summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)Author
2026-03-13netfilter: nft_set_pipapo: split gc into unlink and reclaim phaseFlorian Westphal
2026-03-04netfilter: nf_conntrack_h323: fix OOB read in decode_choice()Vahagn Vardanian
2026-03-04netfilter: xt_tcpmss: check remaining length before reading optlenFlorian Westphal
2026-03-04netfilter: nf_conntrack: Add allow_clash to generic protocol handlerYuto Hamaguchi
2026-03-04netfilter: nf_tables: fix use-after-free in nf_tables_addchain()Inseo An
2026-03-04ipvs: do not keep dest_dst if dev is going downJulian Anastasov
2026-03-04netfilter: nf_conntrack_h323: don't pass uninitialised l3num valueFlorian Westphal
2026-03-04netfilter: nft_set_rbtree: check for partial overlaps in anonymous setsPablo Neira Ayuso
2026-03-04netfilter: nft_set_rbtree: fix bogus EEXIST with NLM_F_CREATE with null intervalPablo Neira Ayuso
2026-03-04netfilter: nft_counter: fix reset of counters on 32bit archsAnders Grahn
2026-03-04netfilter: nft_set_hash: fix get operation on big endianFlorian Westphal
2026-03-04netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentationFlorian Westphal
2026-03-04netfilter: nfnetlink_queue: optimize verdict lookup with hash tableScott Mitchell
2026-03-04netfilter: nf_conncount: fix tracking of connections from localhostFernando Fernandez Mancera
2026-03-04netfilter: nft_compat: add more restrictions on netlink attributesFlorian Westphal
2026-03-04netfilter: nf_conncount: increase the connection clean up limit to 64Fernando Fernandez Mancera
2026-03-04netfilter: nf_conncount: make nf_conncount_gc_list() to disable BHFernando Fernandez Mancera
2026-03-04netfilter: nf_tables: reset table validation state on abortFlorian Westphal
2026-02-11netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()Andrew Fasano
2026-02-11netfilter: replace -EEXIST with -EBUSYDaniel Gomez
2026-01-17netfilter: nf_tables: avoid chain re-validation if possibleFlorian Westphal
2026-01-17netfilter: nf_conncount: update last_gc only when GC has been performedFernando Fernandez Mancera
2026-01-17netfilter: nf_tables: fix memory leak in nf_tables_newrule()Zilin Guan
2026-01-17netfilter: nft_synproxy: avoid possible data-race on update operationFernando Fernandez Mancera
2026-01-17netfilter: nft_set_pipapo: fix range overlap detectionFlorian Westphal
2026-01-08netfilter: nft_ct: add seqadj extension for natted connectionsAndrii Melnychenko
2026-01-08netfilter: nf_tables: remove redundant chain validation on register storePablo Neira Ayuso
2026-01-08netfilter: nf_nat: remove bogus direction checkFlorian Westphal
2026-01-08ipvs: fix ipv4 null-ptr-deref in route error pathSlavin Liu
2026-01-08netfilter: nf_conncount: fix leaked ct in error pathsFernando Fernandez Mancera
2025-12-18netfilter: nft_connlimit: update the count if add was skippedFernando Fernandez Mancera
2025-12-18netfilter: nf_conncount: rework API to use sk_buff directlyFernando Fernandez Mancera
2025-12-18netfilter: flowtable: check for maximum number of encapsulations in bridge vlanPablo Neira Ayuso
2025-11-24netfilter: nf_tables: reject duplicate device on updatesPablo Neira Ayuso
2025-11-24Revert "netfilter: nf_tables: Reintroduce shortened deletion notifications"Pablo Neira Ayuso
2025-10-19netfilter: nft_objref: validate objref and objrefmap expressionsFernando Fernandez Mancera
2025-10-15netfilter: nfnetlink: reset nlh pointer during batch replayFernando Fernandez Mancera
2025-10-15ipvs: Defer ip_vs_ftp unregister during netns cleanupSlavin Liu
2025-10-15ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enableZhang Tengfei
2025-10-15netfilter: ipset: Remove unused htable_bits in macro ahash_regionZhen Ni
2025-09-19netfilter: nft_set_pipapo: fix null deref for empty setFlorian Westphal
2025-09-19netfilter: nf_tables: restart set lookup on base_seq changeFlorian Westphal
2025-09-19netfilter: nf_tables: make nft_set_do_lookup available unconditionallyFlorian Westphal
2025-09-19netfilter: nf_tables: place base_seq in struct netFlorian Westphal
2025-09-19netfilter: nf_tables: Reintroduce shortened deletion notificationsPhil Sutter
2025-09-19netfilter: nft_set_rbtree: continue traversal if element is inactiveFlorian Westphal
2025-09-19netfilter: nft_set_pipapo: don't check genbit from packetpath lookupsFlorian Westphal
2025-09-19netfilter: nft_set_pipapo: don't return bogus extension pointerFlorian Westphal
2025-09-19netfilter: nft_set_pipapo: merge pipapo_get/lookupFlorian Westphal
2025-09-19netfilter: nft_set: remove one argument from lookup and update functionsFlorian Westphal
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-15 00:43:18 +0000