Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH 2/2 libnftnl v2] tunnel: add support to geneve options, (continued)
[net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test, Phil Sutter
- Re: [net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test, Pablo Neira Ayuso
- Re: [net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test, Paolo Abeni
- Re: [net-next PATCH] selftests: netfilter: Fix skip of wildcard interface test, patchwork-bot+netdevbpf
[PATCH ulogd2 v2 0/4] Add support for logging ARP packets, Jeremy Sowden
- [PATCH ulogd2 v2 3/4] Use `NFPROTO_*` constants for protocol families, Jeremy Sowden
- [PATCH ulogd2 v2 1/4] db, IP2BIN: correct `format_ipv6()` output buffer sizes, Jeremy Sowden
- [PATCH ulogd2 v2 4/4] Add support for logging ARP packets, Jeremy Sowden
- [PATCH ulogd2 v2 2/4] IP2BIN, IP2HBIN, IP2STR: refactor `interp` call-backs, Jeremy Sowden
- Re: [PATCH ulogd2 v2 0/4] Add support for logging ARP packets, Florian Westphal
[PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
- Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Florian Westphal
  - Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
    - Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
  - Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
- Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Pablo Neira Ayuso
  - Re: [PATCH v2 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
[PATCH] ipset: Modify pernet_operations check, Mike Pagano
- Re: [PATCH] ipset: Modify pernet_operations check, Jeremy Sowden
[PATCH net-next,v2 00/26] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 02/26] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds, Pablo Neira Ayuso
- [PATCH net-next 01/26] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation, Pablo Neira Ayuso
  - Re: [PATCH net-next 01/26] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation, patchwork-bot+netdevbpf
- [PATCH net-next 03/26] selftests: netfilter: nft_fib.sh: add 'type' mode tests, Pablo Neira Ayuso
- [PATCH net-next 04/26] selftests: netfilter: move fib vrf test to nft_fib.sh, Pablo Neira Ayuso
- [PATCH net-next 05/26] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy, Pablo Neira Ayuso
- [PATCH net-next 07/26] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs, Pablo Neira Ayuso
- [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Pablo Neira Ayuso
- [PATCH net-next 09/26] netfilter: nf_dup{4, 6}: Move duplication check to task_struct, Pablo Neira Ayuso
- [PATCH net-next 08/26] netfilter: nft_tunnel: fix geneve_opt dump, Pablo Neira Ayuso
- [PATCH net-next 10/26] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx, Pablo Neira Ayuso
- [PATCH net-next 12/26] netfilter: conntrack: make nf_conntrack_id callable without a module dependency, Pablo Neira Ayuso
- [PATCH net-next 11/26] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit, Pablo Neira Ayuso
- [PATCH net-next 13/26] netfilter: nf_tables: add packets conntrack state to debug trace info, Pablo Neira Ayuso
- [PATCH net-next 14/26] netfilter: nf_tables: Introduce functions freeing nft_hook objects, Pablo Neira Ayuso
- [PATCH net-next 16/26] netfilter: nf_tables: Introduce nft_register_flowtable_ops(), Pablo Neira Ayuso
- [PATCH net-next 15/26] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}(), Pablo Neira Ayuso
- [PATCH net-next 17/26] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook(), Pablo Neira Ayuso
- [PATCH net-next 18/26] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook, Pablo Neira Ayuso
- [PATCH net-next 20/26] netfilter: nf_tables: Respect NETDEV_REGISTER events, Pablo Neira Ayuso
- [PATCH net-next 19/26] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events, Pablo Neira Ayuso
- [PATCH net-next 21/26] netfilter: nf_tables: Wrap netdev notifiers, Pablo Neira Ayuso
- [PATCH net-next 23/26] netfilter: nf_tables: Sort labels in nft_netdev_hook_alloc(), Pablo Neira Ayuso
- [PATCH net-next 24/26] netfilter: nf_tables: Support wildcard netdev hook specs, Pablo Neira Ayuso
- [PATCH net-next 22/26] netfilter: nf_tables: Handle NETDEV_CHANGENAME events, Pablo Neira Ayuso
- [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks, Pablo Neira Ayuso
  - Re: [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks, Paolo Abeni
    - Re: [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks, Pablo Neira Ayuso
      - Re: [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks, Jakub Kicinski
- [PATCH net-next 25/26] netfilter: nf_tables: Add notifications for hook changes, Pablo Neira Ayuso
[PATCH nf-next 0/3] netfilter: nf_set_pipapo_avx2: fix initial map fill, Florian Westphal
- [PATCH nf-next 2/3] selftests: netfilter: nft_concat_range.sh: prefer per element counters for testing, Florian Westphal
- [PATCH nf-next 3/3] selftests: netfilter: nft_concat_range.sh: add datapath check for map fill bug, Florian Westphal
- [PATCH nf-next 1/3] netfilter: nf_set_pipapo_avx2: fix initial map fill, Florian Westphal
  - Re: [PATCH nf-next 1/3] netfilter: nf_set_pipapo_avx2: fix initial map fill, Pablo Neira Ayuso
    - Re: [PATCH nf-next 1/3] netfilter: nf_set_pipapo_avx2: fix initial map fill, Florian Westphal
- Re: [PATCH nf-next 0/3] netfilter: nf_set_pipapo_avx2: fix initial map fill, Stefano Brivio
  - Re: [PATCH nf-next 0/3] netfilter: nf_set_pipapo_avx2: fix initial map fill, Florian Westphal
[PATCH v2] selftests: net: fix spelling and grammar mistakes, Praveen Balakrishnan
- Re: [PATCH v2] selftests: net: fix spelling and grammar mistakes, Simon Horman
- Re: [PATCH v2] selftests: net: fix spelling and grammar mistakes, Aaron Conole
- Re: [PATCH v2] selftests: net: fix spelling and grammar mistakes, Jakub Kicinski
[PATCH net-next 00/26] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 03/26] selftests: netfilter: nft_fib.sh: add 'type' mode tests, Pablo Neira Ayuso
- [PATCH net-next 01/26] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation, Pablo Neira Ayuso
- [PATCH net-next 02/26] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds, Pablo Neira Ayuso
- [PATCH net-next 04/26] selftests: netfilter: move fib vrf test to nft_fib.sh, Pablo Neira Ayuso
- [PATCH net-next 07/26] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs, Pablo Neira Ayuso
- [PATCH net-next 05/26] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy, Pablo Neira Ayuso
- [PATCH net-next 08/26] netfilter: nft_tunnel: fix geneve_opt dump, Pablo Neira Ayuso
- [PATCH net-next 12/26] netfilter: conntrack: make nf_conntrack_id callable without a module dependency, Pablo Neira Ayuso
- [PATCH net-next 11/26] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit, Pablo Neira Ayuso
- [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Pablo Neira Ayuso
  - Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Simon Horman
    - Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Pablo Neira Ayuso
      - Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Simon Horman
        
        Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Pablo Neira Ayuso
        
        Re: [PATCH net-next 06/26] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Simon Horman
- [PATCH net-next 09/26] netfilter: nf_dup{4, 6}: Move duplication check to task_struct, Pablo Neira Ayuso
- [PATCH net-next 10/26] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx, Pablo Neira Ayuso
- [PATCH net-next 16/26] netfilter: nf_tables: Introduce nft_register_flowtable_ops(), Pablo Neira Ayuso
- [PATCH net-next 19/26] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events, Pablo Neira Ayuso
- [PATCH net-next 15/26] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}(), Pablo Neira Ayuso
- [PATCH net-next 13/26] netfilter: nf_tables: add packets conntrack state to debug trace info, Pablo Neira Ayuso
- [PATCH net-next 14/26] netfilter: nf_tables: Introduce functions freeing nft_hook objects, Pablo Neira Ayuso
- [PATCH net-next 17/26] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook(), Pablo Neira Ayuso
- [PATCH net-next 18/26] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook, Pablo Neira Ayuso
- [PATCH net-next 25/26] netfilter: nf_tables: Add notifications for hook changes, Pablo Neira Ayuso
- [PATCH net-next 24/26] netfilter: nf_tables: Support wildcard netdev hook specs, Pablo Neira Ayuso
- [PATCH net-next 20/26] netfilter: nf_tables: Respect NETDEV_REGISTER events, Pablo Neira Ayuso
- [PATCH net-next 21/26] netfilter: nf_tables: Wrap netdev notifiers, Pablo Neira Ayuso
- [PATCH net-next 22/26] netfilter: nf_tables: Handle NETDEV_CHANGENAME events, Pablo Neira Ayuso
- [PATCH net-next 23/26] netfilter: nf_tables: Sort labels in nft_netdev_hook_alloc(), Pablo Neira Ayuso
- [PATCH net-next 26/26] selftests: netfilter: Torture nftables netdev hooks, Pablo Neira Ayuso
[PATCH nf-next,v2] netfilter: conntrack: remove DCCP protocol support, Pablo Neira Ayuso
- Re: [PATCH nf-next,v2] netfilter: conntrack: remove DCCP protocol support, Simon Horman
[PATCH libnftnl v2] trace: add support for TRACE_CT information, Florian Westphal
- Re: [PATCH libnftnl v2] trace: add support for TRACE_CT information, Pablo Neira Ayuso
[PATCH nf-next v2 0/2] netfilter: nf_tables: include conntrack state in trace messages, Florian Westphal
- [PATCH nf-next v2 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info, Florian Westphal
- [PATCH nf-next v2 1/2] netfilter: conntrack: make nf_conntrack_id callable without a module dependency, Florian Westphal
nft_queues.sh failures, Paolo Abeni
- Re: nft_queues.sh failures, Jakub Kicinski
  - Re: nft_queues.sh failures, Paolo Abeni
    - Re: nft_queues.sh failures, Florian Westphal
[PATCH nf-next] netfilter: conntrack: remove DCCP protocol support, Pablo Neira Ayuso
[nf-next PATCH v7 00/13] Dynamic hook interface binding part 2, Phil Sutter
- [nf-next PATCH v7 03/13] netfilter: nf_tables: Introduce nft_register_flowtable_ops(), Phil Sutter
- [nf-next PATCH v7 02/13] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}(), Phil Sutter
- [nf-next PATCH v7 13/13] selftests: netfilter: Torture nftables netdev hooks, Phil Sutter
- [nf-next PATCH v7 11/13] netfilter: nf_tables: Support wildcard netdev hook specs, Phil Sutter
- [nf-next PATCH v7 01/13] netfilter: nf_tables: Introduce functions freeing nft_hook objects, Phil Sutter
- [nf-next PATCH v7 08/13] netfilter: nf_tables: Wrap netdev notifiers, Phil Sutter
- [nf-next PATCH v7 10/13] netfilter: nf_tables: Sort labels in nft_netdev_hook_alloc(), Phil Sutter
- [nf-next PATCH v7 06/13] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events, Phil Sutter
- [nf-next PATCH v7 07/13] netfilter: nf_tables: Respect NETDEV_REGISTER events, Phil Sutter
- [nf-next PATCH v7 05/13] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook, Phil Sutter
- [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes, Phil Sutter
  - Re: [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes, Pablo Neira Ayuso
    - Re: [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes, Phil Sutter
      - Re: [nf-next PATCH v7 12/13] netfilter: nf_tables: Add notifications for hook changes, Pablo Neira Ayuso
- [nf-next PATCH v7 04/13] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook(), Phil Sutter
- [nf-next PATCH v7 09/13] netfilter: nf_tables: Handle NETDEV_CHANGENAME events, Phil Sutter
[nft PATCH 0/4] Continue upon netlink deserialization failures, Phil Sutter
- [nft PATCH 4/4] cache: Tolerate object deserialization failures, Phil Sutter
- [nft PATCH 3/4] netlink: Keep going after set element parsing failures, Phil Sutter
  - Re: [nft PATCH 3/4] netlink: Keep going after set element parsing failures, Pablo Neira Ayuso
    - Re: [nft PATCH 3/4] netlink: Keep going after set element parsing failures, Phil Sutter
      - Re: [nft PATCH 3/4] netlink: Keep going after set element parsing failures, Pablo Neira Ayuso
- [nft PATCH 2/4] netlink: Pass netlink_ctx to netlink_delinearize_setelem(), Phil Sutter
- [nft PATCH 1/4] netlink_delinearize: Replace some BUG()s by error messages, Phil Sutter
- Re: [nft PATCH 0/4] Continue upon netlink deserialization failures, Pablo Neira Ayuso
  - Re: [nft PATCH 0/4] Continue upon netlink deserialization failures, Phil Sutter
Re: [PATCH] netfilter: nf_conntrack: table full detailed log, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_tunnel: fix geneve_opt dump, Fernando Fernandez Mancera
[PATCH nf-next v2 0/5] netfilter: resolve fib+vrf issues, Florian Westphal
- [PATCH nf-next v2 2/5] selftests: netfilter: move fib vrf test to nft_fib.sh, Florian Westphal
- [PATCH nf-next v2 4/5] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Florian Westphal
- [PATCH nf-next v2 1/5] selftests: netfilter: nft_fib.sh: add 'type' mode tests, Florian Westphal
- [PATCH nf-next v2 3/5] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy, Florian Westphal
- [PATCH nf-next v2 5/5] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs, Florian Westphal
- Re: [PATCH nf-next v2 0/5] netfilter: resolve fib+vrf issues, Pablo Neira Ayuso
[PATCH 6.1 88/97] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx, Greg Kroah-Hartman
[PATCH 6.1 89/97] netfilter: nf_tables: wait for rcu grace period on net_device removal, Greg Kroah-Hartman
[PATCH 6.1 90/97] netfilter: nf_tables: do not defer rule destruction via call_rcu, Greg Kroah-Hartman
[PATCH 5.15 58/59] netfilter: nf_tables: do not defer rule destruction via call_rcu, Greg Kroah-Hartman
[PATCH 5.15 56/59] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx, Greg Kroah-Hartman
