Linux Netfilter / IP Tables
[Prev Page][Next Page]
- [ANNOUNCE] nftables 1.0.6.1 (stable) release, Pablo Neira Ayuso
- 'nft' crashes.,
S Egbert
- nft for bridge.,
ratheesh kannoth
- Hardware flowtable offload from multiple tables?, Davíð Steinn Geirsson
- Implicit add conflicts with declarative add,
S Egbert
- repeated 'add chain'/'delete chain' 5x and ...,
S Egbert
- nft error Could not process rule: No buffer space available,
lilydjwg
- [NATHELPER] Dealing CGN Public 1:1 mode from ISP, Panagiotis Plessas
- [ANNOUNCE] nftables 1.1.5 release, Pablo Neira Ayuso
- Segmentation fault when adding a simple rule,
Arno DUBOIS
- Vim script highlighter, beta; 850 keywords; 2,400 states, S Egbert
- "nft reset counters" bug on 32-bit systems,
Andreas Fried
- Stateless NAT in nftables with maps for performance,
Juan Carlos Lazcano
- [ANNOUNCE] nftables 1.1.4 release, Pablo Neira Ayuso
- [ANNOUNCE] libnftnl 1.3.0 release,
Pablo Neira Ayuso
- nftables 1.0.6.y stable branch updates (strike 2),
Pablo Neira Ayuso
- Query on nftables DNAT for localhost-to-localhost traffic in IPv6 or without route_localnet,
Antonio Ojea
- zoombinis, Eray Bilgin
- TCPOPTSTROP can be repalced with undocumented "reset tcp option opt",
Niklas Beierl
- Let me write your new guest post, Savannah Bush
- Question about how Sets work in nftables,
Павел Прибылов
- another netfilter-initiated martian source,
Michael Tokarev
- Element-Level Logging Support in nftables Sets,
sontu mazumdar
- [no subject], Unknown
- order of netfilter hooks and check for martian source,
Michael Tokarev
- CPU usage problem for offloaded flows with mlx5, Pavel Horáček
- Status of native NAT64/NAT46 in Netfilter?,
Klaus Frank
- [ANNOUNCE] knft testing/fuzzer utility for nftables, Pablo Neira Ayuso
- Command Line Interface Usage and Documentation Query,
Andrew Latham
- Issue with delayed segments despite TCP_NODELAY,
Dennis Baurichter
- documentation/explaination on the syntax of the set_elem data arrangement., Pierre Wielders
- [ANNOUNCE] ulogd 2.0.9 release, Florian Westphal
- [ANNOUNCE] ipset 7.24 released, Jozsef Kadlecsik
- Repeated SYN+ACK count,
Slavko
- send all traffic to a specific address,
Mohsen Pahlevanzadeh
- Vmap lookup transiently fails during atomic ruleset reload under load, leading to rule bypass, Pavel Peňáz
- [ANNOUNCE] nftables 1.1.3 release,
Pablo Neira Ayuso
- nftables RP filter and loopback,
Slavko
- Can the PCP field be set in the netdev table?,
Kevin Vigouroux
- How to Achieve Functionality Equivalent to iptables -m owner --socket-exist in nft?,
Chen Linxuan
- [ANNOUNCE] nftables 1.1.2 release,
Pablo Neira Ayuso
- [ANNOUNCE] libnftnl 1.2.9 release, Pablo Neira Ayuso
- Replace flow offload by flow add in wiki,
Anthony Ruhier
- Nftables v6 address not matched properly in nftable set,
sontu mazumdar
- Packets not traversing postrouting chain,
Bradley Hook
- Can you look at this blog article pitch I have for you?, Gloria Martinez
- Dynamically appending addresses to a named set,
Lars Noodén
- netfilter expected behavior for established connections,
Antonio Ojea
- connection tracking fails to update udp timer,
Eray Bilgin
- ulogd2, sqlite3 and negative TCP Seq numbers,
Slavko
- Translation for iptables raw rules that targert rtsp / Conntrack helper,,
Laurent ARNAL
- Yet another Syntax Highlighter for NFTABLES,
S Egbert
- snat and Port Numbers,
Chris Hall
