Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- [ANNOUNCE] knft testing/fuzzer utility for nftables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Document anonymous chain creation
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] doc: Basic documentation of anonymous chains
- From: Phil Sutter <phil@xxxxxx>
- Re: Document anonymous chain creation
- From: Folsk Pratima <folsk0pratima@xxxxxxx>
- Re: Document anonymous chain creation
- From: Phil Sutter <phil@xxxxxx>
- Re: Document anonymous chain creation
- From: Folsk Pratima <folsk0pratima@xxxxxxx>
- Re: [PATCH nft] json: work around fuzzer-induced assert crashes
- From: Phil Sutter <phil@xxxxxx>
- Re: Document anonymous chain creation
- From: Phil Sutter <phil@xxxxxx>
- Document anonymous chain creation
- From: Folsk Pratima <folsk0pratima@xxxxxxx>
- [Bug] kernel panic: Hard LOCKUP at 'net/netfilter/nf_conntrack_core.c' in Linux kernel v6.12
- From: Luka <luka.2016.cs@xxxxxxxxx>
- [PATCH AUTOSEL 6.12 54/93] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 6.14 063/108] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 6.15 071/118] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH nft] json: prevent null deref if chain->policy is not set
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] tests: py: fix json single-flag output for fib & synproxy
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] json: work around fuzzer-induced assert crashes
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH RFC net-next] net: phylink: always config mac for (delayed) phy
- From: Ilya K <me@xxxxxxxx>
- Re: [PATCH nf-next,v2] netfilter: conntrack: remove DCCP protocol support
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH 5.10] netfilter: nft_socket: fix sk refcount leaks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH RFC net-next] net: phylink: always config mac for (delayed) phy
- From: "Russell King (Oracle)" <linux@xxxxxxxxxxxxxxx>
- [PATCH 5.10 113/270] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 114/270] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 186/204] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 187/204] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.4 185/204] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.10 112/270] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH RFC net-next] net: phylink: always config mac for (delayed) phy
- From: Ilya K <me@xxxxxxxx>
- [PATCH 5.10] netfilter: nft_socket: fix sk refcount leaks
- From: Denis Arefev <arefev@xxxxxxxxx>
- [PATCH nft] json: prevent null deref if chain->policy is not set
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] json: work around fuzzer-induced assert crashes
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] tests: py: fix json single-flag output for fib & synproxy
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH RFC net-next] net: phylink: always config mac for (delayed) phy
- From: "Russell King (Oracle)" <linux@xxxxxxxxxxxxxxx>
- Re: [PATCH RFC net-next] net: phylink: always config mac for (delayed) phy
- From: Ilya K <me@xxxxxxxx>
- Re: [PATCH nf 2/2] selftests: netfilter: nft_nat.sh: add test for reverse clash with nat
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: [PATCH nf 1/2] netfilter: nf_nat: also check reverse tuple to obtain clashing entry
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- [PATCH nf 2/2] selftests: netfilter: nft_nat.sh: add test for reverse clash with nat
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf 1/2] netfilter: nf_nat: also check reverse tuple to obtain clashing entry
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_set_pipapo_avx2: fix initial map fill
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 1/3] netfilter: nf_set_pipapo_avx2: fix initial map fill
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <lance.yang@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH xtables-addons v2 0/3] Some fixes for v6.15
- From: Jan Engelhardt <ej@xxxxxxx>
- [PATCH xtables-addons v2 2/3] xt_pknock: replace obsolete `del_timer`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH xtables-addons v2 3/3] build: bump max. supported version to 6.15
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH xtables-addons v2 1/3] build: replace obsolete `EXTRA_CFLAGS`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH xtables-addons v2 0/3] Some fixes for v6.15
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH xtables-addons 2/3] xt_pknock: replace obsolete `del_timer`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH xtables-addons 0/3] Some fixes for v6.15
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH xtables-addons 1/3] build: replace obsolete `EXTRA_CFLAGS`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH xtables-addons 2/3] xt_pknock: replace obsolete `del_timer`
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH xtables-addons 3/3] build: bump max. supported version to 6.15
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft] tests: shell: check for features not available in 5.4
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4 3/3] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4 2/3] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.4 1/3] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: ying chen <yc1082463@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: ying chen <yc1082463@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: ying chen <yc1082463@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: ying chen <yc1082463@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: ying chen <yc1082463@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- [bug report, linux 6.15-rc4] A large number of connections in the SYN_SENT state caused the nf_conntrack table to be full.
