summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2024-10-31netfilter: nft_payload: sanitize offset and length before calling skb_checksum()Pablo Neira Ayuso1-0/+3
2024-10-30netfilter: Fix use-after-free in get_info()Dong Chenchen1-1/+1
2024-10-24Merge tag 'net-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds4-2/+7
2024-10-21netfilter: xtables: fix typo causing some targets not to load on IPv6Pablo Neira Ayuso3-2/+3
2024-10-18Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpfLinus Torvalds1-1/+2
2024-10-17netfilter: bpf: must hold reference on net namespaceFlorian Westphal1-0/+4
2024-10-16bpf: Fix link info netfilter flags to populate defrag flagTyrone Wu1-1/+2
2024-10-09netfilter: xtables: avoid NFPROTO_UNSPEC where neededFlorian Westphal16-165/+422
2024-10-02move asm/unaligned.h to linux/unaligned.hAl Viro6-6/+6
2024-09-26netfilter: nfnetlink_queue: remove old clash resolution logicFlorian Westphal2-86/+0
2024-09-26netfilter: nf_tables: missing objects with no memcg accountingPablo Neira Ayuso7-15/+17
2024-09-26netfilter: nf_tables: use rcu chain hook list iterator from netlink dump pathPablo Neira Ayuso1-1/+1
2024-09-26netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_E...Simon Horman1-5/+2
2024-09-26netfilter: nf_tables: Keep deleted flowtable hooks until after RCUPhil Sutter1-1/+1
2024-09-26netfilter: ctnetlink: Guard possible unused functionsAndy Shevchenko1-1/+1
2024-09-26netfilter: conntrack: add clash resolution for reverse collisionsFlorian Westphal1-5/+51
2024-09-26netfilter: nf_nat: don't try nat source port reallocation for reverse dir clashFlorian Westphal1-2/+118
2024-09-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-2/+2
2024-09-15netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtre...Dan Carpenter1-2/+2
2024-09-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski3-7/+49
2024-09-12net: netfilter: move nf flowtable bpf initialization in nf_flow_table_module_...Lorenzo Bianconi2-1/+7
2024-09-12netfilter: nft_socket: make cgroupsv2 matching work with namespacesFlorian Westphal1-3/+38
2024-09-12netfilter: nft_socket: fix sk refcount leaksFlorian Westphal1-3/+4
2024-09-09netfilter: nft_flow_offload: Unmask upper DSCP bits in nft_flow_route()Ido Schimmel1-1/+2
2024-09-06Merge tag 'nf-next-24-09-06' of git://git.kernel.org/pub/scm/linux/kernel/git...Jakub Kicinski26-148/+165
2024-09-06net/netfilter: make use of the helper macro LIST_HEAD()Hongbo Li1-3/+1
2024-09-03netfilter: nf_tables: set element timeout update supportPablo Neira Ayuso2-5/+44
2024-09-03netfilter: nf_tables: zero timeout means element never times outPablo Neira Ayuso2-17/+25
2024-09-03netfilter: nf_tables: consolidate timeout extension for elementsPablo Neira Ayuso2-34/+22
2024-09-03netfilter: nf_tables: annotate data-races around element expirationPablo Neira Ayuso2-2/+2
2024-09-03netfilter: nft_dynset: annotate data-races around set timeoutPablo Neira Ayuso1-3/+3
2024-09-03netfilter: nf_tables: remove annotation to access set timeout while holding lockPablo Neira Ayuso1-2/+2
2024-09-03netfilter: nf_tables: reject expiration higher than timeoutPablo Neira Ayuso1-0/+3
2024-09-03netfilter: nf_tables: reject element expiration with no timeoutPablo Neira Ayuso1-0/+3
2024-09-03netfilter: nf_tables: elements with timeout below CONFIG_HZ never expirePablo Neira Ayuso1-1/+1
2024-09-03netfilter: nf_tables: drop unused 3rd argument from validate callback opsFlorian Westphal21-46/+23
2024-09-03netfilter: conntrack: Convert to use ERR_CAST()Shen Lichuan1-1/+1
2024-09-03netfilter: Use kmemdup_array instead of kmemdup for multiple allocationYan Zhen1-1/+1
2024-09-03netfilter: nft_counter: Use u64_stats_t for statistic.Sebastian Andrzej Siewior1-44/+46
2024-09-03netfilter: ctnetlink: support CTA_FILTER for flushChangliang Wu1-6/+3
2024-08-26Merge tag 'nf-next-24-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git...Jakub Kicinski25-70/+125
2024-08-22netfilter: flowtable: validate vlan headerPablo Neira Ayuso2-0/+6
2024-08-20netfilter: nf_tables: don't initialize registers in nft_do_chain()Florian Westphal1-1/+1
2024-08-20netfilter: nf_tables: allow loads only when register is initializedFlorian Westphal1-4/+34
2024-08-20netfilter: nf_tables: pass context structure to nft_parse_register_loadFlorian Westphal20-32/+33
2024-08-20netfilter: nft_counter: Synchronize nft_counter_reset() against reader.Sebastian Andrzej Siewior1-0/+5
2024-08-20netfilter: nft_counter: Disable BH in nft_counter_offload_stats().Sebastian Andrzej Siewior1-2/+2
2024-08-19netfilter: move nf_ct_netns_get out of nf_conncount_initXin Long2-14/+16
2024-08-19netfilter: nf_tables: do not remove elements if set backend implements .abortPablo Neira Ayuso1-1/+4
2024-08-19netfilter: nf_tables: store new sets in dedicated listFlorian Westphal1-9/+20
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 13:00:18 +0000