[PATCH 5.15 57/59] netfilter: nf_tables: wait for rcu grace period on net_device removal, Greg Kroah-Hartman
[PATCH nf-next,v2 1/4] netfilter: nf_tables: add infrastructure for chain validation on updates, Pablo Neira Ayuso
- [PATCH nf-next,v2 2/4] netfilter: nf_tables: add new binding infrastructure, Pablo Neira Ayuso
- [PATCH nf-next,v2 4/4] netfilter: nf_tables: add support for validating incremental ruleset updates, Pablo Neira Ayuso
- [PATCH nf-next,v2 3/4] netfilter: nf_tables: use new binding infrastructure, Pablo Neira Ayuso
[PATCH nf-next,v2 1/2] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path, Pablo Neira Ayuso
- [PATCH nf-next,v2 2/2] netfilter: nf_tables: honor validation state in preparation phase, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v2 2/2] netfilter: nf_tables: honor validation state in preparation phase, Florian Westphal
- Re: [PATCH nf-next,v2 1/2] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path, Florian Westphal
[PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
- [PATCH v5 2/2] Add test for nft_max_table_jumps_netns sysctl, Shaun Brady
- Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Florian Westphal
  - Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
    - Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Florian Westphal
- Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Pablo Neira Ayuso
  - Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
  - Re: [PATCH v5 1/2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
[PATCH nft] tests: shell: check if kernel supports for cgroupsv2 matching, Pablo Neira Ayuso
[PATCH -stable,5.10 0/3] Netfilter fixes for -stable, Pablo Neira Ayuso
- [PATCH -stable,5.10 3/3] netfilter: nf_tables: do not defer rule destruction via call_rcu, Pablo Neira Ayuso
- [PATCH -stable,5.10 1/3] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx, Pablo Neira Ayuso
- [PATCH -stable,5.10 2/3] netfilter: nf_tables: wait for rcu grace period on net_device removal, Pablo Neira Ayuso
[PATCH nft] tests: shell: skip egress in netdev chain release path test, Pablo Neira Ayuso
[PATCH -stable,5.15 0/3] Netfilter fixes for -stable, Pablo Neira Ayuso
- [PATCH -stable,5.15 3/3] netfilter: nf_tables: do not defer rule destruction via call_rcu, Pablo Neira Ayuso
- [PATCH -stable,5.15 2/3] netfilter: nf_tables: wait for rcu grace period on net_device removal, Pablo Neira Ayuso
- [PATCH -stable,5.15 1/3] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx, Pablo Neira Ayuso
[PATCH -stable,6.1 0/3] Netfilter fixes for -stable, Pablo Neira Ayuso
- [PATCH -stable,6.1 3/3] netfilter: nf_tables: do not defer rule destruction via call_rcu, Pablo Neira Ayuso
- [PATCH -stable,6.1 1/3] netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx, Pablo Neira Ayuso
- [PATCH -stable,6.1 2/3] netfilter: nf_tables: wait for rcu grace period on net_device removal, Pablo Neira Ayuso
- Re: [PATCH -stable,6.1 0/3] Netfilter fixes for -stable, Greg KH
[ANNOUNCE] ipset 7.24 released, Jozsef Kadlecsik
[nft PATCH 0/2] Sanitize two error conditions in netlink code, Phil Sutter
- [nft PATCH 1/2] netlink: Avoid potential NULL-ptr deref parsing set elem expressions, Phil Sutter
- [nft PATCH 2/2] netlink: Catch unknown types when deserializing objects, Phil Sutter
- Re: [nft PATCH 0/2] Sanitize two error conditions in netlink code, Florian Westphal
  - Re: [nft PATCH 0/2] Sanitize two error conditions in netlink code, Phil Sutter
[PATCH nf-next] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds, Florian Westphal
- Re: [PATCH nf-next] netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds, Pablo Neira Ayuso
[PATCH v4] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
- Re: [PATCH v4] netfilter: nf_tables: Implement jump limit for nft_table_validate, Florian Westphal
[PATCH nf-next 0/5] netfilter: resolve fib+vrf issues, Florian Westphal
- [PATCH nf-next 1/5] selftests: netfilter: nft_fib.sh: add 'type' mode tests, Florian Westphal
- [PATCH nf-next 2/5] selftests: netfilter: move fib vrf test to nft_fib.sh, Florian Westphal
- [PATCH nf-next 3/5] netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy, Florian Westphal
- [PATCH nf-next 4/5] netfilter: nf_tables: nft_fib: consistent l3mdev handling, Florian Westphal
- [PATCH nf-next 5/5] selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs, Florian Westphal
- Re: [PATCH nf-next 0/5] netfilter: resolve fib+vrf issues, Pablo Neira Ayuso
[PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation, Pablo Neira Ayuso
- [PATCH nf-next,v1 3/6] netfilter: nf_tables: add infrastructure for chain validation on updates, Pablo Neira Ayuso
- [PATCH nf-next,v1 4/6] netfilter: nf_tables: add new binding infrastructure, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v1 4/6] netfilter: nf_tables: add new binding infrastructure, Phil Sutter
- [PATCH nf-next,v1 1/6] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v1 1/6] netfilter: nf_tables: honor EINTR in ruleset validation from commit/abort path, Phil Sutter
- [PATCH nf-next,v1 2/6] netfilter: nf_tables: honor validation state in preparation phase, Pablo Neira Ayuso
- [PATCH nf-next,v1 5/6] netfilter: nf_tables: use new binding infrastructure, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v1 5/6] netfilter: nf_tables: use new binding infrastructure, Phil Sutter
- [PATCH nf-next,v1 6/6] netfilter: nf_tables: add support for validating incremental ruleset updates, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v1 6/6] netfilter: nf_tables: add support for validating incremental ruleset updates, Phil Sutter
- Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation, Florian Westphal
  - Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation, Pablo Neira Ayuso
    - Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation, Florian Westphal
      - Re: [PATCH nf-next,v1 0/6] revisiting nf_tables ruleset validation, Pablo Neira Ayuso
Packets sent to local interface seemingly not accepted by nfq_set_verdict despite ACCEPT call., G.W. Haywood
Recommendations for choice of compiler; does it matter?, Sunny73Cr
libmnl name definition, Sunny73Cr
- Re: libmnl name definition, Jan Engelhardt
[RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
- Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Pablo Neira Ayuso
  - Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Florian Westphal
    - Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
      - Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Florian Westphal
        
        Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
        
        Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Florian Westphal
        
        Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
        
        Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
        
        Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Florian Westphal
        
        Re: [RESEND PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
[PATCH 1/1] netfilter: load nf_log_syslog on enabling nf_conntrack_log_invalid, Lance Yang
Looking for TODO, Shaun Brady
- Re: Looking for TODO, Florian Westphal
  - Re: Looking for TODO, Florian Westphal
    - Re: Looking for TODO, Shaun Brady
[nft RFC] table: Embed creating nft version into userdata, Phil Sutter
[PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
- Re: [PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate, Pablo Neira Ayuso
  - Re: [PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate, Florian Westphal
    - Re: [PATCH v3] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
[PATCH nf-next v1 0/3] netfilter: Cover more per-CPU storage with local nested BH locking., Sebastian Andrzej Siewior
- [PATCH nf-next v1 3/3] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit, Sebastian Andrzej Siewior
- [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct, Sebastian Andrzej Siewior
  - Re: [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct, Pablo Neira Ayuso
    - Re: [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct, Sebastian Andrzej Siewior
      - Re: [PATCH nf-next v1 1/3] netfilter: nf_dup{4, 6}: Move duplication check to task_struct, Pablo Neira Ayuso
- [PATCH nf-next v1 2/3] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx, Sebastian Andrzej Siewior
- Re: [PATCH nf-next v1 0/3] netfilter: Cover more per-CPU storage with local nested BH locking., Pablo Neira Ayuso
Fix resource leak in iptables/xtables-restore.c, 周恺航
- Re: Fix resource leak in iptables/xtables-restore.c, Phil Sutter
  - Re: Re: Fix resource leak in iptables/xtables-restore.c, 周恺航
    - Re: Re: Fix resource leak in iptables/xtables-restore.c, Phil Sutter
[PATCH 5.10.y] netfilter: nf_tables: fix memleak in map from abort path, jianqi.ren.cn
[PATCH 5.15.y] netfilter: nf_tables: fix memleak in map from abort path, jianqi.ren.cn
[PATCH 6.1.y] netfilter: nf_tables: fix memleak in map from abort path, jianqi.ren.cn
- Re: [PATCH 6.1.y] netfilter: nf_tables: fix memleak in map from abort path, Pablo Neira Ayuso
[nft PATCH] tests: shell: Include kernel taint value in warning, Phil Sutter
- Re: [nft PATCH] tests: shell: Include kernel taint value in warning, Phil Sutter
[PATCH nft] src: add conntrack information to trace monitor mode, Florian Westphal
- Re: [PATCH nft] src: add conntrack information to trace monitor mode, Pablo Neira Ayuso
  - Re: [PATCH nft] src: add conntrack information to trace monitor mode, Florian Westphal
[PATCH libnftnl] trace: add support for TRACE_CT information, Florian Westphal
[PATCH nf-next 0/2] netfilter: nf_tables: include conntrack state in trace messages, Florian Westphal
- [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info, Florian Westphal
  - Re: [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info, Pablo Neira Ayuso
    - Re: [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info, Florian Westphal
      - Re: [PATCH nf-next 2/2] netfilter: nf_tables: add packets conntrack state to debug trace info, Pablo Neira Ayuso
- [PATCH nf-next 1/2] netfilter: conntrack: make nf_conntrack_id callable without a module dependency, Florian Westphal
[PATCH nft] src: netlink: fix crash when ops doesn't support udata, Florian Westphal
- Re: [PATCH nft] src: netlink: fix crash when ops doesn't support udata, Pablo Neira Ayuso
[nft PATCH] tests/shell: Skip netdev_chain_dev_addremove on tainted kernels, Phil Sutter
- Re: [nft PATCH] tests/shell: Skip netdev_chain_dev_addremove on tainted kernels, Pablo Neira Ayuso
- Re: [nft PATCH] tests/shell: Skip netdev_chain_dev_addremove on tainted kernels, Phil Sutter
[PATCHv2 net-next 0/6] selftests: net: configure rp_filter in setup_ns, Hangbin Liu
- [PATCHv2 net-next 1/6] selftests: net: disable rp_filter after namespace initialization, Hangbin Liu
  - Re: [PATCHv2 net-next 1/6] selftests: net: disable rp_filter after namespace initialization, Simon Horman
- [PATCHv2 net-next 2/6] selftests: net: remove redundant rp_filter configuration, Hangbin Liu
  - Re: [PATCHv2 net-next 2/6] selftests: net: remove redundant rp_filter configuration, Simon Horman
- [PATCHv2 net-next 3/6] selftests: net: use setup_ns for bareudp testing, Hangbin Liu
  - Re: [PATCHv2 net-next 3/6] selftests: net: use setup_ns for bareudp testing, Simon Horman
- [PATCHv2 net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration, Hangbin Liu
  - Re: [PATCHv2 net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration, Andrea Mayer
- [PATCHv2 net-next 5/6] selftests: netfilter: remove rp_filter configuration, Hangbin Liu
- [PATCHv2 net-next 6/6] selftests: mptcp: remove rp_filter configuration, Hangbin Liu
- Re: [PATCHv2 net-next 0/6] selftests: net: configure rp_filter in setup_ns, patchwork-bot+netdevbpf
[nft PATCH] parser_json: Introduce parse_flags_array(), Phil Sutter
- [nft PATCH 0/6] Add test for parse_flags_array(), Phil Sutter
  - [nft PATCH 3/6] json: Print single fib flag as non-array, Phil Sutter
  - [nft PATCH 6/6] tests: shell: Add test case for JSON 'flags' arrays, Phil Sutter
  - [nft PATCH 1/6] doc: Fix typo in nat statement 'prefix' description, Phil Sutter
  - [nft PATCH 5/6] json: Introduce json_add_array_new(), Phil Sutter
  - [nft PATCH 2/6] json: Print single set flag as non-array, Phil Sutter
  - [nft PATCH 4/6] json: Print single synproxy flags as non-array, Phil Sutter
  - Re: [nft PATCH 0/6] Add test for parse_flags_array(), Pablo Neira Ayuso
    - Re: [nft PATCH 0/6] Add test for parse_flags_array(), Phil Sutter
[PATCH 0/1] ipset patch to fix region locking, Jozsef Kadlecsik
- [PATCH 1/1] netfilter: ipset: fix region locking in hash types, Jozsef Kadlecsik
[PATCH net-next 0/6] selftests: net: configure rp_filter in setup_ns, Hangbin Liu
- [PATCH net-next 1/6] selftests: net: disable rp_filter after namespace initialization, Hangbin Liu
- [PATCH net-next 3/6] selftests: net: use setup_ns for bareudp testing, Hangbin Liu
- [PATCH net-next 6/6] selftests: mptcp: remove rp_filter configuration, Hangbin Liu
  - Re: [PATCH net-next 6/6] selftests: mptcp: remove rp_filter configuration, Matthieu Baerts
- [PATCH net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration, Hangbin Liu
  - Re: [PATCH net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration, Jakub Kicinski
    - Re: [PATCH net-next 4/6] selftests: net: use setup_ns for SRv6 tests and remove rp_filter configuration, Hangbin Liu
- [PATCH net-next 2/6] selftests: net: remove redundant rp_filter configuration, Hangbin Liu
- [PATCH net-next 5/6] selftests: netfilter: remove rp_filter configuration, Hangbin Liu
  - Re: [PATCH net-next 5/6] selftests: netfilter: remove rp_filter configuration, Florian Westphal
[PATCH net-next] selftests: netfilter: fix conntrack stress test failures on debug kernels, Florian Westphal
- Re: [PATCH net-next] selftests: netfilter: fix conntrack stress test failures on debug kernels, Jakub Kicinski
- Re: [PATCH net-next] selftests: netfilter: fix conntrack stress test failures on debug kernels, patchwork-bot+netdevbpf
[PATCH nf-next] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation, Florian Westphal
- Re: [PATCH nf-next] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation, Stefano Brivio
  - Re: [PATCH nf-next] selftests: netfilter: nft_concat_range.sh: add coverage for 4bit group representation, Florian Westphal
nftables netlink cache initialization failure with dnsmasq, Monib
- Re: nftables netlink cache initialization failure with dnsmasq, Pablo Neira Ayuso
  - Re: nftables netlink cache initialization failure with dnsmasq, Monib
[PATCH v2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
- Re: [PATCH v2] netfilter: nf_tables: Implement jump limit for nft_table_validate, kernel test robot
- Re: [PATCH v2] netfilter: nf_tables: Implement jump limit for nft_table_validate, Florian Westphal
[PATCH AUTOSEL 5.10 033/114] netfilter: conntrack: Bound nf_conntrack sysctl writes, Sasha Levin
[PATCH AUTOSEL 5.15 048/153] netfilter: conntrack: Bound nf_conntrack sysctl writes, Sasha Levin
[PATCH AUTOSEL 6.1 067/212] netfilter: conntrack: Bound nf_conntrack sysctl writes, Sasha Levin
[PATCH AUTOSEL 6.6 084/294] netfilter: conntrack: Bound nf_conntrack sysctl writes, Sasha Levin
[PATCH AUTOSEL 5.4 25/79] netfilter: conntrack: Bound nf_conntrack sysctl writes, Sasha Levin
[PATCH AUTOSEL 6.12 135/486] netfilter: conntrack: Bound nf_conntrack sysctl writes, Sasha Levin
[PATCH AUTOSEL 6.14 169/642] netfilter: conntrack: Bound nf_conntrack sysctl writes, Sasha Levin
[PATCH nf] ipvs: fix uninit-value for saddr in do_output_route4, Julian Anastasov
- Re: [PATCH nf] ipvs: fix uninit-value for saddr in do_output_route4, Simon Horman
[syzbot] [lvs?] KMSAN: uninit-value in do_output_route4, syzbot
- Re: [syzbot] [lvs?] KMSAN: uninit-value in do_output_route4, Julian Anastasov
[PATCH net-next v3 08/18] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit, Sebastian Andrzej Siewior
[PATCH net-next v3 07/18] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx, Sebastian Andrzej Siewior
Privatkredit, theodoseraymond5
[PATCH v1] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, avimalin
- Re: [PATCH v1] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, Florian Westphal
  - [PATCH v2] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, avimalin
    - Re: [PATCH v2] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, Florian Westphal
      - [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, avimalin
        
