Linux Netfilter / IP Tables Devel
[Prev Page][Next Page]
- [PATCH 06/11] netfilter: nf_tables: add userdata attributes to nft_chain, (continued)
- [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters,
Gopal Yadav
- [PATCH nf-next] netfilter: nfnetlink: place subsys mutexes in distinct lockdep classes,
Florian Westphal
- [iptables PATCH] iptables-nft: fix basechain policy configuration,
Arturo Borrero Gonzalez
- [iptables PATCH] nft: Optimize class-based IP prefix matches,
Phil Sutter
- [net-next PATCH 0/2] netfilter: Improve inverted IP prefix matches,
Phil Sutter
- [PATCH] nft: migrate man page examples with `meter` directive to sets,
Devin Bayer
- iptables-nft-restore issue,
Arturo Borrero Gonzalez
- [PATCH libnetfilter_queue] doc: build: Reduce size of doxygen.cfg and doxygen build o/p, Duncan Roe
- [PATCH libnetfilter_queue] src: doc: Fix doxygen warning, Duncan Roe
- nftables bug?? Maybe, Evgeniy Yakubov
- [PATCH] ipvs: Add traffic statistic up even it is VS/DR or VS/TUN mode,
longguang.yue
- Re: general protection fault in strncasecmp, syzbot
- [iptables PATCH] nft: Fix for broken address mask match detection,
Phil Sutter
- [PATCH v4 nf-next] netfilter: nf_tables: add userdata attributes to nft_chain,
Jose M. Guisado Gomez
- [PATCH nf-next] netfilter: nf_tables: use nla_memdup to copy udata,
Jose M. Guisado Gomez
- KASAN: use-after-free Read in tcf_action_init,
syzbot
- [nftables] counter not working on kernel 5.6,
Gopal Yadav
- [PATCH v4] ipvs: adjust the debug info in function set_tcp_state,
longguang.yue
- [PATCH nf-next] netfilter: nf_tables: fix userdata memleak,
Jose M. Guisado Gomez
- BUG: unable to handle kernel paging request in dqput,
syzbot
- [PATCH 0/8] Fast bulk transfers of large sets of ct entries,
Mikhail Sennikovsky
- [nftables] dynamic flag missing from wiki and using counter, Gopal Yadav
- [PATCH] ipset: enable memory accounting for ipset allocations,
Vasily Averin
- [nft PATCH] evaluate: Reject quoted strings containing only wildcard,
Phil Sutter
- [PATCH 1/1 nf] selftests: netfilter: add time counter check,
Fabian Frederick
- [iptables PATCH v2 00/10] nft: Sorted chain listing et al.,
Phil Sutter
- [iptables PATCH v2 09/10] tests: shell: Drop any dump sorting in place, Phil Sutter
- [iptables PATCH v2 03/10] nft: cache: Introduce nft_cache_add_chain(), Phil Sutter
- [iptables PATCH v2 02/10] nft: Implement nft_chain_foreach(), Phil Sutter
- [iptables PATCH v2 10/10] nft: Avoid pointless table/chain creation, Phil Sutter
- [iptables PATCH v2 06/10] nft: Introduce struct nft_chain, Phil Sutter
- [iptables PATCH v2 07/10] nft: Introduce a dedicated base chain array, Phil Sutter
- [iptables PATCH v2 08/10] nft: cache: Sort custom chains by name, Phil Sutter
- [iptables PATCH v2 05/10] nft: cache: Move nft_chain_find() over, Phil Sutter
- [iptables PATCH v2 04/10] nft: Eliminate nft_chain_list_get(), Phil Sutter
- [iptables PATCH v2 01/10] nft: Fix selective chain compatibility checks, Phil Sutter
- [PATCH v2 nf-next] netfilter: nf_tables: add userdata attributes to nft_chain,
Jose M. Guisado Gomez
- [PATCH] ipvs: adjust the debug order of src and dst,
longguang.yue
- [iptables PATCH 0/3] libxtables: Fix for pointless socket() calls,
Phil Sutter
- [PATCH] Solves Bug 1388 - Combining --terse with --json has no effect (with test),
Gopal
- Re: UBSAN: array-index-out-of-bounds in arch_uprobe_analyze_insn,
syzbot
- [PATCH nf] netfilter: nft_immediate: No increment ctx->level for NFT_GOTO, Pablo Neira Ayuso
- KMSAN: uninit-value in gc_worker (3), syzbot
