summaryrefslogtreecommitdiffstats
path: root/net/netfilter
AgeCommit message (Expand)Author
2021-06-10netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatchesPablo Neira Ayuso
2021-06-10netfilter: nft_ct: skip expectations for confirmed conntrackPablo Neira Ayuso
2021-06-10ipvs: ignore IP_VS_SVC_F_HASHED flag when adding serviceJulian Anastasov
2021-06-10netfilter: conntrack: unregister ipv4 sockopts on error unwindFlorian Westphal
2021-05-19netfilter: conntrack: Make global sysctls readonly in non-init netnsJonathon Reinhart
2021-05-19netfilter: nftables: avoid overflows in nft_hash_buckets()Eric Dumazet
2021-05-19netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL checkPablo Neira Ayuso
2021-05-19netfilter: xt_SECMARK: add new revision to fix structure layoutPablo Neira Ayuso
2021-04-21netfilter: nft_limit: avoid possible divide error in nft_limit_initEric Dumazet
2021-04-21netfilter: conntrack: do not print icmpv6 as unknown via /procPablo Neira Ayuso
2021-04-16netfilter: x_tables: fix compat match/target pad out-of-bound writeFlorian Westphal
2021-04-10netfilter: conntrack: Fix gre tunneling over ipv6Ludovic Senecaux
2021-03-30netfilter: x_tables: Use correct memory barriers.Mark Tomlinson
2021-03-30Revert "netfilter: x_tables: Switch synchronization to RCU"Mark Tomlinson
2021-03-30netfilter: ctnetlink: fix dump of the expect mask attributeFlorian Westphal
2021-03-17netfilter: x_tables: gpf inside xt_find_revision()Vasily Averin
2021-03-17netfilter: nf_nat: undo erroneous tcp edemux lookupFlorian Westphal
2021-02-17netfilter: conntrack: skip identical origin tuple in same zone onlyFlorian Westphal
2021-02-17netfilter: flowtable: fix tcp and udp header checksum updateSven Auhagen
2021-02-17netfilter: nftables: fix possible UAF over chains from packet path in netnsPablo Neira Ayuso
2021-02-17netfilter: xt_recent: Fix attempt to update deleted entryJozsef Kadlecsik
2021-02-03netfilter: nft_dynset: add timeout extension to templatePablo Neira Ayuso
2021-01-19netfilter: nft_compat: remove flush counter optimizationFlorian Westphal
2021-01-19netfilter: nf_nat: Fix memleak in nf_nat_initDinghao Liu
2021-01-19netfilter: conntrack: fix reading nf_conntrack_bucketsJesper Dangaard Brouer
2021-01-19netfilter: ipset: fixes possible oops in mtype_resizeVasily Averin
2021-01-12netfilter: nft_dynset: report EOPNOTSUPP on missing set featurePablo Neira Ayuso
2021-01-12netfilter: xt_RATEEST: reject non-null terminated string from userspaceFlorian Westphal
2021-01-12netfilter: ipset: fix shift-out-of-bounds in htable_bits()Vasily Averin
2020-12-30netfilter: nft_ct: Remove confirmation check for NFT_CT_IDBrett Mastbergen
2020-12-30netfilter: nft_dynset: fix timeouts later than 23 daysPablo Neira Ayuso
2020-12-30netfilter: nft_compat: make sure xtables destructors have runFlorian Westphal
2020-12-30netfilter: x_tables: Switch synchronization to RCUSubash Abhinov Kasiviswanathan
2020-12-11netfilter: nftables_offload: set address type in control dissectorPablo Neira Ayuso
2020-12-11netfilter: nf_tables: avoid false-postive lockdep splatFlorian Westphal
2020-12-11netfilter: ipset: prevent uninit-value in hash_ip6_addEric Dumazet
2020-11-18netfilter: ipset: Update byte and packet counters regardless of whether they ...Stefano Brivio
2020-11-18netfilter: nf_tables: missing validation from the abort pathPablo Neira Ayuso
2020-11-18netfilter: use actual socket sk rather than skb sk when routing harderJason A. Donenfeld
2020-11-01netfilter: nftables_offload: KASAN slab-out-of-bounds Read in nft_flow_rule_c...Saeed Mirzamohammadi
2020-10-29ipvs: Fix uninit-value in do_ip_vs_set_ctl()Peilin Ye
2020-10-29netfilter: nf_fwd_netdev: clear timestamp in forwarding pathPablo Neira Ayuso
2020-10-29netfilter: conntrack: connection timeout after re-registerFrancesco Ruggeri
2020-10-29netfilter: nf_log: missing vlan offload tag and protoPablo Neira Ayuso
2020-10-29ipvs: clear skb->tstamp in forwarding pathJulian Anastasov
2020-10-07netfilter: ctnetlink: add a range check for l3/l4 protonumWill McVicker
2020-10-01netfilter: conntrack: nf_conncount_init is failing with IPv6 disabledEelco Chaudron
2020-10-01netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup()Qian Cai
2020-09-17netfilter: conntrack: allow sctp hearbeat after connection re-useFlorian Westphal
2020-09-09netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFSPablo Neira Ayuso
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-27 23:07:21 +0000