summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2024-03-01netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_newXin Long1-1/+1
2024-02-23netfilter: ipset: Missing gc cancellations fixedJozsef Kadlecsik2-2/+4
2024-02-23netfilter: ipset: fix performance regression in swap operationJozsef Kadlecsik4-18/+61
2024-02-23work around gcc bugs with 'asm goto' with outputsLinus Torvalds1-1/+1
2024-02-16netfilter: nft_set_rbtree: skip end interval element from gcPablo Neira Ayuso1-3/+3
2024-02-16netfilter: nft_set_pipapo: remove scratch_aligned pointerFlorian Westphal3-39/+10
2024-02-16netfilter: nft_set_pipapo: add helper to release pcpu scratch areaFlorian Westphal1-5/+23
2024-02-16netfilter: nft_set_pipapo: store index in scratch mapsFlorian Westphal3-26/+44
2024-02-16netfilter: nft_ct: reject direction for ct idPablo Neira Ayuso1-0/+3
2024-02-16netfilter: nft_compat: restrict match/target protocol to u16Pablo Neira Ayuso1-1/+7
2024-02-16netfilter: nft_compat: reject unused compat flagPablo Neira Ayuso1-1/+2
2024-02-16netfilter: nft_compat: narrow down revision to unsigned 8-bitsPablo Neira Ayuso1-3/+3
2024-02-05netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectationsPablo Neira Ayuso1-0/+24
2024-02-05netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting loggerPablo Neira Ayuso1-3/+4
2024-02-05netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEVPablo Neira Ayuso2-5/+10
2024-02-05netfilter: conntrack: correct window scaling with retransmitted SYNRyan Schaefer1-4/+6
2024-02-01netfilter: nf_tables: reject QUEUE/DROP verdict parametersFlorian Westphal1-10/+6
2024-02-01netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechainPablo Neira Ayuso1-2/+9
2024-02-01netfilter: nf_tables: validate NFPROTO_* familyPablo Neira Ayuso8-2/+47
2024-02-01netfilter: nf_tables: restrict anonymous set and map names to 16 bytesFlorian Westphal1-0/+4
2024-02-01netfilter: nft_limit: reject configurations that cause integer overflowFlorian Westphal1-7/+16
2024-01-26ipvs: avoid stat macros calls from preemptible contextFedor Pchelkin1-2/+2
2024-01-26netfilter: nf_tables: reject NFT_SET_CONCAT with not field length descriptionPablo Neira Ayuso1-1/+5
2024-01-26netfilter: nf_tables: skip dead set elements in netlink dumpPablo Neira Ayuso1-1/+1
2024-01-26netfilter: nf_tables: do not allow mismatch field size and set key lengthPablo Neira Ayuso1-1/+5
2024-01-26netfilter: propagate net to nf_bridge_get_physindevPavel Tikhomirov4-12/+13
2024-01-26netfilter: nf_queue: remove excess nf_bridge variablePavel Tikhomirov1-3/+1
2024-01-26netfilter: nfnetlink_log: use proper helper for fetching physinifPavel Tikhomirov1-4/+4
2024-01-26netfilter: nft_limit: do not ignore unsupported flagsPablo Neira Ayuso1-7/+12
2024-01-26netfilter: nf_tables: reject invalid set policyPablo Neira Ayuso1-1/+9
2024-01-26netfilter: nf_tables: check if catch-all set element is active in next genera...Pablo Neira Ayuso1-1/+1
2024-01-26netfilter: nf_tables: validate chain type update if availablePablo Neira Ayuso1-1/+10
2024-01-26netfilter: nf_tables: mark newset as dead on transaction abortFlorian Westphal1-0/+1
2024-01-10netfilter: nft_immediate: drop chain reference counter on errorPablo Neira Ayuso1-1/+1
2024-01-10netfilter: nf_nat: fix action not being set for all ct statesBrad Cowie1-1/+2
2024-01-10netfilter: nf_tables: set transport offset from mac header for netdev/egressPablo Neira Ayuso1-1/+1
2024-01-05netfilter: nf_tables: skip set commit for deleted/destroyed setsPablo Neira Ayuso1-1/+1
2023-12-13netfilter: nft_set_pipapo: skip inactive elements during set walkFlorian Westphal1-0/+3
2023-12-13netfilter: xt_owner: Fix for unsafe access of sk->sk_socketPhil Sutter1-4/+12
2023-12-13netfilter: nf_tables: validate family when identifying table via handlePablo Neira Ayuso1-2/+3
2023-12-13netfilter: nf_tables: bail out on mismatching dynset and set expressionsPablo Neira Ayuso1-4/+9
2023-12-13netfilter: nf_tables: fix 'exist' matching on bigendian archesFlorian Westphal2-4/+8
2023-12-13netfilter: bpf: fix bad registration on nf_defragD. Wythe1-5/+5
2023-12-13netfilter: ipset: fix race condition between swap/destroy and kernel side add...Jozsef Kadlecsik1-7/+7
2023-11-28netfilter: nf_tables: split async and sync catchall in two functionsPablo Neira Ayuso1-29/+32
2023-11-28netfilter: nf_tables: remove catchall element in GC sync pathPablo Neira Ayuso1-5/+21
2023-11-28netfilter: nf_tables: bogus ENOENT when destroying element which does not existPablo Neira Ayuso1-2/+3
2023-11-28netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()Dan Carpenter2-3/+4
2023-11-20netfilter: nat: fix ipv6 nat redirect with mapped and scoped addressesFlorian Westphal1-1/+26
2023-11-20netfilter: xt_recent: fix (increase) ipv6 literal buffer lengthMaciej Żenczykowski1-1/+1
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-26 01:55:10 +0300