- [PATCH 0/3] add userdata and comment support for chains,
Jose M. Guisado Gomez
- KASAN: vmalloc-out-of-bounds Read in bpf_trace_run2,
syzbot
- 0x14: slides and papers posted, Jamal Hadi Salim
- [PATCH net-next] netfilter: nf_tables_offload: Remove unused macro FLOW_SETUP_BLOCK,
YueHaibing
- [PATCH net-next] ipvs: Remove unused macros,
YueHaibing
- [PATCH AUTOSEL 5.4 215/330] netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup(), Sasha Levin
- [PATCH net-next] netfilter: nf_tables: Remove ununsed function nft_data_debug, YueHaibing
- [PATCH libmnl] doxygen: Fixed link to the git source tree on the website.,
igo95862
- [PATCH nft] tests: py: flush log file output before running each command,
Pablo Neira Ayuso
- [PATCH nft 1/2] mnl: larger receive socket buffer for netlink errors,
Pablo Neira Ayuso
- [PATCH] Solves Bug 1388 - Combining --terse with --json has no effect,
Gopal Yadav
- [iptables] Multiple labels simultaneously, Amiq Nahas
- [PATCH nftables] parser_bison: fail when specifying multiple comments,
Jose M. Guisado Gomez
- [trivial PATCH] treewide: Convert switch/case fallthrough; to break;,
Joe Perches
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Gustavo A. R. Silva
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Keith Busch
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Jason Gunthorpe
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Mauro Carvalho Chehab
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Wolfram Sang
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Nicolas.Ferre
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Felipe Balbi
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Steffen Maier
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Ilya Dryomov
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Matthias Brugger
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Robin Murphy
- Re: [Intel-gfx] [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Jani Nikula
- Re: [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Miquel Raynal
- Re: [oss-drivers] [trivial PATCH] treewide: Convert switch/case fallthrough; to break;, Simon Horman
- [PATCH 3/3 nf] selftests: netfilter: remove unused cnt and simplify command testing, Fabian Frederick
- [PATCH 2/3 nf] selftests: netfilter: fix nft_meta.sh error reporting, Fabian Frederick
- [PATCH 1/3 nf] selftests: netfilter: add cpu counter check,
Fabian Frederick
- [PATCH] net/netfilter: fix a typo for nf_conntrack_proto_dccp.c,
Wang Qing
- [PATCH nf-next] netfilter: conntrack: proc: rename stat column,
Florian Westphal
- [PATCH 00/13] Netfilter updates for net-next,
Pablo Neira Ayuso
- [PATCH 12/13] selftests/net: replace obsolete NFT_CHAIN configuration, Pablo Neira Ayuso
- [PATCH 09/13] netfilter: nft_socket: add wildcard support, Pablo Neira Ayuso
- [PATCH 13/13] netfilter: nf_tables: add userdata support for nft_object, Pablo Neira Ayuso
- [PATCH 11/13] netfilter: ebt_stp: Remove unused macro BPDU_TYPE_TCN, Pablo Neira Ayuso
- [PATCH 07/13] netfilter: conntrack: remove unneeded nf_ct_put, Pablo Neira Ayuso
- [PATCH 10/13] ipvs: remove dependency on ip6_tables, Pablo Neira Ayuso
- [PATCH 08/13] netfilter: xt_HMARK: Use ip_is_fragment() helper, Pablo Neira Ayuso
- [PATCH 06/13] netfilter: conntrack: add clash resolution stat counter, Pablo Neira Ayuso
- [PATCH 05/13] netfilter: conntrack: remove ignore stats, Pablo Neira Ayuso
- [PATCH 04/13] netfilter: conntrack: do not increment two error counters at same time, Pablo Neira Ayuso
- [PATCH 03/13] netfilter: nf_tables: add userdata attributes to nft_table, Pablo Neira Ayuso
