summaryrefslogtreecommitdiffstats
path: root/net/netfilter
Commit message (Expand)AuthorAgeFilesLines
* netfilter: IDLETIMER: be syzkaller friendlyEric Dumazet2018-06-161-3/+6
* netfilter: nat: cope with negative port rangePaolo Abeni2018-06-161-2/+5
* netfilter: x_tables: fix missing timer initialization in xt_LEDPaolo Abeni2018-06-161-6/+6
* netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insertCong Wang2018-06-161-5/+17
* netfilter: xt_bpf: add overflow checksJann Horn2018-03-031-1/+5
* netfilter: xt_TCPMSS: add more sanity tests on tcph->doffEric Dumazet2018-02-131-1/+5
* netfilter: xt_osf: Add missing permission checksKevin Cernekee2018-01-011-0/+7
* netfilter: nfnetlink_cthelper: Add missing permission checksKevin Cernekee2018-01-011-0/+10
* netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_...Eric Dumazet2018-01-011-2/+2
* netfilter: ipset: pernet ops must be unregistered lastFlorian Westphal2018-01-011-9/+14
* netfilter; Add some missing default cases to switch statements in nft_reject.David S. Miller2017-11-111-0/+2
* netfilter: Fix switch statement warnings with recent gcc.David Miller2017-11-112-3/+11
* ipv6: Add rt6_get_cookie() functionMartin KaFai Lau2017-11-111-1/+1
* netfilter: ctnetlink: fix incorrect nf_ct_put during hash resizeLiping Zhang2017-09-151-1/+6
* netfilter: ctnetlink: make it safer when updating ct->statusLiping Zhang2017-08-261-6/+21
* netfilter: ctnetlink: fix deadlock due to acquire _expect_lock twiceLiping Zhang2017-08-261-19/+14
* netfilter: nft_log: restrict the log prefix length to 127Liping Zhang2017-03-162-2/+2
* netfilter: nfnetlink: correctly validate length of batch messagesPhil Turnbull2017-02-231-4/+5
* netfilter: nf_tables: destroy the set if fail to add transactionLiping Zhang2017-02-231-1/+3
* netfilter: nf_tables: fix type mismatch with error return from nft_parse_u32_...John W. Linville2017-02-231-1/+1
* netfilter: nf_conntrack_sip: extend request line validationUlrich Weber2017-02-231-1/+4
* netfilter: nf_tables: underflow in nft_parse_u32_check()Dan Carpenter2017-02-231-1/+1
* netfilter: nf_tables: validate maximum value of u32 netlink attributesLaura Garcia Liebana2017-02-236-7/+57
* netfilter: nft_exthdr: Add size check on u8 nft_exthdr attributesLaura Garcia Liebana2017-02-231-2/+9
* netfilter: restart search if moved to other chainFlorian Westphal2017-02-231-0/+7
* netfilter: nfnetlink_queue: reject verdict request from different portidLiping Zhang2016-11-201-4/+2
* netfilter: nf_ct_expect: remove the redundant slash when policy name is emptyLiping Zhang2016-11-201-1/+1
* netfilter: x_tables: speed up jump target validationFlorian Westphal2016-11-201-0/+50
* netfilter: x_tables: introduce and use xt_copy_counters_from_userFlorian Westphal2016-08-221-0/+74
* netfilter: x_tables: do compat validation via translate_tableFlorian Westphal2016-08-221-0/+8
* netfilter: x_tables: xt_compat_match_from_user doesn't need a retvalFlorian Westphal2016-08-221-3/+2
* netfilter: x_tables: don't reject valid target size on some architecturesFlorian Westphal2016-08-221-2/+2
* netfilter: x_tables: validate all offsets and sizes in a ruleFlorian Westphal2016-08-221-5/+76
* netfilter: x_tables: check for bogus target offsetFlorian Westphal2016-08-221-2/+15
* netfilter: x_tables: check standard target size tooFlorian Westphal2016-08-221-0/+15
* netfilter: x_tables: add compat version of xt_check_entry_offsetsFlorian Westphal2016-08-221-0/+22
* netfilter: x_tables: assert minimum target sizeFlorian Westphal2016-08-221-0/+3
* netfilter: x_tables: add and use xt_check_entry_offsetsFlorian Westphal2016-08-221-0/+34
* nf_conntrack: avoid kernel pointer value leak in slab nameLinus Torvalds2016-06-151-1/+3
* ipvs: correct initial offset of Call-ID header search in SIP persistence engineMarco Angaroni2016-05-011-1/+1
* netfilter: nf_tables: fix bogus warning in nft_data_uninit()Mirek Kratochvil2015-12-181-2/+2
* netfilter: nfnetlink: don't probe module if it existsFlorian Westphal2015-12-131-1/+1
* netfilter: nft_compat: skip family comparison in case of NFPROTO_UNSPECPablo Neira Ayuso2015-10-191-6/+18
* netlink, mmap: fix edge-case leakages in nf queue zero-copyDaniel Borkmann2015-09-301-2/+3
* netfilter: nf_conntrack: Support expectations in different zonesJoe Stringer2015-08-251-1/+2
* ipvs: fix crash with sync protocol v0 and FTPJulian Anastasov2015-08-251-1/+1
* ipvs: fix crash if scheduler is changedJulian Anastasov2015-08-253-37/+69
* ipvs: do not use random local source address for tunnelsJulian Anastasov2015-08-251-1/+0
* netfilter: ctnetlink: put back references to master ct and expect objectsPablo Neira Ayuso2015-08-251-5/+0
* netfilter: nfnetlink_cthelper: Remove 'const' and '&' to avoid warningsChen Gang2015-07-201-2/+2
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-08 03:19:01 +0000