summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
7 daysnetfilter: nf_tables: unconditionally flush pending work before notifierFlorian Westphal1-2/+1
14 daysnetfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registersPablo Neira Ayuso2-5/+6
14 daysnetfilter: fix undefined reference to 'netfilter_lwtunnel_*' when CONFIG_SYSC...Jianguo Wu1-0/+3
2024-06-27netfilter: move the sysctl nf_hooks_lwtunnel into the netfilter coreJianguo Wu4-17/+84
2024-06-27netfilter: ipset: Fix suspicious rcu_dereference_protected()Jozsef Kadlecsik1-5/+6
2024-06-21netfilter: ipset: Fix race between namespace cleanup and gc in the list:set typeJozsef Kadlecsik2-51/+60
2024-06-21netfilter: nft_inner: validate mandatory meta and payloadDavide Ornaghi2-0/+7
2024-06-12netfilter: nft_fib: allow from forward/input without iif selectorEric Garver1-5/+3
2024-06-12netfilter: nft_payload: skbuff vlan metadata mangle supportPablo Neira Ayuso1-7/+65
2024-06-12netfilter: nft_payload: restore vlan q-in-q match supportPablo Neira Ayuso1-16/+7
2024-06-12netfilter: ipset: Add list flush to cancel_gcAlexander Maltsev1-0/+3
2024-06-12netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()Eric Dumazet1-0/+2
2024-05-02netfilter: nf_tables: honor table dormant flag from netdev release event pathPablo Neira Ayuso1-1/+3
2024-05-02ipvs: Fix checksumming on GSO of SCTP packetsIsmael Luceno1-2/+4
2024-04-27netfilter: flowtable: incorrect pppoe tuplePablo Neira Ayuso1-1/+1
2024-04-27netfilter: flowtable: validate pppoe headerPablo Neira Ayuso2-4/+7
2024-04-27netfilter: nft_set_pipapo: do not free live elementFlorian Westphal1-5/+9
2024-04-27netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()Ziyang Xuan1-2/+6
2024-04-27netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()Ziyang Xuan1-2/+6
2024-04-10netfilter: nf_tables: discard table flag update with pending basechain deletionPablo Neira Ayuso1-4/+5
2024-04-10netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()Ziyang Xuan1-2/+7
2024-04-10netfilter: nf_tables: flush pending destroy work before exit_net releasePablo Neira Ayuso1-0/+1
2024-04-10netfilter: nf_tables: reject new basechain after table flag updatePablo Neira Ayuso1-0/+3
2024-04-10netfilter: nf_tables: release mutex after nft_gc_seq_end from abort pathPablo Neira Ayuso1-5/+8
2024-04-10netfilter: nf_tables: release batch on table validation from abort pathPablo Neira Ayuso1-5/+10
2024-04-10netfilter: nf_tables: skip netdev hook unregistration if table is dormantPablo Neira Ayuso1-6/+10
2024-04-10netfilter: nf_tables: reject table flag and netdev basechain updatesPablo Neira Ayuso1-1/+30
2024-04-10netfilter: nf_tables: reject destroy command to remove basechain hooksPablo Neira Ayuso1-1/+2
2024-04-03netfilter: nf_tables: reject constant set with timeoutPablo Neira Ayuso1-0/+3
2024-04-03netfilter: nf_tables: disallow anonymous set with timeout flagPablo Neira Ayuso1-0/+3
2024-04-03netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeoutPablo Neira Ayuso1-0/+1
2024-03-27netfilter: nf_tables: Fix a memory leak in nf_tables_updchainQuan Tian1-13/+14
2024-03-27netfilter: nf_tables: do not compare internal table flags on updatesPablo Neira Ayuso1-1/+1
2024-03-27netfilter: nft_set_pipapo: release elements in clone only from destroy pathPablo Neira Ayuso1-4/+1
2024-03-15netfilter: nf_conntrack_h323: Add protection for bmp length out of rangeLena Wang1-0/+4
2024-03-15netfilter: nft_ct: fix l3num expectations with inet pseudo familyFlorian Westphal1-6/+5
2024-03-06netfilter: bridge: confirm multicast packets before passing them up the stackFlorian Westphal1-0/+1
2024-03-06netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()Ignat Korchagin1-0/+20
2024-03-01netfilter: nf_tables: use kzalloc for hook allocationFlorian Westphal1-1/+1
2024-03-01netfilter: nf_tables: register hooks last when adding new chain/flowtablePablo Neira Ayuso1-38/+40
2024-03-01netfilter: nft_flow_offload: release dst in case direct xmit path is usedPablo Neira Ayuso1-0/+1
2024-03-01netfilter: nft_flow_offload: reset dst in route object after setting up flowPablo Neira Ayuso1-3/+13
2024-03-01netfilter: nf_tables: set dormant flag on hook register failureFlorian Westphal1-0/+1
2024-03-01netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_newXin Long1-1/+1
2024-02-23netfilter: ipset: Missing gc cancellations fixedJozsef Kadlecsik2-2/+4
2024-02-23netfilter: ipset: fix performance regression in swap operationJozsef Kadlecsik4-18/+61
2024-02-23work around gcc bugs with 'asm goto' with outputsLinus Torvalds1-1/+1
2024-02-16netfilter: nft_set_rbtree: skip end interval element from gcPablo Neira Ayuso1-3/+3
2024-02-16netfilter: nft_set_pipapo: remove scratch_aligned pointerFlorian Westphal3-39/+10
2024-02-16netfilter: nft_set_pipapo: add helper to release pcpu scratch areaFlorian Westphal1-5/+23
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-19 00:54:59 +0300