hongyi Zhao <hongyi.zhao@xxxxxxxxx>
- Re: The differences between hash:ip and hash:net.
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- The differences between hash:ip and hash:net.
- From: Hongyi Zhao <hongyi.zhao@xxxxxxxxx>
- Re: using conntrack to drop connections?
- From: prmarino1@xxxxxxxxx
- ipset based police routing not works with openvpn.
- From: Hongyi Zhao <hongyi.zhao@xxxxxxxxx>
- using conntrack to drop connections?
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: Christophe Leroy <christophe.leroy@xxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: Jason Sipula <alupis1@xxxxxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: christophe leroy <christophe.leroy@xxxxxx>
- iptables 1.4.21 'transient' error
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: nft rule to redirect multiple ports using maps
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: nft rule to redirect multiple ports using maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- nft rule to redirect multiple ports using maps
- From: Giorgio <giorgio.nicole@xxxxxxxx>
- linux 3.4.43 : kernel crash at __nf_conntrack_confirm
- From: Ani Sinha <ani@xxxxxxxxxx>
- Re: Kernel panic in 4.1.6 in nf_nat_redirect
- From: Andrew <nitr0@xxxxxxxxxx>
- Re: Kernel panic in 4.1.6 in nf_nat_redirect
- From: Andrew <nitr0@xxxxxxxxxx>
- Re: Kernel panic in 4.1.6 in nf_nat_redirect
- From: Andrew <nitr0@xxxxxxxxxx>
- Re: Kernel panic in 4.1.6 in nf_nat_redirect
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Problems receiving UDP multicast traffic on bridge interface
- From: Aleksander Morgado <aleksander@xxxxxxxxxxxxx>
- Re: Problems receiving UDP multicast traffic on bridge interface
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- Problems receiving UDP multicast traffic on bridge interface
- From: Aleksander Morgado <aleksander@xxxxxxxxxxxxx>
- Obtaining process which generated packet
- From: "W. Michael Petullo" <mike@xxxxxxxx>
- Kernel panic in 4.1.6 in nf_nat_redirect
- From: Andrew <nitr0@xxxxxxxxxx>
- Re: What mean rules with no target? / counters
- From: Bastian Bittorf <bittorf@xxxxxxxxxxxxxx>
- Re: What mean rules with no target?
- Re: Using ipset 6.26 with kernel 3.12.47
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- [Noob Q.:] UDP, complementary DNAT+SNAT unicast->multicast ==> uh oh, conntrack hurdle...
- From: "Frantisek Rysanek" <Frantisek.Rysanek@xxxxxxx>
- Using ipset 6.26 with kernel 3.12.47
- From: Nikolay Borisov <n.borisov@xxxxxxxxxxxxxx>
- Re: What mean rules with no target?
- From: Bastian Bittorf <bittorf@xxxxxxxxxxxxxx>
- What mean rules with no target?
- From: f0rhum <f0rhum@xxxxxxx>
- network namespaces and conntrack
- From: Corin Langosch <info@xxxxxxxxxxxxxxxxx>
- Re: nftables wiki
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- migration of ebtables arp rule to nftables
- From: Corin Langosch <info@xxxxxxxxxxxxxxxxx>
- nftables wiki
- From: Richard Melville <richardm@xxxxxxxxxxxxxxxxx>
- Re: SIP messages with no/invalid CSeq are dropped by nf_ct_sip, 400 Bad Request is expected instead
- From: Christophe Leroy <christophe.leroy@xxxxxx>
- Re: SIP messages with no/invalid CSeq are dropped by nf_ct_sip, 400 Bad Request is expected instead
- From: Patrick McHardy <kaber@xxxxxxxxx>
- SIP messages with no/invalid CSeq are dropped by nf_ct_sip, 400 Bad Request is expected instead
- From: Christophe Leroy <christophe.leroy@xxxxxx>
- Re: how to do port forwarding using nftables map
- From: 神楽坂玲奈 <zh99998@xxxxxxxxx>
- Re: how to do port forwarding using nftables map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: how to do port forwarding using nftables map
- From: 神楽坂玲奈 <zh99998@xxxxxxxxx>
- Re: how to do port forwarding using nftables map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- how to do port forwarding using nftables map
- From: 神楽坂玲奈 <zh99998@xxxxxxxxx>
- ebtables rule to forward the frames to specific interface.
- From: arunkumar velayutham <arun.softtech@xxxxxxxxx>
- [ANNOUNCE] nftables 0.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.0.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: Kernel access of bad area
- From: "Tamtamis, Panagiotis" <panagiotis.tamtamis@xxxxxxxxx>
- Re: Kernel access of bad area
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: Kernel access of bad area
- From: "Tamtamis, Panagiotis" <panagiotis.tamtamis@xxxxxxxxx>
- Kernel access of bad area
- From: "Tamtamis, Panagiotis" <panagiotis.tamtamis@xxxxxxxxx>
- Re: [ANNOUNCE] libnftnl 1.0.4 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
- [ANNOUNCE] libnftnl 1.0.4 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nflog : We are losing events. Increasing buffer size to 1736704
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: nflog : We are losing events. Increasing buffer size to 1736704
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Netfilter: BUG: unable to handle kernel paging request, RIP: physdev_mt+0xd6/0x160
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: iptables TRACE not logged
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
- Re: Netfilter: BUG: unable to handle kernel paging request, RIP: physdev_mt+0xd6/0x160
- From: Sander Eikelenboom <linux@xxxxxxxxxxxxxx>
- Re: Netfilter: BUG: unable to handle kernel paging request, RIP: physdev_mt+0xd6/0x160
- From: Florian Westphal <fw@xxxxxxxxx>
- Netfilter: BUG: unable to handle kernel paging request, RIP: physdev_mt+0xd6/0x160
- From: Sander Eikelenboom <linux@xxxxxxxxxxxxxx>
- Re: iptables TRACE not logged
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: iptables TRACE not logged
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
- Re: iptables TRACE not logged
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: iptables TRACE not logged
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
- Re: iptables TRACE not logged
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- iptables TRACE not logged
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- [ANNOUNCE] conntrack-tools 1.4.3 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] libnetfilter_conntrack 1.0.5
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Limitation on number of rules
- From: Thomas Delrue <delrue.thomas@xxxxxxxxx>
- nflog : We are losing events. Increasing buffer size to 1736704
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: ulog dropping packets when rate is 4000 packets/sec or more
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: ulog dropping packets when rate is 4000 packets/sec or more
- From: Eric Leblond <eric@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: ulog dropping packets when rate is 4000 packets/sec or more
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- ulog dropping packets when rate is 4000 packets/sec or more
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Feature suggestion ...
