summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2025-01-17netfilter: conntrack: clamp maximum hashtable size to INT_MAXPablo Neira Ayuso1-1/+4
2025-01-17netfilter: nf_tables: imbalance in flowtable bindingPablo Neira Ayuso1-4/+11
2024-12-27netfilter: ipset: Fix for recursive locking warningPhil Sutter1-0/+3
2024-12-27ipvs: Fix clamp() of ip_vs_conn_tab on small memory systemsDavid Laight1-2/+2
2024-12-19netfilter: nf_tables: do not defer rule destruction via call_rcuFlorian Westphal1-17/+15
2024-12-19netfilter: IDLETIMER: Fix for possible ABBA deadlockPhil Sutter1-24/+28
2024-12-14netfilter: nft_set_hash: skip duplicated elements pending gc runPablo Neira Ayuso1-0/+16
2024-12-14netfilter: ipset: Hold module reference while requesting a modulePhil Sutter1-0/+5
2024-12-14netfilter: nft_inner: incorrect percpu area handling under softirqPablo Neira Ayuso1-12/+45
2024-12-14ipv6: introduce dst_rt6_info() helperEric Dumazet4-16/+12
2024-12-14netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup levelPablo Neira Ayuso1-1/+1
2024-12-14netfilter: x_tables: fix LED ID check in led_tg_check()Dmitry Antipov1-1/+3
2024-12-14ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()Jinghao Jia1-3/+1
2024-12-09netfilter: ipset: add missing range check in bitmap_ip_uadtJeongjun Park1-5/+2
2024-12-09netfilter: nf_tables: must hold rcu read lock while iterating object type listFlorian Westphal1-7/+6
2024-12-09netfilter: nf_tables: skip transaction if update object is not implementedPablo Neira Ayuso1-2/+6
2024-12-09netfilter: nf_tables: must hold rcu read lock while iterating expression type...Florian Westphal1-6/+18
2024-12-09netfilter: nf_tables: avoid false-positive lockdep splat on rule deletionFlorian Westphal1-10/+13
2024-12-09netfilter: nf_tables: Introduce nf_tables_getrule_single()Phil Sutter1-31/+43
2024-12-09netfilter: nf_tables: Open-code audit log call in nf_tables_getrule()Phil Sutter1-4/+15
2024-11-14netfilter: nf_tables: wait for rcu grace period on net_device removalPablo Neira Ayuso1-7/+34
2024-11-14netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctxFlorian Westphal2-10/+9
2024-11-08netfilter: nft_payload: sanitize offset and length before calling skb_checksum()Pablo Neira Ayuso1-0/+3
2024-11-08netfilter: Fix use-after-free in get_info()Dong Chenchen1-1/+1
2024-11-01netfilter: xtables: fix typo causing some targets not to load on IPv6Pablo Neira Ayuso3-2/+3
2024-11-01netfilter: bpf: must hold reference on net namespaceFlorian Westphal1-0/+4
2024-11-01bpf: Fix link info netfilter flags to populate defrag flagTyrone Wu1-1/+2
2024-10-17netfilter: xtables: avoid NFPROTO_UNSPEC where neededFlorian Westphal16-165/+422
2024-10-17netfilter: nf_nat: don't try nat source port reallocation for reverse dir clashFlorian Westphal1-2/+118
2024-10-10netfilter: nf_tables: restore set elements when delete set failsPablo Neira Ayuso5-20/+42
2024-10-10netfilter: nf_tables: fix memleak in map from abort pathPablo Neira Ayuso1-2/+14
2024-10-04netfilter: nf_tables: use rcu chain hook list iterator from netlink dump pathPablo Neira Ayuso1-1/+1
2024-10-04netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_E...Simon Horman1-5/+2
2024-10-04netfilter: nf_tables: Keep deleted flowtable hooks until after RCUPhil Sutter1-1/+1
2024-10-04netfilter: nf_tables: remove annotation to access set timeout while holding lockPablo Neira Ayuso1-2/+2
2024-10-04netfilter: nf_tables: reject expiration higher than timeoutPablo Neira Ayuso1-0/+3
2024-10-04netfilter: nf_tables: reject element expiration with no timeoutPablo Neira Ayuso1-0/+3
2024-10-04netfilter: nf_tables: elements with timeout below CONFIG_HZ never expirePablo Neira Ayuso1-1/+1
2024-09-30netfilter: nf_tables: missing iterator type in lookup walkPablo Neira Ayuso2-1/+3
2024-09-30netfilter: nft_set_pipapo: walk over current view on netlink dumpPablo Neira Ayuso2-2/+8
2024-09-30netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtre...Dan Carpenter1-2/+2
2024-09-30netfilter: nft_socket: make cgroupsv2 matching work with namespacesFlorian Westphal1-3/+38
2024-09-18netfilter: nft_socket: fix sk refcount leaksFlorian Westphal1-3/+4
2024-09-12netfilter: nf_conncount: fix wrong variable typeYunjian Wang1-5/+3
2024-08-29netfilter: flowtable: validate vlan headerPablo Neira Ayuso2-0/+6
2024-08-29netfilter: nft_counter: Synchronize nft_counter_reset() against reader.Sebastian Andrzej Siewior1-0/+5
2024-08-29netfilter: nft_counter: Disable BH in nft_counter_offload_stats().Sebastian Andrzej Siewior1-2/+2
2024-08-29netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requestsPhil Sutter1-13/+59
2024-08-29netfilter: nf_tables: Introduce nf_tables_getobj_singlePhil Sutter1-31/+44
2024-08-29netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctxPhil Sutter1-6/+6
generated by cgit v1.2.3 (git 2.39.0) at 2026-01-11 09:41:12 +0300