- From: ying chen <yc1082463@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <lance.yang@xxxxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [PATCH 2/2 libnftnl v2] tunnel: add support to geneve options
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- Re: [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ulogd2 v2 0/4] Add support for logging ARP packets
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/2 libnftnl v2] tunnel: add support to geneve options
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/2 libnftnl v2] tunnel: add support to geneve options
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/7 nft] tunnel: add erspan support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/7 nft] tunnel: add erspan support
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- Re: [PATCH 2/2 libnftnl v2] tunnel: add support to geneve options
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [BUG REPORT] netfilter: DNS/SNAT Issue in Kubernetes Environment
- From: Yafang Shao <laoar.shao@xxxxxxxxx>
- Re: [net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- [PATCH] f
- From: Elie Khalil <eliekh05@xxxxxxxxx>
- Re: [net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: [PATCH v2] selftests: net: fix spelling and grammar mistakes
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH 2/7 nft] tunnel: add erspan support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 1/7 nft] src: add tunnel template support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH 2/2 libnftnl v2] tunnel: add support to geneve options
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH 7/7 nft] tests: add tunnel shell and python tests
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 3/7 nft] src: add tunnel statement and expression support
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 4/7 nft] tunnel: add vxlan support
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 5/7 nft] tunnel: add geneve support
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 6/7 nft] tunnel: add tunnel object and statement json support
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 2/7 nft] tunnel: add erspan support
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 1/7 nft] src: add tunnel template support
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 0/7 nft] Add nftables tunnel expr, stmt and object support
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 2/2 libnftnl v2] tunnel: add support to geneve options
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH 1/2 libnftnl v2] src: use uint64_t for flags fields
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- Re: [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- [PATCH ulogd2 v2 2/4] IP2BIN, IP2HBIN, IP2STR: refactor `interp` call-backs
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 v2 4/4] Add support for logging ARP packets
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 v2 1/4] db, IP2BIN: correct `format_ipv6()` output buffer sizes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 v2 3/4] Use `NFPROTO_*` constants for protocol families
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 v2 0/4] Add support for logging ARP packets
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH net-next 01/26] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH nf-next 0/3] netfilter: nf_set_pipapo_avx2: fix initial map fill
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 0/3] netfilter: nf_set_pipapo_avx2: fix initial map fill
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <ioworker0@xxxxxxxxx>
- Re: [nft PATCH 0/4] Continue upon netlink deserialization failures
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH] ipset: Modify pernet_operations check
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH v2] selftests: net: fix spelling and grammar mistakes
- From: Aaron Conole <aconole@xxxxxxxxxx>
- [PATCH] ipset: Modify pernet_operations check
- From: Mike Pagano <mpagano@xxxxxxxxxx>
- Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 25/26] netfilter: nf_tables: Add notifications for hook changes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 22/26] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 24/26] netfilter: nf_tables: Support wildcard netdev hook specs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 23/26] netfilter: nf_tables: Sort labels in nft_netdev_hook_alloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 21/26] netfilter: nf_tables: Wrap netdev notifiers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 19/26] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 20/26] netfilter: nf_tables: Respect NETDEV_REGISTER events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 18/26] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 17/26] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 15/26] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 16/26] netfilter: nf_tables: Introduce nft_register_flowtable_ops()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 14/26] netfilter: nf_tables: Introduce functions freeing nft_hook objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 13/26] netfilter: nf_tables: add packets conntrack state to debug trace info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 11/26] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 12/26] netfilter: conntrack: make nf_conntrack_id callable without a module dependency
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 10/26] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 08/26] netfilter: nft_tunnel: fix geneve_opt dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 09/26] netfilter: nf_dup{4, 6}: Move duplication check to task_struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 07/26] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 05/26] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 04/26] selftests: netfilter: move fib vrf test to nft_fib.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 03/26] selftests: netfilter: nft_fib.sh: add 'type' mode tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 01/26] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 02/26] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v2 00/26] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH v2] selftests: net: fix spelling and grammar mistakes
- From: Simon Horman <horms@xxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nf_set_pipapo_avx2: fix initial map fill
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/3] netfilter: nf_set_pipapo_avx2: fix initial map fill
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/3] selftests: netfilter: nft_concat_range.sh: add datapath check for map fill bug
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/3] selftests: netfilter: nft_concat_range.sh: prefer per element counters for testing
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Simon Horman <horms@xxxxxxxxxx>
- [PATCH v2] selftests: net: fix spelling and grammar mistakes
- From: Praveen Balakrishnan <praveen.balakrishnan@xxxxxxxxxxxxx>
- Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 0/4] Continue upon netlink deserialization failures