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Feature suggestion ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: nftables multi-dimensional dictionaries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- RE: nftables multi-dimensional dictionaries
- From: Alex Chapman <ajchapman88@xxxxxxxxxxxxx>
- Re: nftables multi-dimensional dictionaries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- are restore-mark and -m connmark same ?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Behavior of iptables-save and iptables-restore when run concurrently
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- nftables multi-dimensional dictionaries
- From: Alex Chapman <ajchapman88@xxxxxxxxxxxxx>
- Re: IPv6 fragmentation next header missing in some cases in the skb
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: IPv6 fragmentation next header missing in some cases in the skb
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- IPv6 fragmentation next header missing in some cases in the skb
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Behavior of iptables-save and iptables-restore when run concurrently
- From: Thomas Delrue <delrue.thomas@xxxxxxxxx>
- [ANNOUNCE] ipset 6.26 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Issues with MASQUARDE and FreeBSD router.
- From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx>
- byte counters counts 14 bytes less?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: wrong info in ipset man pages
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: ipset memory usage
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Centos 7; Ulogd 2.05; MySQL; NFLOG
- From: Scott Ruckh <netfilter@xxxxxxxxxxx>
- RE: Accept clients that were seen at least twice only
- From: André Paulsberg-Csibi <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: Accept clients that were seen at least twice only
- From: Jeff <Jeff.Meyers@xxxxxxx>
- Accept clients that were seen at least twice only
- From: Jeff <Jeff.Meyers@xxxxxxx>
- Re: how to use hash:ip,mark in iptables ?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: how to use hash:ip,mark in iptables ?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- how to use hash:ip,mark in iptables ?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- wrong info in ipset man pages
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- checking mark values in iptables from ipset ...
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: ipset memory usage
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: ip6tables reject targets
- From: Nikolai Lusan <nikolai@xxxxxxxxxxx>
- Re: ip6tables reject targets
- From: Kevin Holly <root@xxxxxxxxxx>
- ip6tables reject targets
- From: Nikolai Lusan <nikolai@xxxxxxxxxxx>
- Does nft offers performance advantage over iptables?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- ipset memory usage
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Bridged interfaces are not accepting arp replay packages
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- logging rule ID
- From: Ken-ichirou MATSUZAWA <chamaken@xxxxxxxxx>
- Re: make modules_install Error : Can't read private key
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: make modules_install Error : Can't read private key
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: make modules_install Error : Can't read private key
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Bridged interfaces are not accepting arp replay packages
- From: Tugrul Erdogan <h.tugrul.erdogan@xxxxxxxxx>
- Re: ipset v6.25.1 does not recognize 'counters' as option
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: ipset v6.25.1 does not recognize 'counters' as option
- From: Soroosh Sardari <soroosh.sardari@xxxxxxxxx>
- Re: ipset v6.25.1 does not recognize 'counters' as option
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Fails to NAT and Route reply packets for Multiple Interfaces
- From: Anand Raj Manickam <anandrm@xxxxxxxxx>
- Re: ipset v6.25.1 does not recognize 'counters' as option
- From: Soroosh Sardari <soroosh.sardari@xxxxxxxxx>
- Re: ipset v6.25.1 does not recognize 'counters' as option
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- ipset v6.25.1 does not recognize 'counters' as option
- From: Soroosh Sardari <soroosh.sardari@xxxxxxxxx>
- Re: make modules_install Error : Can't read private key
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: make modules_install Error : Can't read private key
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- nf.conntrack_max and bucket setting - how to calculate?
- From: Paul Simons <paul.simons@xxxxxxxxxxxxxx>
- Fails to NAT and Route reply packets for Multiple Interfaces
- From: Anand Raj Manickam <anandrm@xxxxxxxxx>
- make modules_install Error : Can't read private key
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: ICMPv6 Type 1 Code 5 and 6 missing in iptables REJECT target and icmpv6 match
- From: Jan Engelhardt <jengelh@xxxxxxx>
- ICMPv6 Type 1 Code 5 and 6 missing in iptables REJECT target and icmpv6 match
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- Re: conntrackd and natted tcp sessions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- conntrackd and natted tcp sessions
- From: Тен Лев <leo.ten@xxxxxxxxx>
- Algo of HiPAC
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Creating a LAN only null routed network (no access to internet)
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Re: Filtering bogon ranges from exiting WAN
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Creating a LAN only null routed network (no access to internet)
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Creating a LAN only null routed network (no access to internet)
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- nftables custom protocol filtering
- From: Dmitry Liman <blaecwen@xxxxxxxxx>
- Creating a LAN only null routed network (no access to internet)
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Filtering bogon ranges from exiting WAN
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: unknown option "--map-set"
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: unknown option "--map-set"
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: unknown option "--map-set"
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- unknown option "--map-set"
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Routing 192.168.1.0/24 to ISP and 192.168.2.0/24 to VPN using fwmark+mangle+iproute
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Re: GPL violation in Ahnlab Online Security.
- From: alvin <alvin.sm@xxxxxxxxxxxxxxxxxxxxxxxxx>
- REDIRECT and UDP in client
- From: Madhan <madhan.mepco@xxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- GPL violation in Ahnlab Online Security.
- From: perillamint <perillamint@xxxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Routing 192.168.1.0/24 to ISP and 192.168.2.0/24 to VPN using fwmark+mangle+iproute
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Ipset Error : ipset v6.25.1: Kernel error received: set type not supported (on Kernel 4.1.4)
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Routing 192.168.1.0/24 to ISP and 192.168.2.0/24 to VPN using fwmark+mangle+iproute
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Re: Routing 192.168.1.0/24 to ISP and 192.168.2.0/24 to VPN using fwmark+mangle+iproute
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Routing 192.168.1.0/24 to ISP and 192.168.2.0/24 to VPN using fwmark+mangle+iproute
- From: sillysausage <sillysausage@xxxxxxxxxxxxxxxxx>
- Re: One to One port range forwarding to different port range
- From: John Miller <johnmill@xxxxxxxxxxxx>
- Re: One to One port range forwarding to different port range
- From: Doug Applegate <dapplegate@xxxxxxxxxxxxxxx>
- Re: One to One port range forwarding to different port range
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Tree view for rules/chains?
- From: alvin <alvin.sm@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: Tree view for rules/chains?
- From: John Miller <johnmill@xxxxxxxxxxxx>
- Re: Tree view for rules/chains?
- From: alvin <alvin.sm@xxxxxxxxxxxxxxxxxxxxxxxxx>
- One to One port range forwarding to different port range
- From: Doug Applegate <dapplegate@xxxxxxxxxxxxxxx>
- Tree view for rules/chains?
