..
ipset
netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test
2023-12-13 18:36:32 +01:00
ipvs
ipvs: avoid stat macros calls from preemptible context
2024-01-25 14:52:54 -08:00
Kconfig
netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
2022-09-05 10:30:11 +02:00
Makefile
netfilter: add netfilter hooks to SRv6 data plane
2021-08-30 01:51:36 +02:00
core.c
Remove DECnet support from kernel
2023-06-21 15:59:15 +02:00
nf_conncount.c
…
nf_conntrack_acct.c
netfilter: nf_conntrack_acct.c: A typo fix
2021-03-28 17:31:14 -07:00
nf_conntrack_amanda.c
…
nf_conntrack_broadcast.c
…
nf_conntrack_core.c
netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
2023-06-14 11:13:02 +02:00
nf_conntrack_ecache.c
netfilter: ecache: remove nf_exp_event_notifier structure
2021-08-25 12:50:38 +02:00
nf_conntrack_expect.c
netfilter: conntrack: convert to refcount_t api
2022-04-27 14:39:01 +02:00
nf_conntrack_extend.c
netfilter: conntrack: remove two export symbols
2019-12-17 22:59:31 +01:00
nf_conntrack_ftp.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_h323_asn1.c
netfilter: Use fallthrough pseudo-keyword
2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
nf_conntrack_h323_types.c
…
nf_conntrack_helper.c
netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
2023-07-23 13:47:37 +02:00
nf_conntrack_irc.c
netfilter: nf_conntrack_irc: Tighten matching on DCC message
2022-09-28 11:11:46 +02:00
nf_conntrack_labels.c
…
nf_conntrack_netbios_ns.c
…
nf_conntrack_netlink.c
netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT
2023-06-09 10:32:26 +02:00
nf_conntrack_pptp.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_proto.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_proto_dccp.c
netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
2023-07-23 13:46:56 +02:00
nf_conntrack_proto_generic.c
…
nf_conntrack_proto_gre.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_proto_icmp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_icmpv6.c
netfilter: conntrack: set icmpv6 redirects as RELATED
2022-12-31 13:14:14 +01:00
nf_conntrack_proto_sctp.c
netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp
2023-10-10 21:59:08 +02:00
nf_conntrack_proto_tcp.c
netfilter: conntrack: work around exceeded receive window
2022-09-15 11:30:01 +02:00
nf_conntrack_proto_udp.c
netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream state
2021-11-18 19:16:21 +01:00
nf_conntrack_sane.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_seqadj.c
…
nf_conntrack_sip.c
netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
2023-07-23 13:46:56 +02:00
nf_conntrack_snmp.c
…
nf_conntrack_standalone.c
netfilter: conntrack: fix possible bug_on with enable_hooks=1
2023-05-24 17:36:41 +01:00
nf_conntrack_tftp.c
…
nf_conntrack_timeout.c
…
nf_conntrack_timestamp.c
…
nf_dup_netdev.c
netfilter: nf_fwd_netdev: clear timestamp in forwarding path
2020-10-22 14:49:36 +02:00
nf_flow_table_core.c
netfilter: flowtable: fix stuck flows on cleanup due to pending work
2022-08-31 17:16:42 +02:00
nf_flow_table_inet.c
netfilter: flowtable: Fix QinQ and pppoe support for inet table
2022-04-08 14:23:40 +02:00
nf_flow_table_ip.c
netfilter: flowtable: move dst_check to packet path
2022-05-25 09:57:33 +02:00
nf_flow_table_offload.c
netfilter: flowtable: really fix NAT IPv6 offload
2022-12-31 13:14:36 +01:00
nf_hooks_lwtunnel.c
netfilter: add netfilter hooks to SRv6 data plane
2021-08-30 01:51:36 +02:00
nf_internals.h
netfilter: ctnetlink: add kernel side filtering for dump
2020-05-27 22:20:34 +02:00
nf_log.c
netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger
2024-02-23 08:54:54 +01:00
nf_log_syslog.c
netfilter: nf_log: incorrect offset to network header
2022-07-21 21:24:23 +02:00
nf_nat_amanda.c
…
nf_nat_core.c
netfilter: nat: include zone id in nat table hash again
2021-09-21 03:46:55 +02:00
nf_nat_ftp.c
…
nf_nat_helper.c
…
nf_nat_irc.c
…
nf_nat_masquerade.c
netfilter: nf_nat_masquerade: defer conntrack walk to work queue
2021-09-21 03:46:56 +02:00
nf_nat_proto.c
netfilter: nat: move nf_xfrm_me_harder to where it is used
2021-04-26 03:20:07 +02:00
nf_nat_redirect.c
netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses
2023-11-20 11:08:29 +01:00
nf_nat_sip.c
…
nf_nat_tftp.c
…
nf_queue.c
netfilter: nf_queue: handle socket prefetch
2022-03-08 19:12:45 +01:00
nf_sockopt.c
netfilter: switch nf_setsockopt to sockptr_t
2020-07-24 15:41:54 -07:00
nf_synproxy_core.c
ip: Fix data-races around sysctl_ip_default_ttl.
