summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
7 daysnetfilter: nft_connlimit: update the count if add was skippedFernando Fernandez Mancera2-6/+19
7 daysnetfilter: nf_conncount: rework API to use sk_buff directlyFernando Fernandez Mancera3-86/+126
7 daysnetfilter: flowtable: check for maximum number of encapsulations in bridge vlanPablo Neira Ayuso1-1/+8
2025-11-24netfilter: nf_tables: reject duplicate device on updatesPablo Neira Ayuso1-0/+30
2025-11-24Revert "netfilter: nf_tables: Reintroduce shortened deletion notifications"Pablo Neira Ayuso1-34/+2
2025-10-19netfilter: nft_objref: validate objref and objrefmap expressionsFernando Fernandez Mancera1-0/+39
2025-10-15netfilter: nfnetlink: reset nlh pointer during batch replayFernando Fernandez Mancera1-0/+2
2025-10-15ipvs: Defer ip_vs_ftp unregister during netns cleanupSlavin Liu1-1/+3
2025-10-15ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enableZhang Tengfei4-20/+17
2025-10-15netfilter: ipset: Remove unused htable_bits in macro ahash_regionZhen Ni1-4/+4
2025-09-19netfilter: nft_set_pipapo: fix null deref for empty setFlorian Westphal1-3/+2
2025-09-19netfilter: nf_tables: restart set lookup on base_seq changeFlorian Westphal2-2/+32
2025-09-19netfilter: nf_tables: make nft_set_do_lookup available unconditionallyFlorian Westphal1-5/+12
2025-09-19netfilter: nf_tables: place base_seq in struct netFlorian Westphal1-32/+33
2025-09-19netfilter: nf_tables: Reintroduce shortened deletion notificationsPhil Sutter1-17/+50
2025-09-19netfilter: nft_set_rbtree: continue traversal if element is inactiveFlorian Westphal1-3/+3
2025-09-19netfilter: nft_set_pipapo: don't check genbit from packetpath lookupsFlorian Westphal2-5/+19
2025-09-19netfilter: nft_set_pipapo: don't return bogus extension pointerFlorian Westphal1-6/+6
2025-09-19netfilter: nft_set_pipapo: merge pipapo_get/lookupFlorian Westphal1-130/+58
2025-09-19netfilter: nft_set: remove one argument from lookup and update functionsFlorian Westphal8-91/+95
2025-09-19netfilter: nft_set_pipapo: remove unused argumentsFlorian Westphal1-9/+5
2025-09-09netfilter: conntrack: helper: Replace -EEXIST by -EBUSYPhil Sutter1-2/+2
2025-08-20netfilter: nft_set_pipapo: prefer kvmalloc for scratch mapsFlorian Westphal1-5/+4
2025-08-20netfilter: ctnetlink: fix refcount leak on table dumpFlorian Westphal1-11/+13
2025-08-15bpf: Check netfilter ctx accesses are alignedPaul Chaignon1-0/+3
2025-08-15netfilter: xt_nfacct: don't assume acct name is null-terminatedFlorian Westphal1-2/+2
2025-08-15bpf: Disable migration in nf_hook_run_bpf().Kuniyuki Iwashima1-1/+1
2025-08-15netfilter: nf_tables: adjust lockdep assertions handlingFedor Pchelkin1-2/+2
2025-08-15netfilter: nf_tables: Drop dead code from fill_*_info routinesPhil Sutter1-25/+0
2025-07-24netfilter: nf_conntrack: fix crash due to removal of uninitialised entryFlorian Westphal1-6/+20
2025-06-27netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAXPablo Neira Ayuso1-0/+6
2025-06-19netfilter: nf_nat: also check reverse tuple to obtain clashing entryFlorian Westphal1-3/+9
2025-06-19netfilter: nf_set_pipapo_avx2: fix initial map fillFlorian Westphal1-1/+20
2025-06-19netfilter: nft_tunnel: fix geneve_opt dumpFernando Fernandez Mancera1-4/+4
2025-06-19netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only...Florian Westphal2-3/+3
2025-06-19netfilter: nft_set_pipapo: prevent overflow in lookup table allocationPablo Neira Ayuso1-14/+44
2025-06-19netfilter: nft_quota: match correctly when the quota just depletedZhongqiu Duan1-7/+13
2025-05-29netfilter: conntrack: Bound nf_conntrack sysctl writesNicolas Bouchinet1-3/+9
2025-05-18netfilter: ipset: fix region locking in hash typesJozsef Kadlecsik1-1/+1
2025-05-18ipvs: fix uninit-value for saddr in do_output_route4Julian Anastasov1-19/+8
2025-04-20nft_set_pipapo: fix incorrect avx2 match of 5th field octetFlorian Westphal1-1/+2
2025-04-10net: fix geneve_opt length integer overflowLin Ma1-1/+1
2025-04-10netfilter: nft_tunnel: fix geneve_opt type confusion additionLin Ma1-2/+2
2025-04-10netfilter: nf_tables: don't unregister hook when table is dormantFlorian Westphal1-2/+2
2025-04-10netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets onlyPablo Neira Ayuso1-1/+2
2025-03-22netfilter: nft_exthdr: fix offset with ipv4_find_option()Alexey Kashavkin1-6/+4
2025-03-22ipvs: prevent integer overflow in do_ip_vs_get_ctl()Dan Carpenter1-4/+4
2025-03-22netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert...Kohei Enju1-0/+2
2025-03-22netfilter: nf_tables: make destruction work queue pernetFlorian Westphal2-14/+18
2025-03-22netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap ...Nicklas Bo Jensen1-2/+2
generated by cgit v1.2.3 (git 2.39.0) at 2025-12-25 06:05:01 +0300