summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)Author
2026-03-04netfilter: nf_conntrack_h323: fix OOB read in decode_choice()Vahagn Vardanian
2026-03-04netfilter: xt_tcpmss: check remaining length before reading optlenFlorian Westphal
2026-03-04netfilter: nf_conntrack: Add allow_clash to generic protocol handlerYuto Hamaguchi
2026-03-04netfilter: nf_conntrack_h323: don't pass uninitialised l3num valueFlorian Westphal
2026-03-04netfilter: nft_set_rbtree: check for partial overlaps in anonymous setsPablo Neira Ayuso
2026-03-04netfilter: nft_set_hash: fix get operation on big endianFlorian Westphal
2026-03-04netfilter: nf_conncount: fix tracking of connections from localhostFernando Fernandez Mancera
2026-03-04netfilter: nf_conncount: increase the connection clean up limit to 64Fernando Fernandez Mancera
2026-03-04netfilter: nf_conncount: make nf_conncount_gc_list() to disable BHFernando Fernandez Mancera
2026-02-11netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAXPablo Neira Ayuso
2026-02-06netfilter: nf_tables: typo NULL check in _clone() functionPablo Neira Ayuso
2026-01-19netfilter: nf_conncount: update last_gc only when GC has been performedFernando Fernandez Mancera
2026-01-19netfilter: nft_synproxy: avoid possible data-race on update operationFernando Fernandez Mancera
2026-01-19ipvs: fix ipv4 null-ptr-deref in route error pathSlavin Liu
2026-01-19netfilter: nf_conncount: fix leaked ct in error pathsFernando Fernandez Mancera
2026-01-19netfilter: nft_connlimit: memleak if nf_ct_netns_get() failsPablo Neira Ayuso
2026-01-19netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap ...Nicklas Bo Jensen
2026-01-19netfilter: nft_connlimit: update the count if add was skippedFernando Fernandez Mancera
2026-01-19netfilter: nf_conncount: rework API to use sk_buff directlyFernando Fernandez Mancera
2026-01-19netfilter: nf_conncount: reduce unnecessary GCWilliam Tu
2026-01-19netfilter: nft_connlimit: move stateful fields out of expression dataPablo Neira Ayuso
2025-12-07netfilter: nf_set_pipapo_avx2: fix initial map fillFlorian Westphal
2025-12-07netfilter: nf_set_pipapo: fix initial map fillFlorian Westphal
2025-12-07netfilter: nf_tables: reject duplicate device on updatesPablo Neira Ayuso
2025-10-29minmax: add in_range() macroMatthew Wilcox (Oracle)
2025-10-29ipvs: Defer ip_vs_ftp unregister during netns cleanupSlavin Liu
2025-10-29netfilter: ipset: Remove unused htable_bits in macro ahash_regionZhen Ni
2025-09-09netfilter: conntrack: helper: Replace -EEXIST by -EBUSYPhil Sutter
2025-08-28netfilter: nft_reject_inet: allow to use reject from inet ingressPablo Neira Ayuso
2025-08-28netfilter: nft_reject: unify reject init and dump into nft_rejectJose M. Guisado Gomez
2025-08-28netfilter: ctnetlink: fix refcount leak on table dumpFlorian Westphal
2025-08-28netfilter: xt_nfacct: don't assume acct name is null-terminatedFlorian Westphal
2025-08-28netfilter: nf_tables: adjust lockdep assertions handlingFedor Pchelkin
2025-06-27netfilter: nft_tunnel: fix geneve_opt dumpFernando Fernandez Mancera
2025-06-27netfilter: nft_socket: fix sk refcount leaksFlorian Westphal
2025-06-04netfilter: conntrack: Bound nf_conntrack sysctl writesNicolas Bouchinet
2025-06-04netfilter: nf_tables: do not defer rule destruction via call_rcuFlorian Westphal
2025-06-04netfilter: nf_tables: wait for rcu grace period on net_device removalPablo Neira Ayuso
2025-06-04netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctxFlorian Westphal
2025-06-04netfilter: ipset: fix region locking in hash typesJozsef Kadlecsik
2025-05-02ipvs: properly dereference pe in ip_vs_add_serviceChen Hanxiao
2025-05-02nft_set_pipapo: fix incorrect avx2 match of 5th field octetFlorian Westphal
2025-04-10netfilter: conntrack: fix crash due to confirmed bit load reorderingFlorian Westphal
2025-04-10net: fix geneve_opt length integer overflowLin Ma
2025-04-10netfilter: nft_tunnel: fix geneve_opt type confusion additionLin Ma
2025-04-10netfilter: nft_exthdr: fix offset with ipv4_find_option()Alexey Kashavkin
2025-04-10ipvs: prevent integer overflow in do_ip_vs_get_ctl()Dan Carpenter
2025-04-10netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert...Kohei Enju
2025-04-10netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template.Sebastian Andrzej Siewior
2025-04-10netfilter: nft_ct: fix use after free when attaching zone templateFlorian Westphal
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-14 19:18:30 +0000