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/4] netlink: Keep going after set element parsing failures
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 23/26] netfilter: nf_tables: Sort labels in nft_netdev_hook_alloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 22/26] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 21/26] netfilter: nf_tables: Wrap netdev notifiers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 20/26] netfilter: nf_tables: Respect NETDEV_REGISTER events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 24/26] netfilter: nf_tables: Support wildcard netdev hook specs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 25/26] netfilter: nf_tables: Add notifications for hook changes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 18/26] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 17/26] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 14/26] netfilter: nf_tables: Introduce functions freeing nft_hook objects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 13/26] netfilter: nf_tables: add packets conntrack state to debug trace info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 15/26] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 19/26] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 16/26] netfilter: nf_tables: Introduce nft_register_flowtable_ops()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 10/26] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 09/26] netfilter: nf_dup{4, 6}: Move duplication check to task_struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 11/26] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 12/26] netfilter: conntrack: make nf_conntrack_id callable without a module dependency
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 08/26] netfilter: nft_tunnel: fix geneve_opt dump
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 05/26] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 07/26] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 04/26] selftests: netfilter: move fib vrf test to nft_fib.sh
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 02/26] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 01/26] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 03/26] selftests: netfilter: nft_fib.sh: add 'type' mode tests
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 00/26] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes
- From: Phil Sutter <phil@xxxxxx>
- Re: [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2] netfilter: conntrack: remove DCCP protocol support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: nft_queues.sh failures
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft_queues.sh failures
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <lance.yang@xxxxxxxxx>
- [PATCH libnftnl v2] trace: add support for TRACE_CT information
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 1/2] netfilter: conntrack: make nf_conntrack_id callable without a module dependency
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 0/2] netfilter: nf_tables: include conntrack state in trace messages
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nft_queues.sh failures
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <lance.yang@xxxxxxxxx>
- Re: [PATCH nft v5 0/8] Bitwise boolean operations with variable RHS operands
- From: Phil Sutter <phil@xxxxxx>
- nft_queues.sh failures
- From: Paolo Abeni <pabeni@xxxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <lance.yang@xxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <lance.yang@xxxxxxxxx>
- [PATCH nf-next] netfilter: conntrack: remove DCCP protocol support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nf-next PATCH v7 09/13] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 00/13] Dynamic hook interface binding part 2
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 04/13] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook()
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 05/13] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 07/13] netfilter: nf_tables: Respect NETDEV_REGISTER events
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 06/13] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 10/13] netfilter: nf_tables: Sort labels in nft_netdev_hook_alloc()
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 08/13] netfilter: nf_tables: Wrap netdev notifiers
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 01/13] netfilter: nf_tables: Introduce functions freeing nft_hook objects
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 11/13] netfilter: nf_tables: Support wildcard netdev hook specs
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 13/13] selftests: netfilter: Torture nftables netdev hooks
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 02/13] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}()
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v7 03/13] netfilter: nf_tables: Introduce nft_register_flowtable_ops()
- From: Phil Sutter <phil@xxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH 3/4] netlink: Keep going after set element parsing failures
- From: Phil Sutter <phil@xxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v1 0/3] netfilter: Cover more per-CPU storage with local nested BH locking.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Phil Sutter <phil@xxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Phil Sutter <phil@xxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <lance.yang@xxxxxxxxx>
- Re: [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/4] netlink: Keep going after set element parsing failures
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2 0/5] netfilter: resolve fib+vrf issues
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH 1/4] netlink_delinearize: Replace some BUG()s by error messages
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/4] netlink: Pass netlink_ctx to netlink_delinearize_setelem()
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 0/4] Continue upon netlink deserialization failures
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 3/4] netlink: Keep going after set element parsing failures
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 4/4] cache: Tolerate object deserialization failures
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_conntrack: table full detailed log
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_tunnel: fix geneve_opt dump
- From: Fernando Fernandez Mancera <fmancera@xxxxxxx>
- [PATCH nf-next v2 5/5] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 3/5] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 1/5] selftests: netfilter: nft_fib.sh: add 'type' mode tests
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 4/5] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 0/5] netfilter: resolve fib+vrf issues
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2 2/5] selftests: netfilter: move fib vrf test to nft_fib.sh
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/5] netfilter: resolve fib+vrf issues
