summaryrefslogtreecommitdiff
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2024-01-05netfilter: nf_tables: skip set commit for deleted/destroyed setsPablo Neira Ayuso1-1/+1
2023-12-13netfilter: nft_set_pipapo: skip inactive elements during set walkFlorian Westphal1-0/+3
2023-12-13netfilter: xt_owner: Fix for unsafe access of sk->sk_socketPhil Sutter1-4/+12
2023-12-13netfilter: nf_tables: validate family when identifying table via handlePablo Neira Ayuso1-2/+3
2023-12-13netfilter: nf_tables: bail out on mismatching dynset and set expressionsPablo Neira Ayuso1-4/+9
2023-12-13netfilter: nf_tables: fix 'exist' matching on bigendian archesFlorian Westphal2-4/+8
2023-12-13netfilter: nft_exthdr: add boolean DCCP option matchingJeremy Sowden1-0/+106
2023-12-13netfilter: ipset: fix race condition between swap/destroy and kernel side add...Jozsef Kadlecsik1-7/+7
2023-11-28netfilter: nf_tables: split async and sync catchall in two functionsPablo Neira Ayuso1-29/+32
2023-11-28netfilter: nf_tables: remove catchall element in GC sync pathPablo Neira Ayuso1-5/+21
2023-11-28netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()Dan Carpenter2-3/+4
2023-11-20netfilter: nat: fix ipv6 nat redirect with mapped and scoped addressesFlorian Westphal1-1/+26
2023-11-20netfilter: nft_redir: use `struct nf_nat_range2` throughout and deduplicate e...Jeremy Sowden3-94/+71
2023-11-20netfilter: xt_recent: fix (increase) ipv6 literal buffer lengthMaciej Żenczykowski1-1/+1
2023-11-20netfilter: nf_tables: Drop pointless memset when dumping rulesPhil Sutter1-4/+0
2023-11-08netfilter: nf_tables: audit log object reset once per tablePhil Sutter1-22/+28
2023-11-08netfilter: nfnetlink_log: silence bogus compiler warningFlorian Westphal1-1/+1
2023-10-25netfilter: nf_tables: revert do not remove elements if set backend implements...Pablo Neira Ayuso1-4/+1
2023-10-25netfilter: nf_tables: do not remove elements if set backend implements .abortPablo Neira Ayuso1-1/+4
2023-10-25netfilter: nft_set_rbtree: .deactivate fails if element has expiredPablo Neira Ayuso1-0/+2
2023-10-25netfilter: nft_payload: fix wrong mac header matchingFlorian Westphal1-1/+1
2023-10-19net: prevent address rewrite in kernel_bind()Jordan Rife1-2/+2
2023-10-10netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failureFlorian Westphal1-17/+29
2023-10-10netfilter: nf_tables: Deduplicate nft_register_obj audit logsPhil Sutter1-16/+28
2023-10-10netfilter: handle the connecting collision properly in nf_conntrack_proto_sctpXin Long1-10/+33
2023-10-10net: replace calls to sock->ops->connect() with kernel_connect()Jordan Rife1-2/+2
2023-10-06netfilter: nf_tables: fix kdoc warnings after gc reworkFlorian Westphal1-1/+1
2023-10-06netfilter: nf_tables: disallow rule removal from chain bindingPablo Neira Ayuso1-5/+13
2023-10-06netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAPJozsef Kadlecsik1-2/+10
2023-10-06netfilter: nf_tables: disable toggling dormant table state more than onceFlorian Westphal1-0/+4
2023-10-06netfilter, bpf: Adjust timeouts of non-confirmed CTs in bpf_ct_insert_entry()Ilya Leoshkevich1-0/+2
2023-10-06netfilter: conntrack: fix extension size tableFlorian Westphal1-2/+2
2023-10-06netfilter: nf_tables: disallow element removal on anonymous setsPablo Neira Ayuso1-4/+5
2023-10-06netfilter: nf_tables: fix memleak when more than 255 elements expiredFlorian Westphal1-2/+8
2023-10-06netfilter: nft_set_hash: try later when GC hits EAGAIN on iterationPablo Neira Ayuso1-6/+3
2023-10-06netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation failsPablo Neira Ayuso1-1/+1
2023-10-06netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GCPablo Neira Ayuso4-6/+22
2023-10-06netfilter: nft_set_rbtree: use read spinlock to avoid datapath contentionPablo Neira Ayuso1-4/+2
2023-10-06netfilter: nft_set_rbtree: skip sync GC for new elements in this transactionPablo Neira Ayuso1-2/+6
2023-10-06netfilter: nf_tables: defer gc run if previous batch is still pendingFlorian Westphal2-0/+6
2023-10-06netfilter: nf_tables: use correct lock to protect gc_listPablo Neira Ayuso1-2/+2
2023-10-06netfilter: nf_tables: GC transaction race with abort pathPablo Neira Ayuso1-1/+6
2023-10-06netfilter: nf_tables: GC transaction race with netns dismantlePablo Neira Ayuso1-1/+6
2023-10-06netfilter: nf_tables: fix GC transaction races with netns and netlink event e...Pablo Neira Ayuso1-4/+32
2023-10-06netfilter: nf_tables: don't fail inserts if duplicate has expiredFlorian Westphal1-19/+4
2023-10-06netfilter: nf_tables: remove busy mark and gc batch APIPablo Neira Ayuso1-47/+1
2023-10-06netfilter: nft_set_hash: mark set element as dead when deleting from packet pathPablo Neira Ayuso1-2/+4
2023-10-06netfilter: nf_tables: adapt set backend to use GC transaction APIPablo Neira Ayuso4-103/+173
2023-10-06netfilter: nf_tables: GC transaction API to avoid race with control planePablo Neira Ayuso1-11/+237
2023-10-06netfilter: nf_tables: don't skip expired elements during walkFlorian Westphal4-10/+16
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-18 16:08:53 +0000