2022-07-29 17:25:09 +02:00
nf_tables_api.c
netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV
2024-02-23 08:54:54 +01:00
nf_tables_core.c
netfilter: nft_cmp: optimize comparison for 16-bytes
2022-08-31 17:16:41 +02:00
nf_tables_offload.c
netfilter: nf_tables: bail out early if hardware offload is not supported
2022-06-14 18:36:17 +02:00
nf_tables_trace.c
netfilter: nf_tables: convert pktinfo->tprot_set to flags field
2022-07-12 16:34:55 +02:00
nfnetlink.c
netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
2023-06-21 15:59:16 +02:00
nfnetlink_acct.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_cthelper.c
Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net
2021-06-07 13:01:52 -07:00
nfnetlink_cttimeout.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_hook.c
Remove DECnet support from kernel
2023-06-21 15:59:15 +02:00
nfnetlink_log.c
netfilter: nfnetlink_log: silence bogus compiler warning
2023-11-08 17:26:47 +01:00
nfnetlink_osf.c
netfilter: nfnetlink_osf: avoid OOB read
2023-09-19 12:23:00 +02:00
nfnetlink_queue.c
netfilter: nf_queue: do not allow packet truncation below transport header offset
2022-08-03 12:03:53 +02:00
nft_bitwise.c
netfilter: nf_tables: upfront validation of data via nft_data_init()
2022-08-31 17:16:41 +02:00
nft_byteorder.c
netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
2023-11-28 16:56:24 +00:00
nft_chain_filter.c
netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain
2024-02-23 08:54:32 +01:00
nft_chain_nat.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_chain_route.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_cmp.c
netfilter: nf_tables: upfront validation of data via nft_data_init()
2022-08-31 17:16:41 +02:00
nft_compat.c
netfilter: nft_compat: restrict match/target protocol to u16
2024-02-23 08:54:58 +01:00
nft_connlimit.c
netfilter: nft_connlimit: memleak if nf_ct_netns_get() fails
2024-01-25 14:52:55 -08:00
nft_counter.c
netfilter: nf_tables: memcg accounting for dynamically allocated objects
2024-01-25 14:52:54 -08:00
nft_ct.c
netfilter: nft_ct: reject direction for ct id
2024-02-23 08:54:59 +01:00
nft_dup_netdev.c
netfilter: nf_tables_offload: incorrect flow offload action array size
2022-03-02 11:47:51 +01:00
nft_dynset.c
netfilter: nf_tables: bail out on mismatching dynset and set expressions
2023-12-13 18:36:37 +01:00
nft_exthdr.c
netfilter: nf_tables: fix 'exist' matching on bigendian arches
2023-12-20 15:17:33 +01:00
nft_fib.c
netfilter: nf_tables: fix 'exist' matching on bigendian arches
2023-12-20 15:17:33 +01:00
nft_fib_inet.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_fib_netdev.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_flow_offload.c
netfilter: nf_tables: validate NFPROTO_* family
2024-02-23 08:54:29 +01:00
nft_fwd_netdev.c
netfilter: nf_tables_offload: incorrect flow offload action array size
2022-03-02 11:47:51 +01:00
nft_hash.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_immediate.c
netfilter: nft_immediate: drop chain reference counter on error