        Re: [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, Florian Westphal
        
        Re: [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, Vimal Agrawal
        
        Re: [PATCH v3] nf_conntrack: sysctl: expose gc worker scan interval via sysctl, Vimal Agrawal
[PATCH net-next 0/6,v3] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 1/6] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies(), Pablo Neira Ayuso
  - Re: [PATCH net-next 1/6] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies(), patchwork-bot+netdevbpf
- [PATCH net-next 2/6] netfilter: xt_cgroup: Make it independent from net_cls, Pablo Neira Ayuso
- [PATCH net-next 3/6] net: cgroup: Guard users of sock_cgroup_classid(), Pablo Neira Ayuso
- [PATCH net-next 5/6] docs: tproxy: fix formatting for nft code block, Pablo Neira Ayuso
- [PATCH net-next 4/6] netfilter: conntrack: Remove redundant NFCT_ALIGN call, Pablo Neira Ayuso
- [PATCH net-next 6/6] netfilter: nf_tables: export set count and backend name to userspace, Pablo Neira Ayuso
Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Pablo Neira Ayuso
- <Possible follow-ups>
- Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Pablo Neira Ayuso
  - Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
    - Re: [PATCH V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Pablo Neira Ayuso
[PATCH] net:ipv4: Use shift left 2 to calculate the length of the IPv4 header., Chaohai Chen
[PATCH iptables] extensions: libebt_redirect: prevent translation, Miao Wang via B4 Relay
- Re: [PATCH iptables] extensions: libebt_redirect: prevent translation, Pablo Neira Ayuso
  - Re: [PATCH iptables] extensions: libebt_redirect: prevent translation, Miao Wang
    - Re: [PATCH iptables] extensions: libebt_redirect: prevent translation, Pablo Neira Ayuso
    - Re: [PATCH iptables] extensions: libebt_redirect: prevent translation, Phil Sutter
Fail to clone iptables,ipset,nftables, Sunny73Cr
- Re: Fail to clone iptables,ipset,nftables, Florian Westphal
  - Re: Trailing dot in Cygwin filenames [was: failed to clone iptables,ipset,nftables], Jan Engelhardt
    - Re: [oss-security] Re: Trailing dot in Cygwin filenames [was: failed to clone iptables,ipset,nftables], Werner Koch
  - Re: Fail to clone iptables,ipset,nftables, Sunny73Cr
[PATCH net-next,v2 0/7] Netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH net-next 2/7] netfilter: xt_cgroup: Make it independent from net_cls, Pablo Neira Ayuso
- [PATCH net-next 3/7] net: cgroup: Guard users of sock_cgroup_classid(), Pablo Neira Ayuso
- [PATCH net-next 5/7] netfilter: conntrack: Remove redundant NFCT_ALIGN call, Pablo Neira Ayuso
- [PATCH net-next 6/7] docs: tproxy: fix formatting for nft code block, Pablo Neira Ayuso
- [PATCH net-next 1/7] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies(), Pablo Neira Ayuso
- [PATCH net-next 7/7] netfilter: nf_tables: export set count and backend name to userspace, Pablo Neira Ayuso
- [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Pablo Neira Ayuso
- Re: [PATCH net-next,v2 0/7] Netfilter updates for net-next, Jakub Kicinski
  - Re: [PATCH net-next,v2 0/7] Netfilter updates for net-next, Florian Westphal
[PATCH nf-next] tools: selftests: prepare for non-default IP_TABLES_LEGACY, Florian Westphal
- Re: [PATCH nf-next] tools: selftests: prepare for non-default IP_TABLES_LEGACY, Pablo Neira Ayuso
[PATCH 5.10/5.15/6.1] netfilter: ipt_CLUSTERIP: change mutex location, Evgeny Pimenov
[PATCH nf-next] netfilter: nf_tables: fix debug splat when dumping pipapo avx2 set, Florian Westphal
- Re: [PATCH nf-next] netfilter: nf_tables: fix debug splat when dumping pipapo avx2 set, Pablo Neira Ayuso
[iptables PATCH] xshared: Accept an option if any given command allows it, Phil Sutter
- Re: [iptables PATCH] xshared: Accept an option if any given command allows it, Phil Sutter
  - Re: [iptables PATCH] xshared: Accept an option if any given command allows it, Adam Nielsen
    - Re: [iptables PATCH] xshared: Accept an option if any given command allows it, Phil Sutter
      - Re: [iptables PATCH] xshared: Accept an option if any given command allows it, Adam Nielsen
        
        Re: [iptables PATCH] xshared: Accept an option if any given command allows it, Phil Sutter
        
