Linux TCP/IP Netfilter

Thread Index

[Prev Page][Next Page]

Plan B on BCP-38 implementation in NFTABLES
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: nftables: masquerading not applied consistently
- From: Thilo-Alexander Ginkel <thilo@xxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables: masquerading not applied consistently
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: nftables: masquerading not applied consistently
- From: Thilo-Alexander Ginkel <thilo@xxxxxxxxxx>
Re: nftables: masquerading not applied consistently
- From: Florian Westphal <fw@xxxxxxxxx>
nftables: masquerading not applied consistently
- From: Thilo-Alexander Ginkel <thilo@xxxxxxxxxx>
RE: libnftnl vlan type filter
- From: Andreas Hoefler <andreas.hoefler@xxxxxxxxxxxxxxxxxxxxxx>
Re: nftables: Counters Not Working with Sets of Type Interval
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
nftables: Set Elements Listing: One Per Line
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
nftables: Counters Not Working with Sets of Type Interval
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
iptables-nft and unsused default chains
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: iptables-nft replacement for /proc/net/ip_tables_names
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: libnftnl vlan type filter
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: iptables-nft replacement for /proc/net/ip_tables_names
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: IP masquerading not applied in TCP retransmission packets
- From: Aleksander Morgado <aleksander@xxxxxxxxxxxxx>
Re: IP masquerading not applied in TCP retransmission packets
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
IP masquerading not applied in TCP retransmission packets
- From: Aleksander Morgado <aleksander@xxxxxxxxxxxxx>
Re: iptables-nft replacement for /proc/net/ip_tables_names
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
iptables-nft replacement for /proc/net/ip_tables_names
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Moving from ipset to nftables: Sets not ready for prime time yet?
- From: "G.W. Haywood" <ged@xxxxxxxxxxxxxxxxxx>
libnftnl vlan type filter
- From: Andreas Hoefler <andreas.hoefler@xxxxxxxxxxxxxxxxxxxxxx>
Moving from ipset to nftables: Sets not ready for prime time yet?
- From: "Timo Sigurdsson" <public_timo.s@xxxxxxxxxxxxxx>
Re: nftables and connection tracking
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables and connection tracking
- From: Marek Greško <mgresko8@xxxxxxxxx>
Re: Filter source IP with UDP/514 destination port and change to UDP/9000
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: nftables and connection tracking
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nftables and connection tracking
- From: Marek Greško <mgresko8@xxxxxxxxx>
Filter source IP with UDP/514 destination port and change to UDP/9000
- From: Roberto Carna <robertocarna36@xxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: Hooman Mohajeri <mailinglister.hooman@xxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: "G.W. Haywood" <netfilter@xxxxxxxxxxxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: Hooman <mailinglister.hooman@xxxxxxxxx>
iptables hashlimit scrip and srcport
- From: jamez <djamez@xxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Is it possible to get a transparent proxy with Redsocks when using the new nftables?
- From: Verachten Bruno <gounthar@xxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
RE: callback on adding tables from mnl_cb_run for nftables
- From: Andreas Hoefler <andreas.hoefler@xxxxxxxxxx>
callback on adding tables from mnl_cb_run for nftables
- From: Andreas Hoefler <andreas.hoefler@xxxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [nft | wiki] List of updates since Linux kernel 3.13
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
[nft | wiki] List of updates since Linux kernel 3.13
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: Florian Westphal <fw@xxxxxxxxx>
[nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: nftables and connection tracking
- From: Marek Greško <mgresko8@xxxxxxxxx>
"Operation not supported" when using ct mark
- From: Adam Degenhardt <degenhardt.adam@xxxxxxxxx>
Re: nftables and connection tracking
- From: Marek Greško <mgresko8@xxxxxxxxx>
Re: nftables and connection tracking
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Address List
- From: Mario Vittorio Guenzi <jclark@xxxxxxxxxx>
Re: nftables and connection tracking
- From: Marek Greško <mgresko8@xxxxxxxxx>
Re: nftables and connection tracking
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nftables and connection tracking
- From: Marek Greško <mgresko8@xxxxxxxxx>
Re: nftables and connection tracking
- From: Florian Westphal <fw@xxxxxxxxx>
nftables and connection tracking
- From: Marek Greško <mgresko8@xxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: Alex Buie <alex.buie@xxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: "G.W. Haywood" <netfilter@xxxxxxxxxxxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: Hooman <mailinglister.hooman@xxxxxxxxx>
Re: ipsec matching in postrouting nat
- From: Florian Westphal <fw@xxxxxxxxx>
ipsec matching in postrouting nat
- From: Marek Greško <mgresko8@xxxxxxxxx>
Re: WiFi Hotspot Disable Neighbor discovery,Ask
- From: "G.W. Haywood" <netfilter@xxxxxxxxxxxxxxxxxx>
WiFi Hotspot Disable Neighbor discovery,Ask
- From: Hooman <mailinglister.hooman@xxxxxxxxx>
[ANNOUNCE] nftables 0.9.6 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: "Carrier Grade" NAT44 setup
- From: n3ph@xxxxxxxx
Re: "Carrier Grade" NAT44 setup
- From: Maximilian Wilhelm <max@xxxxxxxxxxx>
loadbalance 2 internet links
- From: paulo bruck <paulobruck1@xxxxxxxxx>
Re: Difficulties with ulog / NFCT
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: nftables drops related traffic
- From: Robin Kuiper <kuiper.robin@xxxxxxxxx>
Re: nftables drops related traffic
- From: "" <kfm@xxxxxxxxxxxxx>
nftables drops related traffic
- From: Robin Kuiper <kuiper.robin@xxxxxxxxx>
[ANNOUNCE] libnetfilter_queue 1.0.5 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Simplifying DNAT Rules using Maps
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: "Carrier Grade" NAT44 setup
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Looking to contribute to the nftables wiki
- From: "Gaelan Lloyd" <gaelan@xxxxxxxxxxx>
Re: Documentation.
- From: "G.W. Haywood" <ged@xxxxxxxxxxxxxxxxxx>
Re: Simplifying DNAT Rules using Maps
- From: Max Ehrlich <max.ehr@xxxxxxxxx>
Re: Simplifying DNAT Rules using Maps
- From: Max Ehrlich <max.ehr@xxxxxxxxx>
Re: Simplifying DNAT Rules using Maps
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Documentation.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Documentation.