2024-01-15 18:51:15 +01:00
nft_last.c
netfilter: nft_last: copy content when cloning expression
2024-01-25 14:52:56 -08:00
nft_limit.c
netfilter: nft_limit: reject configurations that cause integer overflow
2024-02-23 08:54:29 +01:00
nft_log.c
netfilter: nft_log: perform module load from nf_tables
2021-03-31 22:34:11 +02:00
nft_lookup.c
netfilter: nf_tables: deactivate anonymous set from preparation phase
2023-05-11 23:00:40 +09:00
nft_masq.c
netfilter: nft_masq: correct length for loading protocol registers
2023-03-22 13:31:23 +01:00
nft_meta.c
netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
2023-11-28 16:56:24 +00:00
nft_nat.c
netfilter: nf_tables: validate NFPROTO_* family
2024-02-23 08:54:29 +01:00
nft_numgen.c
netfilter: use get_random_u32 instead of prandom
2022-06-29 09:03:21 +02:00
nft_objref.c
netfilter: nf_tables: report use refcount overflow
2023-08-16 18:22:03 +02:00
nft_osf.c
netfilter: nf_tables: use the correct get/put helpers
2023-11-28 16:56:24 +00:00
nft_payload.c
netfilter: nft_payload: fix wrong mac header matching
2023-10-25 11:58:56 +02:00
nft_queue.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_quota.c
netfilter: nft_quota: copy content when cloning expression
2024-01-25 14:52:56 -08:00
nft_range.c
netfilter: nf_tables: upfront validation of data via nft_data_init()
2022-08-31 17:16:41 +02:00
nft_redir.c
netfilter: nft_redir: use `struct nf_nat_range2` throughout and deduplicate eval call-backs
2023-11-20 11:08:29 +01:00
nft_reject.c
netfilter: nft_reject: unify reject init and dump into nft_reject
2020-10-31 10:40:42 +01:00
nft_reject_inet.c
netfilter: nf_tables: add and use nft_sk helper
2021-05-29 01:04:53 +02:00
nft_reject_netdev.c
netfilter: nft_reject: add reject verdict support for netdev
2020-10-31 10:41:00 +01:00
nft_rt.c
netfilter: nf_tables: validate NFPROTO_* family
2024-02-23 08:54:29 +01:00
nft_set_bitmap.c
netfilter: nf_tables: drop map element references from preparation phase
2023-07-23 13:46:44 +02:00
nft_set_hash.c
netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
2023-10-06 13:18:04 +02:00
nft_set_pipapo.c
netfilter: nft_set_pipapo: remove scratch_aligned pointer
2024-02-23 08:54:59 +01:00
nft_set_pipapo.h
netfilter: nft_set_pipapo: remove scratch_aligned pointer
2024-02-23 08:54:59 +01:00
nft_set_pipapo_avx2.c
netfilter: nft_set_pipapo: remove scratch_aligned pointer
2024-02-23 08:54:59 +01:00
nft_set_pipapo_avx2.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_rbtree.c
netfilter: nft_set_rbtree: skip end interval element from gc
2024-02-23 08:55:01 +01:00
nft_socket.c
netfilter: nf_tables: validate NFPROTO_* family
2024-02-23 08:54:29 +01:00
nft_synproxy.c
netfilter: nf_tables: validate NFPROTO_* family
2024-02-23 08:54:29 +01:00
nft_tproxy.c
netfilter: nf_tables: validate NFPROTO_* family
2024-02-23 08:54:29 +01:00
nft_tunnel.c
netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV
2024-02-23 08:54:54 +01:00
nft_xfrm.c
netfilter: nf_tables: validate NFPROTO_* family
2024-02-23 08:54:29 +01:00
utils.c
