summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2023-06-28netfilter: nfnetlink_osf: fix module autoloadPablo Neira Ayuso2-1/+1
2023-06-28netfilter: nf_tables: disallow element updates of bound anonymous setsPablo Neira Ayuso1-2/+5
2023-06-21netfilter: nfnetlink: skip error delivery on batch in case of ENOMEMPablo Neira Ayuso1-1/+2
2023-06-21Remove DECnet support from kernelStephen Hemminger1-10/+0
2023-06-09netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with C...Tom Rix1-0/+4
2023-06-09netfilter: ctnetlink: Support offloaded conntrack entry deletionPaul Blakey1-8/+0
2023-05-30netfilter: nf_tables: do not allow RULE_ID to refer to another chainPablo Neira Ayuso1-1/+3
2023-05-30netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flagPablo Neira Ayuso1-4/+9
2023-05-30netfilter: nf_tables: stricter validation of element dataPablo Neira Ayuso1-1/+8
2023-05-30netfilter: nf_tables: allow up to 64 bytes in the set element data areaPablo Neira Ayuso1-12/+27
2023-05-30netfilter: nf_tables: add nft_setelem_parse_key()Pablo Neira Ayuso1-46/+45
2023-05-30netfilter: nf_tables: validate registers coming from userspace.Pablo Neira Ayuso1-14/+17
2023-05-30netfilter: nftables: statify nft_parse_register()Pablo Neira Ayuso1-2/+1
2023-05-30netfilter: nftables: add nft_parse_register_store() and use itPablo Neira Ayuso16-74/+85
2023-05-30netfilter: nftables: add nft_parse_register_load() and use itPablo Neira Ayuso20-107/+104
2023-05-17netfilter: nf_tables: deactivate anonymous set from preparation phasePablo Neira Ayuso4-3/+15
2023-05-17netfilter: nf_tables: don't write table validation state without mutexFlorian Westphal2-8/+2
2023-03-11netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()Hangyu Hua1-1/+4
2023-02-22netfilter: nft_tproxy: restrict to prerouting hookFlorian Westphal1-0/+8
2023-02-06netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETESriram Yagnaraman1-9/+16
2023-02-06netfilter: nft_set_rbtree: skip elements in transaction from garbage collectionPablo Neira Ayuso1-1/+15
2023-02-06netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT stateFlorian Westphal1-0/+10
2023-01-18netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.Gavrilov Ilia1-2/+2
2022-11-10ipvs: fix WARNING in ip_vs_app_net_cleanup()Zhengchao Shao1-2/+8
2022-11-10ipvs: fix WARNING in __ip_vs_cleanup_batch()Zhengchao Shao1-5/+21
2022-11-10ipvs: use explicitly signed charsJason A. Donenfeld1-2/+2
2022-09-28netfilter: nf_conntrack_irc: Tighten matching on DCC messageDavid Leadbeater1-6/+28
2022-09-28netfilter: nf_conntrack_sip: fix ct_sip_walk_headersIgor Ryzhov1-2/+2
2022-09-15netfilter: nf_conntrack_irc: Fix forged IP logicDavid Leadbeater1-2/+3
2022-09-05netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to yGeert Uytterhoeven1-1/+0
2022-09-05netfilter: nft_tunnel: restrict it to netdev familyPablo Neira Ayuso1-0/+1
2022-09-05netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet familiesPablo Neira Ayuso1-3/+15
2022-09-05netfilter: nft_payload: do not truncate csum_offset and csum_typePablo Neira Ayuso1-6/+13
2022-09-05netfilter: nft_payload: report ERANGE for too long offset and lengthPablo Neira Ayuso1-2/+8
2022-08-25netfilter: nf_tables: really skip inactive sets when allocating namePablo Neira Ayuso1-1/+1
2022-08-25netfilter: nf_tables: fix null deref due to zeroed list headFlorian Westphal1-0/+1
2022-08-25netfilter: nf_tables: do not allow SET_ID to refer to another tableThadeu Lima de Souza Cascardo1-1/+3
2022-08-11netfilter: nf_queue: do not allow packet truncation below transport header of...Florian Westphal1-1/+6
2022-07-07netfilter: nft_dynset: restore set element counter when failing to updatePablo Neira Ayuso1-0/+2
2022-06-14netfilter: nf_tables: disallow non-stateful expression in sets earlierPablo Neira Ayuso2-9/+10
2022-05-12netfilter: nft_socket: only do sk lookups when indev is availableFlorian Westphal1-14/+38
2022-05-12ipvs: correctly print the memory size of ip_vs_conn_tabPengcheng Yang1-1/+1
2022-04-15netfilter: nf_conntrack_tcp: preserve liberal flag in tcp optionsPablo Neira Ayuso1-4/+13
2022-03-28netfilter: nf_tables: initialize registers in nft_do_chain()Pablo Neira Ayuso1-1/+1
2022-03-08netfilter: nf_queue: fix possible use-after-freeFlorian Westphal2-5/+18
2022-03-08netfilter: nf_queue: don't assume sk is full socketFlorian Westphal1-1/+10
2022-03-08netfilter: fix use-after-free in __nf_register_net_hook()Eric Dumazet1-2/+3
2022-02-23netfilter: conntrack: don't refresh sctp entries in closed stateFlorian Westphal1-0/+9
2022-02-08netfilter: nat: limit port clash resolution attemptsFlorian Westphal1-6/+23
2022-02-08netfilter: nat: remove l4 protocol port roversFlorian Westphal5-26/+7
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-17 03:22:00 +0300