summaryrefslogtreecommitdiffstats
path: root/net/netfilter
Commit message (Expand)AuthorAgeFilesLines
* work around gcc bugs with 'asm goto' with outputsLinus Torvalds2024-02-091-1/+1
* netfilter: nft_set_pipapo: remove scratch_aligned pointerFlorian Westphal2024-02-083-39/+10
* netfilter: nft_set_pipapo: add helper to release pcpu scratch areaFlorian Westphal2024-02-081-5/+23
* netfilter: nft_set_pipapo: store index in scratch mapsFlorian Westphal2024-02-083-26/+44
* netfilter: nft_set_rbtree: skip end interval element from gcPablo Neira Ayuso2024-02-081-3/+3
* netfilter: nfnetlink_queue: un-break NF_REPEATFlorian Westphal2024-02-081-3/+10
* netfilter: nf_tables: use timestamp to check for set element timeoutPablo Neira Ayuso2024-02-084-13/+28
* netfilter: nft_ct: reject direction for ct idPablo Neira Ayuso2024-02-081-0/+3
* netfilter: ctnetlink: fix filtering for zone 0Felix Huettner2024-02-081-4/+8
* netfilter: ipset: Missing gc cancellations fixedJozsef Kadlecsik2024-02-082-2/+4
* netfilter: nft_set_pipapo: remove static in nft_pipapo_get()Pablo Neira Ayuso2024-02-081-1/+1
* netfilter: nft_compat: restrict match/target protocol to u16Pablo Neira Ayuso2024-02-071-1/+7
* netfilter: nft_compat: reject unused compat flagPablo Neira Ayuso2024-02-071-1/+2
* netfilter: nft_compat: narrow down revision to unsigned 8-bitsPablo Neira Ayuso2024-02-071-3/+3
* netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectationsPablo Neira Ayuso2024-01-311-0/+24
* netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting loggerPablo Neira Ayuso2024-01-311-3/+4
* netfilter: ipset: fix performance regression in swap operationJozsef Kadlecsik2024-01-314-18/+61
* netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_newXin Long2024-01-311-1/+1
* netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEVPablo Neira Ayuso2024-01-312-5/+10
* netfilter: conntrack: correct window scaling with retransmitted SYNRyan Schaefer2024-01-311-4/+6
* netfilter: nf_tables: validate NFPROTO_* familyPablo Neira Ayuso2024-01-248-2/+47
* netfilter: nf_tables: reject QUEUE/DROP verdict parametersFlorian Westphal2024-01-241-10/+6
* netfilter: nf_tables: restrict anonymous set and map names to 16 bytesFlorian Westphal2024-01-241-0/+4
* netfilter: nft_limit: reject configurations that cause integer overflowFlorian Westphal2024-01-241-7/+16
* netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechainPablo Neira Ayuso2024-01-241-2/+9
* ipvs: avoid stat macros calls from preemptible contextFedor Pchelkin2024-01-171-2/+2
* netfilter: nf_tables: reject NFT_SET_CONCAT with not field length descriptionPablo Neira Ayuso2024-01-171-1/+5
* netfilter: nf_tables: skip dead set elements in netlink dumpPablo Neira Ayuso2024-01-171-1/+1
* netfilter: nf_tables: do not allow mismatch field size and set key lengthPablo Neira Ayuso2024-01-171-1/+5
* netfilter: nf_tables: check if catch-all set element is active in next genera...Pablo Neira Ayuso2024-01-171-1/+1
* netfilter: propagate net to nf_bridge_get_physindevPavel Tikhomirov2024-01-174-12/+13
* netfilter: nf_queue: remove excess nf_bridge variablePavel Tikhomirov2024-01-171-3/+1
* netfilter: nfnetlink_log: use proper helper for fetching physinifPavel Tikhomirov2024-01-171-4/+4
* netfilter: nft_limit: do not ignore unsupported flagsPablo Neira Ayuso2024-01-171-7/+12
* netfilter: nf_tables: bail out if stateful expression provides no .clonePablo Neira Ayuso2024-01-171-8/+7
* netfilter: nf_tables: validate .maxattr at expression registrationPablo Neira Ayuso2024-01-171-0/+3
* netfilter: nf_tables: reject invalid set policyPablo Neira Ayuso2024-01-171-1/+9
* Merge tag 'net-next-6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds2024-01-115-36/+131
|\
| * Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2024-01-044-4/+5
| |\
| * | netfilter: nf_tables: validate chain type update if availablePablo Neira Ayuso2023-12-221-1/+10
| * | netfilter: ctnetlink: support filtering by zoneFelix Huettner2023-12-221-4/+8
| * | netfilter: nf_tables: mark newset as dead on transaction abortFlorian Westphal2023-12-221-0/+1
| * | netfilter: nft_set_pipapo: prefer gfp_kernel allocationFlorian Westphal2023-12-221-1/+1
| * | netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requestsPhil Sutter2023-12-221-17/+81
| * | netfilter: nf_tables: Introduce nft_set_dump_ctx_init()Phil Sutter2023-12-221-16/+33
| * | netfilter: nf_tables: Pass const set to nft_get_set_elemPhil Sutter2023-12-221-3/+3
| * | Revert BPF token-related functionalityAndrii Nakryiko2023-12-191-1/+1
| * | Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf...Jakub Kicinski2023-12-181-1/+1
| |\ \
| | * | bpf: take into account BPF token when fetching helper protosAndrii Nakryiko2023-12-061-1/+1
| * | | ipv6: annotate data-races around np->mcast_oifEric Dumazet2023-12-111-1/+1