Linux TCP/IP Netfilter Devel

Thread Index

[Prev Page][Next Page]

xtables-addons build fail with linux 5.0: "error: implicit declaration of function 'do_gettimeofday'; did you mean 'do_settimeofday64'?"
- From: PGNet Dev <pgnet.dev@xxxxxxxxx>
[iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf
- From: Phil Sutter <phil@xxxxxx>
net-next is CLOSED
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] include: Use char* for arithmetic over void*
- From: William Woodruff <william@xxxxxxxxxxxxx>
Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Florian Westphal <fw@xxxxxxxxx>
RE: [ANNOUNCE] ipset 7.1 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
[PATCH v4 2/2] xtables-save: implement showing zeroed chain counters when saving rulesets
- From: Alban Vidal <alban.vidal@xxxxxxxxxx>
[PATCH v4 1/2] iptables-save: add option to show zeroed counters when saving rulesets
- From: Alban Vidal <alban.vidal@xxxxxxxxxx>
[PATCH v4 0/2] iptables-save,xtables-save: add option to show zeroed counters when saving rulesets
- From: Alban Vidal <alban.vidal@xxxxxxxxxx>
[PATCH nf-next] netfilter: nat: don't use same refcount for notifiers
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 25/29] netfilter: nf_conntrack: ensure that CONNTRACK_LOCKS is power of 2
- From: Sergei Shtylyov <sergei.shtylyov@xxxxxxxxxxxxxxxxxx>
[PATCH net] netfilter: set skb transport_header before calling sctp_compute_cksum
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH 00/29] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 23/29] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 22/29] ipvs: get sctphdr by sctphoff in sctp_csum_check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 25/29] netfilter: nf_conntrack: ensure that CONNTRACK_LOCKS is power of 2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 28/29] netfilter: nf_tables: nat: merge nft_masq protocol specific modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 26/29] netfilter: xt_IDLETIMER: fix sysfs callback function type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 29/29] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 27/29] netfilter: nf_tables: nat: merge nft_redir protocol specific modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 24/29] netfilter: nf_tables: check the result of dereferencing base_chain->stats
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 21/29] netfilter: convert the proto argument from u8 to u16
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 20/29] netfilter: nft_tunnel: Add dst_cache support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/29] netfilter: conntrack: avoid same-timeout update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/29] netfilter: remove unneeded switch fall-through
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/29] netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 19/29] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 17/29] netfilter: nft_set_hash: remove nft_hash_key()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 18/29] ipvs: change some data types from int to bool
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 16/29] netfilter: nft_set_hash: bogus element self comparison from deactivation path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/29] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/29] netfilter: nat: remove l3proto struct
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/29] netfilter: nat: remove csum_recalc hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/29] netfilter: nat: remove csum_update hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/29] netfilter: nat: move nlattr parse and xfrm session decode to core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/29] netfilter: ebtables: remove BUGPRINT messages
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/29] netfilter: nat: merge nf_nat_ipv4,6 into nat core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/29] netfilter: nat: remove l3 manip_pkt hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/29] netfilter: nat: remove nf_nat_l4proto.h
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/29] netfilter: nat: merge ipv4 and ipv6 masquerade functionality
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/29] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/29] netfilter: nft_compat: use .release_ops and remove list of extension
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/29] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next 0/3] netfilter: nf_tables: merge remaining nat related modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH][v2] netfilter: ensure that CONNTRACK_LOCKS is power of 2
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH][v2] netfilter: check the result of dereferencing base_chain->stats
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH][nf-next][v2] netfilter: convert the proto argument from u8 to u16
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: nft_tunnel: Add dst_cache support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] ipvs: change some data types from int to bool
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] doc: update goto/jump help text
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS
- From: Karuna Grewal <karunagrewal98@xxxxxxxxx>
[PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS
- From: Karuna Grewal <karunagrewal98@xxxxxxxxx>
[PATCH] netfilter: nft_meta: Extend support for NFT_META_TSTAMP_NS
- From: Karuna Grewal <karunagrewal98@xxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module
- From: "Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>" <suyj.fnst@xxxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module
- From: Sergei Shtylyov <sergei.shtylyov@xxxxxxxxxxxxxxxxxx>
[PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module
- From: Su Yanjun <suyanjun218@xxxxxxx>
[PATCH AUTOSEL 4.20 59/81] netfilter: nf_nat: skip nat clash resolution for same-origin entries
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 46/64] netfilter: nf_nat: skip nat clash resolution for same-origin entries
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 27/36] netfilter: nf_nat: skip nat clash resolution for same-origin entries
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.9 13/19] netfilter: nf_nat: skip nat clash resolution for same-origin entries
- From: Sasha Levin <sashal@xxxxxxxxxx>
Re: [nft PATCH 4/5] json: Fix memleaks in echo support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next 3/3] netfilter: nf_tables: merge ipv4 and ipv6 nat chain types
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 2/3] netfilter: nf_tables: nat: merge nft_masq protocol specific modules
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 1/3] netfilter: nf_tables: nat: merge nft_redir protocol specific modules
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 0/3] netfilter: nf_tables: merge remaining nat related modules
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft PATCH 4/5] json: Fix memleaks in echo support
- From: Phil Sutter <phil@xxxxxx>
[PATCH][v2] time: Introduce jiffies64_to_msecs()
- From: Li RongQing <lirongqing@xxxxxxxxx>
