summaryrefslogtreecommitdiffstats
path: root/net/netfilter
Commit message (Expand)AuthorAgeFilesLines
* netfilter: conntrack: adopt safer max chain lengthEric Dumazet2023-03-071-2/+2
* netfilter: ctnetlink: revert to dumping mark regardless of event typeIvan Delalande2023-03-061-7/+7
* netfilter: nft_quota: copy content when cloning expressionPablo Neira Ayuso2023-03-011-1/+5
* netfilter: nft_last: copy content when cloning expressionPablo Neira Ayuso2023-03-011-0/+4
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nfJakub Kicinski2023-02-228-23/+30
|\
| * netfilter: ctnetlink: make event listener tracking globalFlorian Westphal2023-02-223-5/+9
| * netfilter: xt_length: use skb len to match in length_mt6Xin Long2023-02-221-2/+1
| * netfilter: conntrack: fix rmmod double-free raceFlorian Westphal2023-02-223-14/+15
| * netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()Hangyu Hua2023-02-221-1/+4
| * netfilter: nf_tables: allow to fetch set elements when table has an ownerPablo Neira Ayuso2023-02-091-1/+1
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-nextDavid S. Miller2023-02-207-11/+73
|\ \
| * | netfilter: let reset rules clean out conntrack entriesFlorian Westphal2023-02-173-0/+63
| * | ipvs: avoid kfree_rcu without 2nd argJulian Anastasov2023-02-021-1/+1
| * | netfilter: conntrack: remote a return value of the 'seq_print_acct' function.Gavrilov Ilia2023-02-011-8/+4
| * | netfilter: conntrack: udp: fix seen-reply testFlorian Westphal2023-02-011-1/+1
| * | netfilter: nf_tables: fix wrong pointer passed to PTR_ERR()Yang Yingliang2023-02-011-1/+1
| * | netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj()Alok Tiwari2023-02-011-0/+3
* | | Daniel Borkmann says:Jakub Kicinski2023-02-102-13/+13
|\ \ \
| * | | bpf: Add __bpf_kfunc tag to all kfuncsDavid Vernet2023-02-022-13/+13
| |/ /
* | | net: extract nf_ct_handle_fragments to nf_conntrack_ovsXin Long2023-02-101-0/+48
* | | net: extract nf_ct_skb_network_trim function to nf_conntrack_ovsXin Long2023-02-101-0/+26
* | | net: create nf_conntrack_ovs for ovs and tc useXin Long2023-02-104-98/+108
* | | netfilter: nf_conntrack: allow early drop of offloaded UDP connsVlad Buslov2023-02-031-5/+6
* | | netfilter: flowtable: cache info of last offloadVlad Buslov2023-02-032-4/+4
* | | netfilter: flowtable: allow unidirectional rulesVlad Buslov2023-02-031-4/+8
* | | netfilter: flowtable: fixup UDP timeout depending on ct stateVlad Buslov2023-02-031-1/+4
* | | Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2023-02-021-2/+3
|\ \ \ | | |/ | |/|
| * | Revert "netfilter: conntrack: fix bug in for_each_sctp_chunk"Florian Westphal2023-01-311-2/+3
* | | netfilter: use skb_ip_totlen and iph_totlenXin Long2023-02-013-3/+3
| |/ |/|
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2023-01-273-242/+278
|\|
| * netfilter: conntrack: unify established states for SCTP pathsSriram Yagnaraman2023-01-242-62/+39
| * Revert "netfilter: conntrack: add sctp DATA_SENT state"Sriram Yagnaraman2023-01-242-68/+42
| * netfilter: conntrack: fix bug in for_each_sctp_chunkSriram Yagnaraman2023-01-241-2/+2
| * netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETESriram Yagnaraman2023-01-241-9/+16
| * netfilter: nft_set_rbtree: skip elements in transaction from garbage collectionPablo Neira Ayuso2023-01-231-1/+15
| * netfilter: nft_set_rbtree: Switch to node list walk for overlap detectionPablo Neira Ayuso2023-01-231-127/+189
* | net: Kconfig: fix spellosRandy Dunlap2023-01-251-1/+1
* | netlink: fix spelling mistake in dump size assertJakub Kicinski2023-01-241-1/+1
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2023-01-203-3/+18
|\|
| * netfilter: conntrack: handle tcp challenge acks during connection reuseFlorian Westphal2023-01-171-0/+15
| * netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bitsPablo Neira Ayuso2023-01-111-1/+1
| * netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.Gavrilov Ilia2023-01-111-2/+2
* | netfilter: nf_tables: add support to destroy operationFernando Fernandez Mancera2023-01-181-8/+103
* | netfilter: nf_tables: avoid retpoline overhead for some ct expression callsFlorian Westphal2023-01-184-12/+92
* | netfilter: nf_tables: avoid retpoline overhead for objref callsFlorian Westphal2023-01-182-6/+8
* | netfilter: nf_tables: add static key to skip retpoline workaroundsFlorian Westphal2023-01-181-1/+29
* | netfilter: conntrack: move rcu read lock to nf_conntrack_find_getFlorian Westphal2023-01-181-8/+9
* | netfilter: conntrack: avoid reload of ct->statusFlorian Westphal2023-01-182-8/+11
* | netfilter: conntrack: remove pr_debug callsFlorian Westphal2023-01-183-44/+5
* | netfilter: conntrack: sctp: use nf log infrastructure for invalid packetsFlorian Westphal2023-01-181-31/+15