summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2025-01-17netfilter: conntrack: clamp maximum hashtable size to INT_MAXPablo Neira Ayuso1-1/+4
2025-01-17netfilter: nf_tables: imbalance in flowtable bindingPablo Neira Ayuso1-4/+11
2024-12-27netfilter: ipset: Fix for recursive locking warningPhil Sutter1-0/+3
2024-12-14netfilter: nft_set_hash: skip duplicated elements pending gc runPablo Neira Ayuso1-0/+16
2024-12-14netfilter: ipset: Hold module reference while requesting a modulePhil Sutter1-0/+5
2024-12-14netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup levelPablo Neira Ayuso1-1/+1
2024-12-14netfilter: x_tables: fix LED ID check in led_tg_check()Dmitry Antipov1-1/+3
2024-12-14ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()Jinghao Jia1-3/+1
2024-12-14netfilter: ipset: add missing range check in bitmap_ip_uadtJeongjun Park1-5/+2
2024-12-14netfilter: nf_tables: must hold rcu read lock while iterating object type listFlorian Westphal1-7/+6
2024-12-14netfilter: nf_tables: skip transaction if update object is not implementedPablo Neira Ayuso1-2/+6
2024-11-22ipvs: properly dereference pe in ip_vs_add_serviceChen Hanxiao1-5/+5
2024-11-08netfilter: nft_payload: sanitize offset and length before calling skb_checksum()Pablo Neira Ayuso1-0/+3
2024-11-08netfilter: Fix use-after-free in get_info()Dong Chenchen1-1/+1
2024-11-01netfilter: xtables: fix typo causing some targets not to load on IPv6Pablo Neira Ayuso3-2/+3
2024-10-17netfilter: xtables: avoid NFPROTO_UNSPEC where neededFlorian Westphal16-165/+422
2024-10-17netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_E...Simon Horman1-5/+2
2024-10-17netfilter: nf_tables: Keep deleted flowtable hooks until after RCUPhil Sutter1-1/+1
2024-10-17netfilter: nf_tables: remove annotation to access set timeout while holding lockPablo Neira Ayuso1-2/+2
2024-10-17netfilter: nf_tables: reject expiration higher than timeoutPablo Neira Ayuso1-0/+3
2024-10-17netfilter: nf_tables: reject element expiration with no timeoutPablo Neira Ayuso1-0/+3
2024-10-17netfilter: nf_tables: elements with timeout below CONFIG_HZ never expirePablo Neira Ayuso1-1/+1
2024-09-30netfilter: nf_tables: missing iterator type in lookup walkPablo Neira Ayuso2-1/+3
2024-09-30netfilter: nft_set_pipapo: walk over current view on netlink dumpPablo Neira Ayuso2-2/+8
2024-09-30netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtre...Dan Carpenter1-2/+2
2024-09-30netfilter: nft_socket: make cgroupsv2 matching work with namespacesFlorian Westphal1-3/+38
2024-09-18netfilter: nft_socket: fix sk refcount leaksFlorian Westphal1-3/+4
2024-09-12netfilter: nf_conncount: fix wrong variable typeYunjian Wang1-5/+3
2024-08-29netfilter: flowtable: validate vlan headerPablo Neira Ayuso2-0/+6
2024-08-29netfilter: nft_counter: Synchronize nft_counter_reset() against reader.Sebastian Andrzej Siewior1-0/+5
2024-08-29netfilter: nft_counter: Disable BH in nft_counter_offload_stats().Sebastian Andrzej Siewior1-2/+2
2024-08-29netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requestsPhil Sutter1-13/+59
2024-08-29netfilter: nf_tables: Introduce nf_tables_getobj_singlePhil Sutter1-31/+44
2024-08-29netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctxPhil Sutter1-6/+6
2024-08-29netfilter: nf_tables: nft_obj_filter fits into cb->ctxPhil Sutter1-11/+5
2024-08-29netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctxPhil Sutter1-4/+5
2024-08-29netfilter: nf_tables: A better name for nft_obj_filterPhil Sutter1-16/+16
2024-08-29netfilter: nf_tables: Unconditionally allocate nft_obj_filterPhil Sutter1-21/+15
2024-08-29netfilter: nf_tables: Drop pointless memset in nf_tables_dump_objPhil Sutter1-3/+0
2024-08-29netfilter: nf_tables: Audit log dump reset after the factPhil Sutter1-15/+13
2024-08-29netfilter: nf_queue: drop packets with cloned unconfirmed conntracksFlorian Westphal1-2/+33
2024-08-29netfilter: flowtable: initialise extack before useDonald Hunter1-1/+1
2024-08-14netfilter: nf_tables: prefer nft_chain_validateFlorian Westphal1-138/+13
2024-08-14netfilter: nf_tables: allow clone callbacks to sleepFlorian Westphal7-19/+21
2024-08-14netfilter: nf_tables: bail out if stateful expression provides no .clonePablo Neira Ayuso1-8/+7
2024-08-11netfilter: ipset: Add list flush to cancel_gcAlexander Maltsev1-0/+3
2024-08-03netfilter: nft_set_pipapo_avx2: disable softinterruptsFlorian Westphal1-2/+10
2024-08-03netfilter: nf_set_pipapo: fix initial map fillFlorian Westphal3-6/+29
2024-08-03netfilter: nft_set_pipapo: constify lookup fn args where possibleFlorian Westphal3-35/+48
2024-08-03netfilter: ctnetlink: use helper function to calculate expect IDPablo Neira Ayuso1-1/+2
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-11 19:44:24 +0300