summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2026-03-04netfilter: nf_conntrack_h323: fix OOB read in decode_choice()Vahagn Vardanian1-1/+1
2026-03-04netfilter: xt_tcpmss: check remaining length before reading optlenFlorian Westphal1-1/+1
2026-03-04netfilter: nf_conntrack: Add allow_clash to generic protocol handlerYuto Hamaguchi1-0/+1
2026-03-04netfilter: nf_tables: fix use-after-free in nf_tables_addchain()Inseo An1-0/+1
2026-03-04netfilter: nf_conntrack_h323: don't pass uninitialised l3num valueFlorian Westphal1-5/+5
2026-03-04netfilter: nft_set_rbtree: check for partial overlaps in anonymous setsPablo Neira Ayuso1-5/+25
2026-03-04netfilter: nft_counter: fix reset of counters on 32bit archsAnders Grahn1-2/+2
2026-03-04netfilter: nft_set_hash: fix get operation on big endianFlorian Westphal1-2/+7
2026-03-04netfilter: nf_conncount: fix tracking of connections from localhostFernando Fernandez Mancera1-2/+13
2026-03-04netfilter: nft_compat: add more restrictions on netlink attributesFlorian Westphal1-3/+10
2026-03-04netfilter: nf_conncount: increase the connection clean up limit to 64Fernando Fernandez Mancera1-5/+10
2026-03-04netfilter: nf_conncount: make nf_conncount_gc_list() to disable BHFernando Fernandez Mancera2-13/+18
2026-03-04netfilter: nf_tables: reset table validation state on abortFlorian Westphal1-0/+7
2026-02-16netfilter: nft_set_pipapo: prevent overflow in lookup table allocationPablo Neira Ayuso1-14/+44
2026-02-16netfilter: nf_tables: missing objects with no memcg accountingPablo Neira Ayuso7-14/+15
2026-02-11netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()Andrew Fasano1-1/+1
2026-02-11netfilter: replace -EEXIST with -EBUSYDaniel Gomez2-3/+3
2026-02-11netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAXPablo Neira Ayuso1-0/+8
2026-01-17netfilter: nf_tables: avoid chain re-validation if possibleFlorian Westphal1-4/+65
2026-01-17netfilter: nf_conncount: update last_gc only when GC has been performedFernando Fernandez Mancera1-1/+1
2026-01-17netfilter: nf_tables: fix memory leak in nf_tables_newrule()Zilin Guan1-1/+2
2026-01-17netfilter: nft_synproxy: avoid possible data-race on update operationFernando Fernandez Mancera1-3/+3
2026-01-11netfilter: nf_tables: remove redundant chain validation on register storePablo Neira Ayuso1-11/+0
2026-01-11netfilter: nf_tables: allow loads only when register is initializedFlorian Westphal1-4/+34
2026-01-11netfilter: nf_tables: pass context structure to nft_parse_register_loadFlorian Westphal20-32/+33
2026-01-11ipvs: fix ipv4 null-ptr-deref in route error pathSlavin Liu1-0/+3
2026-01-11netfilter: nf_conncount: fix leaked ct in error pathsFernando Fernandez Mancera1-11/+14
2026-01-11netfilter: nft_connlimit: update the count if add was skippedFernando Fernandez Mancera2-6/+19
2026-01-11netfilter: nf_conncount: rework API to use sk_buff directlyFernando Fernandez Mancera3-86/+126
2026-01-11netfilter: flowtable: check for maximum number of encapsulations in bridge vlanPablo Neira Ayuso1-1/+8
2025-11-24netfilter: nf_tables: reject duplicate device on updatesPablo Neira Ayuso1-0/+30
2025-10-19netfilter: nft_objref: validate objref and objrefmap expressionsFernando Fernandez Mancera1-0/+39
2025-10-19netfilter: nf_tables: drop unused 3rd argument from validate callback opsFlorian Westphal21-46/+23
2025-10-15ipvs: Defer ip_vs_ftp unregister during netns cleanupSlavin Liu1-1/+3
2025-10-15ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enableZhang Tengfei4-20/+17
2025-10-15netfilter: ipset: Remove unused htable_bits in macro ahash_regionZhen Ni1-4/+4
2025-09-09netfilter: conntrack: helper: Replace -EEXIST by -EBUSYPhil Sutter1-2/+2
2025-08-28netfilter: ctnetlink: fix refcount leak on table dumpFlorian Westphal1-11/+13
2025-08-15bpf: Check netfilter ctx accesses are alignedPaul Chaignon1-0/+3
2025-08-15netfilter: xt_nfacct: don't assume acct name is null-terminatedFlorian Westphal1-2/+2
2025-08-15bpf: Disable migration in nf_hook_run_bpf().Kuniyuki Iwashima1-1/+1
2025-08-15netfilter: nf_tables: adjust lockdep assertions handlingFedor Pchelkin1-2/+2
2025-08-15netfilter: nf_tables: Drop dead code from fill_*_info routinesPhil Sutter1-25/+0
2025-07-24netfilter: nf_conntrack: fix crash due to removal of uninitialised entryFlorian Westphal1-6/+20
2025-06-19netfilter: nf_nat: also check reverse tuple to obtain clashing entryFlorian Westphal1-3/+9
2025-06-19netfilter: nf_set_pipapo_avx2: fix initial map fillFlorian Westphal1-1/+20
2025-06-19netfilter: nft_tunnel: fix geneve_opt dumpFernando Fernandez Mancera1-4/+4
2025-06-19netfilter: nft_quota: match correctly when the quota just depletedZhongqiu Duan1-7/+13
2025-06-04netfilter: conntrack: Bound nf_conntrack sysctl writesNicolas Bouchinet1-3/+9
2025-05-18netfilter: ipset: fix region locking in hash typesJozsef Kadlecsik1-1/+1
generated by cgit v1.2.3 (git 2.39.0) at 2026-03-27 03:02:37 +0300