Show patches with: none      |   30065 patches
« 1 2 ... 6 7 8300 301 »
Patch Series A/F/R/T S/W/F Date Submitter Delegate State
[RFC,1/1] netfilter: nat: restore default DNAT behavior netfilter: nat: restore default DNAT behavior - - - - --- 2024-01-26 Kyle Swenson Changes Requested
[nf] netfilter: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new [nf] netfilter: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new - 1 - - --- 2024-01-25 Xin Long Accepted
[net,6/6] netfilter: nf_tables: validate NFPROTO_* family [net,1/6] netfilter: nf_tables: cleanup documentation - 7 - - --- 2024-01-24 Pablo Neira Ayuso strlen Accepted
[net,5/6] netfilter: nf_tables: reject QUEUE/DROP verdict parameters [net,1/6] netfilter: nf_tables: cleanup documentation - 1 - - --- 2024-01-24 Pablo Neira Ayuso strlen Accepted
[net,4/6] netfilter: nf_tables: restrict anonymous set and map names to 16 bytes [net,1/6] netfilter: nf_tables: cleanup documentation - 1 - - --- 2024-01-24 Pablo Neira Ayuso strlen Accepted
[net,3/6] netfilter: nft_limit: reject configurations that cause integer overflow [net,1/6] netfilter: nf_tables: cleanup documentation - 1 - - --- 2024-01-24 Pablo Neira Ayuso strlen Accepted
[net,2/6] netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain [net,1/6] netfilter: nf_tables: cleanup documentation - 1 - - --- 2024-01-24 Pablo Neira Ayuso strlen Accepted
[net,1/6] netfilter: nf_tables: cleanup documentation [net,1/6] netfilter: nf_tables: cleanup documentation - - - - --- 2024-01-24 Pablo Neira Ayuso strlen Accepted
[net,0/6] Netfilter fixes for net - - - - --- 2024-01-24 Pablo Neira Ayuso strlen Accepted
[nf,v3] netfilter: nf_tables: validate NFPROTO_* family [nf,v3] netfilter: nf_tables: validate NFPROTO_* family - 7 - - --- 2024-01-24 Pablo Neira Ayuso Accepted
[nf,v2] netfilter: nf_tables: validate NFPROTO_{IPV4,IPV6,INET} family [nf,v2] netfilter: nf_tables: validate NFPROTO_{IPV4,IPV6,INET} family - 7 - - --- 2024-01-24 Pablo Neira Ayuso Changes Requested
[nf-next,2/2] netfilter: ebtables: add _LEGACY kconfig symbol [nf-next,1/2] netfilter: xtables: add _LEGACY kconfig symbol - - - - --- 2024-01-24 Florian Westphal strlen Accepted
[nf-next,1/2] netfilter: xtables: add _LEGACY kconfig symbol [nf-next,1/2] netfilter: xtables: add _LEGACY kconfig symbol - - - - --- 2024-01-24 Florian Westphal strlen Accepted
[nf-next] netfilter: expect: Simplify the allocation of slab caches in nf_conntrack_expect_init [nf-next] netfilter: expect: Simplify the allocation of slab caches in nf_conntrack_expect_init - - - - --- 2024-01-24 Kunwu Chan strlen Accepted
[iptables] extensions: libebt_stp: fix range checking [iptables] extensions: libebt_stp: fix range checking - 1 - - --- 2024-01-23 Florian Westphal Rejected
[nf] netfilter: nf_tables: validate NFPROTO_{IPV4,IPV6,INET} family [nf] netfilter: nf_tables: validate NFPROTO_{IPV4,IPV6,INET} family - - - - --- 2024-01-23 Pablo Neira Ayuso Changes Requested
[nf-next] netfilter: arptables: allow arptables-nft only builds [nf-next] netfilter: arptables: allow arptables-nft only builds - - 1 - --- 2024-01-23 Florian Westphal strlen Accepted
netfilter: nf_tables: Add a null pointer check in two functions netfilter: nf_tables: Add a null pointer check in two functions - 2 - - --- 2024-01-23 Markus Elfring Not Applicable
[iptables] iptables: Add missing error codes [iptables] iptables: Add missing error codes - - - - --- 2024-01-23 Jacek Tomasiak Accepted
[nf-next] netfilter: nf_conncount: Use KMEM_CACHE instead of kmem_cache_create() [nf-next] netfilter: nf_conncount: Use KMEM_CACHE instead of kmem_cache_create() - - - - --- 2024-01-23 Kunwu Chan strlen Accepted
[64/82] netfilter: Refactor intentional wrap-around test Untitled series #391623 1 - - - --- 2024-01-23 Kees Cook strlen Awaiting Upstream
tests: shell: add test to cover ct offload by using nft flowtables To cover kernel patch ("netfilte… tests: shell: add test to cover ct offload by using nft flowtables To cover kernel patch ("netfilte… - - - - --- 2024-01-22 Yi Chen Accepted
netfilter: conntrack: correct window scaling with retransmitted SYN netfilter: conntrack: correct window scaling with retransmitted SYN - 1 - - --- 2024-01-21 Ryan Schaefer Accepted