- From: "G.W. Haywood" <netfilter@xxxxxxxxxxxxxxxxxx>
Re: meta day not working
- From: pauloric@xxxxxxxxxxxxxxxx
Re: meta day not working
- From: Florian Westphal <fw@xxxxxxxxx>
meta day not working
- From: pauloric@xxxxxxxxxxxxxxxx
[ANNOUNCE] nftables 0.9.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
"Carrier Grade" NAT44 setup
- From: Maximilian Wilhelm <max@xxxxxxxxxxx>
[ANNOUNCE] libnftnl 1.1.7 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] libnetfilter_queue 1.0.4 release
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Jan Engelhardt <jengelh@xxxxxxx>
Re: [MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Harald Welte <laforge@xxxxxxxxxxxx>
Simplifying DNAT Rules using Maps
- From: Max Ehrlich <max.ehr@xxxxxxxxx>
[ANNOUNCE] iptables 1.8.5 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
[MAINTENANCE] Shutting down FTP services at netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Expressive limitation: (daddr,dport) <--> (daddr',dport')
- From: Rick van Rein <rick@xxxxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Value too large for defined data type
- From: "ad^2" <adsquaired@xxxxxxxxx>
Re: Let me make sure I have this right (fib)
- From: Florian Westphal <fw@xxxxxxxxx>
Let me make sure I have this right (fib)
- From: Stephen Satchell <list@xxxxxxxxxxxx>
nft filter cgroup
- From: Christian Schneider <cschneider@xxxxxxxxxxxxx>
Re: Raw Expression for DNS name?
- From: "ad^2" <adsquaired@xxxxxxxxx>
AW: Raw Expression for DNS name?
- From: Thomas Bätzler <t.baetzler@xxxxxxxxxx>
Re: Raw Expression for DNS name?
- From: "ad^2" <adsquaired@xxxxxxxxx>
Re: Raw Expression for DNS name?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Raw Expression for DNS name?
- From: "ad^2" <adsquaired@xxxxxxxxx>
Re: iif versus meta fib iif
- From: Florian Westphal <fw@xxxxxxxxx>
iif versus meta fib iif
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: WTF, over
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: WTF, over (reformatted)
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: WTF, over
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: WTF, over
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
WTF, over
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Is this a correct usage of the FIB facility of NFTABLES? (BCP-38)
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: nftables: defining variables containing ipv6 adresses
- From: Ede Wolf <listac@xxxxxxxxxxxxxxxx>
Re: Timestamps, NFLOG, and ULOG
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Timestamps, NFLOG, and ULOG
- From: Korodev <korodev@xxxxxxxxx>
Re: Timestamps, NFLOG, and ULOG
- From: Florian Westphal <fw@xxxxxxxxx>
FIB filtering (comments, please) (reformatted)
- From: Stephen Satchell <list@xxxxxxxxxxxx>
FIB filtering (comments, please)
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Timestamps, NFLOG, and ULOG
- From: Korodev <korodev@xxxxxxxxx>
Fwd: Raw Expression matching DNS Query?
- From: "ad^2" <adsquaired@xxxxxxxxx>
Re: nftables: defining variables containing ipv6 adresses
- From: "Oliver O'Boyle" <oliver.oboyle@xxxxxxxxx>
nftables: defining variables containing ipv6 adresses
- From: Thomas Weberstaedt <thomas.weberstaedt@xxxxxxxxxxxxxxxx>
Re: Systemd, nftables, and iptables
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
saddr, daddr type determination
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: Systemd, nftables, and iptables
- From: Alexander Dahl <ada@xxxxxxxxxxx>
Re: Systemd, nftables, and iptables
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Systemd, nftables, and iptables
- From: "" <kfm@xxxxxxxxxxxxx>
Systemd, nftables, and iptables
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Netdev conf 0x14 update
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Re: Dynamic list for net's
- From: Іван Щербей <ivan@xxxxxxxxxxxx>
Re: Dynamic list for net's
- From: Іван Щербей <ivan@xxxxxxxxxxxx>
Re: Dynamic list for net's
- From: "" <kfm@xxxxxxxxxxxxx>
Dynamic list for net's
- From: Іван Щербей <ivan@xxxxxxxxxxxx>
POSTROUTING doesn't apply on all outgoing packets
- From: Walter Laub <walter.laub@xxxxxxxxxxx>
Re: nftables NAT & Gaming Consoles
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
-m statistic does not work with 5.6.8
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [Help] Allow website using iptables
- From: Marc SCHAEFER <schaefer@xxxxxxxxxxx>
Re: Correct usage of nf_ct_get
- From: b38911 Zxc <b38911@xxxxxxxxx>
Re: [Help] Allow website using iptables
- From: Mauricio Tavares <raubvogel@xxxxxxxxx>
Re: [Help] Allow website using iptables
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [Help] Allow website using iptables
- From: Sơn Đỗ <sondd1096@xxxxxxxxx>
Re: nftables NAT & Gaming Consoles
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: nftables NAT & Gaming Consoles
- From: zrm <zrm@xxxxxxxxxxxxxxx>
nftables NAT & Gaming Consoles
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: Firewall sometimes leaking [solved]
- From: Nick <netfilter@xxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: nftables: Strange Error When Adding Element to Named Set
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
nftables: Strange Error When Adding Element to Named Set
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Correct usage of nf_ct_get
- From: b38911 Zxc <b38911@xxxxxxxxx>
Re: [Help] Allow website using iptables
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Firewall sometimes leaking
- From: Nick <netfilter@xxxxxxxxxxx>
Re: Firewall sometimes leaking
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Firewall sometimes leaking
- From: Nick <netfilter@xxxxxxxxxxx>
Re: [Help] Allow website using iptables
- From: John Haxby <john.haxby@xxxxxxxxxx>
Re: [Help] Allow website using iptables
- From: Lazuardi Nasution <mrxlazuardin@xxxxxxxxx>
Re: [Help] Allow website using iptables
- From: Alessandro Vesely <vesely@xxxxxxx>
[Help] Allow website using iptables
- From: Sơn Đỗ <sondd1096@xxxxxxxxx>
Using the fib to classify endpoints.