netfilter: use actual socket sk rather than skb sk when routing harder
2020-10-30 12:57:39 +01:00
x_tables.c
netfilter: x_tables: never register tables by default
2021-08-09 10:22:01 +02:00
xt_AUDIT.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
xt_CHECKSUM.c
…
xt_CLASSIFY.c
…
xt_CONNSECMARK.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_CT.c
netfilter: conntrack: convert to refcount_t api
2022-04-27 14:39:01 +02:00
xt_DSCP.c
…
xt_HL.c
…
xt_HMARK.c
netfilter: xt_HMARK: Use ip_is_fragment() helper
2020-08-28 19:55:51 +02:00
xt_IDLETIMER.c
netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value
2021-10-07 19:35:57 +02:00
xt_LED.c
…
xt_LOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_MASQUERADE.c
…
xt_NETMAP.c
…
xt_NFLOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_NFQUEUE.c
…
xt_RATEEST.c
netfilter: xt_RATEEST: reject non-null terminated string from userspace
2020-12-27 11:52:26 +01:00
xt_REDIRECT.c
netfilter: nft_redir: use `struct nf_nat_range2` throughout and deduplicate eval call-backs
2023-11-20 11:08:29 +01:00
xt_SECMARK.c
netfilter: xt_SECMARK: add new revision to fix structure layout
2021-05-03 23:02:44 +02:00
xt_TCPMSS.c
…
xt_TCPOPTSTRIP.c
…
xt_TEE.c
…
xt_TPROXY.c
netfilter: disable defrag once its no longer needed
2021-04-26 03:20:07 +02:00
xt_TRACE.c
netfilter: nf_log: add module softdeps
2021-03-31 22:34:10 +02:00
xt_addrtype.c
…
xt_bpf.c
bpf: Refactor BPF_PROG_RUN into a function
2021-08-17 00:45:07 +02:00
xt_cgroup.c
…
xt_cluster.c
…
xt_comment.c
…
xt_connbytes.c
…
xt_connlabel.c
…
xt_connlimit.c
…
xt_connmark.c
netfilter: conntrack: Fix data-races around ct mark
2022-12-02 17:41:04 +01:00
xt_conntrack.c
…
xt_cpu.c
…
xt_dccp.c
…
xt_devgroup.c
…
xt_dscp.c
…
xt_ecn.c
…
xt_esp.c
…
xt_hashlimit.c
netfilter: Replace zero-length array with flexible-array member
2020-03-15 15:20:16 +01:00
xt_helper.c
…
xt_hl.c
…
xt_ipcomp.c
…
xt_iprange.c
…
xt_ipvs.c
…
xt_l2tp.c
…
xt_length.c
…
xt_limit.c
netfilter: x_tables: improve limit_mt scalability
2021-05-29 01:04:52 +02:00
xt_mac.c
…
xt_mark.c
…
xt_multiport.c
…
xt_nat.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
xt_nfacct.c
netfilter: Remove unnecessary conversion to bool
2020-12-01 09:45:29 +01:00
xt_osf.c
netfilter: nfnetlink_osf: fix module autoload
2023-06-28 10:29:49 +02:00
xt_owner.c
netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
2023-12-13 18:36:37 +01:00
xt_physdev.c
…
xt_pkttype.c
…
xt_policy.c
…
xt_quota.c
…
xt_rateest.c
…
xt_realm.c
…
xt_recent.c
netfilter: xt_recent: fix (increase) ipv6 literal buffer length
2023-11-20 11:08:29 +01:00
xt_repldata.h
…
xt_sctp.c
netfilter: xt_sctp: validate the flag_info count
2023-09-19 12:22:49 +02:00
xt_set.c
…
xt_socket.c
netfilter: xt_socket: missing ifdef CONFIG_IP6_NF_IPTABLES dependency
2022-03-02 11:47:51 +01:00
xt_state.c
…
xt_statistic.c
…
xt_string.c
…
xt_tcpmss.c
…
xt_tcpudp.c
…
xt_time.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_u32.c
netfilter: xt_u32: validate user space input
2023-09-19 12:22:49 +02:00
2bab493a56