aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2026-01-20netfilter: xt_tcpmss: check remaining length before reading optlenFlorian Westphal1-1/+1
2026-01-20netfilter: nf_conncount: fix tracking of connections from localhostFernando Fernandez Mancera1-2/+13
2026-01-20netfilter: nft_compat: add more restrictions on netlink attributesFlorian Westphal1-3/+10
2026-01-20netfilter: nfnetlink_queue: nfqnl_instance GFP_ATOMIC -> GFP_KERNEL_ACCOUNT allocationScott Mitchell1-41/+34
2026-01-20netfilter: nf_conntrack: don't rely on implicit includesFlorian Westphal9-0/+13
2026-01-20netfilter: don't include xt and nftables.h in unrelated subsystemsFlorian Westphal4-0/+4
2026-01-20netfilter: nf_conntrack: enable icmp clash supportFlorian Westphal2-0/+2
2026-01-20netfilter: nf_conncount: increase the connection clean up limit to 64Fernando Fernandez Mancera1-5/+10
2026-01-20netfilter: nf_conntrack: Add allow_clash to generic protocol handlerYuto Hamaguchi1-0/+1
2026-01-20netfilter: nf_tables: reset table validation state on abortFlorian Westphal1-0/+7
2026-01-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf after rc5Alexei Starovoitov10-52/+102
2026-01-02bpf: net: netfilter: drop dead NULL checksPuranjay Mohan1-10/+4
2026-01-02bpf: Remove redundant KF_TRUSTED_ARGS flag from all kfuncsPuranjay Mohan3-6/+6
2026-01-02netfilter: nf_conncount: update last_gc only when GC has been performedFernando Fernandez Mancera1-1/+1
2026-01-02netfilter: nf_tables: fix memory leak in nf_tables_newrule()Zilin Guan1-1/+2
2026-01-01netfilter: replace -EEXIST with -EBUSYDaniel Gomez2-3/+3
2026-01-01netfilter: nft_synproxy: avoid possible data-race on update operationFernando Fernandez Mancera1-3/+3
2026-01-01netfilter: nft_set_pipapo: fix range overlap detectionFlorian Westphal1-2/+2
2025-12-16audit: add audit_log_nf_skb helper functionRicardo Robaina2-114/+2
2025-12-15netfilter: nf_tables: avoid softlockup warnings in nft_chain_validateFlorian Westphal1-2/+2
2025-12-15netfilter: nf_tables: avoid chain re-validation if possibleFlorian Westphal1-4/+65
2025-12-11netfilter: nf_tables: remove redundant chain validation on register storePablo Neira Ayuso1-11/+0
2025-12-11netfilter: nf_nat: remove bogus direction checkFlorian Westphal1-13/+1
2025-12-10netfilter: always set route tuple out ifindexLorenzo Bianconi1-1/+3
2025-12-10ipvs: fix ipv4 null-ptr-deref in route error pathSlavin Liu1-0/+3
2025-12-10netfilter: nf_conncount: fix leaked ct in error pathsFernando Fernandez Mancera1-11/+14
2025-12-10netfilter: conntrack: warn when cleanup is stuckJakub Kicinski1-0/+3
2025-11-28Merge tag 'nf-next-25-11-28' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-nextJakub Kicinski9-400/+762
2025-11-28net: Remove KMSG_COMPONENT macroHeiko Carstens30-60/+30
2025-11-28netfilter: nft_connlimit: add support to object update operationFernando Fernandez Mancera1-1/+12
2025-11-28netfilter: nft_connlimit: update the count if add was skippedFernando Fernandez Mancera2-6/+19
2025-11-28netfilter: nf_conncount: make nf_conncount_gc_list() to disable BHFernando Fernandez Mancera2-13/+18
2025-11-28netfilter: nf_conncount: rework API to use sk_buff directlyFernando Fernandez Mancera3-86/+126
2025-11-28netfilter: flowtable: Add IPIP tx sw accelerationLorenzo Bianconi2-4/+106
2025-11-28netfilter: flowtable: Add IPIP rx sw accelerationLorenzo Bianconi3-13/+97
2025-11-28netfilter: flowtable: use tuple address to calculate next hopPablo Neira Ayuso1-4/+12
2025-11-28netfilter: flowtable: remove hw_ifidxPablo Neira Ayuso3-5/+1
2025-11-28netfilter: flowtable: inline pppoe encapsulation in xmit pathPablo Neira Ayuso2-7/+44
2025-11-28netfilter: flowtable: inline vlan encapsulation in xmit pathPablo Neira Ayuso2-3/+29
2025-11-27netfilter: flowtable: consolidate xmit pathPablo Neira Ayuso3-39/+56
2025-11-27netfilter: flowtable: move path discovery infrastructure to its own filePablo Neira Ayuso3-259/+275
2025-11-27netfilter: flowtable: check for maximum number of encapsulations in bridge vlanPablo Neira Ayuso1-1/+8
2025-11-04net: Convert proto_ops connect() callbacks to use sockaddr_unsizedKees Cook1-1/+1
2025-11-04net: Convert proto_ops bind() callbacks to use sockaddr_unsizedKees Cook1-2/+2
2025-10-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2-4/+28
2025-10-30netfilter: conntrack: disable 0 value for conntrack_max settingFlorian Westphal2-3/+3
2025-10-30netfilter: nf_tables: use C99 struct initializer for nft_set_iterFernando Fernandez Mancera2-26/+21
2025-10-29netfilter: nft_ct: add seqadj extension for natted connectionsAndrii Melnychenko1-0/+5
2025-10-29netfilter: nft_connlimit: fix possible data race on connection countFernando Fernandez Mancera1-1/+1
2025-10-29netfilter: nft_ct: enable labels for get case tooFlorian Westphal1-3/+22