答复: [PATCH] time: Introduce jiffies64_to_msecs()
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
Re: [nft PATCH 4/5] json: Fix memleaks in echo support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type
- From: Sami Tolvanen <samitolvanen@xxxxxxxxxx>
Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH nf-next] ipvs: change some data types from int to bool
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] time: Introduce jiffies64_to_msecs()
- From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Re: [nft PATCH 4/5] json: Fix memleaks in echo support
- From: Phil Sutter <phil@xxxxxx>
Re: [nft PATCH 4/5] json: Fix memleaks in echo support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH 0/5] Some fixes for JSON support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH][nf-next] netfilter: remove unneeded switch fall-through
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: avoid same-timeout update
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v4 nf-next 0/9] netfilter: nat: merge ipv4 and ipv6 nat modules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: remove BUGPRINT messages
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] time: Introduce jiffies64_to_msecs()
- From: Li RongQing <lirongqing@xxxxxxxxx>
[nft PATCH 3/5] parser_json: Use xstrdup() when parsing rule comment
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 0/5] Some fixes for JSON support
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 4/5] json: Fix memleaks in echo support
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 2/5] parser_json: Duplicate chain name when parsing jump verdict
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 1/5] libnftables: Print errors before freeing commands
- From: Phil Sutter <phil@xxxxxx>
[nft PATCH 5/5] parser_json: Respect base chain priority
- From: Phil Sutter <phil@xxxxxx>
[PATCH] netfilter: conntrack: limit sysctl setting for boolean options
- From: xiangxia.m.yue@xxxxxxxxx
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH][v2] netfilter: ensure that CONNTRACK_LOCKS is power of 2
- From: Li RongQing <lirongqing@xxxxxxxxx>
答复: 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
[PATCH][v2] netfilter: check the result of dereferencing base_chain->stats
- From: Li RongQing <lirongqing@xxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Florian Tham <tham@xxxxxxxxx>
Re: 答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND
- From: Florian Westphal <fw@xxxxxxxxx>
Re: 答复: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
答复: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
答复: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
RE: [ANNOUNCE] ipset 7.1 released
- From: <eliezer@xxxxxxxxxxxx>
[PATCH net] netfilter: bridge: Don't sabotage nf_hook calls for an l3mdev slave
- From: David Ahern <dsahern@xxxxxxxxxx>
Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check
- From: Julian Anastasov <ja@xxxxxx>
Re: 答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check
- From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
[PATCH nf-next] netfilter: ctnetlink: do not bail out with EBUSY on unchangeable bits
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 3/3] netfilter: nft_set_hash: remove nft_hash_key()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 2/3] netfilter: nft_set_hash: bogus element self comparison from deactivation path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf 1/3] netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: 答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND
- From: Florian Westphal <fw@xxxxxxxxx>
答复: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
[PATCH net] ipvs: get sctphdr by sctphoff in sctp_csum_check
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH][nf-next] netfilter: replace modulo operation with bitwise AND
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH][nf-next] netfilter: replace modulo operation with bitwise AND
- From: Li RongQing <lirongqing@xxxxxxxxx>
答复: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
答复: [PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data
- From: "Li,Rongqing" <lirongqing@xxxxxxxxx>
Re: 答复: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Re: [PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
[PATCH][nf-next] netfilter: Use RCU primitives under RCU protected data
- From: Li RongQing <lirongqing@xxxxxxxxx>
[PATCH] netfilter: force access of RCU protected data in nft_update_chain_stats
- From: Li RongQing <lirongqing@xxxxxxxxx>
Re: [iptables PATCH 1/3] extensions: Fix ipvs vproto parsing
- From: Julian Anastasov <ja@xxxxxx>
[PATCH AUTOSEL 4.20 05/72] netfilter: nft_compat: use refcnt_t type for nft_xt reference count
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 06/72] netfilter: nft_compat: make lists per netns
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 17/72] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 38/72] netfilter: nfnetlink_osf: add missing fmatch check
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 37/72] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 04/65] netfilter: nft_compat: use refcnt_t type for nft_xt reference count
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 05/65] netfilter: nft_compat: make lists per netns
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 14/65] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 34/65] netfilter: nfnetlink_osf: add missing fmatch check
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 08/45] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 21/45] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.9 08/32] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.4 05/26] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 3.18 04/18] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 33/65] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 07/72] netfilter: nft_compat: destroy function must not have side effects
- From: Sasha Levin <sashal@xxxxxxxxxx>
WARNING in xt_compat_add_offset
- From: syzbot <syzbot+276ddebab3382bbf72db@xxxxxxxxxxxxxxxxxxxxxxxxx>
[PATCH nft] doc: update goto/jump help text
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH iptables] arptables-nft: fix decoding of hlen on bigendian platforms
- From: Phil Sutter <phil@xxxxxx>
[PATCH][nf-next][v2] netfilter: convert the proto argument from u8 to u16
- From: Li RongQing <lirongqing@xxxxxxxxx>
[PATCH iptables] arptables-nft: fix decoding of hlen on bigendian platforms
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH][nf-next] netfilter: convert the proto argument from u8 to u16
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next] netfilter: nft_tunnel: Add dst_cache support
- From: wenxu@xxxxxxxxx
[PATCH][nf-next] netfilter: convert the proto argument from u8 to u16
- From: Li RongQing <lirongqing@xxxxxxxxx>
[PATCH][nf-next] netfilter: remove unneeded switch fall-through
- From: Li RongQing <lirongqing@xxxxxxxxx>
[iptables PATCH 1/3] extensions: Fix ipvs vproto parsing
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/3] extensions: Add testcase for libxt_ipvs
