summaryrefslogtreecommitdiffstats
path: root/net/netfilter
Commit message (Expand)AuthorAgeFilesLines
* netfilter: synproxy: Check oom when adding synproxy and seqadj ct extensionsGao Feng2016-09-132-4/+5
* netfilter: nf_nat: handle NF_DROP from nfnetlink_parse_nat_setup()Pablo Neira Ayuso2016-09-121-1/+1
* netfilter: nf_tables_trace: fix endiness when dump chain policyLiping Zhang2016-09-051-1/+1
* netfilter: nf_tables_netdev: remove redundant ip_hdr assignmentLiping Zhang2016-08-301-1/+0
* netfilter: nft_meta: improve the validity check of pkttype set exprLiping Zhang2016-08-251-4/+13
* netfilter: cttimeout: unlink timeout objs in the unconfirmed ct listsLiping Zhang2016-08-251-1/+10
* netfilter: cttimeout: put back l4proto when replacing timeout policyLiping Zhang2016-08-251-18/+15
* netfilter: nfnetlink: use list_for_each_entry_safe to delete all objectsLiping Zhang2016-08-252-5/+6
* netfilter: nft_reject: restrict to INPUT/FORWARD/OUTPUTLiping Zhang2016-08-252-1/+22
* netfilter: cttimeout: fix use after free error when delete netnsLiping Zhang2016-08-181-6/+10
* netfilter: nfnetlink_acct: fix race between nfacct del and xt_nfacct destroyLiping Zhang2016-08-181-4/+4
* netfilter: tproxy: properly refcount tcp listenersEric Dumazet2016-08-181-0/+4
* netfilter: nfnetlink_acct: report overquota to the right netnsLiping Zhang2016-08-182-5/+6
* netfilter: nfnetlink_log: add "nf-logger-3-1" module alias nameLiping Zhang2016-08-171-0/+1
* netfilter: conntrack: do not dump other netns's conntrack entries via procLiping Zhang2016-08-171-0/+4
* netfilter: nft_exthdr: Add size check on u8 nft_exthdr attributesLaura Garcia Liebana2016-08-101-2/+9
* netfilter: ctnetlink: reject new conntrack request with different l4protoLiping Zhang2016-08-091-0/+2
* netfilter: nfnetlink_queue: reject verdict request from different portidLiping Zhang2016-08-091-4/+2
* netfilter: nfnetlink_queue: fix memory leak when attach expectation successfullyLiping Zhang2016-08-091-6/+2
* netfilter: nf_ct_expect: remove the redundant slash when policy name is emptyLiping Zhang2016-08-091-1/+1
* netfilter: nf_conntrack_sip: CSeq 0 is a valid CSeqChristophe Leroy2016-08-081-2/+2
* netfilter: nft_rbtree: ignore inactive matching element with no descendantsPablo Neira Ayuso2016-08-081-4/+6
* netfilter: nf_ct_h323: do not re-activate already expired timerLiping Zhang2016-08-081-1/+2
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds2016-07-2736-808/+1009
|\
| * Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller2016-07-2426-488/+589
| |\
| | * netfilter: nft_compat: fix crash when related match/target module is removedLiping Zhang2016-07-231-23/+20
| | * netfilter: nft_compat: put back match/target module if init failLiping Zhang2016-07-231-8/+24
| | * netfilter: h323: Use mod_timer instead of set_expect_timeoutGao Feng2016-07-231-14/+1
| | * netfilter: connlabels: move set helper to xt_connlabelFlorian Westphal2016-07-222-30/+16
| | * netfilter: conntrack: support a fixed size of 128 distinct labelsFlorian Westphal2016-07-224-26/+12
| | * netfilter: nf_tables: allow to filter out rules by table and chainPablo Neira Ayuso2016-07-211-0/+38
| | * netfilter: nft_log: fix snaplen does not truncate packetsLiping Zhang2016-07-211-1/+2
| | * netfilter: nft_log: check the validity of log levelLiping Zhang2016-07-211-0/+5
| | * netfilter: nft_log: fix possible memory leak if log expr init failLiping Zhang2016-07-211-8/+18
| | * netfilter: Add helper array register/unregister functionsGao Feng2016-07-216-181/+150
| | * netfilter: nft_ct: fix unpaired nf_connlabels_get/put callLiping Zhang2016-07-191-6/+19
| | * netfilter: x_tables: speed up jump target validationFlorian Westphal2016-07-181-0/+50
| | * netfilter: conntrack: protect early_drop by rcu read lockLiping Zhang2016-07-121-0/+3
| | * netfilter: nf_conntrack_h323: fix off-by-one in DecodeQ931Toby DiPasquale2016-07-111-1/+2
| | * Merge tag 'ipvs-for-v4.8' of https://git.kernel.org/pub/scm/linux/kernel/git/...Pablo Neira Ayuso2016-07-111-2/+23
| | |\
| | | * ipvs: count pre-established TCP states as activeMichal Kubecek2016-07-071-2/+23
| | * | netfilter: nf_tables: get rid of possible_net_t from set and basechainPablo Neira Ayuso2016-07-114-29/+29
| | * | netfilter: nft_ct: make byte/packet expr more friendlyLiping Zhang2016-07-111-0/+3
| | * | netfilter: physdev: physdev-is-out should not work with OUTPUT chainHangbin Liu2016-07-111-4/+4
| | * | netfilter: nat: convert nat bysrc hash to rhashtableFlorian Westphal2016-07-111-58/+68
| | * | netfilter: move nat hlist_head to nf_connFlorian Westphal2016-07-112-39/+9
| | * | netfilter: conntrack: simplify early_dropFlorian Westphal2016-07-111-48/+47
| | * | netfilter: nf_ct_helper: unlink helper again when hash resize happenLiping Zhang2016-07-111-6/+13
| | * | netfilter: cttimeout: unlink timeout obj again when hash resize happenLiping Zhang2016-07-111-6/+14
| | * | netfilter: conntrack: fix race between nf_conntrack proc read and hash resizeLiping Zhang2016-07-112-5/+26
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-23 12:35:22 +0000