summaryrefslogtreecommitdiffstats
path: root/net/netfilter
AgeCommit message (Expand)AuthorLines
2024-03-07netfilter: nf_conntrack_h323: Add protection for bmp length out of rangeLena Wang-0/+4
2024-03-07netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeoutPablo Neira Ayuso-0/+1
2024-03-07netfilter: nft_ct: fix l3num expectations with inet pseudo familyFlorian Westphal-6/+5
2024-03-07netfilter: nf_tables: reject constant set with timeoutPablo Neira Ayuso-0/+3
2024-03-07netfilter: nf_tables: disallow anonymous set with timeout flagPablo Neira Ayuso-0/+3
2024-02-29netfilter: bridge: confirm multicast packets before passing them up the stackFlorian Westphal-0/+1
2024-02-28netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()Ignat Korchagin-0/+20
2024-02-22netfilter: nf_tables: use kzalloc for hook allocationFlorian Westphal-1/+1
2024-02-22netfilter: nf_tables: register hooks last when adding new chain/flowtablePablo Neira Ayuso-38/+40
2024-02-22netfilter: nft_flow_offload: release dst in case direct xmit path is usedPablo Neira Ayuso-0/+1
2024-02-22netfilter: nft_flow_offload: reset dst in route object after setting up flowPablo Neira Ayuso-3/+13
2024-02-22netfilter: nf_tables: set dormant flag on hook register failureFlorian Westphal-0/+1
2024-02-15Merge tag 'net-6.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/netd...Linus Torvalds-3/+7
2024-02-15netfilter: nf_tables: fix bidirectional offload regressionFelix Fietkau-0/+1
2024-02-15netfilter: nat: restore default DNAT behaviorKyle Swenson-1/+4
2024-02-15netfilter: nft_set_pipapo: fix missing : in kdocPablo Neira Ayuso-2/+2
2024-02-09work around gcc bugs with 'asm goto' with outputsLinus Torvalds-1/+1
2024-02-08netfilter: nft_set_pipapo: remove scratch_aligned pointerFlorian Westphal-39/+10
2024-02-08netfilter: nft_set_pipapo: add helper to release pcpu scratch areaFlorian Westphal-5/+23
2024-02-08netfilter: nft_set_pipapo: store index in scratch mapsFlorian Westphal-26/+44
2024-02-08netfilter: nft_set_rbtree: skip end interval element from gcPablo Neira Ayuso-3/+3
2024-02-08netfilter: nfnetlink_queue: un-break NF_REPEATFlorian Westphal-3/+10
2024-02-08netfilter: nf_tables: use timestamp to check for set element timeoutPablo Neira Ayuso-13/+28
2024-02-08netfilter: nft_ct: reject direction for ct idPablo Neira Ayuso-0/+3
2024-02-08netfilter: ctnetlink: fix filtering for zone 0Felix Huettner-4/+8
2024-02-08netfilter: ipset: Missing gc cancellations fixedJozsef Kadlecsik-2/+4
2024-02-08netfilter: nft_set_pipapo: remove static in nft_pipapo_get()Pablo Neira Ayuso-1/+1
2024-02-07netfilter: nft_compat: restrict match/target protocol to u16Pablo Neira Ayuso-1/+7
2024-02-07netfilter: nft_compat: reject unused compat flagPablo Neira Ayuso-1/+2
2024-02-07netfilter: nft_compat: narrow down revision to unsigned 8-bitsPablo Neira Ayuso-3/+3
2024-01-31netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectationsPablo Neira Ayuso-0/+24
2024-01-31netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting loggerPablo Neira Ayuso-3/+4
2024-01-31netfilter: ipset: fix performance regression in swap operationJozsef Kadlecsik-18/+61
2024-01-31netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_newXin Long-1/+1
2024-01-31netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEVPablo Neira Ayuso-5/+10
2024-01-31netfilter: conntrack: correct window scaling with retransmitted SYNRyan Schaefer-4/+6
2024-01-24netfilter: nf_tables: validate NFPROTO_* familyPablo Neira Ayuso-2/+47
2024-01-24netfilter: nf_tables: reject QUEUE/DROP verdict parametersFlorian Westphal-10/+6
2024-01-24netfilter: nf_tables: restrict anonymous set and map names to 16 bytesFlorian Westphal-0/+4
2024-01-24netfilter: nft_limit: reject configurations that cause integer overflowFlorian Westphal-7/+16
2024-01-24netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechainPablo Neira Ayuso-2/+9
2024-01-17ipvs: avoid stat macros calls from preemptible contextFedor Pchelkin-2/+2
2024-01-17netfilter: nf_tables: reject NFT_SET_CONCAT with not field length descriptionPablo Neira Ayuso-1/+5
2024-01-17netfilter: nf_tables: skip dead set elements in netlink dumpPablo Neira Ayuso-1/+1
2024-01-17netfilter: nf_tables: do not allow mismatch field size and set key lengthPablo Neira Ayuso-1/+5
2024-01-17netfilter: nf_tables: check if catch-all set element is active in next genera...Pablo Neira Ayuso-1/+1
2024-01-17netfilter: propagate net to nf_bridge_get_physindevPavel Tikhomirov-12/+13
2024-01-17netfilter: nf_queue: remove excess nf_bridge variablePavel Tikhomirov-3/+1
2024-01-17netfilter: nfnetlink_log: use proper helper for fetching physinifPavel Tikhomirov-4/+4
2024-01-17netfilter: nft_limit: do not ignore unsupported flagsPablo Neira Ayuso-7/+12
generated by cgit v1.2.3 (git 2.46.0) at 2026-05-04 14:44:08 +0000