summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
4 daysnetfilter: nf_conncount: update last_gc only when GC has been performedFernando Fernandez Mancera1-1/+1
4 daysnetfilter: nft_synproxy: avoid possible data-race on update operationFernando Fernandez Mancera1-3/+3
4 daysipvs: fix ipv4 null-ptr-deref in route error pathSlavin Liu1-0/+3
4 daysnetfilter: nf_conncount: fix leaked ct in error pathsFernando Fernandez Mancera1-11/+14
4 daysnetfilter: nft_connlimit: memleak if nf_ct_netns_get() failsPablo Neira Ayuso1-1/+10
4 daysnetfilter: nf_conncount: garbage collection is not skipped when jiffies wrap ...Nicklas Bo Jensen1-2/+2
4 daysnetfilter: nft_connlimit: update the count if add was skippedFernando Fernandez Mancera2-6/+19
4 daysnetfilter: nf_conncount: rework API to use sk_buff directlyFernando Fernandez Mancera3-86/+126
4 daysnetfilter: nf_conncount: reduce unnecessary GCWilliam Tu1-0/+11
4 daysnetfilter: nft_connlimit: move stateful fields out of expression dataPablo Neira Ayuso1-8/+18
2025-12-07netfilter: nf_set_pipapo_avx2: fix initial map fillFlorian Westphal1-1/+20
2025-12-07netfilter: nf_set_pipapo: fix initial map fillFlorian Westphal3-6/+29
2025-12-07netfilter: nf_tables: reject duplicate device on updatesPablo Neira Ayuso1-0/+15
2025-10-29minmax: add in_range() macroMatthew Wilcox (Oracle)1-3/+3
2025-10-29ipvs: Defer ip_vs_ftp unregister during netns cleanupSlavin Liu1-1/+3
2025-10-29netfilter: ipset: Remove unused htable_bits in macro ahash_regionZhen Ni1-4/+4
2025-09-09netfilter: conntrack: helper: Replace -EEXIST by -EBUSYPhil Sutter1-2/+2
2025-08-28netfilter: nft_reject_inet: allow to use reject from inet ingressPablo Neira Ayuso1-1/+13
2025-08-28netfilter: nft_reject: unify reject init and dump into nft_rejectJose M. Guisado Gomez2-59/+13
2025-08-28netfilter: ctnetlink: fix refcount leak on table dumpFlorian Westphal1-11/+13
2025-08-28netfilter: xt_nfacct: don't assume acct name is null-terminatedFlorian Westphal1-2/+2
2025-08-28netfilter: nf_tables: adjust lockdep assertions handlingFedor Pchelkin1-2/+2
2025-06-27netfilter: nft_tunnel: fix geneve_opt dumpFernando Fernandez Mancera1-4/+4
2025-06-27netfilter: nft_socket: fix sk refcount leaksFlorian Westphal1-2/+3
2025-06-04netfilter: conntrack: Bound nf_conntrack sysctl writesNicolas Bouchinet1-3/+9
2025-06-04netfilter: nf_tables: do not defer rule destruction via call_rcuFlorian Westphal1-17/+15
2025-06-04netfilter: nf_tables: wait for rcu grace period on net_device removalPablo Neira Ayuso1-7/+34
2025-06-04netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctxFlorian Westphal2-10/+9
2025-06-04netfilter: ipset: fix region locking in hash typesJozsef Kadlecsik1-1/+1
2025-05-02ipvs: properly dereference pe in ip_vs_add_serviceChen Hanxiao1-5/+5
2025-05-02nft_set_pipapo: fix incorrect avx2 match of 5th field octetFlorian Westphal1-1/+2
2025-04-10netfilter: conntrack: fix crash due to confirmed bit load reorderingFlorian Westphal3-0/+26
2025-04-10net: fix geneve_opt length integer overflowLin Ma1-1/+1
2025-04-10netfilter: nft_tunnel: fix geneve_opt type confusion additionLin Ma1-2/+2
2025-04-10netfilter: nft_exthdr: fix offset with ipv4_find_option()Alexey Kashavkin1-6/+4
2025-04-10ipvs: prevent integer overflow in do_ip_vs_get_ctl()Dan Carpenter1-4/+4
2025-04-10netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert...Kohei Enju1-0/+2
2025-04-10netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template.Sebastian Andrzej Siewior1-2/+4
2025-04-10netfilter: nft_ct: fix use after free when attaching zone templateFlorian Westphal1-1/+4
2025-04-10netfilter: conntrack: convert to refcount_t apiFlorian Westphal8-27/+23
2025-03-13netfilter: nf_tables: reject mismatching sum of field_len with set key lengthPablo Neira Ayuso1-4/+4
2025-02-01netfilter: conntrack: clamp maximum hashtable size to INT_MAXPablo Neira Ayuso1-1/+4
2025-02-01netfilter: nf_tables: imbalance in flowtable bindingPablo Neira Ayuso1-4/+11
2025-02-01netfilter: nft_dynset: honor stateful expressions in set definitionPablo Neira Ayuso2-1/+29
2025-01-09netfilter: ipset: Fix for recursive locking warningPhil Sutter1-0/+3
2024-12-14netfilter: nft_set_hash: skip duplicated elements pending gc runPablo Neira Ayuso1-0/+16
2024-12-14netfilter: ipset: Hold module reference while requesting a modulePhil Sutter1-0/+5
2024-12-14netfilter: x_tables: fix LED ID check in led_tg_check()Dmitry Antipov1-1/+3
2024-12-14ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()Jinghao Jia1-3/+1
2024-12-14netfilter: ipset: add missing range check in bitmap_ip_uadtJeongjun Park1-5/+2
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-24 01:41:51 +0300