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6.1 88/97] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 6.1 89/97] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 6.1 90/97] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 58/59] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 56/59] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- [PATCH 5.15 57/59] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH -stable,6.1 0/3] Netfilter fixes for -stable
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Phil Sutter <phil@xxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 0/2] Sanitize two error conditions in netlink code
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next,v2 2/2] netfilter: nf_tables: honor validation state in preparation phase
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH 0/2] Sanitize two error conditions in netlink code
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next,v2 1/2] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next,v2 3/4] netfilter: nf_tables: use new binding infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 4/4] netfilter: nf_tables: add support for validating incremental ruleset updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 2/4] netfilter: nf_tables: add new binding infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 1/4] netfilter: nf_tables: add infrastructure for chain validation on updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next,v2 1/2] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 2/2] netfilter: nf_tables: honor validation state in preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v5 2/2] Add test for nft_max_table_jumps_netns sysctl
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- [PATCH nft] tests: shell: check if kernel supports for cgroupsv2 matching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10 2/3] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10 1/3] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10 3/3] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.10 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] tests: shell: skip egress in netdev chain release path test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15 1/3] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15 2/3] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15 3/3] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,5.15 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1 2/3] netfilter: nf_tables: wait for rcu grace period on net_device removal
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1 1/3] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1 0/3] Netfilter fixes for -stable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH -stable,6.1 3/3] netfilter: nf_tables: do not defer rule destruction via call_rcu
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] ipset 7.24 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- [nft PATCH 2/2] netlink: Catch unknown types when deserializing objects
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/2] netlink: Avoid potential NULL-ptr deref parsing set elem expressions
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 0/2] Sanitize two error conditions in netlink code
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH] tests: shell: Include kernel taint value in warning
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v4] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v4] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: Looking for TODO
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- [PATCH nf-next 5/5] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 4/5] netfilter: nf_tables: nft_fib: consistent l3mdev handling
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 3/5] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/5] selftests: netfilter: move fib vrf test to nft_fib.sh
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/5] netfilter: resolve fib+vrf issues
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/5] selftests: netfilter: nft_fib.sh: add 'type' mode tests
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Looking for TODO
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next,v1 5/6] netfilter: nf_tables: use new binding infrastructure
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next,v1 4/6] netfilter: nf_tables: add new binding infrastructure
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next,v1 6/6] netfilter: nf_tables: add support for validating incremental ruleset updates
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next,v1 1/6] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- [PATCH nf-next,v1 6/6] netfilter: nf_tables: add support for validating incremental ruleset updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v1 5/6] netfilter: nf_tables: use new binding infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v1 2/6] netfilter: nf_tables: honor validation state in preparation phase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v1 1/6] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v1 4/6] netfilter: nf_tables: add new binding infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v1 3/6] netfilter: nf_tables: add infrastructure for chain validation on updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Packets sent to local interface seemingly not accepted by nfq_set_verdict despite ACCEPT call.
- From: "G.W. Haywood" <ged@xxxxxxxxxxxxxxxxxx>
- Re: [PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Looking for TODO
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: libmnl name definition
- From: Jan Engelhardt <ej@xxxxxxx>
- Recommendations for choice of compiler; does it matter?
- From: Sunny73Cr <Sunny73Cr@xxxxxxxxxxxxxx>
- libmnl name definition
- From: Sunny73Cr <Sunny73Cr@xxxxxxxxxxxxxx>
- Re: [PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <ioworker0@xxxxxxxxx>
- [PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid
- From: Lance Yang <ioworker0@xxxxxxxxx>
- Looking for TODO
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: Re: Fix resource leak in iptables/xtables-restore.c
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 0/6] Add test for parse_flags_array()
- From: Phil Sutter <phil@xxxxxx>
- [nft RFC] table: Embed creating nft version into userdata
- From: Phil Sutter <phil@xxxxxx>
- Re: Re: Fix resource leak in iptables/xtables-restore.c
- From: 周恺航 <22321077@xxxxxxxxxx>
- [PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: [PATCHv2 net-next 0/6] selftests: net: configure rp_filter in setup_ns
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [nft PATCH 0/6] Add test for parse_flags_array()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCHv2 net-next 3/6] selftests: net: use setup_ns for bareudp testing
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCHv2 net-next 2/6] selftests: net: remove redundant rp_filter configuration
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCHv2 net-next 1/6] selftests: net: disable rp_filter after namespace initialization
- From: Simon Horman <horms@xxxxxxxxxx>
- [PATCH nf-next v1 2/3] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH nf-next v1 0/3] netfilter: Cover more per-CPU storage with local nested BH locking.