- [PATCH 01/13] netfilter: ip6t_NPT: rewrite addresses in ICMPv6 original packet, Pablo Neira Ayuso
- [PATCH 02/13] ipvs: Fix uninit-value in do_ip_vs_set_ctl(), Pablo Neira Ayuso
- Re: [PATCH 00/13] Netfilter updates for net-next, David Miller
- [nftables] TODO: Replace yy_switch_to_buffer by yypop_buffer_state and yypush_buffer_state,
Gopal Yadav
- INFO: trying to register non-static key in update_defense_level, syzbot
- Re: [PATCH 1/1 net-next] selftests/net: replace obsolete NFT_CHAIN configuration,
Jakub Kicinski
- [PATCH AUTOSEL 5.8 04/53] netfilter: conntrack: allow sctp hearbeat after connection re-use, Sasha Levin
- [PATCH AUTOSEL 5.8 06/53] netfilter: nft_set_rbtree: Detect partial overlap with start endpoint match, Sasha Levin
- [PATCH AUTOSEL 5.4 03/43] netfilter: conntrack: allow sctp hearbeat after connection re-use, Sasha Levin
- [PATCH AUTOSEL 4.19 03/26] netfilter: conntrack: allow sctp hearbeat after connection re-use, Sasha Levin
- Re: [PATCH net-net] netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled,
Simon Horman
- Can someone please update libnetfilter_queue online documentation,
Duncan Roe
- [PATCH nf] netfilter: nft_meta: use socket user_ns to retrieve skuid and skgid,
Pablo Neira Ayuso
- [PATCH net-next] netfilter: ebt_stp: Remove unused macro BPDU_TYPE_TCN,
Wang Hai
- [PATCH nft,v4] mergesort: find base value expression type via recursion, Pablo Neira Ayuso
- [PATCH nft,v3] mergesort: find base value expression type via recursion, Pablo Neira Ayuso
- [PATCH nft] mergesort: find base value expression type via recursion, Pablo Neira Ayuso
- [PATCH nf,v3] netfilter: nf_tables: coalesce multiple notifications into one skbuff,
Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_tables: coalesce multiple notifications into one skbuff,
Pablo Neira Ayuso
- [PATCH 0/3] add object userdata and comment support,
Jose M. Guisado Gomez
- [PATCH nf] netfilter: ctnetlink: fix mark based dump filtering regression,
Martin Willi
- inserting rule at the top of the chain using libnftnl, JM
- [PATCH 1/2] xt_ACCOUNT: update prototype of `struct nf_sockopt_ops` `.set` call-back.,
Jeremy Sowden
- [PATCH xtables-addons] build: don't hard-code pkg-config.,
Jeremy Sowden
- KMSAN: uninit-value in translate_table, syzbot
- [PATCH xtables-addons] build: clean some extra build artefacts.,
Jeremy Sowden
- [no subject],
Balazs Scheidler
- [PATCH] netfilter: No increment ctx->level for NFT_GOTO, Steve Hill
- [PATCH nf-next] netfilter: nft_socket: add wildcard support,
Pablo Neira Ayuso
- [PATCH] Remove ipvs v6 dependency on iptables,
Lach
- [PATCH] netfilter: nf_tables: coalesce multiple notifications into one skbuff,
Pablo Neira Ayuso
- [PATCH] netfilter: nftables: fix documentation for dup statement,
Quentin Armitage
- [PATCH net-next] netfilter: xt_HMARK: Use ip_is_fragment() helper,
YueHaibing
- [PATCH nf-next v3 0/3] Netfilter egress hook,
Lukas Wunner
- [PATCH lnf-conntrack] include: add CTA_STATS_CLASH_RESOLVE, Florian Westphal
- [PATCH conntrack-tools] conntrack: add support for CLASH_RESOLVED counter, Florian Westphal
- [PATCH nf-next 0/4] netfilter: revisit conntrack statistics,
Florian Westphal
- [PATCH nf] netfilter: conntrack: do not auto-delete clash entries on reply,
Florian Westphal
- [PATCH AUTOSEL 5.8 23/63] netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency, Sasha Levin
- [PATCH AUTOSEL 5.7 22/54] netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency, Sasha Levin
- [PATCH AUTOSEL 5.4 18/38] netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency, Sasha Levin
