summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2025-08-28netfilter: nft_reject_inet: allow to use reject from inet ingressPablo Neira Ayuso1-1/+13
2025-08-28netfilter: nft_reject: unify reject init and dump into nft_rejectJose M. Guisado Gomez2-59/+13
2025-08-28netfilter: ctnetlink: fix refcount leak on table dumpFlorian Westphal1-11/+13
2025-08-28netfilter: xt_nfacct: don't assume acct name is null-terminatedFlorian Westphal1-2/+2
2025-08-28netfilter: nf_tables: adjust lockdep assertions handlingFedor Pchelkin1-2/+2
2025-06-27netfilter: nft_tunnel: fix geneve_opt dumpFernando Fernandez Mancera1-4/+4
2025-06-27netfilter: nft_socket: fix sk refcount leaksFlorian Westphal1-2/+3
2025-06-04netfilter: conntrack: Bound nf_conntrack sysctl writesNicolas Bouchinet1-3/+9
2025-06-04netfilter: nf_tables: do not defer rule destruction via call_rcuFlorian Westphal1-17/+15
2025-06-04netfilter: nf_tables: wait for rcu grace period on net_device removalPablo Neira Ayuso1-7/+34
2025-06-04netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctxFlorian Westphal2-10/+9
2025-06-04netfilter: ipset: fix region locking in hash typesJozsef Kadlecsik1-1/+1
2025-05-02ipvs: properly dereference pe in ip_vs_add_serviceChen Hanxiao1-5/+5
2025-05-02nft_set_pipapo: fix incorrect avx2 match of 5th field octetFlorian Westphal1-1/+2
2025-04-10netfilter: conntrack: fix crash due to confirmed bit load reorderingFlorian Westphal3-0/+26
2025-04-10net: fix geneve_opt length integer overflowLin Ma1-1/+1
2025-04-10netfilter: nft_tunnel: fix geneve_opt type confusion additionLin Ma1-2/+2
2025-04-10netfilter: nft_exthdr: fix offset with ipv4_find_option()Alexey Kashavkin1-6/+4
2025-04-10ipvs: prevent integer overflow in do_ip_vs_get_ctl()Dan Carpenter1-4/+4
2025-04-10netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert...Kohei Enju1-0/+2
2025-04-10netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template.Sebastian Andrzej Siewior1-2/+4
2025-04-10netfilter: nft_ct: fix use after free when attaching zone templateFlorian Westphal1-1/+4
2025-04-10netfilter: conntrack: convert to refcount_t apiFlorian Westphal8-27/+23
2025-03-13netfilter: nf_tables: reject mismatching sum of field_len with set key lengthPablo Neira Ayuso1-4/+4
2025-02-01netfilter: conntrack: clamp maximum hashtable size to INT_MAXPablo Neira Ayuso1-1/+4
2025-02-01netfilter: nf_tables: imbalance in flowtable bindingPablo Neira Ayuso1-4/+11
2025-02-01netfilter: nft_dynset: honor stateful expressions in set definitionPablo Neira Ayuso2-1/+29
2025-01-09netfilter: ipset: Fix for recursive locking warningPhil Sutter1-0/+3
2024-12-14netfilter: nft_set_hash: skip duplicated elements pending gc runPablo Neira Ayuso1-0/+16
2024-12-14netfilter: ipset: Hold module reference while requesting a modulePhil Sutter1-0/+5
2024-12-14netfilter: x_tables: fix LED ID check in led_tg_check()Dmitry Antipov1-1/+3
2024-12-14ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()Jinghao Jia1-3/+1
2024-12-14netfilter: ipset: add missing range check in bitmap_ip_uadtJeongjun Park1-5/+2
2024-11-08netfilter: nft_payload: sanitize offset and length before calling skb_checksum()Pablo Neira Ayuso1-0/+3
2024-10-17netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_E...Simon Horman1-5/+2
2024-10-17netfilter: nf_tables: Keep deleted flowtable hooks until after RCUPhil Sutter1-1/+1
2024-10-17netfilter: nf_tables: reject expiration higher than timeoutPablo Neira Ayuso1-0/+3
2024-10-17netfilter: nf_tables: reject element expiration with no timeoutPablo Neira Ayuso1-0/+3
2024-10-17netfilter: nf_tables: elements with timeout below CONFIG_HZ never expirePablo Neira Ayuso1-1/+1
2024-10-17netfilter: nf_tables: missing iterator type in lookup walkPablo Neira Ayuso2-1/+3
2024-10-17netfilter: nft_set_pipapo: walk over current view on netlink dumpPablo Neira Ayuso2-2/+8
2024-09-12netfilter: nf_conncount: fix wrong variable typeYunjian Wang1-5/+3
2024-09-04netfilter: nft_counter: Synchronize nft_counter_reset() against reader.Sebastian Andrzej Siewior1-0/+5
2024-09-04netfilter: flowtable: initialise extack before useDonald Hunter1-1/+1
2024-08-19netfilter: nf_tables: prefer nft_chain_validateFlorian Westphal1-114/+13
2024-08-19netfilter: nf_tables: allow clone callbacks to sleepPablo Neira Ayuso4-8/+8
2024-08-19netfilter: nf_tables: use timestamp to check for set element timeoutPablo Neira Ayuso4-10/+23
2024-08-19netfilter: nf_tables: set element extended ACK reporting supportPablo Neira Ayuso1-4/+9
2024-08-19netfilter: ipset: Add list flush to cancel_gcAlexander Maltsev1-0/+3
2024-08-19netfilter: nft_set_pipapo_avx2: disable softinterruptsFlorian Westphal1-2/+10
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-11 20:06:20 +0300