summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
37 hoursnetfilter: require Ethernet MAC header before using eth_hdr()Zhengchuan Liang5-12/+19
37 hoursipvs: skip ipv6 extension headers for csum checksJulian Anastasov3-39/+20
37 hoursnetfilter: nft_fib: fix stale stack leak via the OIFNAME registerDavide Ornaghi1-0/+6
37 hoursnetfilter: nft_tunnel: fix use-after-free on object destroyTristan Madani1-1/+1
37 hoursnetfilter: ctnetlink: ensure safe access to master conntrackPablo Neira Ayuso3-10/+30
37 hoursnetfilter: nft_exthdr: fix register tracking for F_PRESENT flagFlorian Westphal1-0/+3
37 hoursnetfilter: nf_log: validate MAC header was set before dumping itXiang Mei1-2/+2
37 hoursnetfilter: nf_conntrack: destroy stale expectfn expectations on unregisterWeiming Shi3-0/+22
37 hoursnetfilter: nft_ct: bail out on template ct in get evalJiayuan Chen2-6/+4
37 hoursnetfilter: conntrack_irc: fix possible out-of-bounds readFlorian Westphal1-2/+2
37 hoursnetfilter: synproxy: add mutex to guard hook reference countingFernando Fernandez Mancera1-6/+18
37 hoursipvs: clear the svc scheduler ptr early on editJulian Anastasov2-12/+15
37 hoursnetfilter: xt_NFQUEUE: prefer raw_smp_processor_idFernando Fernandez Mancera1-1/+1
37 hoursnetfilter: conntrack: tcp: do not force CLOSE on invalid-seq RST without dire...Hamza Mahfooz1-1/+2
37 hoursnetfilter: nf_tables: fix dst corruption in same register operationFernando Fernandez Mancera2-7/+24
37 hoursnetfilter: bitwise: add support for doing AND, OR and XOR directlyJeremy Sowden1-11/+123
37 hoursnetfilter: bitwise: rename some boolean operation functionsJeremy Sowden1-17/+17
37 hoursnetfilter: xt_cpu: prefer raw_smp_processor_idFlorian Westphal1-1/+1
37 hoursnetfilter: synproxy: refresh tcphdr after skb_ensure_writableChris Mason1-0/+2
2026-06-01netfilter: nft_inner: Fix IPv6 inner_thoff desyncYizhou Zhao1-1/+0
2026-06-01netfilter: ipset: stop hash:* range iteration at endNan Li4-4/+17
2026-06-01netfilter: nf_queue: hold bridge skb->dev while queuedHaoze Xie2-1/+5
2026-05-23netfilter: nf_tables: unconditionally bump set->nelems before insertionPablo Neira Ayuso1-13/+15
2026-05-23netfilter: nft_ct: fix missing expect put in obj evalLi Xiasong1-0/+2
2026-05-23netfilter: nf_conntrack_sip: get helper before allocating expectationLi Xiasong1-4/+4
2026-05-23netfilter: skip recording stale or retransmitted INITXin Long1-3/+7
2026-05-23netfilter: nf_conntrack_sip: don't use simple_strtoulFlorian Westphal2-34/+119
2026-05-23netfilter: xt_policy: fix strict mode inbound policy matchingJiexun Wang1-1/+1
2026-05-23netfilter: nfnetlink_osf: fix potential NULL dereference in ttl checkFernando Fernandez Mancera1-15/+7
2026-05-23netfilter: nfnetlink_osf: fix out-of-bounds read on option matchingFernando Fernandez Mancera1-11/+8
2026-05-23ipvs: fix MTU check for GSO packets in tunnel modeYingnan Zhang1-4/+15
2026-05-23netfilter: xtables: restrict several matches to inet familyPablo Neira Ayuso4-34/+68
2026-05-23netfilter: conntrack: remove sprintf usageFlorian Westphal2-16/+19
2026-05-23netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULOXiang Mei1-0/+4
2026-05-23netfilter: nft_osf: restrict it to ipv4Pablo Neira Ayuso1-1/+5
2026-05-23netfilter: nft_fwd_netdev: check ttl/hl before forwardingFlorian Westphal1-0/+10
2026-05-23netfilter: xt_socket: enable defrag after all other checksFlorian Westphal1-17/+6
2026-05-17netfilter: reject zero shift in nft_bitwiseKai Ma1-1/+2
2026-04-27nf_tables: nft_dynset: fix possible stateful expression memleak in error pathPablo Neira Ayuso2-3/+11
2026-04-27netfilter: conntrack: add missing netlink policy validationsFlorian Westphal2-2/+3
2026-04-27netfilter: xt_multiport: validate range encoding in checkentryRen Wei1-4/+30
2026-04-27netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminatorXiang Mei1-4/+4
2026-04-27ipvs: fix NULL deref in ip_vs_add_service error pathWeiming Shi1-1/+0
2026-04-27netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiryFlorian Westphal1-10/+10
2026-04-18netfilter: nft_ct: fix use-after-free in timeout object destroyTuan Do1-1/+1
2026-04-18netfilter: nft_set_pipapo: do not rely on ZERO_SIZE_PTRFlorian Westphal1-6/+14
2026-04-11netfilter: ipset: drop logically empty buckets in mtype_delYifan Wu1-1/+1
2026-04-11netfilter: nf_tables: reject immediate NF_QUEUE verdictPablo Neira Ayuso1-2/+5
2026-04-11netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for N...Pablo Neira Ayuso1-0/+23
2026-04-11netfilter: ctnetlink: ignore explicit helper on new expectationsPablo Neira Ayuso1-45/+9
generated by cgit v1.2.3 (git 2.39.0) at 2026-06-21 04:08:08 +0300