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/3] extensions: Fix ipvs vproto option printing
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: conntrack: tcp: only close if RST matches exact sequence
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: avoid same-timeout update
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: conntrack: avoid same-timeout update
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next] netfilter: conntrack: avoid same-timeout update
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH] extensions: AUDIT: Document ineffective --type option
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH] arptables: Print space before comma and counters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH conntrack-tools 3/3] conntrack: add -o userspace option to tag user-triggered events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH conntrack-tools 2/3] conntrack: use libmnl for conntrack events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH conntrack-tools 1/3] conntrack: extend nfct_mnl_socket_open() to use it to handle events
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
update on netdev 0x13 conference
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
[iptables PATCH] doc: Install ip{6,}tables-translate.8 manpages
- From: Phil Sutter <phil@xxxxxx>
[ANNOUNCE] 15th Netfilter Workshop in Malaga, Spain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] ipset: fix spelling error in libipset.3 manpage
- From: Neutron Soutmun <neo.neutron@xxxxxxxxx>
[iptables PATCH 2/5] tests/shell: Support testing host binaries
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/5] xlate-test: Support testing host binaries
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/5] Make testsuites a bit more versatile
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/5] xlate-test: Add and use a connlabel.conf for testing
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next v4 9/9] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 8/9] netfilter: nat: remove l3proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 7/9] netfilter: nat: remove csum_recalc hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 6/9] netfilter: nat: remove csum_update hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 5/9] netfilter: nat: remove l3 manip_pkt hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 3/9] netfilter: nat: merge nf_nat_ipv4,6 into nat core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 4/9] netfilter: nat: remove nf_nat_l4proto.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 2/9] netfilter: nat: move nlattr parse and xfrm session decode to core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v4 1/9] netfilter: nat: merge ipv4 and ipv6 masquerade functionality
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v4 nf-next 0/9] netfilter: nat: merge ipv4 and ipv6 nat modules
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 0/2] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH nf] netfilter: ebtables: remove BUGPRINT messages
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 2/2] ipvs: fix warning on unused variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/2] netfilter: nf_tables: fix flush after rule deletion in the same batch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/2] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 00/11] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Florian Tham <tham@xxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Florian Tham <tham@xxxxxxxxx>
Network interface switch features
- From: hh h <jupiter.hce@xxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Florian Tham <tham@xxxxxxxxx>
[PATCH v2] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Florian Tham <tham@xxxxxxxxx>
Re: INFO: rcu detected stall in netlink_sendmsg
- From: syzbot <syzbot+a910a514846e27f15348@xxxxxxxxxxxxxxxxxxxxxxxxx>
[PATCH 03/11] netfilter: nat: remove module dependency on ipv6 core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/11] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/11] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/11] netfilter: xt_recent: Use struct_size() in kvzalloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/11] netfilter: nft_tunnel: Add NFTA_TUNNEL_MODE options
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/11] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/11] netfilter: reject: skip csum verification for protocols that don't support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/11] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/11] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/11] netfilter: conntrack: fix indentation issue
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/11] ipvs: Use struct_size() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/11] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] ipvs: change some data types from int to bool
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH] netfilter/ipvs: Fix unused variable warning
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter/ipvs: Fix unused variable warning
- From: Borislav Petkov <bp@xxxxxxxxx>
[PATCH nf-next] ipvs: change some data types from int to bool
- From: Andrea Claudi <aclaudi@xxxxxxxxxx>
Re: RFC: nftables does not allow to delete a rule twice
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v4] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] ipvs: fix warning on unused variable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH net-next] netfilter: ipt_CLUSTERIP: make symbol 'cip_netdev_notifier' static
- From: Wei Yongjun <weiyongjun1@xxxxxxxxxx>
Re: [PATCH v4] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: RFC: nftables does not allow to delete a rule twice
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] ipvs: fix warning on unused variable
- From: Andrea Claudi <aclaudi@xxxxxxxxxx>
Re: [PATCH v4] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: RFC: nftables does not allow to delete a rule twice
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH] arptables: Print space before comma and counters
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v4] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: RFC: nftables does not allow to delete a rule twice
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v4] netfilter: nf_conntrack_sip: add sip_external_media logic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_tables: fix flush after rule deletion in the same batch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] tests: shell: flush after rule deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: RFC: nftables does not allow to delete a rule twice
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: RFC: nftables does not allow to delete a rule twice
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] src: Quote user-defined names
- From: Phil Sutter <phil@xxxxxx>
Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation
- From: Phil Sutter <phil@xxxxxx>
RFC: nftables does not allow to delete a rule twice
- From: Phil Sutter <phil@xxxxxx>
