summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2021-12-29netfilter: fix regression in looped (broad|multi)cast's MAC handlingIgnacy Gawędzki2-2/+4
2021-12-14netfilter: conntrack: annotate data-races around ct->timeoutEric Dumazet3-6/+6
2021-12-14nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six 8-bit groupsStefano Brivio1-1/+1
2021-12-01netfilter: flowtable: fix IPv6 tunnel addr matchWill Mortensen1-2/+2
2021-12-01netfilter: ipvs: Fix reuse connection if RS weight is 0yangxingwu1-4/+4
2021-12-01netfilter: ctnetlink: do not erase error code with EINVALFlorent Fourcot1-3/+1
2021-12-01netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLYFlorent Fourcot1-1/+1
2021-11-18netfilter: nfnetlink_queue: fix OOB when mac header was clearedFlorian Westphal1-1/+1
2021-11-18netfilter: nft_dynset: relax superfluous check on set updatesPablo Neira Ayuso1-10/+1
2021-11-18netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream statePablo Neira Ayuso1-2/+5
2021-10-27netfilter: Kconfig: use 'default y' instead of 'm' for bool config optionVegard Nossum1-1/+1
2021-10-27netfilter: ipvs: make global sysctl readonly in non-init netnsAntoine Tenart1-0/+5
2021-10-27netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage valueJuhee Kang1-1/+1
2021-10-17netfilter: nf_nat_masquerade: defer conntrack walk to work queueFlorian Westphal1-26/+24
2021-10-17netfilter: nf_nat_masquerade: make async masq_inet6_event handling genericFlorian Westphal1-47/+75
2021-10-06netfilter: nf_tables: Fix oversized kvmalloc() callsPablo Neira Ayuso1-1/+1
2021-10-06netfilter: conntrack: serialize hash resizes and cleanupsEric Dumazet1-33/+37
2021-10-06netfilter: ipset: Fix oversized kvmalloc() callsJozsef Kadlecsik1-2/+2
2021-10-06ipvs: check that ip_vs_conn_tab_bits is between 8 and 20Andrea Claudi1-0/+4
2021-09-22netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutexPavel Skripkin1-1/+8
2021-09-22netfilter: Fix fall-through warnings for ClangGustavo A. R. Silva3-0/+3
2021-09-18net: Fix offloading indirect devices dependency on qdisc order creationEli Cohen2-0/+2
2021-09-12netfilter: nftables: clone set element expression templatePablo Neira Ayuso1-8/+28
2021-09-12netfilter: nf_tables: initialize set before expression setupPablo Neira Ayuso1-22/+24
2021-09-12netfilter: nftables: avoid potential overflows on 32bit archesEric Dumazet2-7/+10
2021-09-03netfilter: conntrack: collect all entries in one cycleFlorian Westphal1-49/+22
2021-08-04netfilter: nft_nat: allow to specify layer 4 protocol NAT onlyPablo Neira Ayuso1-1/+3
2021-08-04netfilter: conntrack: adjust stop timestamp to real expiry valueFlorian Westphal1-1/+6
2021-07-25netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfoVasily Averin1-0/+3
2021-07-14netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN transfer...Pablo Neira Ayuso1-10/+7
2021-07-14netfilter: nft_tproxy: restrict support to TCP and UDP transport protocolsPablo Neira Ayuso1-1/+8
2021-07-14netfilter: nft_osf: check for TCP packet before further processingPablo Neira Ayuso1-0/+5
2021-07-14netfilter: nft_exthdr: check for IPv6 packet before further processingPablo Neira Ayuso1-0/+3
2021-06-23netfilter: synproxy: Fix out of bounds when parsing TCP optionsMaxim Mikityanskiy1-0/+5
2021-06-10netfilter: nf_tables: missing error reporting for not selected expressionsPablo Neira Ayuso1-1/+3
2021-06-10netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatchesPablo Neira Ayuso1-2/+6
2021-06-10netfilter: nft_ct: skip expectations for confirmed conntrackPablo Neira Ayuso1-1/+1
2021-06-10ipvs: ignore IP_VS_SVC_F_HASHED flag when adding serviceJulian Anastasov1-1/+1
2021-06-10netfilter: conntrack: unregister ipv4 sockopts on error unwindFlorian Westphal1-1/+1
2021-06-03netfilter: flowtable: Remove redundant hw refresh bitRoi Dayan2-5/+5
2021-06-03netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-A...Stefano Brivio3-2/+7
2021-05-19netfilter: nftables: avoid overflows in nft_hash_buckets()Eric Dumazet1-1/+9
2021-05-19netfilter: nftables: Fix a memleak from userdata error path in new objectsPablo Neira Ayuso1-2/+2
2021-05-19netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL checkPablo Neira Ayuso1-0/+2
2021-05-19netfilter: xt_SECMARK: add new revision to fix structure layoutPablo Neira Ayuso1-19/+69
2021-05-14netfilter: nftables_offload: special ethertype handling for VLANPablo Neira Ayuso1-0/+44
2021-05-14netfilter: nftables_offload: VLAN id needs host byteorder in flow dissectorPablo Neira Ayuso2-6/+45
2021-05-14netfilter: nft_payload: fix C-VLAN offload supportPablo Neira Ayuso1-2/+3
2021-05-07netfilter: conntrack: Make global sysctls readonly in non-init netnsJonathon Reinhart1-8/+2
2021-04-21netfilter: nft_limit: avoid possible divide error in nft_limit_initEric Dumazet1-2/+2
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-11 09:59:08 +0300