similar to: [Bug 1130] New: Better handling DNS names in nft ruleset

https://bugzilla.netfilter.org/show_bug.cgi?id=1195 Bug ID: 1195 Summary: 'list ruleset' of 'nft -f' outputs garbage while 'nft list ruleset' seems to work. Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement

https://bugzilla.netfilter.org/show_bug.cgi?id=1118 Bug ID: 1118 Summary: nft: nft -f and nft list ruleset use different sets of service -> port mappings Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1349 Bug ID: 1349 Summary: "nft list ruleset" shows rules twice Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: minor Priority: P5 Component: nft Assignee: pablo at

https://bugzilla.netfilter.org/show_bug.cgi?id=1450 Bug ID: 1450 Summary: Using certain simple set combinations with TCP flags causes error in mergesort.c from nft list ruleset Product: nftables Version: unspecified Hardware: arm OS: Ubuntu Status: NEW Severity: normal

https://bugzilla.netfilter.org/show_bug.cgi?id=1706 Bug ID: 1706 Summary: Nft is slow when loading ruleset with lots of add element calls of different interval maps Product: nftables Version: 1.0.x Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority:

https://bugzilla.netfilter.org/show_bug.cgi?id=1424 Bug ID: 1424 Summary: v0.9.0: segfault when using nft -f <file> and issuing "ruleset flush" twice Product: nftables Version: unspecified Hardware: All OS: Debian GNU/Linux Status: NEW Severity: normal

https://bugzilla.netfilter.org/show_bug.cgi?id=1222 Bug ID: 1222 Summary: nft list ruleset – infinite memory use Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1463 Bug ID: 1463 Summary: nft --json table list ruleset crashes Product: nftables Version: unspecified Hardware: All OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at netfilter.org

Hi, 1. I think you should apply the attached patch to openssh-2.9p1, otherwise ssh-keyscan on linux boxes with glibc-2.1 will experience enormous timeout delays. 2. Is there a program like ssh-keyscan for the Version2 (dsa and rsa) keys?? regards Peter Breitenlohner <peb at mppmu.mpg.de> -------------- next part -------------- diff -ur openssh-2.9p1.orig/ssh-keyscan.c

https://bugzilla.netfilter.org/show_bug.cgi?id=1127 Bug ID: 1127 Summary: running nft command creates lag for forwarded packets Product: nftables Version: unspecified Hardware: x86_64 OS: Gentoo Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at

Kanwar Ranbir Sandhu skrev den 2015-09-07 19:29: > I tried it for shits and giggles: no change. :( I'm still seeing the > same problem. dovecot is buildt with security in mind... using namebased gid or uid is not secure it might just still works, but its not secure

Hello all, As I have promised I am sending my QoS rules. This now works fine with u32 classifier (and parent 1:0 that I could not understand why it did not worked well before). Att, Nataniel Klug ------------------------ #!/bin/sh #------ # Script de QoS Cyber Nett #------ # Nataniel Klug # suporte@cnett.com.br #------ TC="/sbin/tc" IPT="/usr/local/sbin/iptables"

Hello list, I installed a box recently and updated it to 8.3-PRERELEASE on 2012/04/11 I'm experiencing this extremely weird behavior where PF refuses to load standard and const table definitions from the main ruleset. - persist tables load just fine - normal and const tables inside anchors load just fine Does anyone else have the same problem ? I'll try to update the kernel again,

http://bugzilla.netfilter.org/show_bug.cgi?id=580 Summary: iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P1

https://bugzilla.netfilter.org/show_bug.cgi?id=580 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |netfilter at linuxace.com Resolution|

https://bugzilla.netfilter.org/show_bug.cgi?id=580 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WONTFIX | --- Comment #4 from Jan Engelhardt <jengelh at

https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #5 from Phil Oester <netfilter at linuxace.com> 2013-06-24 20:07:02 CEST --- Unclear how you can say with certainty that this is impossible, but let's ignore that point for the moment. Is there some reason that iptables-save should do the sorting for userspace scripts? Another alternative would be to always load the

https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #6 from Jan Engelhardt <jengelh at medozas.de> 2013-06-24 20:32:22 CEST --- >Unclear how you can say with certainty that this is impossible Right now, tables are output in permutations that are considered to be random. (Sure there is module load order, but that is not documented, nor is it actually a usable assumption for

https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #7 from Phil Oester <netfilter at linuxace.com> 2013-06-24 23:34:51 CEST --- > would you be thrilled if all the rules were in random order too? This comparison is a bit far fetched, given that ordering of rules is so important (accept before drop, etc). The order in which tables are output in iptables-save is largely

https://bugzilla.netfilter.org/show_bug.cgi?id=580 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jengelh at medozas.de |netfilter-buglog at lists.netf | |ilter.org -- Configure