summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2022-12-14netfilter: ctnetlink: fix compilation warning after data race fixes in ct markPablo Neira Ayuso1-9/+10
2022-12-14netfilter: conntrack: fix using __this_cpu_add in preemptibleXin Long1-3/+3
2022-12-14netfilter: flowtable_offload: fix using __this_cpu_add in preemptibleXin Long1-3/+3
2022-12-14netfilter: nft_set_pipapo: Actually validate intervals in fields after the fi...Stefano Brivio1-2/+3
2022-12-02netfilter: flowtable_offload: add missing lockingFelix Fietkau1-0/+4
2022-12-02netfilter: ipset: restore allowing 64 clashing elements in hash:net,ifaceJozsef Kadlecsik1-1/+1
2022-12-02netfilter: ipset: regression in ip_set_hash_ip.cVishwanath Pai1-5/+3
2022-12-02netfilter: nf_tables: do not set up extensions for end intervalPablo Neira Ayuso1-2/+4
2022-12-02netfilter: conntrack: Fix data-races around ct markDaniel Xu5-23/+29
2022-11-26netlink: Bounds-check struct nlmsgerr creationKees Cook1-3/+5
2022-11-16netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()Shigeru Yoshida1-1/+2
2022-11-16netfilter: nfnetlink: fix potential dead lock in nfnetlink_rcv_msg()Ziyang Xuan1-0/+1
2022-11-10netfilter: ipset: enforce documented limit to prevent allocating huge memoryJozsef Kadlecsik1-24/+6
2022-11-10ipvs: fix WARNING in ip_vs_app_net_cleanup()Zhengchao Shao1-2/+8
2022-11-10ipvs: fix WARNING in __ip_vs_cleanup_batch()Zhengchao Shao1-5/+21
2022-11-10ipvs: use explicitly signed charsJason A. Donenfeld1-2/+2
2022-11-10netfilter: nf_tables: release flow rule object from commit pathPablo Neira Ayuso1-3/+3
2022-11-10netfilter: nf_tables: netlink notifier might race to release objectsPablo Neira Ayuso1-0/+2
2022-10-29netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirementsPablo Neira Ayuso1-2/+3
2022-10-21netfilter: conntrack: revisit the gc initial rescheduling biasAntoine Tenart1-4/+6
2022-10-21netfilter: conntrack: fix the gc rescheduling delayAntoine Tenart1-2/+8
2022-09-21netfilter: nf_ct_ftp: fix deadlock when nat rewrite is neededFlorian Westphal1-2/+4
2022-09-21netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()Tetsuo Handa1-0/+1
2022-09-21netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()Tetsuo Handa1-4/+3
2022-09-07netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()Pablo Neira Ayuso1-1/+3
2022-09-07netfilter: nf_conntrack_irc: Tighten matching on DCC messageDavid Leadbeater1-6/+28
2022-09-07netfilter: nf_conntrack_sip: fix ct_sip_walk_headersIgor Ryzhov1-2/+2
2022-09-01netfilter: nf_conntrack_irc: Fix forged IP logicDavid Leadbeater1-2/+3
2022-08-31netfilter: nf_tables: clean up hook list when offload flags check failsPablo Neira Ayuso1-1/+3
2022-08-31netfilter: remove nf_conntrack_helper sysctl and modparam togglesPablo Neira Ayuso5-94/+11
2022-08-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nfJakub Kicinski8-20/+104
2022-08-24net: Fix data-races around sysctl_[rw]mem_(max|default).Kuniyuki Iwashima1-2/+2
2022-08-24netfilter: flowtable: fix stuck flows on cleanup due to pending workPablo Neira Ayuso2-4/+11
2022-08-24netfilter: flowtable: add function to invoke garbage collection immediatelyPablo Neira Ayuso1-3/+9
2022-08-24netfilter: nf_tables: disallow binding to already bound chainPablo Neira Ayuso1-0/+2
2022-08-24netfilter: nft_tunnel: restrict it to netdev familyPablo Neira Ayuso1-0/+1
2022-08-24netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet familiesPablo Neira Ayuso1-3/+15
2022-08-24netfilter: nf_tables: do not leave chain stats enabled on errorPablo Neira Ayuso1-2/+4
2022-08-24netfilter: nft_payload: do not truncate csum_offset and csum_typePablo Neira Ayuso1-6/+13
2022-08-24netfilter: nft_payload: report ERANGE for too long offset and lengthPablo Neira Ayuso1-2/+8
2022-08-24netfilter: nf_tables: make table handle allocation per-netns friendlyPablo Neira Ayuso1-2/+1
2022-08-24netfilter: nf_tables: disallow updates of implicit chainPablo Neira Ayuso1-0/+3
2022-08-23netfilter: nft_tproxy: restrict to prerouting hookFlorian Westphal1-0/+8
2022-08-23netfilter: conntrack: work around exceeded receive windowFlorian Westphal1-0/+31
2022-08-17netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to yGeert Uytterhoeven1-1/+0
2022-08-15netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specifiedPablo Neira Ayuso1-0/+5
2022-08-15netfilter: nf_tables: disallow NFT_SET_ELEM_CATCHALL and NFT_SET_ELEM_INTERVA...Pablo Neira Ayuso1-0/+3
2022-08-15netfilter: nf_tables: NFTA_SET_ELEM_KEY_END requires concat and interval flagsPablo Neira Ayuso1-0/+24
2022-08-12netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flagPablo Neira Ayuso1-4/+9
2022-08-11netfilter: nf_tables: really skip inactive sets when allocating namePablo Neira Ayuso1-1/+1
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-11 09:59:35 +0300