- From: John Miller <johnmill@xxxxxxxxxxxx>
- Tcp socket read error if packet changes in NFQUEUE
- From: aft <aftnix@xxxxxxxxx>
- bizarre behavior of NFQUEUE for tcp socket
- From: aft <aftnix@xxxxxxxxx>
- limit NFLOG PCAP to 64 bytes
- From: Dovydas Sankauskas <laisve@xxxxxxxxx>
- Re: SNAT and connection tracker: should established connections be dropped when a rule is removed from nat table?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- BIND/TKEY vulnerability (CVE-2015-5477): firewall blocking?
- From: /dev/rob0 <rob0@xxxxxxxxx>
- Re: failure to set up a "simple" rule-set to get an ssh connection through to a KVM/qemu guest
- From: azteca <azteca@xxxxxxxxx>
- Re: failure to set up a "simple" rule-set to get an ssh connection through to a KVM/qemu guest
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- failure to set up a "simple" rule-set to get an ssh connection through to a KVM/qemu guest
- From: azteca <azteca@xxxxxxxxx>
- Re: SNAT and connection tracker: should established connections be dropped when a rule is removed from nat table?
- From: Vitaly Repin <vitaly_repin@xxxxxxxx>
- Re: SYNPROXY *NAT/redirects etc.
- From: Christian Ruppert <idl0r@xxxxxxx>
- Re: Creating, editing, removing rules from C(++)
- From: Bastian Bittorf <bittorf@xxxxxxxxxxxxxx>
- Rule counter incrementing, but packet not dropped?
- From: Andy Hester <andy.hester@xxxxxxxxx>
- Re: Creating, editing, removing rules from C(++)
- From: alvin <alvin.sm@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Help with routing ping requests
- From: Donald Schlicht <dschlic1@xxxxxxxxx>
- Re: Creating, editing, removing rules from C(++)
- From: Thomas Delrue <thomas.delrue@xxxxxxxxxxxxxxxxxxxxxxxx>
- Re: Creating, editing, removing rules from C(++)
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Creating, editing, removing rules from C(++)
- From: Sven-Haegar Koch <haegar@xxxxxxxxx>
- Re: Creating, editing, removing rules from C(++)
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Creating, editing, removing rules from C(++)
- From: alvin <alvin.sm@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Creating, editing, removing rules from C(++)
- From: Thomas Delrue <thomas.delrue@xxxxxxxxxxxxxxxxxxxxxxxx>
- Help with routing ping requests
- From: Donald Schlicht <dschlic1@xxxxxxxxx>
- Re: Help with routing ping requests
- From: Donald Schlicht <dschlic1@xxxxxxxxx>
- Re: Help with routing ping requests
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: Help with routing ping requests
- From: Donald Schlicht <dschlic1@xxxxxxxxx>
- PolicyBasedRouting with two IPv6 WAN uplinks without NAT possible?
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- RE: Mangling and blocking
- From: André Paulsberg-Csibi <Andre.Paulsberg-Csibi@xxxxxxxx>
- Mangling and blocking
- From: Steve Hill <steve@xxxxxxxxxxxx>
- Re: Network slowing down by masquerade
- From: Glen Huang <hey.hgl@xxxxxxxxx>
- Re: Help with routing ping requests
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: Network slowing down by masquerade
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: SNAT and connection tracker: should established connections be dropped when a rule is removed from nat table?
- From: Vitaly Repin <vitaly_repin@xxxxxxxx>
- Help with routing ping requests
- From: Donald Schlicht <dschlic1@xxxxxxxxx>
- Re: SNAT and connection tracker: should established connections be dropped when a rule is removed from nat table?
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- SNAT and connection tracker: should established connections be dropped when a rule is removed from nat table?
- From: Vitaly Repin <vitaly_repin@xxxxxxxx>
- SNAT and connection tracker: should established connections be dropped when a rule is removed from nat table?
- From: Vitaly Repin <vitaly.repin@xxxxxxxxx>
- Nf_nat_range structure flags oring not working.
- From: Geoffrey Said <geoffrey.said@xxxxxxxxx>
- Network slowing down by masquerade
- From: Glen Huang <hey.hgl@xxxxxxxxx>
- nft: ranges in named maps?
- From: Andreas Schultz <aschultz@xxxxxxxx>
- nft: bitoperations between ct and nf mark
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: How are tunneled interfaces masqueraded?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- How are tunneled interfaces masqueraded?
- From: Glen Huang <curvedmark@xxxxxxxxx>
- RE: Donation
- From: "Taylor Kirsten (RW3) CMFT Manchester" <Kirsten.Taylor@xxxxxxxxxxx>
- Re: xt_mac and NF_INET_POST_ROUTING
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- xt_mac and NF_INET_POST_ROUTING
- From: Garret Kelly <gdk@xxxxxxxxxx>
- [ANNOUNCE] ipset 6.25.1 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: SYNPROXY *NAT/redirects etc.
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: SYNPROXY *NAT/redirects etc.
- From: Christian Ruppert <idl0r@xxxxxxx>
- Question about packet processing in iptables/netfilter
- From: Andreas Herz <andi@xxxxxxxxxxxxxxx>
- ndpi-netfilter v2.0
- From: Humberto Jucá <betolj@xxxxxxxxx>
- Re: nftables kernel integration tracking
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: SYNPROXY *NAT/redirects etc.
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- ulogd "compressed" output for connection logging ?
- From: Reiner Karlsberg <karlsberg@xxxxxxxxxxxxxx>
- ulogd + event mode problem
- From: Reiner Karlsberg <karlsberg@xxxxxxxxxxxxxx>
- SYNPROXY *NAT/redirects etc.