Re: [ebtables PATCH] Print IPv6 prefixes in CIDR notation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: nf_conntrack_amanda: add support for STATE streams
- From: Florian Tham <tham@xxxxxxxxx>
Re: [nft PATCH] src: Quote user-defined names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Englobe interfaces
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft PATCH] src: Quote user-defined names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/3] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [iptables PATCH 0/5] Align iptables-nft error messages with legacy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/3] netfilter: nft_compat: use-after-free when deleting targets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/3] ipvs: fix dependency on nf_defrag_ipv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/3] netfilter: compat: initialize all fields in xt_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/3] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings
- From: Phil Sutter <phil@xxxxxx>
Re: [conntrack-tools PATCH v2] Support compiling against libtirpc
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] Fix for implicit-fallthrough warnings
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] nfct: Drop dead code in nfct_timeout_parse_params()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/2 nf] netfilter: nft_compat: use-after-free when deleting targets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/2 nf-next] netfilter: nft_compat: use .release_ops and remove list of extension
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[iptables PATCH 3/5] xtables: Fix error messages in commands with rule number
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/5] Align iptables-nft error messages with legacy
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/5] xtables: Fix error message for chain renaming
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 5/5] tests: Extend return codes check by error messages
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/5] xtables: Fix error message when zeroing a non-existent chain
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/5] xtables: Move new chain check to where it belongs
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH v3] netfilter: reject: skip csum verification for protocols that don't support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v3] netfilter: reject: skip csum verification for protocols that don't support it
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
linux-next: build failure after merge of the netfilter-next tree
- From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
[PATCH AUTOSEL 4.20 038/105] netfilter: nf_tables: fix leaking object reference count
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 043/105] netfilter: nft_flow_offload: Fix reverse route lookup
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 049/105] netfilter: nft_flow_offload: fix interaction with vrf slave device
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.20 065/105] netfilter: nft_flow_offload: fix checking method of conntrack helper
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 32/83] netfilter: nf_tables: fix leaking object reference count
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 37/83] netfilter: nft_flow_offload: Fix reverse route lookup
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.19 41/83] netfilter: nft_flow_offload: fix interaction with vrf slave device
- From: Sasha Levin <sashal@xxxxxxxxxx>
[nf-next:master 9/9] ipt_REJECT.c:(.text+0x120): multiple definition of `nf_reject_verify_csum'; net/ipv4/netfilter/nf_reject_ipv4.o:nf_reject_ipv4.c:(.text+0x470): first defined here
- From: kbuild test robot <lkp@xxxxxxxxx>
[PATCH AUTOSEL 4.19 56/83] netfilter: nft_flow_offload: fix checking method of conntrack helper
- From: Sasha Levin <sashal@xxxxxxxxxx>
[PATCH AUTOSEL 4.14 17/34] netfilter: nf_tables: fix leaking object reference count
- From: Sasha Levin <sashal@xxxxxxxxxx>
[nf-next:master 9/9] include/net/netfilter/nf_reject.h:5: multiple definition of `nf_reject_verify_csum'; net/ipv4/netfilter/nf_reject_ipv4.o:include/net/netfilter/nf_reject.h:5: first defined here
- From: kbuild test robot <lkp@xxxxxxxxx>
conntrack --ignore-error proposal to fix delete races
- From: William Ahern <wahern@xxxxxxxxxx>
[conntrack-tools PATCH v2] Support compiling against libtirpc
- From: Phil Sutter <phil@xxxxxx>
Re: [conntrack-tools PATCH] Support compiling against libtirpc
- From: Phil Sutter <phil@xxxxxx>
Re: [conntrack-tools PATCH] Support compiling against libtirpc
- From: Jan Engelhardt <jengelh@xxxxxxx>
[conntrack-tools PATCH] Support compiling against libtirpc
- From: Phil Sutter <phil@xxxxxx>
[conntrack-tools PATCH] Fix for implicit-fallthrough warnings
- From: Phil Sutter <phil@xxxxxx>
[conntrack-tools PATCH] nfct: Drop dead code in nfct_timeout_parse_params()
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next,RFC,v2] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ebtables PATCH] Print IPv6 prefixes in CIDR notation
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next,RFC,v2] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v2] netfilter: reject: skip csum verification for protocols that don't support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] conntrackd: helpers: dhcpv6: Fix potential array overrun
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v2] netfilter: reject: skip csum verification for protocols that don't support it
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
[conntrack-tools PATCH] conntrackd: helpers: dhcpv6: Fix potential array overrun
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH nf-next,RFC] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next,RFC] netfilter: nft_compat: add release_ops to struct nft_expr_ops and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH nf-next,v2] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: [PATCH net-next] ipvs: Use struct_size() helper
- From: "Gustavo A. R. Silva" <gustavo@xxxxxxxxxxxxxx>
[PATCH nf-next,v2] netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] netfilter: xt_recent: Use struct_size() in kvzalloc()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net-next] ipvs: Use struct_size() helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: conntrack: fix indentation issue
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] netfilter: compat: initialize all fields in xt_init
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v4 nf-next 02/02] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH v4 nf-next 01/02] netfilter: nat: remove module dependency on ipv6 core
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nft_tunnel: Add NFTA_TUNNEL_MODE options
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6
- From: Julian Anastasov <ja@xxxxxx>
Re: [PATCH 0/2] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 2/2] netfilter: nat: fix spurious connection timeouts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/2] netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nat: fix spurious connection timeouts
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Netfilter conntrack table query.
