summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2019-05-16netfilter: compat: initialize all fields in xt_initFrancesco Ruggeri1-1/+1
2019-03-23ipvs: Fix signed integer overflow when setsockopt timeoutZhangXiaoxu1-0/+12
2018-09-26netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_...Eric Dumazet1-2/+2
2018-09-26ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()Tan Hu1-4/+11
2018-08-28netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior stateFlorian Westphal1-4/+4
2018-07-11netfilter: nf_log: don't hold nf_log_mutex during user accessJann Horn1-3/+6
2018-04-13netfilter: ctnetlink: fix incorrect nf_ct_put during hash resizeLiping Zhang1-1/+6
2018-04-08netfilter: x_tables: add and use xt_check_proc_nameFlorian Westphal3-5/+36
2018-03-18netfilter: IDLETIMER: be syzkaller friendlyEric Dumazet1-3/+6
2018-03-18netfilter: nat: cope with negative port rangePaolo Abeni1-2/+5
2018-03-18netfilter: x_tables: fix missing timer initialization in xt_LEDPaolo Abeni1-6/+6
2018-02-25netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insertCong Wang1-5/+17
2018-02-25netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}Eric Dumazet1-0/+6
2018-02-25netfilter: x_tables: fix int overflow in xt_alloc_table_info()Dmitry Vyukov1-3/+1
2018-01-31netfilter: xt_osf: Add missing permission checksKevin Cernekee1-0/+7
2018-01-31netfilter: nfnetlink_cthelper: Add missing permission checksKevin Cernekee1-0/+10
2018-01-31netfilter: nf_conntrack_sip: extend request line validationUlrich Weber1-1/+4
2018-01-31netfilter: restart search if moved to other chainFlorian Westphal1-0/+7
2018-01-31netfilter: nf_ct_expect: remove the redundant slash when policy name is emptyLiping Zhang1-1/+1
2017-12-25netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash tableLiping Zhang1-96/+81
2017-12-25netfilter: nfnl_cthelper: Fix memory leakJeffy Chen1-3/+9
2017-12-25netfilter: nfnl_cthelper: fix runtime expectation policy updatesPablo Neira Ayuso1-2/+84
2017-11-30netfilter: nf_tables: fix oob accessFlorian Westphal1-1/+1
2017-11-30netfilter: nft_queue: use raw_smp_processor_id()Pablo Neira Ayuso1-1/+1
2017-10-21netfilter: nf_ct_expect: Change __nf_ct_expect_check() return value.Jarno Rajahalme1-2/+2
2017-10-08netfilter: nfnl_cthelper: fix incorrect helper->expect_class_maxLiping Zhang1-9/+11
2017-10-08netfilter: invoke synchronize_rcu after set the _hook_ to NULLLiping Zhang4-0/+6
2017-08-25netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregisterLiping Zhang1-3/+10
2017-07-05netfilter: synproxy: fix conntrackd interactionEric Leblond1-0/+4
2017-07-05netfilter: xt_TCPMSS: add more sanity tests on tcph->doffEric Dumazet1-1/+5
2017-02-08netfilter; Add some missing default cases to switch statements in nft_reject.David S. Miller2-0/+4
2017-02-08netfilter: Fix switch statement warnings with recent gcc.David Miller2-3/+11
2016-08-03netfilter: x_tables: speed up jump target validationFlorian Westphal1-0/+50
2016-07-12netfilter: x_tables: introduce and use xt_copy_counters_from_userFlorian Westphal1-0/+74
2016-07-12netfilter: x_tables: do compat validation via translate_tableFlorian Westphal1-0/+8
2016-07-12netfilter: x_tables: xt_compat_match_from_user doesn't need a retvalFlorian Westphal1-3/+2
2016-07-12netfilter: x_tables: don't reject valid target size on some architecturesFlorian Westphal1-2/+2
2016-07-12netfilter: x_tables: validate all offsets and sizes in a ruleFlorian Westphal1-5/+76
2016-07-12netfilter: x_tables: check for bogus target offsetFlorian Westphal1-2/+15
2016-07-12netfilter: x_tables: check standard target size tooFlorian Westphal1-0/+15
2016-07-12netfilter: x_tables: add compat version of xt_check_entry_offsetsFlorian Westphal1-0/+22
2016-07-12netfilter: x_tables: assert minimum target sizeFlorian Westphal1-0/+3
2016-07-12netfilter: x_tables: add and use xt_check_entry_offsetsFlorian Westphal1-0/+34
2016-07-12ipvs: correct initial offset of Call-ID header search in SIP persistence engineMarco Angaroni1-1/+1
2016-05-18nf_conntrack: avoid kernel pointer value leak in slab nameLinus Torvalds1-1/+3
2015-10-28ipvs: fix crash with sync protocol v0 and FTPJulian Anastasov1-1/+1
2015-10-28ipvs: skb_orphan in case of forwardingAlex Gartrell1-0/+27
2015-10-28ipvs: fix crash if scheduler is changedJulian Anastasov3-37/+69
2015-10-28ipvs: do not use random local source address for tunnelsJulian Anastasov1-1/+0
2015-10-28netfilter: nf_log: don't zap all loggers on unregisterFlorian Westphal1-2/+6
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-26 18:09:59 +0300