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: Documentation Error on http://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching
- From: "" <kfm@xxxxxxxxxxxxx>
Documentation Error on http://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching
- From: Bob and Sally Public <bobandsally.public@xxxxxxxxxxx>
Re: idempotent nft delete table? (or: why does "flush table" delete rules but keep chains?)
- From: John Haxby <john.haxby@xxxxxxxxxx>
Re: Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
idempotent nft delete table? (or: why does "flush table" delete rules but keep chains?)
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: nftables
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: nftables and traffic control utility to QoS
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: cannot create a nat type base (pre/post routing) chain
- From: Norbert van Bolhuis <nvbolhuis@xxxxxxxxxxxx>
Re: cannot create a nat type base (pre/post routing) chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: cannot create a nat type base (pre/post routing) chain
- From: Norbert van Bolhuis <nvbolhuis@xxxxxxxxxxxx>
cannot create a nat type base (pre/post routing) chain
- From: Norbert van Bolhuis <nvbolhuis@xxxxxxxxxxxx>
Re: nftables
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Re: nftables
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
nftables
- From: Patrick Greiff <Patrick7878@xxxxxx>
Multicast routed packets do not get SNAT translation performed
- From: Stephen Deiters <sdeiters@xxxxxxxxx>
Questions around the use of timestamps
- From: Nikolaos Kakouros <nkak@xxxxxx>
nftables and traffic control utility to QoS
- From: "d.gubin" <d.gubin@xxxxxxxxxxx>
conntrack traffic statistics and connlabel
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Re: Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: Martin Gignac <martin.gignac@xxxxxxxxx>
Re: has somebody an idea what fills up the log (5050/udp)?
- From: zrm <zrm@xxxxxxxxxxxxxxx>
has somebody an idea what fills up the log (5050/udp)?
- From: "Walter H." <Walter.H@xxxxxxxxxxxxxxxxx>
Re: Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: Martin Gignac <martin.gignac@xxxxxxxxx>
Re: query re dynamic set and limiting
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
possible error in HOWTO
- From: Fred Maranhão <fred.maranhao@xxxxxxxxx>
Re: nfnetlink: This library is not meant as a public API for application developers.
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
ARP confirmed timestamp update on TCP data flow vs keep-alive
- From: "Steffen Heil (Mailinglisten)" <lists@xxxxxxxxxxxxxxx>
[PATCH v1 1/1] Update download script for DBIP database
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
[PATCH v1 1/1] update MaxMind URL's
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
[PATCH v1 1/1] Simplify unpacking start/end tuples from database
- From: "Philip Prindeville" <philipp@xxxxxxxxxxxxxxxxxxxxx>
Is viewing a "candidate" ruleset in 'nft list ruleset' format possible?
- From: Martin Gignac <martin.gignac@xxxxxxxxx>
query re dynamic set and limiting
- From: James Bond <jb666531@xxxxxxxxx>
WARNING: at net/sched/sch_generic.c - Reproducible crash & rcu stalls
- From: "Christopher S. Aker" <caker@xxxxxxxxxxxx>
Re: nfnetlink: This library is not meant as a public API for application developers.
- From: Alessandro Vesely <vesely@xxxxxxx>
marking/routing packets breaks the conntrack rule for NAT
- From: Mickael Bosch <mickael.bosch@xxxxxxxxxx>
Re: nfnetlink: This library is not meant as a public API for application developers.
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Hello, I have some questions about flowtable.
- From: James Bond <lfunwf@xxxxxxxxx>
Re: [ANNOUNCE] nftlb 0.6 release
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: validate IPsec outgoing packets using NFtables
- From: Florian Westphal <fw@xxxxxxxxx>
validate IPsec outgoing packets using NFtables
- From: Olivier Alabeatrix <oalabeatrix@xxxxxxxxx>
Re: extending element timeout
- From: Laura Garcia <nevola@xxxxxxxxx>
Re: extending element timeout
- From: Alvaro Leiva <alvaroflmiranda@xxxxxxxxx>
Re: extending element timeout
- From: Laura Garcia <nevola@xxxxxxxxx>
Re: extending element timeout
- From: Alvaro Leiva <alvaroflmiranda@xxxxxxxxx>
Re: extending element timeout
- From: Laura Garcia <nevola@xxxxxxxxx>
extending element timeout
- From: Alvaro Leiva <alvaroflmiranda@xxxxxxxxx>
Re: [ANNOUNCE] nftables 0.9.4 release
- From: Brett Mastbergen <bmastbergen@xxxxxxxxxxxx>
Re: [ANNOUNCE] nftables 0.9.4 release
- From: sbezverk <sbezverk@xxxxxxxxx>
Re: [ANNOUNCE] nftables 0.9.4 release
- From: Phil Sutter <phil@xxxxxx>
Re: [ANNOUNCE] nftables 0.9.4 release
- From: sbezverk <sbezverk@xxxxxxxxx>
Re: [ANNOUNCE] nftables 0.9.4 release
- From: Paweł Krawczyk <pawel.krawczyk@xxxxxxxx>
[ANNOUNCE] conntrack-tools 1.4.6
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] libnetfilter_conntrack 1.0.8 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] libnftnl 1.1.6 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] nftables 0.9.4 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [ANNOUNCE] nftlb 0.6 release
- From: Laura Garcia <nevola@xxxxxxxxx>
Re: [ANNOUNCE] nftlb 0.6 release
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
[ANNOUNCE] nftlb 0.6 release
- From: Laura Garcia <nevola@xxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: [nftables 0.9.2 | flow table] dynamic (soft) NETDEV
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Eric Garver <eric@xxxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Daniel <tech@xxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Robert Sander <r.sander@xxxxxxxxxxxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Robert Sander <r.sander@xxxxxxxxxxxxxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Daniel <tech@xxxxxxxxxx>
netem qdisc destroys traffic in other tc classes (HFSC classes)
- From: <kaskada@xxxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: Robert Sander <r.sander@xxxxxxxxxxxxxxxxxxx>
batch update of conntrack?
