summaryrefslogtreecommitdiffstats
path: root/net/netfilter
Commit message (Expand)AuthorAgeFilesLines
* netfilter: compat: initialize all fields in xt_initFrancesco Ruggeri2019-05-161-1/+1
* ipvs: Fix signed integer overflow when setsockopt timeoutZhangXiaoxu2019-03-231-0/+12
* netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_...Eric Dumazet2018-09-261-2/+2
* ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()Tan Hu2018-09-261-4/+11
* netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior stateFlorian Westphal2018-08-281-4/+4
* netfilter: nf_log: don't hold nf_log_mutex during user accessJann Horn2018-07-111-3/+6
* netfilter: ctnetlink: fix incorrect nf_ct_put during hash resizeLiping Zhang2018-04-131-1/+6
* netfilter: x_tables: add and use xt_check_proc_nameFlorian Westphal2018-04-083-5/+36
* netfilter: IDLETIMER: be syzkaller friendlyEric Dumazet2018-03-181-3/+6
* netfilter: nat: cope with negative port rangePaolo Abeni2018-03-181-2/+5
* netfilter: x_tables: fix missing timer initialization in xt_LEDPaolo Abeni2018-03-181-6/+6
* netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insertCong Wang2018-02-251-5/+17
* netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}Eric Dumazet2018-02-251-0/+6
* netfilter: x_tables: fix int overflow in xt_alloc_table_info()Dmitry Vyukov2018-02-251-3/+1
* netfilter: xt_osf: Add missing permission checksKevin Cernekee2018-01-311-0/+7
* netfilter: nfnetlink_cthelper: Add missing permission checksKevin Cernekee2018-01-311-0/+10
* netfilter: nf_conntrack_sip: extend request line validationUlrich Weber2018-01-311-1/+4
* netfilter: restart search if moved to other chainFlorian Westphal2018-01-311-0/+7
* netfilter: nf_ct_expect: remove the redundant slash when policy name is emptyLiping Zhang2018-01-311-1/+1
* netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash tableLiping Zhang2017-12-251-96/+81
* netfilter: nfnl_cthelper: Fix memory leakJeffy Chen2017-12-251-3/+9
* netfilter: nfnl_cthelper: fix runtime expectation policy updatesPablo Neira Ayuso2017-12-251-2/+84
* netfilter: nf_tables: fix oob accessFlorian Westphal2017-11-301-1/+1
* netfilter: nft_queue: use raw_smp_processor_id()Pablo Neira Ayuso2017-11-301-1/+1
* netfilter: nf_ct_expect: Change __nf_ct_expect_check() return value.Jarno Rajahalme2017-10-211-2/+2
* netfilter: nfnl_cthelper: fix incorrect helper->expect_class_maxLiping Zhang2017-10-081-9/+11
* netfilter: invoke synchronize_rcu after set the _hook_ to NULLLiping Zhang2017-10-084-0/+6
* netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregisterLiping Zhang2017-08-241-3/+10
* netfilter: synproxy: fix conntrackd interactionEric Leblond2017-07-051-0/+4
* netfilter: xt_TCPMSS: add more sanity tests on tcph->doffEric Dumazet2017-07-051-1/+5
* netfilter; Add some missing default cases to switch statements in nft_reject.David S. Miller2017-02-082-0/+4
* netfilter: Fix switch statement warnings with recent gcc.David Miller2017-02-082-3/+11
* netfilter: x_tables: speed up jump target validationFlorian Westphal2016-08-031-0/+50
* netfilter: x_tables: introduce and use xt_copy_counters_from_userFlorian Westphal2016-07-121-0/+74
* netfilter: x_tables: do compat validation via translate_tableFlorian Westphal2016-07-121-0/+8
* netfilter: x_tables: xt_compat_match_from_user doesn't need a retvalFlorian Westphal2016-07-121-3/+2
* netfilter: x_tables: don't reject valid target size on some architecturesFlorian Westphal2016-07-121-2/+2
* netfilter: x_tables: validate all offsets and sizes in a ruleFlorian Westphal2016-07-121-5/+76
* netfilter: x_tables: check for bogus target offsetFlorian Westphal2016-07-121-2/+15
* netfilter: x_tables: check standard target size tooFlorian Westphal2016-07-121-0/+15
* netfilter: x_tables: add compat version of xt_check_entry_offsetsFlorian Westphal2016-07-121-0/+22
* netfilter: x_tables: assert minimum target sizeFlorian Westphal2016-07-121-0/+3
* netfilter: x_tables: add and use xt_check_entry_offsetsFlorian Westphal2016-07-121-0/+34
* ipvs: correct initial offset of Call-ID header search in SIP persistence engineMarco Angaroni2016-07-121-1/+1
* nf_conntrack: avoid kernel pointer value leak in slab nameLinus Torvalds2016-05-171-1/+3
* ipvs: fix crash with sync protocol v0 and FTPJulian Anastasov2015-10-271-1/+1
* ipvs: skb_orphan in case of forwardingAlex Gartrell2015-10-271-0/+27
* ipvs: fix crash if scheduler is changedJulian Anastasov2015-10-273-37/+69
* ipvs: do not use random local source address for tunnelsJulian Anastasov2015-10-271-1/+0
* netfilter: nf_log: don't zap all loggers on unregisterFlorian Westphal2015-10-271-2/+6
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 22:46:45 +0000