- From: Christian Ruppert <idl0r@xxxxxxx>
- Re: Re-Routing after OUTPUT mangle
- From: Anatoly Muliarski <x86ever@xxxxxxxxx>
- Re-Routing after OUTPUT mangle
- From: "Withnell, Richard (withnell)" <r.withnell@xxxxxxxxxxxxxxx>
- Re: Using iptables to send local traffic to proxy
- From: spaceman <spaceman@xxxxxxxxxxxxxxxx>
- Re: iptables based appliances - ipset
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- Re: iptables based appliances - ipset
- From: alvin <alvin.sm@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: iptables based appliances
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
- iptables based appliances
- From: alvin <alvin.sm@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: Due to Connection Tracking multiple DNAT rules for GRE packets do not get hit
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Mangling packets & routing in kernels>3.17
- From: aikipooh@xxxxxxxxx (Юрий Пухальский)
- length module documentation mismatch
- From: causeless <causeless@xxxxxxxxx>
- Re: TCP sequence checking
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: TCP sequence checking
- From: "Lukas Hubschmid (s)" <lukas.hubschmid@xxxxxxxxxxxxxxxx>
- Re: TCP sequence checking
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- TCP sequence checking
- From: "Lukas Hubschmid (s)" <lukas.hubschmid@xxxxxxxxxxxxxxxx>
- Using iptables to send local traffic to proxy
- From: "L.W. van Braam van Vloten" <lucas2@xxxxxx>
- Due to Connection Tracking multiple DNAT rules for GRE packets do not get hit
- From: Karan <digitalkaran@xxxxxxxxx>
- HOWTO combine a map with snat
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: Netfilter Book
- From: raskolnikov@xxxxxxxxxxxxxxx
- Re: Netfilter Book
- From: npn <neal.p.murphy@xxxxxxxxxxxx>
- Re: Netfilter Book
- From: shawn wilson <ag4ve.us@xxxxxxxxx>
- Re: Netfilter Book
- From: prmarino1@xxxxxxxxx
- Netfilter Book
- From: raskolnikov@xxxxxxxxxxxxxxx
- nftables kernel integration tracking
- From: Nikolai Lusan <nikolai@xxxxxxxxxxx>
- SynProxy Problem with Asymmetric dual bridge topology
- From: Niyazi Sırt <nyzsirt@xxxxxxxxx>
- proxy and quotas
- From: Yan Seiner <yan@xxxxxxxxxx>
- quota sometimes doesn't work
- From: Yan Seiner <yan@xxxxxxxxxx>
- accept_local question
- From: Florent B <florent@xxxxxxxxxxx>
- ipset hash:net performance
- From: Shaun Crampton <shaun@xxxxxxxxxx>
- Re: FTP connection tracking doesn't work with nftables
- From: Tomek L <tl-netfilter@xxxxxxxxx>
- Re: FTP connection tracking doesn't work with nftables
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: FTP connection tracking doesn't work with nftables
- From: Tomek L <tl-netfilter@xxxxxxxxx>
- Re: FTP connection tracking doesn't work with nftables
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: FTP connection tracking doesn't work with nftables
- From: Tomek L <tl-netfilter@xxxxxxxxx>
- Re: FTP connection tracking doesn't work with nftables
- From: Tomek L <tl-netfilter@xxxxxxxxx>
- iptables + tc help
- From: Yan Seiner <yan@xxxxxxxxxx>
- Re: FTP connection tracking doesn't work with nftables
- From: Tomek L <tl-netfilter@xxxxxxxxx>
- FTP connection tracking doesn't work with nftables
- From: Tomek L <tl-netfilter@xxxxxxxxx>
- Kernel panic with skb_alloc during post_routing
- From: Praveen Kumar <praveenkr.cs@xxxxxxxxx>
- [ANNOUNCE] ulogd 2.0.5 release
- From: Eric Leblond <eric@xxxxxxxxx>
- Reroute VPN server outgoing traffic to TOR
- From: Foxtrot Mike <foxtrotmike59@xxxxxxxxx>
- conntrack -L fails with Linux 4.0: Operation not supported
- From: Petr Pisar <petr.pisar@xxxxxxxx>
- Modify SSL packets with Scapy
- From: herraffe <herraffe@xxxxxxxxxx>
- Modify SSL packets with Scapy
- From: Hubert Strauß <strauss.hubert@xxxxxx>
- Re: Is it possible to access ip fragments with libnetfilter_queue?
- From: Adel Belhouane <bugs.a.b@xxxxxxx>
- Re: Packets being reflected back from firewall unintentionally...
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Is it possible to access ip fragments with libnetfilter_queue?
- From: Michael Fomichev <fomichev.michael@xxxxxxxxx>
- Re: Packets being reflected back from firewall unintentionally...
- From: Matthew Smith <gizmosmith@xxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Lubomir Rintel <lkundrak@xxxxx>
- Re: Packets being reflected back from firewall unintentionally...
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
- Packets being reflected back from firewall unintentionally...
- From: Matthew Smith <gizmosmith@xxxxxxxxx>
- IP SNAT only for a bridge port, ¿is it possible?
- From: Jose Miguel Sanchez Ales <josem+netfilter@xxxxxxxxxxxx>
- nftables type for ipv4_addr -> packetmark map?
- From: Miroslav Kratochvil <exa.exa@xxxxxxxxx>
- Re: Alternatively
- From: Eric Leblond <eric@xxxxxxxxx>
- Alternatively
- From: Kees-Jan Hermans <hermans@xxxxxxxxxx>
- Modifying a packet's length using netfilter queue
- From: Kees-Jan Hermans <hermans@xxxxxxxxxx>
- Re: AW: Atomic changes to IP sets
- From: "Nikolay S." <nowhere@xxxxxxxxxxxxxxxx>
- Re: Atomic changes to IP sets
- From: Paul Robert Marino <prmarino1@xxxxxxxxx>
- Re: Atomic changes to IP sets
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Modifying a packet's length using netfilter queue
- From: Kees-Jan Hermans <hermans@xxxxxxxxxx>
- Re: Atomic changes to IP sets
- From: Koen Zandberg <hydrazine@xxxxxxxxxxxx>
- Re: Atomic changes to IP sets
- From: "Nikolay S." <nowhere@xxxxxxxxxxxxxxxx>
- Atomic changes to IP sets
- From: Anna Fischer <a.fischer@xxxxxxxxxx>
- spooky RST with DNAT rules; macvlan + namespace
- From: Chris Burroughs <christopher@xxxxxxxxxxx>
- Clarification needed on use of -m owner --uid-owner
- From: "Vince Cooper" <swUjefra@xxxxxxxxxxx>
- Re: ebtables fix changing source MAC
- From: "otik@xxxxxxxxxx" <otik@xxxxxxxxxx>
- Re: SYNPROXY module with bridge
- From: Todor Todorov <root@xxxxxxxxxxxx>
- Re: ebtables fix changing source MAC
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- ebtables fix changing source MAC
- From: "otik@xxxxxxxxxx" <otik@xxxxxxxxxx>
- Re: connmark and nat
- From: Dmitry Melekhov <dm@xxxxxxxxxx>
- Connection tracking stores wrong port for DNAT
- From: Justin Michael Schwartzbeck <justinmschw@xxxxxxxxx>
- Re: Routing traffic over two gateways by fwmark
- From: Matt Killock <lists@xxxxxxxxxxx>
- Connection tracking stores wrong port for DNAT
- From: Justin Michael Schwartzbeck <justinmschw@xxxxxxxxx>
- Re: connmark and nat
- From: Dmitry Melekhov <dm@xxxxxxxxxx>
- Re: connmark and nat
- From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
- Strange behaviour when adding rules with libiptc
- From: aikipooh@xxxxxxxxx (Юрий Пухальский)
- Re: connmark and nat
- From: Dmitry Melekhov <dm@xxxxxxxxxx>
- Re: Routing traffic over two gateways by fwmark
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: connmark and nat
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Routing traffic over two gateways by fwmark
- From: Matt Killock <lists@xxxxxxxxxxx>
- [Call for testing!] miniupnpd with nftables!