- From: <kaskada@xxxxxxxx>
Re: [nftables 0.9.2 | flow table] dynamic (soft) NETDEV
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: What is the BEST GUI frontend to iptables firewall?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2 | flow table] check whether it works?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nftables 0.9.2 | flow table] check whether it works?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [libnftnl] documentation?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables 0.9.2 | flow table] check whether it works?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [libnftnl] documentation?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [libnftnl] documentation?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [libnftnl] documentation?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [libnftnl] documentation?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [libnftnl] documentation?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
[libnftnl] documentation?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2 | flow table] check whether it works?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: A question about priority in chains
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: A question about priority in chains
- From: darius <dram@xxxxxxxxxxx>
Re: A question about priority in chains
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
A question about priority in chains
- From: darius <dram@xxxxxxxxxxx>
Re: tc question about ingress bandwidth splitting
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: tc question about ingress bandwidth splitting
- From: Marc SCHAEFER <schaefer@xxxxxxxxxxx>
Re: tc question about ingress bandwidth splitting
- From: Gáspár Lajos <swifty@xxxxxxxxx>
Re: Ipv6tov4 address Dnat
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Ipv6tov4 address Dnat
- From: Zheng konia <konianet@xxxxxxxxx>
tc question about ingress bandwidth splitting
- From: Philip Prindeville <philipp_subx@xxxxxxxxxxxxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Darius <dram@xxxxxxxxxxx>
[nftables 0.9.2 | flow table] check whether it works?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: TCP and UDP dport in the same rule
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
TCP and UDP dport in the same rule
- From: Darius <dram@xxxxxxxxxxx>
Re: nftables 0.9.3, sets with concatentation
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: nftables 0.9.3, sets with concatentation
- From: Stefan Hartmann <stefanh@xxxxxxxxxxxx>
[nftables 0.9.2 | flow table] dynamic (soft) NETDEV
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: nftables 0.9.3, sets with concatentation
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: nftables 0.9.3, sets with concatentation
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: nftables 0.9.3, sets with concatentation
- From: Florian Westphal <fw@xxxxxxxxx>
nftables 0.9.3, sets with concatentation
- From: Stefan Hartmann <stefanh@xxxxxxxxxxxx>
Interface group ID in flow tables?
- From: Robert White <rwhite@xxxxxxxxx>
Boundary Flag for "site" (IPv6) [Kernel Change?]
- From: Robert White <rwhite@xxxxxxxxx>
Re: [nftables 0.9.2] NETDEV packet drop vs. packet capture visibility
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2] NETDEV packet drop vs. packet capture visibility
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[nftables 0.9.2] NETDEV packet drop vs. packet capture visibility
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2 | kernel 4.19.93] flowtable throws error on deployment (not on check however)
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2 | kernel 4.19.93] flowtable - number of devices limited (7)?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2 | kernel 4.19.93] flowtable throws error on deployment (not on check however)
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nftables 0.9.2 | kernel 4.19.93] flowtable - number of devices limited (7)?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Advantage(s) of static over dynamic nftables sets?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: Advantage(s) of static over dynamic nftables sets?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Advantage(s) of static over dynamic nftables sets?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: Advantage(s) of static over dynamic nftables sets?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Advantage(s) of static over dynamic nftables sets?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: Advantage(s) of static over dynamic nftables sets?
- From: Florian Westphal <fw@xxxxxxxxx>
Advantage(s) of static over dynamic nftables sets?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
[nftables 0.9.2 | kernel 4.19.93] flowtable throws error on deployment (not on check however)
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
[nftables 0.9.2 | kernel 4.19.93] flowtable - number of devices limited (7)?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2 | kernel 4.19.93] dropping ct state untracked stops ipv6 connectivity
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables 0.9.2 | kernel 4.19.93] dropping ct state untracked stops ipv6 connectivity
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2 | kernel 4.19.93] dropping ct state untracked stops ipv6 connectivity
- From: Florian Westphal <fw@xxxxxxxxx>
[nftables 0.9.2 | kernel 4.19.93] dropping ct state untracked stops ipv6 connectivity
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: nft ingress won't work on wireless ?
- From: sean darcy <seandarcy2@xxxxxxxxx>
Re: Waiting until first release of NFTABLES
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Waiting until first release of NFTABLES
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: use libiptc to build a rule to allow tftp traffic
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: use libiptc to build a rule to allow tftp traffic
- From: Moyuan Chen <moyuan.chen@xxxxxxxxx>
Re: Restoring rulesets containing dynamic sets with counters
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: Restoring rulesets containing dynamic sets with counters
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: Restoring rulesets containing dynamic sets with counters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Restoring rulesets containing dynamic sets with counters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nft ingress won't work on wireless ?
- From: sean darcy <seandarcy2@xxxxxxxxx>
Restoring rulesets containing dynamic sets with counters
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
nftables wiki
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: nft ingress won't work on wireless ?
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables equivalent of "ipset test"?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: nftables equivalent of "ipset test"?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: nftables equivalent of "ipset test"?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: nftables equivalent of "ipset test"?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nftables equivalent of "ipset test"?
- From: "" <kfm@xxxxxxxxxxxxx>
nftables equivalent of "ipset test"?
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: Found extra tables in nft ruleset
- From: Lars Noodén <lars.nooden@xxxxxxx>
Re: nft ingress won't work on wireless ?
- From: sean darcy <seandarcy2@xxxxxxxxx>
nft ingress won't work on wireless ?
- From: sean darcy <seandarcy2@xxxxxxxxx>
Re: Demystifying sets
- From: jon_netfilter@xxxxxxxxxxxxxxxxx
Re: use numgen to create address in rule
- From: Dennett Ingram <d@xxxxxxxxxx>
Re: use numgen to create address in rule
- From: Laura Garcia <nevola@xxxxxxxxx>
Set timeout, gc-interval and size parameters
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
use numgen to create address in rule
- From: Dennett Ingram <d@xxxxxxxxxx>
Re: Found extra tables in nft ruleset
- From: Lars Noodén <lars.nooden@xxxxxxx>
Re: Found extra tables in nft ruleset
- From: Florian Westphal <fw@xxxxxxxxx>
Found extra tables in nft ruleset
- From: Lars Noodén <lars.nooden@xxxxxxx>
Re: Why inet table doesn't support nat prerouting chain?
- From: Glen Huang <heyhgl@xxxxxxxxx>
Re: Why inet table doesn't support nat prerouting chain?
- From: Florian Westphal <fw@xxxxxxxxx>
Why inet table doesn't support nat prerouting chain?
- From: Glen Huang <heyhgl@xxxxxxxxx>
Re: Is it possible to get a transparent proxy with Redsocks when using the new nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Is it possible to get a transparent proxy with Redsocks when using the new nftables?