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH nf-next v1 3/3] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: Fix resource leak in iptables/xtables-restore.c
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 6.1.y] netfilter: nf_tables: fix memleak in map from abort path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Fix resource leak in iptables/xtables-restore.c
- From: 周恺航 <22321077@xxxxxxxxxx>
- [PATCH 5.10.y] netfilter: nf_tables: fix memleak in map from abort path
- From: <jianqi.ren.cn@xxxxxxxxxxxxx>
- [PATCH 5.15.y] netfilter: nf_tables: fix memleak in map from abort path
- From: <jianqi.ren.cn@xxxxxxxxxxxxx>
- [PATCH 6.1.y] netfilter: nf_tables: fix memleak in map from abort path
- From: <jianqi.ren.cn@xxxxxxxxxxxxx>
- Re: [PATCHv2 net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration
- From: Andrea Mayer <andrea.mayer@xxxxxxxxxxx>
- Re: nftables netlink cache initialization failure with dnsmasq
- From: Monib <monib619@xxxxxxxxx>
- Re: [PATCH nft] src: netlink: fix crash when ops doesn't support udata
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] tests: shell: Include kernel taint value in warning
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v2] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH net-next] selftests: netfilter: fix conntrack stress test failures on debug kernels
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [nft PATCH] tests/shell: Skip netdev_chain_dev_addremove on tainted kernels
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 4/6] json: Print single synproxy flags as non-array
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/6] json: Print single set flag as non-array
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 5/6] json: Introduce json_add_array_new()
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/6] doc: Fix typo in nat statement 'prefix' description
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 6/6] tests: shell: Add test case for JSON 'flags' arrays
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 3/6] json: Print single fib flag as non-array
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 0/6] Add test for parse_flags_array()
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] src: add conntrack information to trace monitor mode
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH libnftnl] trace: add support for TRACE_CT information
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 1/2] netfilter: conntrack: make nf_conntrack_id callable without a module dependency
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 0/2] netfilter: nf_tables: include conntrack state in trace messages
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] src: netlink: fix crash when ops doesn't support udata
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH][next] [NETFILTER]: nf_conntrack_h323: Fix spelling mistake "authenticaton" -> "authentication"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tests/shell: Skip netdev_chain_dev_addremove on tainted kernels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] tests/shell: Skip netdev_chain_dev_addremove on tainted kernels
- From: Phil Sutter <phil@xxxxxx>
- [PATCHv2 net-next 6/6] selftests: mptcp: remove rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCHv2 net-next 5/6] selftests: netfilter: remove rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCHv2 net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCHv2 net-next 3/6] selftests: net: use setup_ns for bareudp testing
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCHv2 net-next 2/6] selftests: net: remove redundant rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCHv2 net-next 1/6] selftests: net: disable rp_filter after namespace initialization
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCHv2 net-next 0/6] selftests: net: configure rp_filter in setup_ns
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- Re: [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- From: Vimal Agrawal <avimalin@xxxxxxxxx>
- Re: [PATCH net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- Re: [PATCH net 1/2] ipvs: fix uninit-value for saddr in do_output_route4
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH net-next] selftests: netfilter: fix conntrack stress test failures on debug kernels
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [nft PATCH] parser_json: Introduce parse_flags_array()
- From: Phil Sutter <phil@xxxxxx>
- [PATCH net 2/2] netfilter: ipset: fix region locking in hash types
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] ipvs: fix uninit-value for saddr in do_output_route4
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/1] ipset patch to fix region locking
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- [PATCH 1/1] netfilter: ipset: fix region locking in hash types
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- Re: [PATCH net-next 5/6] selftests: netfilter: remove rp_filter configuration
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 6/6] selftests: mptcp: remove rp_filter configuration
- From: Matthieu Baerts <matttbe@xxxxxxxxxx>
- [PATCH net-next 5/6] selftests: netfilter: remove rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCH net-next 2/6] selftests: net: remove redundant rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCH net-next 0/6] selftests: net: configure rp_filter in setup_ns
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCH net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCH net-next 6/6] selftests: mptcp: remove rp_filter configuration
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCH net-next 3/6] selftests: net: use setup_ns for bareudp testing
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- [PATCH net-next 1/6] selftests: net: disable rp_filter after namespace initialization
- From: Hangbin Liu <liuhangbin@xxxxxxxxx>
- Re: [PATCH nf-next] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH net-next] selftests: netfilter: fix conntrack stress test failures on debug kernels
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: nftables netlink cache initialization failure with dnsmasq
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] ipvs: fix uninit-value for saddr in do_output_route4
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH nf-next 2/7] selftests: netfilter: add conntrack stress test
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 2/7] selftests: netfilter: add conntrack stress test
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- [PATCH nf-next] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next 1/7] netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- nftables netlink cache initialization failure with dnsmasq
- From: Monib <monib619@xxxxxxxxx>