- nft reset element crashes with error BUG: unhandled op 8,
Michael Menge
- Log ARP headers,
Slavko
- Using netfilter to intercept packets written to an ipvtap device,
David Arroyo
- What is *supposed* to happen with automated nftables accept rules?,
robinleepowell
- Re: What is *supposed* to happen with automated nftables accept rules?, Dan Winship
ICMP Raw Payload Expressions, Sunny73Cr
Cannot browse SQL files in ulog2 git,
Slavko
Static bidirectional static NAT for duplicate IP devices using iptables,
Alon Bar-Lev
NAT and ICMP,
Chris Hall
named counters vs flush ruleset,
Victor Julien
Documentation regarding priorities possibly wrong - clarification / update appreciated,
Binarus
Netfilter not dropping packets as it should,
Binarus
Generic map, also with L4 protocol,
Marc SCHAEFER
SNAT vs ip rule, Marc SCHAEFER
nftables DNAT routes to wrong iface,
Marc SCHAEFER
DROP rule is ignored for multicast traffic, but only via Wireguard,
Adam Nielsen
Raw Payload Expressions - out of bounds write?,
Sunny73Cr
nft includepath directory - directory on a separate partition / disk, Sunny73Cr
[ANNOUNCE] nftlb 1.1.0 release, Laura García Liébana
IPv6 source address randomization?, lukaro
Delay replying to SYN (or requires two SYN to react), Marc SCHAEFER
list sets,
Slavko
aggressive firewalling via nftables,
potatojuggler
General questions about priorities - Clarification appreciated,
Binarus
Clarification of the procedure for filtering IP option fields,
Alexey Kashavkin
flowtable ipv4-via-ipv6 routing, Aksel Nyman
expires larger than timeout causes error,
lilydjwg
nftables portmap map,
Antonio Ojea
nft table flags documentation,
Jan Kasprzak
[ANNOUNCE] ipset 7.23 released, Jozsef Kadlecsik
conntrack-tools conntrack cli json output option?,
eldon-nfv
Regression 1.0.9..1.1.1 in glob inclusion behaviour,
caskd
an idea about flow tables, ye4 yu3
[DNAT] Port forwarding with Port range,
Mokhtar BEN MESSAOUD
logging to a different place than kernel ring buffer,
Marco Moock
set with limit,
Slavko
rule insertion,
Thomas Köller
Dropping of the end of a chain,
Thomas Köller
Adding set elements,
Thomas Köller
iptables SYNPROXY small packet size transmission performance issue, Vincent Li
connection tracking state in rules,
Thomas Köller
ipset vs. nftables set,
Thomas Koeller
[ANNOUNCE] iptables 1.8.11 release, Phil Sutter
Countering some types of SSH spoofing with NFTables,
Lars Noodén
connection tracking and kernel dropping packets,
Matt Zagrabelny
IPtables rate limiting question,
Francisco Agostinho
Unusual packet forwarding task,
Rob Roschewsk
location of conntrack rules,
Matt Zagrabelny
filesystem access to add/remove/view ip addresses,
Telbat Diordna
Most optimal method to dump UDP conntrack entries,
Antonio Ojea
[UPDATE] Renewing Netfilter coreteam PGP keys, Pablo Neira Ayuso
VPN nftables,
Martin Brampton
issues when trying to inspect payload > 250 bytes,
Graham Bartlett
Problem with ipv6,
Martin Brampton
Unsuccessful adding policy to a regular chain,
Robin Bussell
[ANNOUNCE] nftables 1.1.1 release, Pablo Neira Ayuso
[ANNOUNCE] libnftnl 1.2.8 release, Pablo Neira Ayuso
How to count bytes?, Ronan Pigott
[no subject], Unknown
[no subject], Unknown
Clarification on the functioning of "ct count",
Avinash Dige
Allowing closed connections time to drain before logging packets,
Brian J. Murrell
[ANNOUNCE] libnetfilter_conntrack 1.1.0 release, Pablo Neira Ayuso