- From: Verachten Bruno <gounthar@xxxxxxxxx>
LXD Container can't access trough host address
- From: Franz Schneider <Franz.Schneider@xxxxxxxxxxxxx>
Re: Is it possible to get a transparent proxy with Redsocks when using the new nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
Is it possible to get a transparent proxy with Redsocks when using the new nftables?
- From: Verachten Bruno <gounthar@xxxxxxxxx>
Re: nftables offload doesn't seem to work
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: Demystifying sets
- From: "" <kfm@xxxxxxxxxxxxx>
Re: nftables offload doesn't seem to work
- From: Patrick McLean <chutzpah@xxxxxxxxxx>
nftables offload doesn't seem to work
- From: Patrick McLean <chutzpah@xxxxxxxxxx>
Demystifying sets
- From: jon_netfilter@xxxxxxxxxxxxxxxxx
wiki acess
- From: pauloric@xxxxxxxxxxxxxxxx
Re: loadbalance with 2 or more links
- From: Laura Garcia <nevola@xxxxxxxxx>
loadbalance with 2 or more links
- From: pauloric@xxxxxxxxxxxxxxxx
Re: Waiting until first release of NFTABLES
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Waiting until first release of NFTABLES
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: Waiting until first release of NFTABLES
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Waiting until first release of NFTABLES
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: Waiting until first release of NFTABLES
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Waiting until first release of NFTABLES
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: Waiting until first release of NFTABLES
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
[ANNOUNCE] ipset 7.6 released
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Typo in the 'Mangle TCP options' wiki pages
- From: Pieter van Leuven <pieter@xxxxxxxxxxxxx>
Waiting until first release of NFTABLES
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: NFQUEUE/iptables and kernel warning messages for net/ipv4/tcp_output.c
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
Re: Automatically maintaining unique list of addresses
- From: Lars Noodén <lars.nooden@xxxxxxx>
Re: Automatically maintaining unique list of addresses
- From: pauloric@xxxxxxxxxxxxxxxx
Automatically maintaining unique list of addresses
- From: Lars Noodén <lars.nooden@xxxxxxx>
Re: NFQUEUE/iptables and kernel warning messages for net/ipv4/tcp_output.c
- From: Florian Westphal <fw@xxxxxxxxx>
Re: NFQUEUE/iptables and kernel warning messages for net/ipv4/tcp_output.c
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
Re: NFQUEUE/iptables and kernel warning messages for net/ipv4/tcp_output.c
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nftables "native interface" for IPv6 NPT?
- From: Haochen Tong <i@xxxxxxxxxxxx>
Re: Difficulties with ulog / NFCT
- From: Alessandro Vesely <vesely@xxxxxxx>
NFQUEUE/iptables and kernel warning messages for net/ipv4/tcp_output.c
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
Re: Difficulties with ulog / NFCT
- From: Anton Danilov <littlesmilingcloud@xxxxxxxxx>
Re: Difficulties with ulog / NFCT
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: Difficulties with ulog / NFCT
- From: Alessandro Vesely <vesely@xxxxxxx>
Resetting SKB CT
- From: Mathew Heard <me@xxxxxxxxxx>
Problems with CONNTRACK --restore-mark
- From: Bernd Jerzyna <bjerzyna@xxxxxxxxx>
Difficulties with ulog / NFCT
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: nfnetlink: This library is not meant as a public API for application developers.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [nftables] economics of reverse path filtering - FIB expression vs. kernel parameter
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables] economics of reverse path filtering - FIB expression vs. kernel parameter
- From: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>
Re: [nftables] economics of reverse path filtering - FIB expression vs. kernel parameter
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables] economics of reverse path filtering - FIB expression vs. kernel parameter
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
nfnetlink: This library is not meant as a public API for application developers.
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: manipulating the ttl
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: Youseok Yang <ileixe@xxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: Youseok Yang <ileixe@xxxxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: "" <kfm@xxxxxxxxxxxxx>
[nftables 0.9.2] does jump require a kconf to be set to get it working?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables] economics of reverse path filtering - FIB expression vs. kernel parameter
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: 양유석 <ileixe@xxxxxxxxx>
iptables MASQUERADE considering route source hints
- From: Max Stritzinger <max@xxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: "G.W. Haywood" <ged@xxxxxxxxxxxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: 양유석 <ileixe@xxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: 양유석 <ileixe@xxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: "G.W. Haywood" <ged@xxxxxxxxxxxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: "" <kfm@xxxxxxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: "G.W. Haywood" <ged@xxxxxxxxxxxxxxxxxx>
Re: Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: 양유석 <ileixe@xxxxxxxxx>
Does anybody experience kernel crush when 'ebtable -t nat -L'
- From: 양유석 <ileixe@xxxxxxxxx>
Re: Compiling nftables with stack-protector-strong fails checksec's canary check
- From: Glen Huang <heyhgl@xxxxxxxxx>
Compiling nftables with stack-protector-strong fails checksec's canary check
- From: Glen Huang <heyhgl@xxxxxxxxx>
[nftables] economics of reverse path filtering - FIB expression vs. kernel parameter
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
nftables "native interface" for IPv6 NPT?
- From: Haochen Tong <i@xxxxxxxxxxxx>
Netfilter state synchronisation in IPv6 only networks?
- From: Nico Schottelius <nico.schottelius@xxxxxxxxxxx>
Re: Metering is not working with dynamic sets on nft v0.9.2
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Metering is not working with dynamic sets on nft v0.9.2
- From: darius <dram@xxxxxxxxxxx>
Re: [firewall context] packet presentation for dual WAN interfaces on the same link - eth <> pppoe?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
[firewall context] packet presentation for dual WAN interfaces on the same link - eth <> pppoe?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: Redirect bridged traffic
- From: Jaga Doe <jaga.doe@xxxxxxx>
Re: Metering is not working with dynamic sets on nft v0.9.2
- From: Darius <dram@xxxxxxxxxxx>
Re: Metering is not working with dynamic sets on nft v0.9.2
- From: Darius <dram@xxxxxxxxxxx>
Re: Metering is not working with dynamic sets on nft v0.9.2
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Metering is not working with dynamic sets on nft v0.9.2
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Metering is not working with dynamic sets on nft v0.9.2
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Metering is not working with dynamic sets on nft v0.9.2
- From: darius <dram@xxxxxxxxxxx>
[nftables] inherent benefits from XDP?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2] inet <> ip | ip6 family tables processing order?