- From: Tomofumi Hayashi <s1061123@xxxxxxxxx>
- connmark and nat
- From: Dmitry Melekhov <dm@xxxxxxxxxx>
- ANNOUNCEMENT: Netdev 01 materials posted
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- RE: Why SYN-ACK packets are dropped as INVALID?
- From: Joel Gerber <Joel.Gerber@xxxxxxxxxxxxxxxx>
- AW: Why SYN-ACK packets are dropped as INVALID?
- From: "Spenst, Aleksej" <Aleksej.Spenst@xxxxxxxxxx>
- RE: Why SYN-ACK packets are dropped as INVALID?
- From: Joel Gerber <Joel.Gerber@xxxxxxxxxxxxxxxx>
- AW: Why SYN-ACK packets are dropped as INVALID?
- From: "Spenst, Aleksej" <Aleksej.Spenst@xxxxxxxxxx>
- Re: Why SYN-ACK packets are dropped as INVALID?
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Why SYN-ACK packets are dropped as INVALID?
- From: "Spenst, Aleksej" <Aleksej.Spenst@xxxxxxxxxx>
- Re: nftables feature request: don't fail "flush" on nonexistent tables
- From: Laurent Bercot <ska-devel@xxxxxxxxxxx>
- re-routing multicast pkts after mangle table marking
- From: Brian Aanderud <brian.aanderud@xxxxxxxxxxxxxxxxxxx>
- Re: nftables feature request: don't fail "flush" on nonexistent tables (was: nftables: nft fails to add rules to chains)
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- nftables feature request: don't fail "flush" on nonexistent tables (was: nftables: nft fails to add rules to chains)
- From: Laurent Bercot <ska-devel@xxxxxxxxxxx>
- Re: nftables: nft fails to add rules to chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables: nft fails to add rules to chains
- From: Laurent Bercot <ska-devel@xxxxxxxxxxx>
- Re: nftables: nft fails to add rules to chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables: nft fails to add rules to chains
- From: Laurent Bercot <ska-devel@xxxxxxxxxxx>
- Re: nftables: nft fails to add rules to chains
- From: Laurent Bercot <ska-devel@xxxxxxxxxxx>
- Re: nftables: nft fails to add rules to chains
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Status of Nftables.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Status of Nftables.
- From: Albert K <alberk@xxxxxxxxx>
- Re: nftables: nft fails to add rules to chains
- From: Laurent Bercot <ska-devel@xxxxxxxxxxx>
- 11th Netfilter Workshop coming up soon
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Ho to use rateest module?
- From: Anatoly Muliarski <x86ever@xxxxxxxxx>
- nftables: nft fails to add rules to chains
- From: Laurent Bercot <ska-devel@xxxxxxxxxxx>
- Ho to use rateest module?
- From: Martin T <m4rtntns@xxxxxxxxx>
- RE: Is my connection timing out here?
- From: jack seth <bird_112@xxxxxxxxxxx>
- Re: DROP policy, serious vulnerability?
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- RE: DROP policy, serious vulnerability?
- From: André Paulsberg-Csibi <Andre.Paulsberg-Csibi@xxxxxxxx>
- Re: DROP policy, serious vulnerability?
- From: dE <de.techno@xxxxxxxxx>
- Re: DROP policy, serious vulnerability?
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- DROP policy, serious vulnerability?
- From: dE <de.techno@xxxxxxxxx>
- Re: Remote telnet session - "conntrack -L" TO value displays incorrectly
- From: Murugan Venugopal <muruga86@xxxxxxxxx>
- Re: transparent proxy with iptable redirect
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- transparent proxy with iptable redirect
- From: Peter Chen <peter.feifan.chen@xxxxxxxxx>
- Re: Outbound SNAT on non-local connections
- From: Ryan <ryan_gerstenkorn@xxxxxxxxxxx>
- Re: Issue in conntrack udpate cmd for UDP -- "conntrack -U -p udp -t xx" updates only unreplied connections
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: iptables rules still working after being flushed (?)
- From: Bastian Bittorf <bittorf@xxxxxxxxxxxxxx>
- Re: iptables rules still working after being flushed (?)
- From: Santiago Vila <sanvila@xxxxxxx>
- Re: iptables rules still working after being flushed (?)
- From: Santiago Vila <sanvila@xxxxxxx>
- Re: Outbound SNAT on non-local connections
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- iptables rules still working after being flushed (?)
- From: Santiago Vila <sanvila@xxxxxxx>
- Re: Outbound SNAT on non-local connections
- From: Ryan <ryan_gerstenkorn@xxxxxxxxxxx>
- Outbound SNAT on non-local connections
- From: Ryan <ryan_gerstenkorn@xxxxxxxxxxx>
- RE: ebtables vlan captive portal
- From: "Danilo Magat" <danny@xxxxxxxxxxx>
- Remote telnet session - "conntrack -L" TO value displays incorrectly
- From: Murugan Venugopal <muruga86@xxxxxxxxx>
- Re: dst nat failover only while port is closed
- From: Michael Vallaly <netfilter@xxxxxxxxxxxxx>
- Re: dst nat failover only while port is closed
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- RE: ebtables vlan captive portal
- From: "Danilo Magat" <danny@xxxxxxxxxxx>
- dst nat failover only while port is closed
- From: Stefan Certic <stefan@xxxxxxxxxxxxxxx>
- Re: ebtables: ebtables-restore segfaults when 'among' list has many items
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: ebtables: ebtables-restore segfaults when 'among' list has many items
- From: Stuart Shelton <srcshelton@xxxxxxxxx>
- Re: ebtables vlan captive portal
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: ebtables: ebtables-restore segfaults when 'among' list has many items
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- ebtables vlan captive portal
- Re: ebtables: ebtables-restore segfaults when 'among' list has many items
- From: Stuart Shelton <srcshelton@xxxxxxxxx>
- ebtables: ebtables-restore segfaults when 'among' list has many items
- From: Stuart Shelton <srcshelton@xxxxxxxxx>
- Is my connection timing out here?