- From: satya phanisree <phanisree1998@xxxxxxxxx>
[PATCH nf v2] ipvs: fix dependency on nf_defrag_ipv6
- From: Andrea Claudi <aclaudi@xxxxxxxxxx>
Re: [PATCH nf] ipvs: fix dependency on nf_defrag_ipv6
- From: Andrea Claudi <aclaudi@xxxxxxxxxx>
Re: [PATCH nf v2] netfilter: compat: initialize all fields in xt_init
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf v2] netfilter: compat: initialize all fields in xt_init
- From: fruggeri@xxxxxxxxxx (Francesco Ruggeri)
Re: [PATCH nf] netfilter: compat: initialize all fields in xt_init
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] ipvs: fix dependency on nf_defrag_ipv6
- From: Julian Anastasov <ja@xxxxxx>
[PATCH nf] netfilter: compat: initialize all fields in xt_init
- From: fruggeri@xxxxxxxxxx (Francesco Ruggeri)
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Francesco Ruggeri <fruggeri@xxxxxxxxxx>
Re: [PATCH nft 4/5] src: expr: add expression etype
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Francesco Ruggeri <fruggeri@xxxxxxxxxx>
Re: [PATCH libnftnl,v3] udata: add NFTNL_UDATA_* definitions
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nft 4/5] src: expr: add expression etype
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 5/5] src: expr: remove expr_ops from struct expr
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft 5/5] src: expr: remove expr_ops from struct expr
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 4/5] src: expr: add expression etype
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 3/5] src: expr: add and use internal expr_ops helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 2/5] src: payload: export and use payload_expr_cmp
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft 1/5] src: expr: add and use expr_name helper
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH libnftnl,v3] udata: add NFTNL_UDATA_* definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] udata: add NFTNL_UDATA_* definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl] udata: add NFTNL_UDATA_* definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Update pf.os with newer OS fingerprints
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl] udata: add NFTNL_UDATA_* definitions
- From: Phil Sutter <phil@xxxxxx>
Re: Update pf.os with newer OS fingerprints
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
[PATCH libnftnl] udata: add NFTNL_UDATA_* definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v3 3/3] ebtables-nft: Support user-defined chain policies
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Update pf.os with newer OS fingerprints
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft 5/5] src: expr: remove expr_ops from struct expr
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 4/5] src: expr: add expression etype
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 3/5] src: expr: add and use internal expr_ops helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 2/5] src: payload: export and use payload_expr_cmp
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 1/5] src: expr: add and use expr_name helper
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft 0/5] src: expr: reduce size of struct expr
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nat: fix spurious connection timeouts
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH v3 3/3] ebtables-nft: Support user-defined chain policies
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY
- From: Florian Westphal <fw@xxxxxxxxx>
Update pf.os with newer OS fingerprints
- From: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
Re: [PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: reject: skip csum verification for protocols that don't support it
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
Re: [PATCH net-next] ipvs: Use struct_size() helper
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH net-next] netfilter: xt_recent: Use struct_size() in kvzalloc()
- From: "Gustavo A. R. Silva" <gustavo@xxxxxxxxxxxxxx>
[PATCH net-next] ipvs: Use struct_size() helper
- From: "Gustavo A. R. Silva" <gustavo@xxxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Francesco Ruggeri <fruggeri@xxxxxxxxxx>
[iptables PATCH] xtables-save: Fix table not found error message
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v3 3/3] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v3 1/3] nft: Don't assume NFTNL_RULE_USERDATA holds a comment
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v3 2/3] nft: Introduce UDATA_TYPE_EBTABLES_POLICY
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf] ipvs: fix dependency on nf_defrag_ipv6
- From: Andrea Claudi <aclaudi@xxxxxxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH 0/2] ebtables-nft: Support user-defined chain policies
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] ipv6: fix icmp6_send() route lookup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH] netfilter: conntrack: fix indentation issue
- From: Colin King <colin.king@xxxxxxxxxxxxx>
[PATCH] ipv6: fix icmp6_send() route lookup
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH] nft: Eliminate dead code in __nft_rule_list
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH 00/12 net-next,v7] add flow_rule infrastructure
- From: Florian Fainelli <f.fainelli@xxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Francesco Ruggeri <fruggeri@xxxxxxxxxx>
Re: [PATCH 00/12 net-next,v7] add flow_rule infrastructure
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Francesco Ruggeri <fruggeri@xxxxxxxxxx>
Re: [PATCH 0/6] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 3/6] netfilter: nf_nat: skip nat clash resolution for same-origin entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/6] netfilter: nft_compat: don't use refcount_inc on newly allocated entry
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/6] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 4/6] netfilter: nf_tables: unbind set in rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/6] selftests: netfilter: add simple masq/redirect test cases
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/6] selftests: netfilter: fix config fragment CONFIG_NF_TABLES_INET
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/6] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: John Haxby <john.haxby@xxxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v2] Revert "ebtables: use extrapositioned negation consistently"
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: John Haxby <john.haxby@xxxxxxxxxx>
[iptables PATCH v2] Revert "ebtables: use extrapositioned negation consistently"
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/2] xshared: Explicitly pass target to command_jump()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/2] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] ebtables-nft: Support user-defined chain policies
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH v3] xtables: Fix for false-positive rule matching
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf v2] netfilter: nft_compat: don't use refcount_inc on newly allocated entry
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf v2] netfilter: nft_compat: don't use refcount_inc on newly allocated entry
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [BUG] refcount_t: underflow; use-after-free in Linux 5.0rc5
- From: Jordan Glover <Golden_Miller83@xxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH v3] xtables: Fix for false-positive rule matching
- From: Phil Sutter <phil@xxxxxx>
[nf:master 4/4] net//netfilter/nft_compat.c:852:28: warning: assignment from incompatible pointer type
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nf:master 4/4] net//netfilter/nft_compat.c:852:28: error: assignment from incompatible pointer type
- From: kbuild test robot <lkp@xxxxxxxxx>
[PATCH nft 2/2] netfilter: nft_compat: don't use refcount_inc on newly allocated entry
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf 1/2] netfilter: nft_compat: fix build
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: ebtables RCU patch?
- From: Nikolay Nikolay <kolko.netfilter@xxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Eli Cooper <elicooper@xxxxxxx>
Re: ebtables RCU patch?