- [PATCH v2] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- [PATCH nf-next 4/7] netfilter: nf_conntrack: speed up reads from nf_conntrack proc file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/7] selftests: netfilter: add conntrack stress test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/7] netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 0/7] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 5/7] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/7] netfilter: nft_quota: match correctly when the quota just depleted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 6/7] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 5.10 033/114] netfilter: conntrack: Bound nf_conntrack sysctl writes
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.15 048/153] netfilter: conntrack: Bound nf_conntrack sysctl writes
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 6.1 067/212] netfilter: conntrack: Bound nf_conntrack sysctl writes
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 6.6 084/294] netfilter: conntrack: Bound nf_conntrack sysctl writes
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH nf-next 7/7] selftests: netfilter: nft_fib.sh: check lo packets bypass fib lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 5.4 25/79] netfilter: conntrack: Bound nf_conntrack sysctl writes
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 6.12 135/486] netfilter: conntrack: Bound nf_conntrack sysctl writes
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 6.14 169/642] netfilter: conntrack: Bound nf_conntrack sysctl writes
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH nf-next] selftests: netfilter: nft_fib.sh: check lo packets bypass fib lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] netfilter: nft_quota: match correctly when the quota just depleted
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] selftests: netfilter: add conntrack stress test
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- From: Vimal Agrawal <avimalin@xxxxxxxxx>
- Re: [syzbot] [lvs?] KMSAN: uninit-value in do_output_route4
- From: Julian Anastasov <ja@xxxxxx>
- [PATCH nf] ipvs: fix uninit-value for saddr in do_output_route4
- From: Julian Anastasov <ja@xxxxxx>
- [syzbot] [lvs?] KMSAN: uninit-value in do_output_route4
- From: syzbot <syzbot+04b9a82855c8aed20860@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH net-next v3 08/18] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH net-next v3 07/18] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- Re: [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- Re: [PATCH v2] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- Privatkredit
- From: theodoseraymond5@xxxxxxxxx
- Re: [PATCH net-next 1/6] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies()
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH v1] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v1] nf_conntrack: sysctl: expose gc worker scan interval via sysctl
- Re: [RFC PATCH v3 00/19] Support socket access-control
- From: Mikhail Ivanov <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
- [PATCH net-next 6/6] netfilter: nf_tables: export set count and backend name to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 4/6] netfilter: conntrack: Remove redundant NFCT_ALIGN call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 5/6] docs: tproxy: fix formatting for nft code block
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 3/6] net: cgroup: Guard users of sock_cgroup_classid()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 2/6] netfilter: xt_cgroup: Make it independent from net_cls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 1/6] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 0/6,v3] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [oss-security] Re: Trailing dot in Cygwin filenames [was: failed to clone iptables,ipset,nftables]
- From: Werner Koch <wk@xxxxxxxxx>
- Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] net:ipv4: Use shift left 2 to calculate the length of the IPv4 header.
- From: Chaohai Chen <wdhh6@xxxxxxxxxx>
- Re: [PATCH net-next,v2 0/7] Netfilter updates for net-next
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next,v2 0/7] Netfilter updates for net-next
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH iptables] extensions: libebt_redirect: prevent translation
- From: Phil Sutter <phil@xxxxxx>
- Re: [RFC PATCH v3 00/19] Support socket access-control
- From: "Günther Noack" <gnoack@xxxxxxxxxx>
- Re: Fail to clone iptables,ipset,nftables
- From: Sunny73Cr <Sunny73Cr@xxxxxxxxxxxxxx>
- Re: [PATCH iptables] extensions: libebt_redirect: prevent translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH iptables] extensions: libebt_redirect: prevent translation
- From: Miao Wang <shankerwangmiao@xxxxxxxxx>
- Re: [PATCH iptables] extensions: libebt_redirect: prevent translation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH iptables] extensions: libebt_redirect: prevent translation
- From: Miao Wang via B4 Relay <devnull+shankerwangmiao.gmail.com@xxxxxxxxxx>
- Re: Trailing dot in Cygwin filenames [was: failed to clone iptables,ipset,nftables]
- From: Jan Engelhardt <ej@xxxxxxx>
- Re: Fail to clone iptables,ipset,nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Fail to clone iptables,ipset,nftables
- From: Sunny73Cr <Sunny73Cr@xxxxxxxxxxxxxx>
- Re: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 7/7] netfilter: nf_tables: export set count and backend name to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 1/7] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 6/7] docs: tproxy: fix formatting for nft code block
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 5/7] netfilter: conntrack: Remove redundant NFCT_ALIGN call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 3/7] net: cgroup: Guard users of sock_cgroup_classid()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 2/7] netfilter: xt_cgroup: Make it independent from net_cls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v2 0/7] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] tools: selftests: prepare for non-default IP_TABLES_LEGACY
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] tools: selftests: prepare for non-default IP_TABLES_LEGACY
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH] xshared: Accept an option if any given command allows it
- From: Adam Nielsen <a.nielsen@xxxxxxxxxxx>
- Re: [iptables PATCH] xshared: Accept an option if any given command allows it
- From: Phil Sutter <phil@xxxxxx>
- 答复: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it
- From: Yang Huajian(杨华健) <huajianyang@xxxxxxxxxxxx>
- Re: [iptables PATCH] xshared: Accept an option if any given command allows it
- From: Adam Nielsen <a.nielsen@xxxxxxxxxxx>
- Re: [iptables PATCH] xshared: Accept an option if any given command allows it