- [PATCH V2 5/5 nf] selftests: netfilter: add command usage, Fabian Frederick
- [PATCH V2 4/5 nf] selftests: netfilter: simplify command testing, Fabian Frederick
- [PATCH V2 3/5 nf] selftests: netfilter: remove unused variable in make_file(), Fabian Frederick
- [PATCH V2 2/5 nf] selftests: netfilter: exit on invalid parameters, Fabian Frederick
- [PATCH V2 1/5 nf] selftests: netfilter: fix header example,
Fabian Frederick
- [PATCH nf] netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS, Pablo Neira Ayuso
- [PATCH] net: netfilter: delete repeated words,
Randy Dunlap
- [PATCH nftables 0/4] socket: add support for "wildcard" key,
Balazs Scheidler
- nfnetlink: Busy-loop in nfnetlink_rcv_msg(),
Phil Sutter
- [PATCH AUTOSEL 5.7 55/61] netfilter: nf_tables: report EEXIST on overlaps, Sasha Levin
- [PATCH AUTOSEL 5.8 56/62] netfilter: nf_tables: report EEXIST on overlaps, Sasha Levin
- [PATCH nft,v2] src: add chain hashtable cache, Pablo Neira Ayuso
- [PATCH nft 1/2] src: add expression handler hashtable,
Pablo Neira Ayuso
- [PATCH nf v2] netfilter: nf_tables: fix destination register zeroing,
Florian Westphal
- [PATCH nf] netfilter: fix destination register zeroing, Florian Westphal
- [PATCH nft v2] nftables: dump raw element info from libnftnl when netlink debugging is on, Florian Westphal
- [PATCH nft] nftables: dump raw element info from libnftnl when netlink debugging is on, Florian Westphal
- bridge firewall "bypass" using VLAN 0 stacking, Etienne Champetier
- [PATCH libnftnl] libnftnl: export nftnl_set_elem_fprintf, Florian Westphal
- [PATCH nf 1/2] netfilter: nf_tables: add NFTA_SET_USERDATA if not null,
Pablo Neira Ayuso
- [PATCH 0/3] Add userdata and comment support for tables,
Jose M. Guisado Gomez
- [PATCH nft] mergesort: unbreak listing with binops, Pablo Neira Ayuso
- [PATCH nft] tests: sets: Check rbtree overlap detection after tree rotations, Stefano Brivio
- [PATCH nf 0/2] nft_set_rbtree: Two fixes for overlap detection on insert,
Stefano Brivio
- [iptables] connlabel, increase the number of labels supported, Amiq Nahas
- [iptables PATCH 0/4] ordered chain listing fallout,
Phil Sutter
- [PATCH nf v2] netfilter: conntrack: allow sctp hearbeat after connection re-use,
Florian Westphal
- KASAN: slab-out-of-bounds Write in xt_compat_target_from_user, syzbot
- [iptables] Use ipset with conntrack module,
Amiq Nahas
- [PATCH nft] src: add comment support for map too, Pablo Neira Ayuso
- [iptables PATCH] Makefile: Add missing man pages to CLEANFILES,
Phil Sutter
- [PATCH] netfilter: nf_conntrack_sip: fix parsing error,
Tong Zhang
- iptables: undefined symbol xtables_fini, Amiq Nahas
- [PATCH nf] netfilter: nft_set_rbtree: revisit partial overlap detection,
Pablo Neira Ayuso
- [PATCH 2/2 nf] selftests: netfilter: exit on invalid parameters,
Fabian Frederick
- [PATCH 1/2 nf] selftests: netfilter: fix header example, Fabian Frederick
- KMSAN: uninit-value in __skb_checksum_complete (5),
syzbot
- [PATCH nf] netfilter: nftables: permit any priority for nat hooks, Florian Westphal
- [PATCH nf] netfilter: conntrack: allow sctp hearbeat after connection re-use, Florian Westphal
- [PATCH lnf-conntrack] conntrack: sctp: update states,
Florian Westphal
- [PATCH lnf-conntrack] conntrack: dccp print function should use dccp state,
Florian Westphal
- iptables memory leak,
Maciej Żenczykowski
- [PATCH nf] netfilter: free chain context when BINDING flag is missing,
Florian Westphal
- KASAN: wild-memory-access Read in do_ebt_set_ctl, syzbot
- memory leak in nf_tables_addchain, syzbot