Nomnclature - Roman,
Thomas Sadłowskí
Re_School Contacts List 2024, Lily Green
Issue Setting meta broute,
Dustin Lieu
Wiki entry on Element timeouts in NFtables,
Lars Noodén
nftables are non-deterministic,
Artem S. Tashkinov
Raw payload expressions are mangled,
Sunny73Cr
Stateless NAT ICMP Payload Mismatch,
Echo Nar
Understanding output from "nft list",
Brian Sammon
nftables' ulogd2 group "#" usage -- variable substitution possible?, pgnd
[ANNOUNCE] Security evaluation by ANSSI of nftables, Pablo Neira Ayuso
Output port redirect going to loopback?,
Atkins, Brian
correct nft v1.1.0 usage for flowtable h/w offload? `flags offload` &/or `devices=`, pgnd
Hardware Offloading Mellanox, Ritterhoff, Florian
Can't set meta priority for some packets in netdev family!, Kevin Vigouroux
libnftables way of deleting a rule,
Arne Zachlod
How to set packet priority in the netdev table?, Kevin Vigouroux
How do you set packet priority in the netdev table?, Kevin Vigouroux
[no subject],
Tom Isaacson
Sets update,
Slavko
syntax issues when reducing rules through grouping ?,
pgnd
[ANNOUNCE] nftables 1.1.0 release, Pablo Neira Ayuso
[ANNOUNCE] libnftnl 1.2.7 release, Phil Sutter
Re: Regarding ulogd_output_SYSLOG.so, Harald Welte
Transparent SNAT bridge with physdev module, Matt Ayre
Understanding and debugging conntrack source code,
Kevin Johnson
Does Nftables nft_fib check fib only in the main routing table?, Stanislav Tretyakov
nftables rule optimization - evaluating efficiency,
William N.
conntrackd: Trouble using multiple Accept addresses in kernel filter,
Yoann Congal
subscribe,
netfilter
bidge not working. Missing rules?, Paulo Ricardo Bruck
How to have a counter for vmap verdicts?,
William N.
Writing own match module for modern ebtables.,
Pawel Kraszewski
Problem with migration from iptables+ipset to nftables,
Aleksey Nikapli
[ANNOUNCE] ipset 7.22 released, Jozsef Kadlecsik
nftables rule where IPv6 source and destination addr are the same?,
William N.
Cant get "tcp dport 22 @ih,0,32 0x5353482d" to work/match,
Pascal Ernster
Problems understanding nftables part 2,
Wolfgang
ebtables rule rewriten to nft 'set host' does not work,
netfilter
Problems understanding nftables, Wolfgang
[wiki] typo in Nftables families, 谢致邦 (XIE Zhibang)
Using NAT engine information to apply fwmark to packet, Tobias Jakobi (Compleo)
connection refused from DNATted host,
Giovanni Biscuolo
nft not logging some layer 2 frames?,
Teodor Milkov
Clash Resolve Counter Increasing,
Tim Harman
Nftables rules for kernel threads (cifsd), Mikhail Morfikov
Kernel panic in nf_nat_setup_info, with re injected packet from libnfml,
shibu samuel
Sets nesting/reference? Complex concatenations in vmaps?,
William N.
Retrieve L2 header or MAR from packet, La Rus
IPv4 NAT and lo, and iptables,
imnozi
HW Offloading Mellanox ConnectX-6DX, Ritterhoff, Florian
How to have a dynamic ingress device(s) list?,
William N.
NFT: Drop to Docker bridge,
Alberto
[Thread split] nftables rule optimization - dropping invalid in ingress?,
William N.
Rewrite arp response with nft,
G H
How to measure/profile ruleset performance?,
William N.
DoS/DDoS protection for end nodes,
William N.
Combining/compacting 2 rules into 1,
William N.
[Index of Archives]
[Linux Netfilter Development]
[Advanced Routing & Traffice Control]
[Netem]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite Discussion]
[Linux Kernel Development]