- From: Florian Westphal <fw@xxxxxxxxx>
ebtables RCU patch?
- From: Nikolay Nikolay <kolko.netfilter@xxxxxxxxx>
Re: [BUG] refcount_t: underflow; use-after-free in Linux 5.0rc5
- From: Florian Westphal <fw@xxxxxxxxx>
[BUG] refcount_t: underflow; use-after-free in Linux 5.0rc5
- From: Jordan Glover <Golden_Miller83@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] selftests: netfilter: add simple masq/redirect test cases
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: nf_nat: skip nat clash resolution for same-origin entries
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] selftests/netfilter: fix config fragment CONFIG_NF_TABLES_INET
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions
- From: Or Gerlitz <gerlitz.or@xxxxxxxxx>
Re: [PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions
- From: Or Gerlitz <gerlitz.or@xxxxxxxxx>
Re: [PATCH v3 nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH 06/12 net-next,v7] drivers: net: use flow action infrastructure
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
Re: [PATCH 01/12 net-next,v7] flow_offload: add flow_rule and flow_match structures and use them
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
Re: [PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions
- From: Tonghao Zhang <xiangxia.m.yue@xxxxxxxxx>
Re: [iptables PATCH v2 2/2] xtables: Fix for false-positive rule matching
- From: Phil Sutter <phil@xxxxxx>
[PATCH 12/12 net-next,v7] qede: use ethtool_rx_flow_rule() to remove duplicated parser code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/12 net-next,v7] flow_offload: add flow_rule and flow_match structures and use them
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/12 net-next,v7] qede: place ethtool_rx_flow_spec after code after TC flower codebase
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/12 net-next,v7] drivers: net: use flow action infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/12 net-next,v7] ethtool: add ethtool_rx_flow_spec to flow_rule structure translator
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/12 net-next,v7] dsa: bcm_sf2: use flow_rule infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/12 net-next,v7] flow_offload: add wake-up-on-lan and queue to flow_action
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/12 net-next,v7] cls_flower: don't expose TC actions to drivers anymore
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/12 net-next,v7] flow_offload: add statistics retrieval infrastructure and use it
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/12 net-next,v7] cls_api: add translator to flow_action representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/12 net-next,v7] flow_offload: add flow action infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 02/12 net-next,v7] net/mlx5e: support for two independent packet edit actions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/12 net-next,v7] add flow_rule infrastructure
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: don't break when vmap lookup yields no result
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: don't break when vmap lookup yields no result
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf,v4] netfilter: nf_tables: unbind set in rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v4 nf-next 02/02] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v4 nf-next 01/02] netfilter: nat: remove module dependency on ipv6 core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nft] tests: shell: exercise abort path with anonymous set that is bound to rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf,v2] netfilter: nf_tables: unbind set in rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf,v3] netfilter: nf_tables: unbind set in rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH v2 2/2] xtables: Fix for false-positive rule matching
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH v2 0/2] xtables: Fix multiple issues in rule matching code
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 2/2] xtables: Fix for false-positive rule matching
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH v2 1/2] xtables: Fix for crash when comparing rules with standard target
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf,v2] netfilter: nf_tables: unbind set in rule from commit path
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf,v2] netfilter: nf_tables: unbind set in rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH v3 nf-next 11/11] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 10/11] netfilter: nat: remove l3proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 09/11] netfilter: nat: remove csum_recalc hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 08/11] netfilter: nat: remove csum_update hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 07/11] netfilter: nat: remove manip_pkt hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 06/11] netfilter: nat: remove nf_nat_l4proto.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 04/11] netfilter: nat: move nlattr parse and xfrm session decode to core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 03/11] netfilter: nat: merge ipv4 and ipv6 masquerade functionality
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH v3 nf-next 01/11] netfilter: nat: remove module dependency on ipv6 core
- From: Florian Westphal <fw@xxxxxxxxx>
netfilter: nat: merge ipv4 and ipv6 nat modules
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH 0/2] Follow-up on arptables output changes
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH 1/2] arptables-nft: Set h-type/h-length masks by default, too
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/2] extensions: Fix arptables extension tests
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/2] Follow-up on arptables output changes
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next v2 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 11/11] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 10/11] netfilter: nat: remove l3proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 09/11] netfilter: nat: remove csum_recalc hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 08/11] netfilter: nat: remove csum_update hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 07/11] netfilter: nat: remove manip_pkt hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 06/11] netfilter: nat: remove nf_nat_l4proto.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 04/11] netfilter: nat: move nlattr parse and xfrm session decode to core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 03/11] netfilter: nat: merge ipv4 and ipv6 masquerade functionality
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 01/11] netfilter: nat: remove module dependency on ipv6 core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next v2 00/11] netfilter: nat: remove module dependency on
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] netfilter: nf_tables: unbind set in rule from commit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next 08/11] netfilter: nat: remove csum_update hook
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf-next 08/11] netfilter: nat: remove csum_update hook
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [PATCH nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: kbuild test robot <lkp@xxxxxxxxx>