[nf] netfilter: nf_tables: reject QUEUE/DROP verdict parameters [nf] netfilter: nf_tables: reject QUEUE/DROP verdict parameters - 1 - - --- 2024-01-20 Florian Westphal Accepted
PROBLEM: nf_conntrack tcp SYN reuse results in incorrect window scaling PROBLEM: nf_conntrack tcp SYN reuse results in incorrect window scaling - 2 - - --- 2024-01-20 Ryan Schaefer Not Applicable
[nft,2/2] evaluate: permit use of host-endian constant values in set lookup keys fix host-endian constant values in set lookup keys - 1 - - --- 2024-01-19 Florian Westphal RFC
[nft,1/2] netlink_delinearize: move concat and value postprocessing to helpers fix host-endian constant values in set lookup keys - - - - --- 2024-01-19 Florian Westphal RFC
[nf] netfilter: nf_tables: restrict anonymous set and map names to 16 bytes [nf] netfilter: nf_tables: restrict anonymous set and map names to 16 bytes - - - - --- 2024-01-19 Florian Westphal Accepted
[nf] netfilter: nft_limit: reject configurations that cause integer overflow [nf] netfilter: nft_limit: reject configurations that cause integer overflow - - - - --- 2024-01-19 Florian Westphal Accepted
[nf] netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain [nf] netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,13/13] ipvs: avoid stat macros calls from preemptible context [net,01/13] netfilter: nf_tables: reject invalid set policy 2 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,12/13] netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description [net,01/13] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,11/13] netfilter: nf_tables: skip dead set elements in netlink dump [net,01/13] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,10/13] netfilter: nf_tables: do not allow mismatch field size and set key length [net,01/13] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,09/13] netfilter: nf_tables: check if catch-all set element is active in next generation [net,01/13] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,08/13] netfilter: bridge: replace physindev with physinif in nf_bridge_info [net,01/13] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,07/13] netfilter: propagate net to nf_bridge_get_physindev [net,01/13] netfilter: nf_tables: reject invalid set policy - - 1 - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,06/13] netfilter: nf_queue: remove excess nf_bridge variable [net,01/13] netfilter: nf_tables: reject invalid set policy - - 1 - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,05/13] netfilter: nfnetlink_log: use proper helper for fetching physinif [net,01/13] netfilter: nf_tables: reject invalid set policy - - 1 - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,04/13] netfilter: nft_limit: do not ignore unsupported flags [net,01/13] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,03/13] netfilter: nf_tables: bail out if stateful expression provides no .clone [net,01/13] netfilter: nf_tables: reject invalid set policy - - - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,02/13] netfilter: nf_tables: validate .maxattr at expression registration [net,01/13] netfilter: nf_tables: reject invalid set policy - - - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,01/13] netfilter: nf_tables: reject invalid set policy [net,01/13] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[net,v2,00/13] Netfilter fixes for net - - - - --- 2024-01-18 Pablo Neira Ayuso Accepted
[nft] tests: py: remove huge-limit test cases [nft] tests: py: remove huge-limit test cases - - - - --- 2024-01-18 Florian Westphal Accepted