- From: jack seth <bird_112@xxxxxxxxxxx>
- Issue in conntrack udpate cmd for UDP -- "conntrack -U -p udp -t xx" updates only unreplied connections
- From: Murugan Venugopal <muruga86@xxxxxxxxx>
- Issue with "conntrack -U -p tcp -t xx" cmd -- need to update TO for specific TCP state filter
- From: Murugan Venugopal <muruga86@xxxxxxxxx>
- Statefull tcp failovers.
- From: Mike Mestnik <cheako@xxxxxxxxxxxxxxx>
- Re: Forward all incoming connection to other address
- From: prmarino1@xxxxxxxxx
- Forward all incoming connection to other address
- From: "Nima Afshari" <nima.afshari.1389@xxxxxxxxx>
- Re: time module rules using localtime
- From: richard lucassen <mailinglists@xxxxxxxxxxxx>
- Re: time module rules using localtime
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: time module rules using localtime
- From: richard lucassen <mailinglists@xxxxxxxxxxxx>
- Re: [PMX:#] Re: time module rules using localtime
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: time module rules using localtime
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- time module rules using localtime
- From: richard lucassen <mailinglists@xxxxxxxxxxxx>
- Re: packet marking
- From: Sebastian Pöhn <sebastian.poehn@xxxxxxxxx>
- Re: packet marking
- From: Michal Kubecek <mkubecek@xxxxxxx>
- packet marking
- From: Bob Miller <bob@xxxxxxxxxxxxxxx>
- Re: bug in iptables-restore and "recent" module
- From: richard lucassen <mailinglists@xxxxxxxxxxxx>
- NFLOG and Namespaces
- From: nfnty <arch@xxxxxxxx>
- [RFC] nf_conntrack_dns: Workaround parallel DNS resolve
- From: Sebastian Poehn <sebastian.poehn@xxxxxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: Jason Sipula <alupis1@xxxxxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: [PATCH v2] net: Remove state argument from skb_find_text()
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH] net: Remove state argument from skb_find_text()
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: bug in iptables-restore and "recent" module
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: bug in iptables-restore and "recent" module
- From: richard lucassen <mailinglists@xxxxxxxxxxxx>
- Re: Trouble with full nf_conntrack table
- From: Andy Hester <andy.hester@xxxxxxxxx>
- Mangle VLAN Priority Bit
- From: Greg Procunier <greg.procunier@xxxxxxxxx>
- Re: [PATCH] net: Remove state argument from skb_find_text()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- nft & notrack
- From: Oleg <lego12239@xxxxxxxxx>
- Re: bug in iptables-restore and "recent" module
- From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
- Re: bug in iptables-restore and "recent" module
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: bug in iptables-restore and "recent" module
- From: richard lucassen <mailinglists@xxxxxxxxxxxx>
- Re: bug in iptables-restore and "recent" module
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- bug in iptables-restore and "recent" module
- From: richard lucassen <mailinglists@xxxxxxxxxxxx>
- Re: how to bind NF_ARP family in netfilter queue
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- Re: how to bind NF_ARP family in netfilter queue
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: how to bind NF_ARP family in netfilter queue
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- how to bind NF_ARP family in netfilter queue
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- Re: Trouble with full nf_conntrack table
- From: Andy Hester <andy.hester@xxxxxxxxx>
- [ANNOUNCE] 11th Netfilter Workshop in Budapest, Hungary
- From: Pablo Neira Ayuso <pneira@xxxxx>
- conntrack apparently losing connections in kernel 3.18
- From: Tim Coote <tim@xxxxxxxxx>
- Re: Trouble with full nf_conntrack table
- From: Andy Hester <andy.hester@xxxxxxxxx>
- Fwd: Implemeting Deficit Round Robin to schedule over Different virtual network interfaces
- From: ronald pina <pinaronald@xxxxxxxxx>
- Re: Limit transfer speed rate by Iptables Rules
- From: prmarino1@xxxxxxxxx
- Limit transfer speed rate by Iptables Rules
- From: jack Linux <ilinuxer.85@xxxxxxxxx>
- MASQUERADE problems
- From: Jan-Aage Frydenbø-Bruvoll <jan@xxxxxxxxxxxxxxxxxxxx>
- Re: iptables build error when using musl-libc and kernel 3.18.x targeting ARM
- From: Jason Sipula <alupis1@xxxxxxxxx>
- Re: Trouble with full nf_conntrack table
- From: Andy Hester <andy.hester@xxxxxxxxx>
- Re: Trouble with full nf_conntrack table
- From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
- Trouble with full nf_conntrack table
- From: Andy Hester <andy.hester@xxxxxxxxx>
- NetDev 0.1 final schedule and new sponsor update
- From: Richard Guy Briggs <rgb@xxxxxxxxxxxx>
- Limit transfer speed rate by Iptables Rules
- From: jack Linux <ilinuxer.85@xxxxxxxxx>
- problems loading a module
- From: Samir Sharma <s53554@xxxxxxxxxxxxxxxxxxx>
- Re: nft iptable-compat and TCPMSS target
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- iptables build error when using musl-libc and kernel 3.18.x targeting ARM
- From: Jason Sipula <alupis1@xxxxxxxxx>
- Strange / irritating behaviour with NAT using Mark-based-Routing
- From: Martin <develop@xxxxxxxxxx>
- NetDev 0.1 Preliminary schedule posted
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- nft & notrack
- From: Oleg <lego12239@xxxxxxxxx>
- NetDev 0.1 Schedule delay update
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- Re: modules required for ftp helper
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- modules required for ftp helper
- From: Jason Miller <jason@xxxxxxxx>
- NetDev 0.1 conference post-CFP deadline weekly update
- From: Richard Guy Briggs <rgb@xxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Jan Niggemann <jn@xxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: Order of iptables vs. ip6tables chains
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- Re: Order of iptables vs. ip6tables chains
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: Order of iptables vs. ip6tables chains
- From: Thomas Preissler <thomas@xxxxxxxxxxxxxxx>
- Re: Order of iptables vs. ip6tables chains
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- Re: Order of iptables vs. ip6tables chains
- From: Noel Kuntze <noel@xxxxxxxxxxxxxxxxx>
- Order of iptables vs. ip6tables chains
- From: Thomas Preissler <thomas@xxxxxxxxxxxxxxx>
- Sad news - our Netfilter collegue Holger Eitzenberger passed away
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Jan Niggemann <jn@xxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Jan Niggemann <jn@xxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Jan Niggemann <jn@xxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Jan Niggemann <jn@xxxxxx>
- Re: conntrack GRE behaves differently in 3.17 / 3.18
- From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx>
- Re: installing error
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- NetDev 0.1 conference new proposals accepted + misc updates
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- conntrack GRE behaves differently in 3.17 / 3.18
- From: Jan Niggemann <jn@xxxxxx>
- installing error
- From: Samir <lucknow@xxxxxx>
- Re: netfilter queues only seeing IPv4/TCP traffic
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- Re: netfilter queues only seeing IPv4/TCP traffic
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- netfilter queues only seeing IPv4/TCP traffic
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: P-o Lévesque <olygraph.po@xxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- ulogd unexpected character problem
- From: Umut Yerci <umutyerci@xxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- What is the format of the header read from netfilter queues?