Re: [iptables PATCH 0/7] Align arptables-nft output with legacy
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 0/7] Align arptables-nft output with legacy
- From: Florian Westphal <fw@xxxxxxxxx>
[iptables PATCH 3/7] arptables-nft: Fix CLASSIFY target printing
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 4/7] arptables-nft: Remove space between *cnt= and value
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 5/7] arptables-nft-save: Fix position of -j option
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/7] arptables-nft: Fix MARK target parsing and printing
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/7] Align arptables-nft output with legacy
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/7] arptables-nft: Fix listing rules without target
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 7/7] tests: shell: Add arptables-nft verbose output test
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 6/7] arptables-nft: Don't print default h-len/h-type values
- From: Phil Sutter <phil@xxxxxx>
[PATCH nf-next 11/11] netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 10/11] netfilter: nat: remove l3proto struct
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 09/11] netfilter: nat: remove csum_recalc hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 08/11] netfilter: nat: remove csum_update hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 07/11] netfilter: nat: remove manip_pkt hook
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 06/11] netfilter: nat: remove nf_nat_l4proto.h
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 05/11] netfilter: nat: merge nf_nat_ipv4,6 into nat core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 04/11] netfilter: nat: move nlattr parse and xfrm session decode to core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 03/11] netfilter: nat: merge ipv4 and ipv6 masquerade functionality
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 02/11] netfilter: ipv6: avoid indirect calls for IPV6=y case
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 01/11] netfilter: nat: remove module dependency on ipv6 core
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf-next 00/11] netfilter: nat: merge ipv4 and ipv6 nat modules
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [iptables PATCH] xtables: Speed up chain deletion in large rulesets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [iptables PATCH] xtables: Speed up chain deletion in large rulesets
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nf] netfilter: nf_nat: skip nat clash resolution for same-origin entries
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH nf] selftests: netfilter: add simple masq/redirect test cases
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf-next] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy
- From: Phil Sutter <phil@xxxxxx>
Re: Fwd: Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: Fwd: Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
Fwd: Re: How to port "-m multiport ! --sports 80,443" to nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [B.A.T.M.A.N.] "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Linus Lüssing <linus.luessing@xxxxxxxxx>
[PATCH nf-next] netfilter: nf_tables: add NFTA_RULE_POSITION_ID to nla_policy
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH 06/33] netfilter: nf_tables: Support RULE_ID reference in new rule
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] selftests/netfilter: fix config fragment CONFIG_NF_TABLES_INET
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] netfilter: nft_tunnel: Add NFTA_TUNNEL_MODE options
- From: wenxu@xxxxxxxxx
[PATCH] selftests/netfilter: fix config fragment CONFIG_NF_TABLES_INET
- From: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
Re: [PATCH] netfilter: nat: Update comment of get_unique_tuple
- From: YueHaibing <yuehaibing@xxxxxxxxxx>
Re: [PATCH 06/33] netfilter: nf_tables: Support RULE_ID reference in new rule
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
Re: [PATCH 00/33] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
[PATCH 02/33] netfilter: nf_tables: handle nft_object lookups via rhltable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 03/33] netfilter: nf_tables: add direct calls for all builtin expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 05/33] netfilter: physdev: relax br_netfilter dependency
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 06/33] netfilter: nf_tables: Support RULE_ID reference in new rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 09/33] netfilter: conntrack: gre: convert rwlock to rcu
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 11/33] netfilter: conntrack: remove net_id
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 01/33] netfilter: nf_tables: prepare nft_object for lookups via hashtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 13/33] netfilter: conntrack: remove invert_tuple callback
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 10/33] netfilter: conntrack: gre: switch module to be built-in
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 08/33] netfilter: conntrack: handle icmp pkt_to_tuple helper via direct calls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 14/33] netfilter: conntrack: remove module owner field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 07/33] netfilter: conntrack: handle builtin l4proto packet functions via direct calls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 16/33] netfilter: conntrack: remove pernet l4 proto register interface
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 21/33] netfilter: conntrack: remove l4proto destroy hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 24/33] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 17/33] netfilter: conntrack: avoid unneeded nf_conntrack_l4proto lookups
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 18/33] netfilter: conntrack: unify sysctl handling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 23/33] netfilter: nf_conntrack: provide modparam to always register conntrack hooks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 28/33] netfilter: conntrack: fix bogus port values for other l4 protocols
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 22/33] netfilter: conntrack: remove nf_ct_l4proto_find_get
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 20/33] netfilter: conntrack: remove l4proto init and get_net callbacks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 26/33] Revert "netfilter: nft_hash: add map lookups for hashing operations"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 30/33] ipvs: use indirect call wrappers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 29/33] ipvs: avoid indirect calls when calculating checksums
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 32/33] netfilter: conntrack: fix error path in nf_conntrack_pernet_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 33/33] netfilter: ipv4: remove useless export_symbol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 27/33] netfilter: conntrack: fix IPV6=n builds
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 31/33] netfilter: nft_counter: remove wrong __percpu of nft_counter_resest()'s arg
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 25/33] netfilter: nat: un-export nf_nat_used_tuple