- From: Gordon Fisher <gordfisherman@xxxxxxxxx>
Re: Redirect bridged traffic
- From: Jaga Doe <jaga.doe@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] does redirect accept daddr?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] does redirect accept daddr?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] does redirect accept daddr?
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] does redirect accept daddr?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables] xtables-addons - GeoIP/ASN filter and lscan replicable?
- From: pauloric@xxxxxxxxxxxxxxxx
Re: Redirect bridged traffic
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Redirect bridged traffic
- From: Jaga Doe <jaga.doe@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] does redirect accept daddr?
- From: "" <kfm@xxxxxxxxxxxxx>
[nftables] xtables-addons - GeoIP/ASN filter and lscan replicable?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
[nftables v0.9.2 | kernel 4.19.93] does redirect accept daddr?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] MSS clamping rule possible in the inet family table?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] MSS clamping rule possible in the inet family table?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: Redirect bridged traffic
- From: Florian Westphal <fw@xxxxxxxxx>
Redirect bridged traffic
- From: Jaga Doe <jaga.doe@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: Florian Westphal <fw@xxxxxxxxx>
[nftables v0.9.2 | kernel 4.19.93] logging protocols in inet family table require explicit protocol statement?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] MSS clamping rule possible in the inet family table?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2] inet <> ip | ip6 family tables processing order?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables v0.9.2] inet <> ip | ip6 family tables processing order?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: BNF for nftables?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nftables routing decision
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] MSS clamping rule possible in the inet family table?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [nftables v0.9.2] inet <> ip | ip6 family tables processing order?
- From: Florian Westphal <fw@xxxxxxxxx>
[nftables v0.9.2] inet <> ip | ip6 family tables processing order?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
[nftables v0.9.2 | kernel 4.19.93] MSS clamping rule possible in the inet family table?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [MAINTENANCE] migrating git.netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: [MAINTENANCE] migrating git.netfilter.org
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [MAINTENANCE] migrating git.netfilter.org
- From: José M. Guisado <guigom@xxxxxxxxxx>
nftables simple configuration
- From: Jaga Doe <jaga.doe@xxxxxxx>
nftables routing decision
- From: Иванов Роман <krey@xxxxxxxxxx>
Re: Lint for nftables
- From: Paweł Krawczyk <pawel.krawczyk@xxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: "" <kfm@xxxxxxxxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: "" <kfm@xxxxxxxxxxxxx>
[nftables v0.9.2 | kernel 4.19.93] ICMPv6 ingress dropped despite accept rule
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Is it possible to differentiate a nmap port scan from a syn flood attack?
- From: Miriam Rico <miriam.rico@xxxxxxxxxxxx>
Re: Lint for nftables
- From: Florian Westphal <fw@xxxxxxxxx>
Lint for nftables
- From: Stephen Satchell <list@xxxxxxxxxxxx>
BNF for nftables?
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: [nftables v0.9.2] hoplimit mutually exclusive with with saddr/daddr?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
[nftables v0.9.2] hoplimit mutually exclusive with with saddr/daddr?
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: nft -f fails to merge some chains in same table but defined in separate blocks
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
nft -f fails to merge some chains in same table but defined in separate blocks
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
[MAINTENANCE] migrating git.netfilter.org
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables atomic updates
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Re: nftables atomic updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
nftables atomic updates
- From: Frank Myhr <fmyhr@xxxxxxxxxxx>
Multiples Chain with same hook - Default-Behavior?
- From: Thomas Luening <toml@xxxxxxx>
Re: nft icmp type all?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nft icmp type all?
- From: Robert Sander <r.sander@xxxxxxxxxxxxxxxxxxx>
Re: nft icmp type all?
- From: Robert Sander <r.sander@xxxxxxxxxxxxxxxxxxx>
Re: Bulk loading of IP addresses or subnets in nftables?
- From: Lars Noodén <lars.nooden@xxxxxxx>
Re: nft multiple port exception
- From: "" <kfm@xxxxxxxxxxxxx>
nft multiple port exception
- From: "david@xxxxxxxxx" <david@xxxxxxxxx>
Re: Bulk loading of IP addresses or subnets in nftables?
- From: "" <kfm@xxxxxxxxxxxxx>
Bulk loading of IP addresses or subnets in nftables?
- From: Lars Noodén <lars.nooden@xxxxxxx>
Re: nft icmp type all?
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
Re: nftables: Allow NAT Access with Timeout
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: manipulating the ttl
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
manipulating the ttl
- From: Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx>
Re: TCP 4 way handshake or TCP Split Handshake Attack
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nft icmp type all?
- From: "" <kfm@xxxxxxxxxxxxx>
nft icmp type all?
- From: Robert Sander <r.sander@xxxxxxxxxxxxxxxxxxx>
Re: TCP 4 way handshake or TCP Split Handshake Attack
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Re: TCP 4 way handshake or TCP Split Handshake Attack
- From: Florian Westphal <fw@xxxxxxxxx>
TCP 4 way handshake or TCP Split Handshake Attack
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Policy routing Docker host not forwarding return traffic if marked
- From: Felipe Arturo Polanco <felipeapolanco@xxxxxxxxx>
AW: nftables equivalent for iptables -m recent
- From: "Sig Pam" <spam@xxxxxxxxx>
Re: nftables: Allow NAT Access with Timeout
- From: "" <kfm@xxxxxxxxxxxxx>
nftables: Allow NAT Access with Timeout
- From: Mike Dillinger <miked@xxxxxxxxxxxxxx>
Re: nftables equivalent for iptables -m recent
- From: "" <kfm@xxxxxxxxxxxxx>
nftables equivalent for iptables -m recent
- From: "Sig Pam" <spam@xxxxxxxxx>
Re: nftables static routing fails
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nftables static routing fails
- From: david NEW <david@xxxxxxxxx>
Re: nftables static routing fails
- From: Daniel <tech@xxxxxxxxxx>
Re: nftables static routing fails
- From: Florian Westphal <fw@xxxxxxxxx>
nftables static routing fails
- From: david NEW <david@xxxxxxxxx>
[ANNOUNCE] ipset 7.5 released
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
Re: nft script file, using include with wildcards
- From: Florian Westphal <fw@xxxxxxxxx>
nft script file, using include with wildcards
- From: Alberto Spin <a.spin@xxxxxxxxxxx>
Re: Assertion error when using map
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Assertion error when using map
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: Assertion error when using map
- From: Florian Westphal <fw@xxxxxxxxx>
IPv6 parsing issues in conntrackd?