        Re: [iptables PATCH] xshared: Accept an option if any given command allows it, Adam Nielsen
[PATCH nf-next] selftests: netfilter: nft_fib.sh: check lo packets bypass fib lookup, Florian Westphal
- Re: [PATCH nf-next] selftests: netfilter: nft_fib.sh: check lo packets bypass fib lookup, Pablo Neira Ayuso
Bug: iptables -L and -Z at the same time now refuses other options, Adam Nielsen
[PATCH v2 nf-next] netfilter: nf_conntrack: speed up reads from nf_conntrack proc file, Florian Westphal
[ANNOUNCE] nftables 1.1.3 release, Pablo Neira Ayuso
- UNSUBSCRIBE, Vink, Ronald
[no subject], Unknown
[PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
- Re: [PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate, Florian Westphal
  - Re: [PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate, Shaun Brady
    - Re: [PATCH] netfilter: nf_tables: Implement jump limit for nft_table_validate, Florian Westphal
[PATCH nf-next] netfilter: use `NFPROTO_*` constants in "nf-logger-" module aliasses, Jeremy Sowden
- Re: [PATCH nf-next] netfilter: use `NFPROTO_*` constants in "nf-logger-" module aliasses, Jeremy Sowden
[PATCH ulogd2 0/6] Add support for logging ARP packets, Jeremy Sowden
- [PATCH ulogd2 3/6] IP2HBIN, IP2STR: correct typo's, Jeremy Sowden
- [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes, Jeremy Sowden
  - Re: [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes, Florian Westphal
    - Re: [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes, Jeremy Sowden
      - Re: [PATCH ulogd2 2/6] db, IP2BIN: correct `format_ipv6()` output buffer sizes, Florian Westphal
- [PATCH ulogd2 1/6] IP2STR: correct address buffer size, Jeremy Sowden
- [PATCH ulogd2 4/6] IP2BIN, IP2HBIN, IP2STR: refactor `interp` call-backs, Jeremy Sowden
- [PATCH ulogd2 6/6] Add support for logging ARP packets, Jeremy Sowden
- [PATCH ulogd2 5/6] Use `NFPROTO_*` constants for protocol families, Jeremy Sowden
[PATCH nft] evalute: make vlan pcp updates work, Florian Westphal
- Re: [PATCH nft] evalute: make vlan pcp updates work, Pablo Neira Ayuso
[PATCH nft] netlink: bogus concatenated set ranges with netlink message overrun, Pablo Neira Ayuso
[PATCH nf-next v2] netfilter: nft_quota: match correctly when the quota just depleted, Zhongqiu Duan
- Re: [PATCH nf-next v2] netfilter: nft_quota: match correctly when the quota just depleted, Pablo Neira Ayuso
[PATCH nf-next] selftests: netfilter: add conntrack stress test, Florian Westphal
- Re: [PATCH nf-next] selftests: netfilter: add conntrack stress test, Pablo Neira Ayuso
[nftables PATCH v3] tools: add a systemd unit for static rulesets, Jan Engelhardt
- Re: [nftables PATCH v3] tools: add a systemd unit for static rulesets, Eric Garver
- Re: [nftables PATCH v3] tools: add a systemd unit for static rulesets, Pablo Neira Ayuso
[PATCH nft] Revert "intervals: do not merge intervals with different timeout", Pablo Neira Ayuso
- Re: [PATCH nft] Revert "intervals: do not merge intervals with different timeout", Florian Westphal
  - Re: [PATCH nft] Revert "intervals: do not merge intervals with different timeout", Pablo Neira Ayuso
[syzbot] Monthly netfilter report (Apr 2025), syzbot
[PATCH] tests: shell: Update packetpath/flowtables, Yi Chen
- Re: [PATCH] tests: shell: Update packetpath/flowtables, Florian Westphal
[PATCH 1/2 libnftnl] src: use uint64_t for flags fields, Fernando Fernandez Mancera
- [PATCH 2/2 libnftnl] tunnel: add support to geneve, Fernando Fernandez Mancera
  - Re: [PATCH 2/2 libnftnl] tunnel: add support to geneve, Fernando Fernandez Mancera
[nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Phil Sutter
- [nf-next PATCH v6 01/12] netfilter: nf_tables: Introduce functions freeing nft_hook objects, Phil Sutter
- [nf-next PATCH v6 09/12] netfilter: nf_tables: Handle NETDEV_CHANGENAME events, Phil Sutter
- [nf-next PATCH v6 03/12] netfilter: nf_tables: Introduce nft_register_flowtable_ops(), Phil Sutter
- [nf-next PATCH v6 11/12] netfilter: nf_tables: Add notications for hook changes, Phil Sutter
- [nf-next PATCH v6 02/12] netfilter: nf_tables: Introduce nft_hook_find_ops{,_rcu}(), Phil Sutter
- [nf-next PATCH v6 10/12] netfilter: nf_tables: Support wildcard netdev hook specs, Phil Sutter
- [nf-next PATCH v6 07/12] netfilter: nf_tables: Respect NETDEV_REGISTER events, Phil Sutter
- [nf-next PATCH v6 05/12] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook, Phil Sutter
- [nf-next PATCH v6 08/12] netfilter: nf_tables: Wrap netdev notifiers, Phil Sutter
- [nf-next PATCH v6 04/12] netfilter: nf_tables: Pass nf_hook_ops to nft_unregister_flowtable_hook(), Phil Sutter
- [nf-next PATCH v6 06/12] netfilter: nf_tables: Prepare for handling NETDEV_REGISTER events, Phil Sutter
- [nf-next PATCH v6 12/12] selftests: netfilter: Torture nftables netdev hooks, Phil Sutter
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Phil Sutter
  - Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Pablo Neira Ayuso
    - Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Phil Sutter
- Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Pablo Neira Ayuso
  - Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Phil Sutter
    - Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Phil Sutter
    - Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Pablo Neira Ayuso
      - Re: [nf-next PATCH v6 00/12] Dynamic hook interface binding part 2, Phil Sutter
[PATCH nf] netfilter: conntrack: fix erronous removal of offload bit, Florian Westphal
[ANNOUNCE] nftables 1.1.2 release, Pablo Neira Ayuso
- Re: [ANNOUNCE] nftables 1.1.2 release, Jan Engelhardt
  - Re: [ANNOUNCE] nftables 1.1.2 release, Pablo Neira Ayuso
[ANNOUNCE] libnftnl 1.2.9 release, Pablo Neira Ayuso
[PATCH net-next v2 08/18] netfilter: nf_dup_netdev: Move the recursion counter struct netdev_xmit, Sebastian Andrzej Siewior
[PATCH net-next v2 07/18] netfilter: nft_inner: Use nested-BH locking for nft_pcpu_tun_ctx, Sebastian Andrzej Siewior
[PATCH libnftnl] tunnel: add missing inner nested netlink attribute for vxlan options, Fernando Fernandez Mancera
[PATCH v2 4/5] ipvs: ip_vs_conn_expire_now: Rename del_timer in comment, WangYuli
Re: [PATCH V5] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Jakub Kicinski
- <Possible follow-ups>
- Re: [PATCH V5] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
Re: SYNPROXY affecting initial BBR throughput, Florian Westphal
- Re: SYNPROXY affecting initial BBR throughput, Pablo Neira Ayuso
[PATCH nft] parser_bison: add selector_expr rule to restrict typeof_expr, Pablo Neira Ayuso
[no subject], Unknown
[PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation, Pablo Neira Ayuso
- [PATCH nf-next,v2 2/2] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v2 2/2] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX, Stefano Brivio
- Re: [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation, Stefano Brivio
- <Possible follow-ups>
- [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation, Pablo Neira Ayuso
  - [PATCH nf-next,v2 2/2] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX, Pablo Neira Ayuso
  - Re: [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation, Stefano Brivio
    - Re: [PATCH nf-next,v2 1/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nft_set_pipapo: prevent overflow in allocations, Pablo Neira Ayuso
[PATCH] net: Move specific fragmented packet to slow_path instead of dropping it, Huajian Yang
- Re: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it, Florian Westphal
  - 答复: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it, Yang Huajian（杨华健）
- <Possible follow-ups>
- [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it, Huajian Yang
  - Re: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it, Florian Westphal
    - 答复: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it, Yang Huajian（杨华健）
    - Re: [PATCH] net: Move specific fragmented packet to slow_path instead of dropping it, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota, Zhongqiu Duan
- Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota, Zhongqiu Duan
    - Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota, Pablo Neira Ayuso
      - Re: [PATCH nf] netfilter: nft_quota: make nft_overquota() really over the quota, Zhongqiu Duan
[PATCH nft] optimize: invalidate merge in case of duplicated key in set/map, Pablo Neira Ayuso
[PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward, Huajian Yang
- Re: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward, Simon Horman
- <Possible follow-ups>
- [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward, Huajian Yang
  - Re: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward, Florian Westphal
    - 答复: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward, Yang Huajian（杨华健）
      - Re: 答复: [PATCH] net: Expand headroom to send fragmented packets in bridge fragment forward, Florian Westphal
Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
- Message not available
  - Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
    - Message not available
      - Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
    - Message not available
      - Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
        
        Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
[no subject], Unknown
[RFC bpf-next 00/13] bpf: Introduce modular verifier, Daniel Xu
- [RFC bpf-next 11/13] treewide: bpf: Export symbols used by verifier, Daniel Xu
  - Re: [RFC bpf-next 11/13] treewide: bpf: Export symbols used by verifier, Alexei Starovoitov
[PATCH v2 nf-next 0/3] flow offload teardown when layer 2 roaming, Eric Woudstra
- [PATCH v2 nf-next 2/3] netfilter: nf_flow_table_core: teardown direct xmit when destination changed, Eric Woudstra
  - Re: [PATCH v2 nf-next 2/3] netfilter: nf_flow_table_core: teardown direct xmit when destination changed, Simon Horman
- [PATCH v2 nf-next 1/3] netfilter: flow: Add bridge_vid member, Eric Woudstra
- [PATCH v2 nf-next 3/3] netfilter: nf_flow_table_ip: don't follow fastpath when marked teardown, Eric Woudstra
- Re: [PATCH v2 nf-next 0/3] flow offload teardown when layer 2 roaming, Eric Woudstra
[PATCH v11 nf-next 0/6] netfilter: Add bridge-fastpath, Eric Woudstra
- [PATCH v11 nf-next 6/6] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval(), Eric Woudstra
  - Re: [PATCH v11 nf-next 6/6] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval(), Simon Horman
    - Re: [PATCH v11 nf-next 6/6] netfilter: nft_flow_offload: Add bridgeflow to nft_flow_offload_eval(), Eric Woudstra
- [PATCH v11 nf-next 2/6] net: core: dev: Add dev_fill_bridge_path(), Eric Woudstra
- [PATCH v11 nf-next 4/6] netfilter: nf_flow_table_inet: Add nf_flowtable_type flowtable_bridge, Eric Woudstra
- [PATCH v11 nf-next 1/6] bridge: Add filling forward path from port to port, Eric Woudstra
- [PATCH v11 nf-next 3/6] netfilter :nf_flow_table_offload: Add nf_flow_rule_bridge(), Eric Woudstra
- [PATCH v11 nf-next 5/6] netfilter: nft_flow_offload: Add NFPROTO_BRIDGE to validate, Eric Woudstra
[PATCH v11 nf-next 0/3] netfilter: fastpath fixes, Eric Woudstra
- [PATCH v11 nf-next 3/3] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW, Eric Woudstra
- [PATCH v11 nf-next 1/3] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info(), Eric Woudstra
- [PATCH v11 nf-next 2/3] bridge: No DEV_PATH_BR_VLAN_UNTAG_HW for dsa foreign, Eric Woudstra
[PATCH v11 nf-next 0/2] conntrack: bridge: add double vlan, pppoe and pppoe-in-q, Eric Woudstra
- [PATCH v11 nf-next 2/2] netfilter: nft_chain_filter: Add bridge double vlan and pppoe, Eric Woudstra
- [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe, Eric Woudstra
  - Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe, Florian Westphal
    - Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe, Pablo Neira Ayuso
    - Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe, Eric Woudstra
      - Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe, Florian Westphal
        
        Re: [PATCH v11 nf-next 1/2] netfilter: bridge: Add conntrack double vlan and pppoe, Eric Woudstra
[PATCH v11 nf-next 0/2] Add nf_flow_encap_push() for xmit direct, Eric Woudstra
- [PATCH v11 nf-next 1/2] net: pppoe: avoid zero-length arrays in struct pppoe_hdr, Eric Woudstra
  - Re: [PATCH v11 nf-next 1/2] net: pppoe: avoid zero-length arrays in struct pppoe_hdr, Kees Cook
- [PATCH v11 nf-next 2/2] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct, Eric Woudstra
- Re: [PATCH v11 nf-next 0/2] Add nf_flow_encap_push() for xmit direct, Pablo Neira Ayuso
  - Re: [PATCH v11 nf-next 0/2] Add nf_flow_encap_push() for xmit direct, Eric Woudstra
[RFC PATCH v1 nf-next] selftests: netfilter: Add bridge_fastpath.sh, Eric Woudstra
[PATCH v2 nftables 0/4] src: print count variable in normal set listings, Florian Westphal
- [PATCH v2 nftables 2/4] debug: include kernel set information on cache fill, Florian Westphal
- [PATCH v2 nftables 4/4] tests: shell: add feature check for count output change, Florian Westphal
- [PATCH v2 nftables 1/4] tests/py: prepare for set debug change, Florian Westphal
- [PATCH v2 nftables 3/4] src: print count variable in normal set listings, Florian Westphal
[PATCH v2 libnftnl] set: dump set backend name (hash, rbtree...) and elem count, if available, Florian Westphal
[PATCH v2 nf-next] netfilter: nf_tables: export set count and backend name to userspace, Florian Westphal
- Re: [PATCH v2 nf-next] netfilter: nf_tables: export set count and backend name to userspace, Pablo Neira Ayuso
Re: [PATCH V2] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
- Message not available
  - Re: [PATCH V2] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
[PATCH v2 nf-next] docs: tproxy: fix formatting for nft code block, Chen Linxuan
- Re: [PATCH v2 nf-next] docs: tproxy: fix formatting for nft code block, Bagas Sanjaya
- Re: [PATCH v2 nf-next] docs: tproxy: fix formatting for nft code block, Pablo Neira Ayuso
[PATCH v3 nf 0/3] nft_set_pipapo: fix incorrect avx2 match of 5th field octet, Florian Westphal
- [PATCH v3 nf 1/3] nft_set_pipapo: fix incorrect avx2 match of 5th field octet, Florian Westphal
- [PATCH v3 nf 3/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Florian Westphal
  - Re: [PATCH v3 nf 3/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Stefano Brivio
    - Re: [PATCH v3 nf 3/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Florian Westphal
      - Re: [PATCH v3 nf 3/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Pablo Neira Ayuso
- [PATCH v3 nf 2/3] selftests: netfilter: add test case for recent mismatch bug, Florian Westphal
Re: [PATCH] docs: tproxy: fix formatting for nft code block, Simon Horman
- <Possible follow-ups>
- Re: [PATCH] docs: tproxy: fix formatting for nft code block, Bagas Sanjaya
Re: [PATCH] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Florian Westphal
- Re: [PATCH] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl, Jan Engelhardt
[PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Sebastian Andrzej Siewior
- Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Pablo Neira Ayuso
  - Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Sebastian Andrzej Siewior
    - Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Florian Westphal
      - Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Sebastian Andrzej Siewior
        
        Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Florian Westphal
        
        Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Sebastian Andrzej Siewior
        
        Re: [PATCH v4] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Florian Westphal
[PATCH 1/1] netfilter: Exclude LEGACY TABLES on PREEMPT_RT., Pablo Neira Ayuso
[PATCH v2 nf 0/3] nft_set_pipapo: fix incorrect avx2 match of 5th field octet, Florian Westphal
- [PATCH v2 nf 1/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Florian Westphal
  - Re: [PATCH v2 nf 1/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Stefano Brivio
    - Re: [PATCH v2 nf 1/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Florian Westphal
- [PATCH v2 nf 3/3] selftests: netfilter: add test case for recent mismatch bug, Florian Westphal
- [PATCH v2 nf 2/3] nft_set_pipapo: fix incorrect avx2 match of 5th field octet, Florian Westphal
[PATCH nf-next] netfilter: Remove redundant NFCT_ALIGN call, Xuanqiang Luo
- Re: [PATCH nf-next] netfilter: Remove redundant NFCT_ALIGN call, Florian Westphal
- Re: [PATCH nf-next] netfilter: Remove redundant NFCT_ALIGN call, Pablo Neira Ayuso
[PATCH nf 0/3] nft_set_pipapo: fix incorrect avx2 match of 5th field octet, Florian Westphal
- [PATCH nf 1/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Florian Westphal
  - Re: [PATCH nf 1/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Stefano Brivio
    - Re: [PATCH nf 1/3] nft_set_pipapo: add avx register usage tracking for NET_DEBUG builds, Florian Westphal
- [PATCH nf 3/3] selftests: netfilter: add test case for recent mismatch bug, Florian Westphal
  - Re: [PATCH nf 3/3] selftests: netfilter: add test case for recent mismatch bug, Stefano Brivio
    - Re: [PATCH nf 3/3] selftests: netfilter: add test case for recent mismatch bug, sontu mazumdar
      - Re: [PATCH nf 3/3] selftests: netfilter: add test case for recent mismatch bug, Stefano Brivio
- [PATCH nf 2/3] nft_set_pipapo: fix incorrect avx2 match of 5th field octet, Florian Westphal
  - Re: [PATCH nf 2/3] nft_set_pipapo: fix incorrect avx2 match of 5th field octet, Stefano Brivio
[PATCH nft] evaluate: bail out early if referenced set is invalid, Florian Westphal
[PATCH net v1] netfilter: nft_tunnel: fix geneve_opt type confusion addition, Lin Ma
[PATCH nft] evaluate: bail out if ct saddr/daddr dependency cannot be inserted, Florian Westphal
- Re: [PATCH nft] evaluate: bail out if ct saddr/daddr dependency cannot be inserted, Pablo Neira Ayuso
[PATCH net] netfilter: nft_tunnel: fix geneve_opt type confusion addition, Lin Ma
- Re: [PATCH net] netfilter: nft_tunnel: fix geneve_opt type confusion addition, Pablo Neira Ayuso
  - Re: [PATCH net] netfilter: nft_tunnel: fix geneve_opt type confusion addition, Pablo Neira Ayuso
    - Re: [PATCH net] netfilter: nft_tunnel: fix geneve_opt type confusion addition, Lin Ma
      - Re: [PATCH net] netfilter: nft_tunnel: fix geneve_opt type confusion addition, Pablo Neira Ayuso
[PATCH nft 1/2] evaluate: rename recursion counter to recursion.binop, Florian Westphal
- [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations, Florian Westphal
  - Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations, Pablo Neira Ayuso
    - Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations, Florian Westphal
      - Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations, Pablo Neira Ayuso
        
        Re: [PATCH nft 2/2] evaluate: restrict allowed subtypes of concatenations, Florian Westphal
[PATCH nf,v2] netfilter: nf_tables: don't unregister hook when table is dormant, Pablo Neira Ayuso
[PATCH libnetfilter_queue] src: doc: Fix spelling and function name (x2), Duncan Roe
[PATCH nft] parser_json: only allow concatenations with 2 or more expressions, Florian Westphal
- Re: [PATCH nft] parser_json: only allow concatenations with 2 or more expressions, Pablo Neira Ayuso
[PATCH nft] optimize: expand expression list when merging into concatenation, Pablo Neira Ayuso
[PATCH nft] cache: prevent possible crash rule filter is NULL, Pablo Neira Ayuso
[PATCH nft 1/2] parser_json: allow statement stateful statement only in set elements, Pablo Neira Ayuso
- [PATCH nft 2/2] parser_json: bail out on malformed statement in set, Pablo Neira Ayuso
[PATCH nft] cache: don't crash when filter is NULL, Florian Westphal
- Re: [PATCH nft] cache: don't crash when filter is NULL, Pablo Neira Ayuso
  - Re: [PATCH nft] cache: don't crash when filter is NULL, Pablo Neira Ayuso
[PATCH nf] netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets only, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: don't unregister hook when table is dormant, Florian Westphal
- Re: [PATCH nf] netfilter: nf_tables: don't unregister hook when table is dormant, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_tables: don't unregister hook when table is dormant, Florian Westphal
[PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls, Michal Koutný
- [PATCH v3 1/3] netfilter: Make xt_cgroup independent from net_cls, Michal Koutný
- [PATCH v3 2/3] cgroup: Guard users of sock_cgroup_classid(), Michal Koutný
- Re: [PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls, Tejun Heo
- Re: [PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls, Michal Koutný
  - Re: [PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls, Pablo Neira Ayuso
    - Re: [PATCH v3 0/3] netfilter: Make xt_cgroup independent from net_cls, Michal Koutný
[PATCH nft] expression: incorrect assert() list_expr_to_binop, Pablo Neira Ayuso
[PATCH nft,v2] parser_json: reject empty jump/goto chain, Pablo Neira Ayuso
[syzbot] [netfilter?] WARNING in __nf_unregister_net_hook (8), syzbot
[PATCH nft] parser_json: reject empty jump/goto chain, Pablo Neira Ayuso
[PATCH nft] expression: initialize list of expression to silence gcc compile warning, Pablo Neira Ayuso
[PATCH nft 1/2] evaluate: compact STMT_F_STATEFUL checks, Florian Westphal
- [PATCH nft 2/2] evaluate: only allow stateful statements in set and map definitions, Florian Westphal
  - Re: [PATCH nft 2/2] evaluate: only allow stateful statements in set and map definitions, Florian Westphal
    - Re: [PATCH nft 2/2] evaluate: only allow stateful statements in set and map definitions, Pablo Neira Ayuso
- Re: [PATCH nft 1/2] evaluate: compact STMT_F_STATEFUL checks, Pablo Neira Ayuso
[PATCH nft 1/2] evaluate: reject: remove unused expr function argument, Florian Westphal
- [PATCH nft 2/2] evaluate: fix crash when generating reject statement error, Florian Westphal
  - Re: [PATCH nft 2/2] evaluate: fix crash when generating reject statement error, Pablo Neira Ayuso
- Re: [PATCH nft 1/2] evaluate: reject: remove unused expr function argument, Pablo Neira Ayuso
[PATCH ulogd2 1/2] ulog: remove input plugin, Corubba Smith
- [PATCH ulogd2 2/2] ulogd: remove libipulog, Corubba Smith
- Re: [PATCH ulogd2 1/2] ulog: remove input plugin, Florian Westphal
  - Re: [PATCH ulogd2 1/2] ulog: remove input plugin, Florian Westphal
    - Re: [PATCH ulogd2 1/2] ulog: remove input plugin, Corubba Smith
[iptables PATCH] extensions: icmp: Support info-request/-reply type names, Phil Sutter
- Re: [iptables PATCH] extensions: icmp: Support info-request/-reply type names, Phil Sutter
[PATCH nft] json: fix error protagation when parsing binop lhs/rhs, Florian Westphal
- Re: [PATCH nft] json: fix error protagation when parsing binop lhs/rhs, Pablo Neira Ayuso
[nft PATCH] tests: shell: Fix owner/0002-persist on aarch64, Phil Sutter
- Re: [nft PATCH] tests: shell: Fix owner/0002-persist on aarch64, Florian Westphal
  - Re: [nft PATCH] tests: shell: Fix owner/0002-persist on aarch64, Phil Sutter
[nft PATCH] tests: shell: Add socat availability feature test, Phil Sutter
- Re: [nft PATCH] tests: shell: Add socat availability feature test, Florian Westphal
  - Re: [nft PATCH] tests: shell: Add socat availability feature test, Phil Sutter
[PATCH nft v2] json: don't BUG when asked to list synproxies, Florian Westphal
- Re: [PATCH nft v2] json: don't BUG when asked to list synproxies, Pablo Neira Ayuso
[PATCH nft] expression: don't try to import empty string, Florian Westphal
- Re: [PATCH nft] expression: don't try to import empty string, Pablo Neira Ayuso
  - Re: [PATCH nft] expression: don't try to import empty string, Florian Westphal
    - Re: [PATCH nft] expression: don't try to import empty string, Pablo Neira Ayuso
[PATCH ulogd2,v3 1/4] ulogd: add linux namespace helper, Corubba Smith
- [PATCH ulogd2,v3 2/4] nfct: add network namespace support, Corubba Smith
- [PATCH ulogd2,v3 3/4] nflog: add network namespace support, Corubba Smith

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]