- general protection fault in ip6t_do_table (2), syzbot
- [PATCH libnftnl] udata: add NFTNL_UDATA_SET_COMMENT,
Jose M. Guisado Gomez
- [Linux-kernel-mentees] [PATCH net] ipvs: Fix uninit-value in do_ip_vs_set_ctl(),
Peilin Ye
- [PATCH nf] netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency,
Florian Westphal
- [PATCH nf] netfilter: nft_compat: remove flush counter optimization,
Florian Westphal
- [PATCH 3/3 linux-next] selftests: netfilter: kill running process only,
Fabian Frederick
- [PATCH 2/3 linux-next] selftests: netfilter: add MTU arguments to flowtables,
Fabian Frederick
- [PATCH 1/3 linux-next] selftests: netfilter: add checktool function,
Fabian Frederick
- [iptables PATCH] xtables-monitor: Fix ip6tables rule printing,
Phil Sutter
- [iptables PATCH v2 1/2] nft: Fix command name in ip6tables error message,
Phil Sutter
- WARNING in compat_do_ebt_get_ctl,
syzbot
- [PATCH v2] net/ipv6/netfilter/ip6t_NPT: rewrite addresses in ICMPv6 original packet,
Michael Zhou
- [PATCH nft] src: cache gets out of sync in interactive mode, Pablo Neira Ayuso
- [iptables PATCH] tests: shell: Merge and extend return codes test, Phil Sutter
- xtables-addon official website changed from sourceforge to inai.de?,
Amish
- Re: WARNING: refcount bug in l2cap_global_chan_by_psm, syzbot
- [PATCH nft] segtree: memleaks in interval_map_decompose(), Pablo Neira Ayuso
- [PATCH nf,v2] netfilter: nf_tables: nft_exthdr: the presence return value should be little-endian,
Stephen Suryaputra
- [PATCH nft] src: add cookie support for rules,
Pablo Neira Ayuso
- [PATCH libnftnl] udata: add cookie support, Pablo Neira Ayuso
- [PATCH nf] netfilter: nf_tables: nft_exthdr: the presence return value should be little-endian,
Stephen Suryaputra
- Re: KASAN: use-after-free Read in hci_chan_del, syzbot
- [PATCH nft] tests: 0043concatenated_ranges_0: Fix checks for add/delete failures,
Stefano Brivio
- [PATCH nft v2] tests: 0044interval_overlap_0: Repeat insertion tests with timeout,
Stefano Brivio
- Re: KASAN: use-after-free Write in __sco_sock_close,
syzbot
- [PATCH nf-next 0/2] improve error reporting,
Pablo Neira Ayuso
- [PATCH nf] netfilter: nft_meta: fix iifgroup matching,
Florian Westphal
- [PATCH nf] selftests: netfilter: add meta iif/oif match test, Florian Westphal
- Re: WARNING in hci_conn_timeout,
syzbot
- [PATCH nft] src: fix obj list output when reset command,
Jose M. Guisado Gomez
- Re: WARNING: ODEBUG bug in cancel_delayed_work, syzbot
- [PATCH nft] evaluate: disregard ct address matching without family, Pablo Neira Ayuso
- Re: [PATCH nf] netfilter: nft_compat: make sure xtables destructors have run, Pablo Neira Ayuso
- KASAN: null-ptr-deref Write in amp_read_loc_assoc_final_data, syzbot
- [iptables PATCH] nft: Fix for ruleset flush while restoring,
Phil Sutter
- [PATCH nft] src: enable output with "nft --echo --json" and nftables syntax,
Jose M. Guisado Gomez
- [iptables PATCH] nft: Eliminate table list from cache,
Phil Sutter
- [PATCH nft] netlink_delinearize: transform binary operation to prefix only with values,
Pablo Neira Ayuso
- [nft PATCH] json: Expect refcount increment by json_array_extend(), Phil Sutter
- KASAN: vmalloc-out-of-bounds Read in get_counters, syzbot
- [PATCH 1/1] Improve detecting the kernel version logic, Philip Prindeville
- [PATCH nft 1/3] evaluate: flush set cache from the evaluation phase,
Pablo Neira Ayuso
- [PATCH nft 1/3] parser_bison: memleak symbol redefinition,
Pablo Neira Ayuso
- [PATCH 0/1] Netfilter OOB memory access security patch,
Will McVicker
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