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] xshared: Accept an option if any given command allows it
- From: Adam Nielsen <a.nielsen@xxxxxxxxxxx>
- Re: [iptables PATCH] xshared: Accept an option if any given command allows it
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] extensions: icmp: Support info-request/-reply type names
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: fix debug splat when dumping pipapo avx2 set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5.10/5.15/6.1] netfilter: ipt_CLUSTERIP: change mutex location
- From: Evgeny Pimenov <pimenoveu12@xxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: fix debug splat when dumping pipapo avx2 set
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH] xshared: Accept an option if any given command allows it
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next] selftests: netfilter: nft_fib.sh: check lo packets bypass fib lookup
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Bug: iptables -L and -Z at the same time now refuses other options
- From: Adam Nielsen <a.nielsen@xxxxxxxxxxx>
- [PATCH net-next 0/7] Netfilter updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 7/7] netfilter: nf_tables: export set count and backend name to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 5/7] netfilter: conntrack: Remove redundant NFCT_ALIGN call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 6/7] docs: tproxy: fix formatting for nft code block
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 2/7] netfilter: xt_cgroup: Make it independent from net_cls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 1/7] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next 3/7] net: cgroup: Guard users of sock_cgroup_classid()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 2/2] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC PATCH v3 00/19] Support socket access-control
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
- [PATCH v2 nf-next] netfilter: nf_conntrack: speed up reads from nf_conntrack proc file
- From: Florian Westphal <fw@xxxxxxxxx>
- UNSUBSCRIBE
- From: "Vink, Ronald" <ronald.vink@xxxxxxxxxxxx>
- [ANNOUNCE] nftables 1.1.3 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Florian Westphal <fw@xxxxxxxxx>
- [no subject]
- [PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate
- From: Shaun Brady <brady.1345@xxxxxxxxx>
- Re: [PATCH nft] evalute: make vlan pcp updates work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [RFC bpf-next 11/13] treewide: bpf: Export symbols used by verifier
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: use `NFPROTO_*` constants in "nf-logger-" module aliasses
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next] netfilter: use `NFPROTO_*` constants in "nf-logger-" module aliasses
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 5/6] Use `NFPROTO_*` constants for protocol families
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 6/6] Add support for logging ARP packets
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 4/6] IP2BIN, IP2HBIN, IP2STR: refactor `interp` call-backs
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 0/6] Add support for logging ARP packets
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 1/6] IP2STR: correct address buffer size
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH ulogd2 3/6] IP2HBIN, IP2STR: correct typo's
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft] evalute: make vlan pcp updates work
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ipset 2/2] bash-completion: restore fix for syntax error
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH ipset 2/2] bash-completion: restore fix for syntax error
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
- [PATCH nft] netlink: bogus concatenated set ranges with netlink message overrun
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nftables PATCH v3] tools: add a systemd unit for static rulesets
- From: Eric Garver <eric@xxxxxxxxxxx>
- [PATCH nf-next v2] netfilter: nft_quota: match correctly when the quota just depleted
- From: Zhongqiu Duan <dzq.aishenghu0@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota
- From: Zhongqiu Duan <dzq.aishenghu0@xxxxxxxxx>
- Re: [PATCH nft] Revert "intervals: do not merge intervals with different timeout"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] selftests: netfilter: add conntrack stress test
- From: Florian Westphal <fw@xxxxxxxxx>
- [nftables PATCH v3] tools: add a systemd unit for static rulesets
- From: Jan Engelhardt <jengelh@xxxxxxx>
- Re: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft] Revert "intervals: do not merge intervals with different timeout"
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net 1/1] netfilter: conntrack: fix erronous removal of offload bit
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH] tools: add a systemd unit for static rulesets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] Revert "intervals: do not merge intervals with different timeout"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/1] netfilter: conntrack: fix erronous removal of offload bit
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/1] Netfilter fix for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it
- From: Huajian Yang <huajianyang@xxxxxxxxxxxx>
- [syzbot] Monthly netfilter report (Apr 2025)
- From: syzbot <syzbot+liste217d44efb9077d8089e@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] tests: shell: Update packetpath/flowtables
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] tests: shell: Update packetpath/flowtables
- From: Yi Chen <yiche@xxxxxxxxxx>
- [nf-next PATCH v6 12/12] selftests: netfilter: Torture nftables netdev hooks
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 06/12] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 04/12] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH 2/2 libnftnl] tunnel: add support to geneve
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH 2/2 libnftnl] tunnel: add support to geneve
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH 1/2 libnftnl] src: use uint64_t for flags fields
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- Re: [PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls
- From: Michal Koutný <mkoutny@xxxxxxxx>
- [nf-next PATCH v6 08/12] netfilter: nf_tables: Wrap netdev notifiers
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 05/12] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 07/12] netfilter: nf_tables: Respect NETDEV_REGISTER events
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 10/12] netfilter: nf_tables: Support wildcard netdev hook specs
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 02/12] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}()