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- RE: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- RE: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: P-o Lévesque <olygraph.po@xxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- netfilter@xxxxxxxxxxxxxxx
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- IPTABLES + PREROUTING + --set-mark + Ubuntu
- From: The Media Server <info@xxxxxxxxxxxxxxxxxx>
- Re: TAP interface and iptables forwarding/nat/masquerading
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Iptables and ipsec racoon
- From: Alexandre Chaves <achaves@xxxxxxxxxxxxxx>
- Re: TAP interface and iptables forwarding/nat/masquerading
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- Re: TAP interface and iptables forwarding/nat/masquerading
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- TAP interface and iptables forwarding/nat/masquerading
- From: Stéphane Charette <stephanecharette@xxxxxxxxx>
- Fastest / most reliable way of matching conntrack log entries to PID
- From: "Hassan Sultan" <hsultan@xxxxxxxxxxxx>
- NetDev 0.1 new proposals accepted update
- From: Richard Guy Briggs <rgb@xxxxxxxxxxxx>
- Re: Stateless NAT with iptables
- From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
- RE: Stateless NAT with iptables
- From: Glen Miner <shaggie76@xxxxxxxxxxx>
- RE: Stateless NAT with iptables
- From: Glen Miner <shaggie76@xxxxxxxxxxx>
- nftables: variable network ranges in named maps
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: tproxy with nftables
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: Usefulness of xt_recent's "last seen" and "oldest_pkt" on a tickless system
- From: David Hagood <david.hagood@xxxxxxxxx>
- Re: Usefulness of xt_recent's "last seen" and "oldest_pkt" on a tickless system
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: Usefulness of xt_recent's "last seen" and "oldest_pkt" on a tickless system
- From: David Hagood <david.hagood@xxxxxxxxx>
- Re: Usefulness of xt_recent's "last seen" and "oldest_pkt" on a tickless system
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Usefulness of xt_recent's "last seen" and "oldest_pkt" on a tickless system
- From: David Hagood <david.hagood@xxxxxxxxx>
- Re: Transparent proxy requirement
- From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx>
- Re: Stateless NAT with iptables
- From: Jan Engelhardt <jengelh@xxxxxxx>
- RE: Stateless NAT with iptables
- From: Glen Miner <shaggie76@xxxxxxxxxxx>
- Re: Stateless NAT with iptables
- From: Kristian Evensen <kristian.evensen@xxxxxxxxx>
- RE: Stateless NAT with iptables
- From: Glen Miner <shaggie76@xxxxxxxxxxx>
- Re: Stateless NAT with iptables
- From: Kristian Evensen <kristian.evensen@xxxxxxxxx>
- Stateless NAT with iptables
- From: Glen Miner <shaggie76@xxxxxxxxxxx>
- Re: NFQUEUE and TCP retransmission
- From: Feng Gao <gfree.wind@xxxxxxxxx>
- nft iptable-compat and TCPMSS target
- From: Andreas Schultz <aschultz@xxxxxxxx>
- NFQUEUE and TCP retransmission
- From: 邓尧 <torshie@xxxxxxxxx>
- BUG: using smp_processor_id() in preemptible [00000000] code: iptables-compat/498
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: tproxy with nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- DHCP broadcasts coming from a "mystery" interface
- From: Mike <debian@xxxxxxxxxxxxxxxxxxxxx>
- Re: Transparent proxy requirement
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- NetDev 0.1 Hotel guaranteed rate expiry fast approaching
- From: Richard Guy Briggs <rgb@xxxxxxxxxxxx>
- tproxy with nftables
- From: Andreas Schultz <aschultz@xxxxxxxx>
- Re: Transparent proxy requirement
- From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx>
- Re: traffic distribution not happening on 40G ethernet card.
- From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx>
- Re: Parsing conntrack entries
- From: Hendrik Visage <hvjunk@xxxxxxxxx>
- IPset v6.24 - make modules fails
- From: Neven Vrenko <neven.vrenko@xxxxxxxxx>
- Re: Parsing conntrack entries
- From: Stig Thormodsrud <stig@xxxxxxxx>
- Re: Parsing conntrack entries
- From: Karsten Hohmeier <karsten.hohmeier@xxxxxxxxxxxxx>
- Parsing conntrack entries
- From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
- Re: Logging for NAT information with ULOG/NFLOG/LOG
- From: Hendrik Visage <hvjunk@xxxxxxxxx>
- Re: Logging for NAT information with ULOG/NFLOG/LOG
- From: Paul Robert Marino <prmarino1@xxxxxxxxx>
- Logging for NAT information with ULOG/NFLOG/LOG
- From: Hendrik Visage <hvjunk@xxxxxxxxx>
- iptables: DNAT on virtual interfaces not working
- From: "William T. Mann" <wtmann@xxxxxxxxxxxxxxxxx>
- Re: Trouble with ulog_test/fprobe-ulog
- From: Orion Poplawski <orion@xxxxxxxxxxxxx>
- Trouble with ulog_test/fprobe-ulog
- From: Orion Poplawski <orion@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Paul Robert Marino <prmarino1@xxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Transparent proxy requirement
- From: "U.Mutlu" <for-gmane@xxxxxxxxxxx>
- Re: NAT and listen on random ports
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: NAT and listen on random ports
- From: Vijay Viswanathan <vijay.vishy@xxxxxxxxx>
- Re: NAT and listen on random ports
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- NAT and listen on random ports
- From: Vijay Viswanathan <vijay.vishy@xxxxxxxxx>
- netdev01 twitter feed, first proposal accepted
- From: Richard Guy Briggs <rgb@xxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Jason Cooper <jason@xxxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Jason Cooper <jason@xxxxxxxxxxxxxx>
- Intercepting connection creation/close with libnetfilter_conntrack
- From: "Hassan Sultan" <hsultan@xxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Jason Cooper <jason@xxxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- Re: Fwd: ipset 6.24 and iptables 1.4.14, errno 22 (EINVAL)
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
- Re: Fwd: ipset 6.24 and iptables 1.4.14, errno 22 (EINVAL)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Fwd: ipset 6.24 and iptables 1.4.14, errno 22 (EINVAL)
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
- Re: Fwd: ipset 6.24 and iptables 1.4.14, errno 22 (EINVAL)
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Paul Robert Marino <prmarino1@xxxxxxxxx>
- Fwd: ipset 6.24 and iptables 1.4.14, errno 22 (EINVAL)
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- [ANNOUNCE] nftables 0.4 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.0.3 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Issue with specifying interface/NIC name with drop packets rule
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: Issue with specifying interface/NIC name with drop packets rule
- From: Vijay Viswanathan <vijay.vishy@xxxxxxxxx>
- Re: iptables DNAT algorithm -- another way?