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 19/33] netfilter: conntrack: remove sysctl registration helpers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 15/33] netfilter: conntrack: remove remaining l4proto indirect packet calls
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 12/33] netfilter: conntrack: remove pkt_to_tuple callback
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 04/33] netfilter: conntrack: remove helper hook again
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 00/33] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH 0/7] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH 4/7] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 2/7] netfilter: nft_compat: make lists per netns
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 3/7] netfilter: nft_compat: destroy function must not have side effects
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 6/7] netfilter: nfnetlink_osf: add missing fmatch check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 5/7] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 7/7] netfilter: ipt_CLUSTERIP: fix warning unused variable cn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/7] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/7] netfilter: nft_compat: use refcnt_t type for nft_xt reference count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 1/7] netfilter: nft_compat: use refcnt_t type for nft_xt reference count
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH 0/7] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Florian Westphal <fw@xxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Florian Westphal <fw@xxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Chieh-Min Wang <chiehmin18@xxxxxxxxx>
Re: [PATCH nft] include: add cplusplus guards for extern
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 3/3] xtables: Fix for inserting rule at wrong position
- From: Phil Sutter <phil@xxxxxx>
Re: [iptables PATCH 3/3] xtables: Fix for inserting rule at wrong position
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: ipv4: remove useless export_symbol
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] nft_counter: remove wrong __percpu of nft_counter_resest()'s arg
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [Patch nf-next] nf_conntrack: fix error path in nf_conntrack_pernet_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH net v2 0/2] fix glitch in IPVS /proc handlers
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [libnftnl PATCH] src: rule: Support NFTA_RULE_POSITION_ID attribute
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf-next] netfilter: nfnetlink_osf: add missing fmatch check
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH libnftnl 0/2] Revert map lookups for expressions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: ipt_CLUSTERIP: fix warning unused variable cn
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ebtables-legacy PATCH 2/2] ebtables: drop sysvinit script
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ebtables-legacy PATCH 1/2] ebtables: drop .spec file
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[PATCH nft] include: add cplusplus guards for extern
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [conntrack-tools PATCH] conntrackd.conf.8: fix state filter example
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH nft] meta: add iifkind and oifkind support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] meta: add iifkind and oifkind support
- From: wenxu <wenxu@xxxxxxxxx>
Re: [PATCH nft] meta: add iifkind and oifkind support
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nft] meta: add iifkind and oifkind support
- From: wenxu <wenxu@xxxxxxxxx>
Re: "Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Florian Westphal <fw@xxxxxxxxx>
"Kernel bug detected [...] nf_ct_del_from_dying_or_unconfirmed_list"
- From: Linus Lüssing <linus.luessing@xxxxxxxxx>
[PATCH nf-next] netfilter: ipv4: remove useless export_symbol
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH nf] netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
- From: Francesco Ruggeri <fruggeri@xxxxxxxxxx>
Re: [RFC nft] evaluate: kill anon sets with one element
- From: Phil Sutter <phil@xxxxxx>
[conntrack-tools PATCH] conntrackd.conf.8: fix state filter example
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Historical keynote by Rusty Russell at linux.conf.au 2019
- From: Harald Welte <laforge@xxxxxxxxxxxxx>
[RFC nft] evaluate: kill anon sets with one element
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Userspace Queue Payloads
- From: Muneyuki KAWATANI <kawatani.muneyuki@xxxxxxxxxxxxx>
Re: general protection fault in nf_ct_gre_keymap_flush
- From: syzbot <syzbot+fcee88b2d87f0539dfe9@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: 4.19.{12,[13],14}: RIP: 0010:nf_conncount_cache_free+0x26/0x2f [nf_conncount]
- From: Steffen Nurpmeso <steffen@xxxxxxxxxx>
Userspace Queue Payloads
- From: dave madden <netfilter@xxxxxxxxxxxx>
[PATCH nft] meta: add iifkind and oifkind support
- From: wenxu@xxxxxxxxx
Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v3] netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type
- From: wenxu <wenxu@xxxxxxxxx>
Re: [PATCH] ipvs: Fix signed integer overflow when setsockopt timeout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [PATCH] netfilter: nat: Update comment of get_unique_tuple
- From: YueHaibing <yuehaibing@xxxxxxxxxx>
Re: [Patch nf-next] nf_conntrack: fix error path in nf_conntrack_pernet_init()
- From: Florian Westphal <fw@xxxxxxxxx>
[Patch nf-next] nf_conntrack: fix error path in nf_conntrack_pernet_init()
- From: Cong Wang <xiyou.wangcong@xxxxxxxxx>
Re: general protection fault in nf_ct_gre_keymap_flush
- From: syzbot <syzbot+fcee88b2d87f0539dfe9@xxxxxxxxxxxxxxxxxxxxxxxxx>
Re: [PATCH ipvs-next] ipvs: avoid indirect calls when calculating checksums
- From: Simon Horman <horms@xxxxxxxxxxxx>
Re: [PATCH ipvs-next] ipvs: use indirect call wrappers
- From: Simon Horman <horms@xxxxxxxxxxxx>
[PATCH] netfilter: ipt_CLUSTERIP: fix warning unused variable cn
- From: Anders Roxell <anders.roxell@xxxxxxxxxx>
Re: [PATCH nf-next 0/2] netfilter: conntrack: fix indirect call removal fallout
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
general protection fault in nf_ct_gre_keymap_flush
- From: syzbot <syzbot+fcee88b2d87f0539dfe9@xxxxxxxxxxxxxxxxxxxxxxxxx>
INFO: rcu detected stall in gc_worker
- From: syzbot <syzbot+655174276c47216abab5@xxxxxxxxxxxxxxxxxxxxxxxxx>
[ebtables-legacy PATCH 2/2] ebtables: drop sysvinit script
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
[ebtables-legacy PATCH 1/2] ebtables: drop .spec file
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
[iptables PATCH 3/3] xtables: Fix for false-positive rule matching
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 2/3] xtables: Fix for crash when comparing rules with standard target
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 1/3] nft: Fix potential memleaks in nft_*_rule_find()
- From: Phil Sutter <phil@xxxxxx>
[iptables PATCH 0/3] xtables: Fix multiple issues in rule matching code
- From: Phil Sutter <phil@xxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] netfilter: ipv6: Don't preserve original oif for loopback address
- From: Eli Cooper <elicooper@xxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]