summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2022-11-10ipvs: use explicitly signed charsJason A. Donenfeld1-2/+2
2022-10-26netfilter: nf_queue: fix socket leakVimal Agrawal1-2/+0
2022-09-28netfilter: nf_conntrack_irc: Tighten matching on DCC messageDavid Leadbeater1-6/+28
2022-09-28netfilter: nf_conntrack_sip: fix ct_sip_walk_headersIgor Ryzhov1-2/+2
2022-09-15netfilter: nf_conntrack_irc: Fix forged IP logicDavid Leadbeater1-2/+3
2022-09-05netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to yGeert Uytterhoeven1-1/+0
2022-09-05netfilter: nft_payload: do not truncate csum_offset and csum_typePablo Neira Ayuso1-6/+13
2022-09-05netfilter: nft_payload: report ERANGE for too long offset and lengthPablo Neira Ayuso1-2/+8
2022-08-25netfilter: nf_tables: really skip inactive sets when allocating namePablo Neira Ayuso1-1/+1
2022-08-25netfilter: nf_tables: fix null deref due to zeroed list headFlorian Westphal1-0/+1
2022-08-25netfilter: nf_queue: do not allow packet truncation below transport header of...Florian Westphal1-1/+6
2022-07-07netfilter: nft_dynset: restore set element counter when failing to updatePablo Neira Ayuso1-0/+2
2022-06-14netfilter: nf_tables: disallow non-stateful expression in sets earlierPablo Neira Ayuso2-9/+10
2022-05-12ipvs: correctly print the memory size of ip_vs_conn_tabPengcheng Yang1-1/+1
2022-04-20netfilter: nf_conntrack_tcp: preserve liberal flag in tcp optionsPablo Neira Ayuso1-4/+13
2022-03-28netfilter: nf_tables: initialize registers in nft_do_chain()Pablo Neira Ayuso1-1/+1
2022-03-08netfilter: nf_queue: fix possible use-after-freeFlorian Westphal2-5/+19
2022-03-08netfilter: nf_queue: don't assume sk is full socketFlorian Westphal1-1/+10
2022-03-08netfilter: fix use-after-free in __nf_register_net_hook()Eric Dumazet1-2/+3
2022-02-08netfilter: nat: limit port clash resolution attemptsFlorian Westphal1-6/+23
2022-02-08netfilter: nat: remove l4 protocol port roversFlorian Westphal5-25/+7
2022-02-08netfilter: nft_payload: do not update layer 4 checksum when mangling fragmentsPablo Neira Ayuso1-0/+3
2021-12-29netfilter: fix regression in looped (broad|multi)cast's MAC handlingIgnacy Gawędzki2-2/+4
2021-12-08netfilter: ipvs: Fix reuse connection if RS weight is 0yangxingwu1-4/+4
2021-11-26netfilter: nfnetlink_queue: fix OOB when mac header was clearedFlorian Westphal1-1/+1
2021-10-27netfilter: Kconfig: use 'default y' instead of 'm' for bool config optionVegard Nossum1-1/+1
2021-10-27netfilter: ipvs: make global sysctl readonly in non-init netnsAntoine Tenart1-0/+5
2021-10-06netfilter: ipset: Fix oversized kvmalloc() callsJozsef Kadlecsik1-2/+2
2021-10-06ipvs: check that ip_vs_conn_tab_bits is between 8 and 20Andrea Claudi1-0/+4
2021-08-26netfilter: nft_exthdr: fix endianness of tcp option castSergey Marinkevich1-5/+3
2021-08-04netfilter: nft_nat: allow to specify layer 4 protocol NAT onlyPablo Neira Ayuso1-1/+3
2021-08-04netfilter: conntrack: adjust stop timestamp to real expiry valueFlorian Westphal1-1/+6
2021-07-28netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfoVasily Averin1-0/+3
2021-07-20netfilter: nft_exthdr: check for IPv6 packet before further processingPablo Neira Ayuso1-0/+3
2021-06-30netfilter: synproxy: Fix out of bounds when parsing TCP optionsMaxim Mikityanskiy1-0/+5
2021-06-10netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatchesPablo Neira Ayuso1-2/+6
2021-06-10ipvs: ignore IP_VS_SVC_F_HASHED flag when adding serviceJulian Anastasov1-1/+1
2021-06-03netfilter: x_tables: Use correct memory barriers.Mark Tomlinson1-0/+3
2021-05-22netfilter: conntrack: Make global sysctls readonly in non-init netnsJonathon Reinhart1-1/+4
2021-05-22netfilter: nftables: avoid overflows in nft_hash_buckets()Eric Dumazet1-1/+9
2021-04-28netfilter: nft_limit: avoid possible divide error in nft_limit_initEric Dumazet1-2/+2
2021-04-28netfilter: conntrack: do not print icmpv6 as unknown via /procPablo Neira Ayuso1-0/+1
2021-04-16netfilter: x_tables: fix compat match/target pad out-of-bound writeFlorian Westphal1-8/+2
2021-03-17netfilter: x_tables: gpf inside xt_find_revision()Vasily Averin1-2/+4
2021-02-23netfilter: conntrack: skip identical origin tuple in same zone onlyFlorian Westphal1-1/+2
2021-02-23netfilter: xt_recent: Fix attempt to update deleted entryJozsef Kadlecsik1-2/+10
2021-02-04netfilter: nft_dynset: add timeout extension to templatePablo Neira Ayuso1-1/+3
2021-01-23netfilter: conntrack: fix reading nf_conntrack_bucketsJesper Dangaard Brouer1-0/+3
2021-01-12netfilter: xt_RATEEST: reject non-null terminated string from userspaceFlorian Westphal1-0/+3
2021-01-12netfilter: ipset: fix shift-out-of-bounds in htable_bits()Vasily Averin1-15/+5
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-11 10:21:52 +0300