- From: John Miller <johnmill@xxxxxxxxxxxx>
- Re: iptables DNAT algorithm -- another way?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: Issue with specifying interface/NIC name with drop packets rule
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: iptables DNAT algorithm -- another way?
- From: John Miller <johnmill@xxxxxxxxxxxx>
- Re: iptables DNAT algorithm -- another way?
- From: Pascal Hambourg <pascal@xxxxxxxxxxxxxxx>
- Re: iptables DNAT algorithm -- another way?
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: iptables DNAT algorithm -- another way?
- From: John Miller <johnmill@xxxxxxxxxxxx>
- Re: iptables DNAT algorithm -- another way?
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- iptables DNAT algorithm -- another way?
- From: John Miller <johnmill@xxxxxxxxxxxx>
- Bridging / VLANs / ebtables
- From: Tim Nelson <tnelson@xxxxxxxxxxxxx>
- bug : nft_redirect port byteorder issue
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: Problem setting up nftables dnat : dport set to 0 instead of requested value (22)
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: Problem setting up nftables dnat : dport set to 0 instead of requested value (22)
- From: leroy christophe <christophe.leroy@xxxxxx>
- NetDev 0.1 Registration open
- From: Richard Guy Briggs <rgb@xxxxxxxxxxxx>
- Re: Problem setting up nftables dnat : dport set to 0 instead of requested value (22)
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Re: Problem setting up nftables dnat : dport set to 0 instead of requested value (22)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Problem setting up nftables dnat : dport set to 0 instead of requested value (22)
- From: leroy christophe <christophe.leroy@xxxxxx>
- iptables-restore vmalloc allocation failure
- From: Dan Cook <dan.cook@xxxxxxxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: How are ct helper to be configured with NFT ?
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: Reversed byte order issue with nft ?
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: Reversed byte order issue with nft ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Reversed byte order issue with nft ?
- From: leroy christophe <christophe.leroy@xxxxxx>
- Netdev 0.1 Call for Proposals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables compatibility
- From: Jean-Philippe Menil <jpmenil@xxxxxxxxx>
- Re: nftables compatibility
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nftables compatibility
- From: Jean-Philippe Menil <jpmenil@xxxxxxxxx>
- Re: nftables compatibility
- From: Eric Leblond <eric@xxxxxxxxx>
- nftables compatibility
- From: Jean-Philippe Menil <jpmenil@xxxxxxxxx>
- Re: Can not see VM packets using Netfilter
- From: Smart Weblications GmbH - Florian Wiessner <f.wiessner@xxxxxxxxxxxxxxxxxxxxx>
- Can not see VM packets using Netfilter
- From: 王可 王 <klwangke@xxxxxxxxx>
- Re: nft icmpv6 mld-listener-query rule not honored?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft icmpv6 mld-listener-query rule not honored?
- From: stoffl4ever <stoffl4ever@xxxxxxxxx>
- Re: nft icmpv6 mld-listener-query rule not honored?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: unable to install libnftnl Error : "XT_EXTENSION_MAXNAMELEN undeclared here"
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: unable to install libnftnl Error : "XT_EXTENSION_MAXNAMELEN undeclared here"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- hashlimit : limiting cases of 250pkts/sec. Does it hold now also?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: unable to install libnftnl Error : "XT_EXTENSION_MAXNAMELEN undeclared here"
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: unable to install libnftnl Error : "XT_EXTENSION_MAXNAMELEN undeclared here"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- unable to install libnftnl Error : "XT_EXTENSION_MAXNAMELEN undeclared here"
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: stoffl4ever <stoffl4ever@xxxxxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- How are ct helper to be configured with NFT ?
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: issue with nftable - goto : Operation not supported
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Issue with specifying interface/NIC name with drop packets rule
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- issue with nftable - goto : Operation not supported
- From: leroy christophe <christophe.leroy@xxxxxx>
- Re: Issue with specifying interface/NIC name with drop packets rule
- From: Vijay Viswanathan <vijay.vishy@xxxxxxxxx>
- nft icmpv6 mld-listener-query rule not honored?
- From: stoffl4ever <stoffl4ever@xxxxxxxxx>
- [ANNOUNCE] ipset 6.24 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Issue with specifying interface/NIC name with drop packets rule
- From: Vijay Kumar K <kvijay@xxxxxxxxx>
- Re: iptables logging using ulog : which can handle high traffic, writing in db or json or xml?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- TPROXY and syn packets maybe a solution?
- From: Eliezer Croitoru <eliezer@xxxxxxxxxxxx>
- Re: iptables logging using ulog : which can handle high traffic, writing in db or json or xml?
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- RE: iptables logging using ulog : which can handle high traffic, writing in db or json or xml?
- From: Joel Gerber <Joel.Gerber@xxxxxxxxxxxxxxxx>
- iptables logging using ulog : which can handle high traffic, writing in db or json or xml?
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: Redirected packets being dropped
- From: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
- Redirected packets being dropped
- tc() not reporting burst values correctly
- From: Neal Murphy <neal.p.murphy@xxxxxxxxxxxx>
- Re: Simple NFT example
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Burst not working correctly in hashlimit !!!
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Iptables limit match dropping packets
- From: Akshat Kakkar <akshat.1984@xxxxxxxxx>
- Re: ipset 6.23 hangs on CentOS6 with hash:mac
- From: Ricardo Klein <klein.rfk@xxxxxxxxx>
- Re: Hardware benchmark list (was: Recommended hardware for iptables based firewall/router)
- From: shawn wilson <ag4ve.us@xxxxxxxxx>
- Re: Hardware benchmark list (was: Recommended hardware for iptables based firewall/router)
- From: Michael Schwartzkopff <ms@xxxxxxx>
- Hardware benchmark list (was: Recommended hardware for iptables based firewall/router)
- From: shawn wilson <ag4ve.us@xxxxxxxxx>
- Re: Recommended hardware for iptables based firewall/router
- From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
- Re: Recommended hardware for iptables based firewall/router
- From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
- Re: Recommended hardware for iptables based firewall/router
- From: Stig Thormodsrud <stig@xxxxxxxx>
- Re: Recommended hardware for iptables based firewall/router
- From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]