summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)Author
2022-09-28netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()Pablo Neira Ayuso
2022-09-28netfilter: nf_conntrack_irc: Tighten matching on DCC messageDavid Leadbeater
2022-09-28netfilter: nf_conntrack_sip: fix ct_sip_walk_headersIgor Ryzhov
2022-09-15netfilter: nf_conntrack_irc: Fix forged IP logicDavid Leadbeater
2022-09-05netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to yGeert Uytterhoeven
2022-09-05netfilter: nft_tunnel: restrict it to netdev familyPablo Neira Ayuso
2022-09-05netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet familiesPablo Neira Ayuso
2022-09-05netfilter: nft_payload: do not truncate csum_offset and csum_typePablo Neira Ayuso
2022-09-05netfilter: nft_payload: report ERANGE for too long offset and lengthPablo Neira Ayuso
2022-08-25netfilter: nf_tables: really skip inactive sets when allocating namePablo Neira Ayuso
2022-08-25netfilter: nf_tables: fix null deref due to zeroed list headFlorian Westphal
2022-08-25netfilter: nf_tables: do not allow RULE_ID to refer to another chainThadeu Lima de Souza Cascardo
2022-08-25netfilter: nf_tables: do not allow SET_ID to refer to another tableThadeu Lima de Souza Cascardo
2022-08-03netfilter: nf_queue: do not allow packet truncation below transport header of...Florian Westphal
2022-07-07netfilter: nft_dynset: restore set element counter when failing to updatePablo Neira Ayuso
2022-06-14netfilter: nf_tables: memleak flow rule from commit pathPablo Neira Ayuso
2022-06-14netfilter: nat: really support inet nat without l3 addressFlorian Westphal
2022-06-14netfilter: nf_tables: disallow non-stateful expression in sets earlierPablo Neira Ayuso
2022-05-09netfilter: nft_socket: only do sk lookups when indev is availableFlorian Westphal
2022-05-09ipvs: correctly print the memory size of ip_vs_conn_tabPengcheng Yang
2022-04-15netfilter: nf_conntrack_tcp: preserve liberal flag in tcp optionsPablo Neira Ayuso
2022-03-28netfilter: nf_tables: initialize registers in nft_do_chain()Pablo Neira Ayuso
2022-03-08netfilter: nf_queue: fix possible use-after-freeFlorian Westphal
2022-03-08netfilter: nf_queue: don't assume sk is full socketFlorian Westphal
2022-03-08netfilter: fix use-after-free in __nf_register_net_hook()Eric Dumazet
2022-03-02netfilter: nf_tables: fix memory leak during stateful obj updateFlorian Westphal
2022-03-02netfilter: nf_tables_offload: incorrect flow offload action array sizePablo Neira Ayuso
2022-02-23netfilter: conntrack: don't refresh sctp entries in closed stateFlorian Westphal
2022-02-23netfilter: nft_synproxy: unregister hooks on init error pathPablo Neira Ayuso
2022-02-01netfilter: conntrack: don't increment invalid counter on NF_REPEATFlorian Westphal
2022-02-01netfilter: nft_payload: do not update layer 4 checksum when mangling fragmentsPablo Neira Ayuso
2021-12-29netfilter: fix regression in looped (broad|multi)cast's MAC handlingIgnacy Gawędzki
2021-12-01netfilter: ipvs: Fix reuse connection if RS weight is 0yangxingwu
2021-11-17netfilter: nfnetlink_queue: fix OOB when mac header was clearedFlorian Westphal
2021-11-17netfilter: nft_dynset: relax superfluous check on set updatesPablo Neira Ayuso
2021-11-17netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream statePablo Neira Ayuso
2021-10-27netfilter: Kconfig: use 'default y' instead of 'm' for bool config optionVegard Nossum
2021-10-27netfilter: ipvs: make global sysctl readonly in non-init netnsAntoine Tenart
2021-10-17netfilter: nf_nat_masquerade: defer conntrack walk to work queueFlorian Westphal
2021-10-17netfilter: nf_nat_masquerade: make async masq_inet6_event handling genericFlorian Westphal
2021-10-06netfilter: ipset: Fix oversized kvmalloc() callsJozsef Kadlecsik
2021-10-06ipvs: check that ip_vs_conn_tab_bits is between 8 and 20Andrea Claudi
2021-09-03netfilter: conntrack: collect all entries in one cycleFlorian Westphal
2021-08-26netfilter: nft_exthdr: fix endianness of tcp option castSergey Marinkevich
2021-08-04netfilter: nft_nat: allow to specify layer 4 protocol NAT onlyPablo Neira Ayuso
2021-08-04netfilter: conntrack: adjust stop timestamp to real expiry valueFlorian Westphal
2021-07-25netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfoVasily Averin
2021-07-14netfilter: nft_tproxy: restrict support to TCP and UDP transport protocolsPablo Neira Ayuso
2021-07-14netfilter: nft_osf: check for TCP packet before further processingPablo Neira Ayuso
2021-07-14netfilter: nft_exthdr: check for IPv6 packet before further processingPablo Neira Ayuso
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-11 23:27:51 +0000