aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter (follow)
AgeCommit message (Expand)AuthorFilesLines
2022-08-24net: Fix data-races around sysctl_[rw]mem_(max|default).Kuniyuki Iwashima1-2/+2
2022-08-24netfilter: flowtable: fix stuck flows on cleanup due to pending workPablo Neira Ayuso2-4/+11
2022-08-24netfilter: flowtable: add function to invoke garbage collection immediatelyPablo Neira Ayuso1-3/+9
2022-08-24netfilter: nf_tables: disallow binding to already bound chainPablo Neira Ayuso1-0/+2
2022-08-24netfilter: nft_tunnel: restrict it to netdev familyPablo Neira Ayuso1-0/+1
2022-08-24netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet familiesPablo Neira Ayuso1-3/+15
2022-08-24netfilter: nf_tables: do not leave chain stats enabled on errorPablo Neira Ayuso1-2/+4
2022-08-24netfilter: nft_payload: do not truncate csum_offset and csum_typePablo Neira Ayuso1-6/+13
2022-08-24netfilter: nft_payload: report ERANGE for too long offset and lengthPablo Neira Ayuso1-2/+8
2022-08-24netfilter: nf_tables: make table handle allocation per-netns friendlyPablo Neira Ayuso1-2/+1
2022-08-24netfilter: nf_tables: disallow updates of implicit chainPablo Neira Ayuso1-0/+3
2022-08-23netfilter: nft_tproxy: restrict to prerouting hookFlorian Westphal1-0/+8
2022-08-23netfilter: conntrack: work around exceeded receive windowFlorian Westphal1-0/+31
2022-08-22Remove DECnet support from kernelStephen Hemminger2-17/+0
2022-08-18Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski7-90/+182
2022-08-17Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski1-6/+0
2022-08-17netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to yGeert Uytterhoeven1-1/+0
2022-08-15cgroup: Replace cgroup->ancestor_ids[] with ->ancestors[]Tejun Heo1-4/+5
2022-08-15netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specifiedPablo Neira Ayuso1-0/+5
2022-08-15netfilter: nf_tables: disallow NFT_SET_ELEM_CATCHALL and NFT_SET_ELEM_INTERVAL_ENDPablo Neira Ayuso1-0/+3
2022-08-15netfilter: nf_tables: NFTA_SET_ELEM_KEY_END requires concat and interval flagsPablo Neira Ayuso1-0/+24
2022-08-12netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flagPablo Neira Ayuso1-4/+9
2022-08-11netfilter: nf_tables: really skip inactive sets when allocating namePablo Neira Ayuso1-1/+1
2022-08-11netfilter: nfnetlink: re-enable conntrack expectation eventsFlorian Westphal1-12/+71
2022-08-11netfilter: nf_tables: fix scheduling-while-atomic splatFlorian Westphal1-4/+0
2022-08-11netfilter: nf_ct_irc: cap packet search space to 4kFlorian Westphal1-3/+9
2022-08-11netfilter: nf_ct_ftp: prefer skb_linearizeFlorian Westphal1-18/+6
2022-08-11netfilter: nf_ct_h323: cap packet size at 64kFlorian Westphal1-1/+9
2022-08-11netfilter: nf_ct_sane: remove pseudo skb linearizationFlorian Westphal1-38/+30
2022-08-10netfilter: nf_tables: possible module reference underflow in error pathPablo Neira Ayuso1-1/+1
2022-08-10netfilter: nf_tables: disallow NFTA_SET_ELEM_KEY_END with NFT_SET_ELEM_INTERVAL_END flagPablo Neira Ayuso1-0/+1
2022-08-10netfilter: nf_tables: use READ_ONCE and WRITE_ONCE for shared generation id accessPablo Neira Ayuso1-7/+13
2022-08-09netfilter: nf_tables: fix null deref due to zeroed list headFlorian Westphal1-0/+1
2022-08-09netfilter: nf_tables: disallow jump to implicit chain from set elementPablo Neira Ayuso1-0/+4
2022-08-09netfilter: nf_tables: upfront validation of data via nft_data_init()Pablo Neira Ayuso5-113/+124
2022-08-09netfilter: nf_tables: do not allow RULE_ID to refer to another chainThadeu Lima de Souza Cascardo1-2/+5
2022-08-09netfilter: nf_tables: do not allow CHAIN_ID to refer to another tableThadeu Lima de Souza Cascardo1-2/+4
2022-08-09netfilter: nf_tables: do not allow SET_ID to refer to another tableThadeu Lima de Souza Cascardo1-1/+3
2022-08-09netfilter: nf_tables: validate variable length element extensionPablo Neira Ayuso2-16/+70
2022-08-09net: netfilter: Remove ifdefs for code shared by BPF and ctnetlinkKumar Kartikeya Dwivedi1-6/+0
2022-08-05netfilter: flowtable: fix incorrect Kconfig dependenciesPablo Neira Ayuso1-2/+1
2022-08-05netfilter: nf_tables: fix crash when nf_trace is enabledFlorian Westphal1-11/+10
2022-07-28Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski3-1/+39
2022-07-26netfilter: nft_queue: only allow supported familes and hooksFlorian Westphal1-0/+27
2022-07-26netfilter: nf_tables: add rescheduling points during loop detection walksFlorian Westphal1-0/+6
2022-07-26netfilter: nf_queue: do not allow packet truncation below transport header offsetFlorian Westphal1-1/+6
2022-07-22Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski3-139/+342
2022-07-21net: netfilter: Add kfuncs to set and change CT statusLorenzo Bianconi3-37/+74
2022-07-21net: netfilter: Add kfuncs to set and change CT timeoutKumar Kartikeya Dwivedi3-11/+58
2022-07-21net: netfilter: Add kfuncs to allocate and insert CTLorenzo Bianconi2-27/+189
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.