summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2025-08-15netfilter: xt_nfacct: don't assume acct name is null-terminatedFlorian Westphal1-2/+2
2025-08-15netfilter: nf_tables: adjust lockdep assertions handlingFedor Pchelkin1-2/+2
2025-07-24netfilter: nf_conntrack: fix crash due to removal of uninitialised entryFlorian Westphal1-6/+20
2025-06-27netfilter: nf_set_pipapo_avx2: fix initial map fillFlorian Westphal1-1/+20
2025-06-27netfilter: nft_tunnel: fix geneve_opt dumpFernando Fernandez Mancera1-4/+4
2025-06-27netfilter: nft_quota: match correctly when the quota just depletedZhongqiu Duan1-7/+13
2025-06-04netfilter: conntrack: Bound nf_conntrack sysctl writesNicolas Bouchinet1-3/+9
2025-05-22netfilter: nf_tables: do not defer rule destruction via call_rcuFlorian Westphal1-17/+15
2025-05-22netfilter: nf_tables: wait for rcu grace period on net_device removalPablo Neira Ayuso1-7/+34
2025-05-22netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctxFlorian Westphal2-10/+9
2025-05-18netfilter: ipset: fix region locking in hash typesJozsef Kadlecsik1-1/+1
2025-05-18ipvs: fix uninit-value for saddr in do_output_route4Julian Anastasov1-19/+8
2025-05-18ipv4: Drop tos parameter from flowi4_update_output()Guillaume Nault1-2/+2
2025-04-25nft_set_pipapo: fix incorrect avx2 match of 5th field octetFlorian Westphal1-1/+2
2025-04-10net: fix geneve_opt length integer overflowLin Ma1-1/+1
2025-04-10netfilter: nft_tunnel: fix geneve_opt type confusion additionLin Ma1-2/+2
2025-04-10netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets onlyPablo Neira Ayuso1-1/+2
2025-03-28netfilter: nft_counter: Use u64_stats_t for statistic.Sebastian Andrzej Siewior1-44/+46
2025-03-28netfilter: nft_exthdr: fix offset with ipv4_find_option()Alexey Kashavkin1-6/+4
2025-03-28ipvs: prevent integer overflow in do_ip_vs_get_ctl()Dan Carpenter1-4/+4
2025-03-28netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert...Kohei Enju1-0/+2
2025-03-28netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap ...Nicklas Bo Jensen1-2/+2
2025-03-28netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template.Sebastian Andrzej Siewior1-2/+4
2025-03-07netfilter: allow exp not to be removed in nf_ct_find_expectationXin Long3-3/+5
2025-02-21netfilter: nf_tables: reject mismatching sum of field_len with set key lengthPablo Neira Ayuso1-4/+4
2025-02-21netfilter: nft_flow_offload: update tcp state flags under lockFlorian Westphal1-5/+11
2025-01-17netfilter: conntrack: clamp maximum hashtable size to INT_MAXPablo Neira Ayuso1-1/+4
2025-01-17netfilter: nf_tables: imbalance in flowtable bindingPablo Neira Ayuso1-4/+11
2024-12-27netfilter: ipset: Fix for recursive locking warningPhil Sutter1-0/+3
2024-12-14netfilter: nft_set_hash: skip duplicated elements pending gc runPablo Neira Ayuso1-0/+16
2024-12-14netfilter: ipset: Hold module reference while requesting a modulePhil Sutter1-0/+5
2024-12-14netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup levelPablo Neira Ayuso1-1/+1
2024-12-14netfilter: x_tables: fix LED ID check in led_tg_check()Dmitry Antipov1-1/+3
2024-12-14ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()Jinghao Jia1-3/+1
2024-12-14netfilter: ipset: add missing range check in bitmap_ip_uadtJeongjun Park1-5/+2
2024-12-14netfilter: nf_tables: must hold rcu read lock while iterating object type listFlorian Westphal1-7/+6
2024-12-14netfilter: nf_tables: skip transaction if update object is not implementedPablo Neira Ayuso1-2/+6
2024-11-22ipvs: properly dereference pe in ip_vs_add_serviceChen Hanxiao1-5/+5
2024-11-08netfilter: nft_payload: sanitize offset and length before calling skb_checksum()Pablo Neira Ayuso1-0/+3
2024-11-08netfilter: Fix use-after-free in get_info()Dong Chenchen1-1/+1
2024-11-01netfilter: xtables: fix typo causing some targets not to load on IPv6Pablo Neira Ayuso3-2/+3
2024-10-17netfilter: xtables: avoid NFPROTO_UNSPEC where neededFlorian Westphal16-165/+422
2024-10-17netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_E...Simon Horman1-5/+2
2024-10-17netfilter: nf_tables: Keep deleted flowtable hooks until after RCUPhil Sutter1-1/+1
2024-10-17netfilter: nf_tables: remove annotation to access set timeout while holding lockPablo Neira Ayuso1-2/+2
2024-10-17netfilter: nf_tables: reject expiration higher than timeoutPablo Neira Ayuso1-0/+3
2024-10-17netfilter: nf_tables: reject element expiration with no timeoutPablo Neira Ayuso1-0/+3
2024-10-17netfilter: nf_tables: elements with timeout below CONFIG_HZ never expirePablo Neira Ayuso1-1/+1
2024-09-30netfilter: nf_tables: missing iterator type in lookup walkPablo Neira Ayuso2-1/+3
2024-09-30netfilter: nft_set_pipapo: walk over current view on netlink dumpPablo Neira Ayuso2-2/+8
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-11 09:58:54 +0300