- From: Nico Schottelius <nico.schottelius@xxxxxxxxxxx>
nftables with secmark and ipsec
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Assertion error when using map
- From: Changli Gao <xiaosuo@xxxxxxxxx>
Re: [nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: [nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported
- From: "" <kfm@xxxxxxxxxxxxx>
[nft 0.9.2] cannot get sets to work - Error: Could not process rule: Not supported
- From: ѽ҉ᶬḳ℠ <vtol@xxxxxxx>
Re: RFC -- IPTABLES vs NFTABLES vs BPFILTER
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
RFC -- IPTABLES vs NFTABLES vs BPFILTER
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: Weird/High CPU usage caused by LOG target
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Weird/High CPU usage caused by LOG target
- From: Tom Yan <tom.ty89@xxxxxxxxx>
Re: Weird/High CPU usage caused by LOG target
- From: Tom Yan <tom.ty89@xxxxxxxxx>
Re: Weird/High CPU usage caused by LOG target
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Weird/High CPU usage caused by LOG target
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Weird/High CPU usage caused by LOG target
- From: Thomas Korimort <tomkori@xxxxxxx>
Weird/High CPU usage caused by LOG target
- From: Tom Yan <tom.ty89@xxxxxxxxx>
geoip not working as expected
- From: Felix <felix@xxxxxxxx>
Re: trying to duplicate udp packets destined for port 67 to port 6767 on same host
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
trying to duplicate udp packets destined for port 67 to port 6767 on same host
- From: Mike <mike@xxxxxxxxxx>
xt_cluster for IPv6
- From: Valentin Vidić <vvidic@xxxxxxxxxxxxxxxxxxxxxx>
How to forward marked packets with same local IP?
- From: Felipe Arturo Polanco <felipeapolanco@xxxxxxxxx>
[PATCH] nftables: Bump dependency on libnftnl to 1.1.5
- From: Jan-Philipp Litza <jpl@xxxxxxxxx>
Re: [ANNOUNCE] nftables 0.9.3 release
- From: Paweł Krawczyk <pawel.krawczyk@xxxxxxxx>
Re: nftables: No prefixes in anonymous sets?
- From: Jan-Philipp Litza <jpl+direct@xxxxxxxxx>
Re: [ANNOUNCE] ebtables 2.0.11 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] nftables 0.9.3 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nftables: No prefixes in anonymous sets?
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [ANNOUNCE] ebtables 2.0.11 release
- From: Jan Engelhardt <jengelh@xxxxxxx>
[ANNOUNCE] iptables 1.8.4 release
- From: Phil Sutter <phil@xxxxxxxxxxxxx>
[ANNOUNCE] ebtables 2.0.11 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] arptables 0.0.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[ANNOUNCE] libnftnl 1.1.5 release
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
nftables: No prefixes in anonymous sets?
- From: Jan-Philipp Litza <jpl+direct@xxxxxxxxx>
Re: WARNING: CPU: 9 PID: 0 at net/netfilter/nf_conntrack_core.c:977 __nf_conntrack_confirm+0x4e5/0x6f0 [nf_conntrack]
- From: Harald Dunkel <harald.dunkel@xxxxxxxxxx>
Re: WARNING: CPU: 9 PID: 0 at net/netfilter/nf_conntrack_core.c:977 __nf_conntrack_confirm+0x4e5/0x6f0 [nf_conntrack]
- From: Harald Dunkel <harald.dunkel@xxxxxxxxxx>
WARNING: CPU: 9 PID: 0 at net/netfilter/nf_conntrack_core.c:977 __nf_conntrack_confirm+0x4e5/0x6f0 [nf_conntrack]
- From: Harald Dunkel <harald.dunkel@xxxxxxxxxx>
Re: Mysql has problem with synproxy
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Netfilter hook doesn't see all packets
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
Re: Netfilter hook doesn't see all packets
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
Re: Netfilter hook doesn't see all packets
- From: Florian Westphal <fw@xxxxxxxxx>
Re: Netfilter hook doesn't see all packets
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
Re: Netfilter hook doesn't see all packets
- From: Gordon Fisher <gordfisherman@xxxxxxxxx>
Re: Doubts about netfilter + nftables and module
- From: Elias Valea Peri <eliasvp@xxxxxxxxx>
Re: Doubts about netfilter + nftables and module
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
Re: One more application available for nftables
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Netfilter hook doesn't see all packets
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
Re: One more application available for nftables
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Doubts about netfilter + nftables and module
- From: Elias Valea Peri <eliasvp@xxxxxxxxx>
How to prevent SNAT rules from being applied to 'ICMP time exceeded' responses?
- From: Gordon Fish <gordfisherman@xxxxxxxxx>
Re: One more application available for nftables
- From: Alessandro Vesely <vesely@xxxxxxx>
Mysql has problem with synproxy
- From: İbrahim Ercan <ibrahim.metu@xxxxxxxxx>
Re: One more application available for nftables
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Upgrading libnetfilter_queue to use nftables
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Netfilter hook doesn't see all packets
- From: Psyspy rambo <psyspy2020@xxxxxxxxx>
One more application available for nftables
- From: Matt <matt-nft@xxxxxxxxxxxx>
Re: ipset bitmap:port question
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
Re: ipset bitmap:port question
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
Re: ipset bitmap:port question
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
Re: ipset bitmap:port question
- From: İbrahim Ercan <ibrahim.metu@xxxxxxxxx>
Re: Upgrading libnetfilter_queue to use nftables
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: Upgrading libnetfilter_queue to use nftables
- From: Florian Westphal <fw@xxxxxxxxx>
ipset bitmap:port question
- From: A L <mail@xxxxxxxxxxxxxx>
Upgrading libnetfilter_queue to use nftables
- From: Alessandro Vesely <vesely@xxxxxxx>
Re: Trouble getting SYNPROXY to work.
- From: Pierluigi Frullani Sinergy <p.frullani@xxxxxxxxxx>
Re: Trouble getting SYNPROXY to work.