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 11/12] netfilter: nf_tables: Add notications for hook changes
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 03/12] netfilter: nf_tables: Introduce nft_register_flowtable_ops()
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 09/12] netfilter: nf_tables: Handle NETDEV_CHANGENAME events
- From: Phil Sutter <phil@xxxxxx>
- [nf-next PATCH v6 01/12] netfilter: nf_tables: Introduce functions freeing nft_hook objects
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH v2 nf-next] netfilter: nf_tables: export set count and backend name to userspace
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 nf-next] docs: tproxy: fix formatting for nft code block
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: Remove redundant NFCT_ALIGN call
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota
- From: Zhongqiu Duan <dzq.aishenghu0@xxxxxxxxx>
- [PATCH nf] netfilter: conntrack: fix erronous removal of offload bit
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ANNOUNCE] nftables 1.1.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [ANNOUNCE] nftables 1.1.2 release
- From: Jan Engelhardt <ej@xxxxxxx>
- [ANNOUNCE] nftables 1.1.2 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [ANNOUNCE] libnftnl 1.2.9 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next v2 08/18] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH net-next v2 07/18] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx
- From: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
- [PATCH libnftnl] tunnel: add missing inner nested netlink attribute for vxlan options
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
- [PATCH v2 4/5] ipvs: ip_vs_conn_expire_now: Rename del_timer in comment
- From: WangYuli <wangyuli@xxxxxxxxxxxxx>
- Re: [PATCH V5] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH V5] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
- Re: [PATCH ulogd2,v2 1/4] ulogd: add linux namespace helper
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 nf-next 0/3] flow offload teardown when layer 2 roaming
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- Re: [PATCH v11 nf-next 6/6] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval()
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- Re: SYNPROXY affecting initial BBR throughput
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v11 nf-next 6/6] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval()
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: [PATCH v2 nf-next 2/3] netfilter: nf_flow_table_core: teardown direct xmit when destination changed
- From: Simon Horman <horms@xxxxxxxxxx>
- Re: SYNPROXY affecting initial BBR throughput
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations
- From: Florian Westphal <fw@xxxxxxxxx>
- 答复: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it
- From: Yang Huajian(杨华健) <huajianyang@xxxxxxxxxxxx>
- Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] parser_bison: add selector_expr rule to restrict typeof_expr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ulogd2,v2 1/4] ulogd: add linux namespace helper
- From: Corubba Smith <corubba@xxxxxx>
- Re: [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nf-next,v2 2/2] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [iptables PATCH v2 0/8] nft: Implement forward compat for future binaries
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net 1/2] nft_set_pipapo: fix incorrect avx2 match of 5th field octet
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
- Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH net 2/2] selftests: netfilter: add test case for recent mismatch bug
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 1/2] nft_set_pipapo: fix incorrect avx2 match of 5th field octet
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [no subject]
- Re: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,v2 2/2] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nft_set_pipapo: prevent overflow in allocations
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it
- From: Huajian Yang <huajianyang@xxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota
- From: Zhongqiu Duan <dzq.aishenghu0@xxxxxxxxx>
- Re: [PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls
- From: Michal Koutný <mkoutny@xxxxxxxx>
- Re: [PATCH v11 nf-next 1/2] net: pppoe: avoid zero-length arrays in struct pppoe_hdr
- From: Kees Cook <kees@xxxxxxxxxx>
- Re: 答复: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nft] optimize: invalidate merge in case of duplicated key in set/map
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- 答复: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward
- From: Yang Huajian(杨华健) <huajianyang@xxxxxxxxxxxx>
- Re: [PATCH nf 3/3] selftests: netfilter: add test case for recent mismatch bug
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- Re: [PATCH nf 3/3] selftests: netfilter: add test case for recent mismatch bug
- From: sontu mazumdar <sontu21@xxxxxxxxx>
- Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward
- From: Huajian Yang <huajianyang@xxxxxxxxxxxx>
- [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward
- From: Huajian Yang <huajianyang@xxxxxxxxxxxx>
- Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
- From: Florian Westphal <fw@xxxxxxxxx>
- [RFC bpf-next 11/13] treewide: bpf: Export symbols used by verifier
- From: Daniel Xu <dxu@xxxxxxxxx>
- [no subject]
- [RFC bpf-next 00/13] bpf: Introduce modular verifier
- From: Daniel Xu <dxu@xxxxxxxxx>
- Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- Re: [PATCH v11 nf-next 0/2] Add nf_flow_encap_push() for xmit direct
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v11 nf-next 0/2] Add nf_flow_encap_push() for xmit direct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH v2 nf-next 3/3] netfilter: nf_flow_table_ip: don't follow fastpath when marked teardown
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- [PATCH v2 nf-next 1/3] netfilter: flow: Add bridge_vid member
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- [PATCH v2 nf-next 0/3] flow offload teardown when layer 2 roaming
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- [PATCH v2 nf-next 2/3] netfilter: nf_flow_table_core: teardown direct xmit when destination changed
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- [PATCH v11 nf-next 5/6] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- [PATCH v11 nf-next 3/6] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge()
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- [PATCH v11 nf-next 2/3] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
- [PATCH v11 nf-next 1/6] bridge: Add filling forward path from port to port
- From: Eric Woudstra <ericwouds@xxxxxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