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
Re: Trouble getting SYNPROXY to work.
- From: Pigi <pigi@xxxxxxxxx>
Re: Trouble getting SYNPROXY to work.
- From: Fatih USTA <fatihusta86@xxxxxxxxx>
Trouble getting SYNPROXY to work.
- From: Pigi <pigi@xxxxxxxxx>
Re: ebtables dnat rule gets system frozen
- From: Florian Westphal <fw@xxxxxxxxx>
ebtables dnat rule gets system frozen
- From: Tom Yan <tom.ty89@xxxxxxxxx>
Length module, docs "incorrect" or something else?
- From: Andreas Sikkema <ramdyne@xxxxxxx>
[ANNOUNCE] ipset 7.4 released
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
Re: IPv6 nft vs ip6tables - Local incompatibility ?
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
Distinguish local from routed traffic
- From: Robert Dahlem <Robert.Dahlem@xxxxxxx>
Re: IPv6 nft vs ip6tables - Local incompatibility ?
- From: Florian Westphal <fw@xxxxxxxxx>
IPv6 nft vs ip6tables - Local incompatibility ?
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
Re: Named sets with timeout
- From: Laura Garcia <nevola@xxxxxxxxx>
Re: Named sets with timeout
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Re: Named sets with timeout
- From: Laura Garcia <nevola@xxxxxxxxx>
Re: Named sets with timeout
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
Re: Named sets with timeout
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Named sets with timeout
- From: Matt <matt-nft@xxxxxxxxxxxx>
Re: understanding my MASQURADING and SNAT problem
- From: Aaron Gray <aaronngray.lists@xxxxxxxxx>
Re: understanding my MASQURADING and SNAT problem
- From: Aaron Gray <aaronngray.lists@xxxxxxxxx>
Re: understanding my MASQURADING and SNAT problem
- From: Aaron Gray <aaronngray.lists@xxxxxxxxx>
Been having mail server issues so been unable to reply properly
- From: Aaron Gray <aaronngray.lists@xxxxxxxxx>
Re: understanding my MASQURADING and SNAT problem
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: understanding my MASQURADING and SNAT problem
- From: zrm <zrm@xxxxxxxxxxxxxxx>
Re: understanding my MASQURADING and SNAT problem
- From: zrm <zrm@xxxxxxxxxxxxxxx>
understanding my MASQURADING and SNAT problem
- From: Aaron Gray <aaronngray.lists@xxxxxxxxx>
Re: nftables v0.9.0 netlink: Error: set is not a map
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
How to implement transparent proxy in bridge through nftables
- From: Ttttabcd <ttttabcd@xxxxxxxxxxxxxx>
Re: nftables v0.9.0 netlink: Error: set is not a map
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
Snapped nftables
- From: Paweł Krawczyk <pawel.krawczyk@xxxxxxxx>
nftables v0.9.0 netlink: Error: set is not a map
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
CFS for Netdev 0x14 open!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Status of BPFilter?
- From: A L <mail@xxxxxxxxxxxxxx>
Counting over a bridge
- From: Cristian Morales Vega <christian.morales.vega@xxxxxxxxx>
Re: flowtable breaks masquerade for dnat flows
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nft and defined variables
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
Re: nft and defined variables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
flowtable breaks masquerade for dnat flows
- From: "Jonathan Rudenberg" <jonathan@xxxxxxxxxxxx>
Re: nft - execute command without returning error
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
syn-flag-check from outside not working
- From: Thomas Luening <toml@xxxxxxx>
nft - execute command without returning error
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
nft and defined variables
- From: Daniel Huhardeaux <tech@xxxxxxxxxx>
Re: nft tproxy without iproute2 rule
- From: Norman Rasmussen <norman@xxxxxxxxxxxxxxx>
Re: nft -- documentation on fib_addrtype missing, more data
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: nft -- documentation on fib_addrtype missing, more data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nft -- documentation on fib_addrtype missing, more data
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nft -- documentation on fib_addrtype missing, more data
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Re: nft -- documentation on fib_addrtype missing
- From: trentbuck@xxxxxxxxx (Trent W. Buck)
nft -- documentation on fib_addrtype missing, more data
- From: Stephen Satchell <list@xxxxxxxxxxxx>
nft -- documentation on fib_addrtype missing
- From: Stephen Satchell <list@xxxxxxxxxxxx>
Re: nft tproxy without iproute2 rule
- From: Florian Westphal <fw@xxxxxxxxx>
Re: nft: auto-merge set doesn't merge overlapping intervals
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
nft tproxy without iproute2 rule
- From: Norman Rasmussen <norman@xxxxxxxxxxxxxxx>
TEE target and gateway as MAC address
- From: Vieri Di Paola <vieridipaola@xxxxxxxxx>
Re: How can I block all traffic from an IP range, irrespective of origin, going to, or coming from, using nftables in Debian 10
- From: Jags <TheJags@xxxxxxxxxxxxxx>
Re: How can I block all traffic from an IP range, irrespective of origin, going to, or coming from, using nftables in Debian 10
- From: sean darcy <seandarcy2@xxxxxxxxx>
Re: How can I block all traffic from an IP range, irrespective of origin, going to, or coming from, using nftables in Debian 10
- From: Jags <TheJags@xxxxxxxxxxxxxx>
Re: How can I block all traffic from an IP range, irrespective of origin, going to, or coming from, using nftables in Debian 10
- From: Anton Rieger <rieger@xxxxxxxxx>
Re: How can I block all traffic from an IP range, irrespective of origin, going to, or coming from, using nftables in Debian 10
- From: Jags <TheJags@xxxxxxxxxxxxxx>
Re: How can I block all traffic from an IP range, irrespective of origin, going to, or coming from, using nftables in Debian 10
- From: "Neal P. Murphy" <neal.p.murphy@xxxxxxxxxxxx>
minor change recommendation for https://wiki.nftables.org
- From: Matt <matt-nft@xxxxxxxxxxxx>
Re: How can I block all traffic from an IP range, irrespective of origin, going to, or coming from, using nftables in Debian 10
- From: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
Re: Cannot add ip6 elements to a named set
- From: Florian Westphal <fw@xxxxxxxxx>
Cannot add ip6 elements to a named set
- From: Matt <matt-nft@xxxxxxxxxxxx>

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite News] [Samba]