[net,14/14] netfilter: ipset: fix performance regression in swap operation [net,01/14] netfilter: nf_tables: reject invalid set policy - 2 - 2 --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,13/14] ipvs: avoid stat macros calls from preemptible context [net,01/14] netfilter: nf_tables: reject invalid set policy 2 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,12/14] netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description [net,01/14] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,11/14] netfilter: nf_tables: skip dead set elements in netlink dump [net,01/14] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,10/14] netfilter: nf_tables: do not allow mismatch field size and set key length [net,01/14] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,09/14] netfilter: nf_tables: check if catch-all set element is active in next generation [net,01/14] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,08/14] netfilter: bridge: replace physindev with physinif in nf_bridge_info [net,01/14] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,07/14] netfilter: propagate net to nf_bridge_get_physindev [net,01/14] netfilter: nf_tables: reject invalid set policy - - 1 - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,06/14] netfilter: nf_queue: remove excess nf_bridge variable [net,01/14] netfilter: nf_tables: reject invalid set policy - - 1 - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,05/14] netfilter: nfnetlink_log: use proper helper for fetching physinif [net,01/14] netfilter: nf_tables: reject invalid set policy - - 1 - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,04/14] netfilter: nft_limit: do not ignore unsupported flags [net,01/14] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,03/14] netfilter: nf_tables: bail out if stateful expression provides no .clone [net,01/14] netfilter: nf_tables: reject invalid set policy - - - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,02/14] netfilter: nf_tables: validate .maxattr at expression registration [net,01/14] netfilter: nf_tables: reject invalid set policy - - - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,01/14] netfilter: nf_tables: reject invalid set policy [net,01/14] netfilter: nf_tables: reject invalid set policy - 1 - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net,00/14] Netfilter fixes for net - - - - --- 2024-01-17 Pablo Neira Ayuso Changes Requested
[net] ipvs: Simplify the allocation of ip_vs_conn slab caches [net] ipvs: Simplify the allocation of ip_vs_conn slab caches 1 - - - --- 2024-01-17 Kunwu Chan strlen Accepted
[1/1] netfilter: ipset: fix performance regression in swap operation [1/1] netfilter: ipset: fix performance regression in swap operation - - - 2 --- 2024-01-16 Jozsef Kadlecsik Accepted
[0/1] ipset performance regression in swap fix - - - - --- 2024-01-16 Jozsef Kadlecsik Accepted
[nft] evaluate: don't assert on net/transport header conflict [nft] evaluate: don't assert on net/transport header conflict - - - - --- 2024-01-16 Florian Westphal Accepted
[net] net: ipvs: avoid stat macros calls from preemptible context [net] net: ipvs: avoid stat macros calls from preemptible context 2 1 - - --- 2024-01-15 Fedor Pchelkin Accepted
[nft] rule: fix sym refcount assertion [nft] rule: fix sym refcount assertion - 1 - - --- 2024-01-15 Florian Westphal Accepted
[nft] evaluate: error out when store needs more than one 128bit register of align fixup [nft] evaluate: error out when store needs more than one 128bit register of align fixup - 1 - - --- 2024-01-15 Florian Westphal Accepted
[nf] netfilter: nf_tables: skip dead set elements in netlink dump [nf] netfilter: nf_tables: skip dead set elements in netlink dump - 1 - - --- 2024-01-15 Pablo Neira Ayuso Accepted
[nf] netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description [nf] netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description - 1 - - --- 2024-01-15 Pablo Neira Ayuso Accepted
[nf] netfilter: nf_tables: do not allow mismatch field size and set key length [nf] netfilter: nf_tables: do not allow mismatch field size and set key length - 1 - - --- 2024-01-15 Pablo Neira Ayuso Accepted
[nf] netfilter: nf_tables: check if catch-all set element is active in next generation [nf] netfilter: nf_tables: check if catch-all set element is active in next generation - 1 - - --- 2024-01-12 Pablo Neira Ayuso Accepted
[libnftnl,v3] set_elem: use nftnl_data_cpy() in NFTNL_SET_ELEM_{KEY,KEY_END,DATA} [libnftnl,v3] set_elem: use nftnl_data_cpy() in NFTNL_SET_ELEM_{KEY,KEY_END,DATA} - - - - --- 2024-01-12 Pablo Neira Ayuso Accepted
[libnftnl] set_elem: use nftnl_data_cpy() in NFTNL_SET_ELEM_{KEY,KEY_END,DATA} [libnftnl] set_elem: use nftnl_data_cpy() in NFTNL_SET_ELEM_{KEY,KEY_END,DATA} - - - - --- 2024-01-12 Pablo Neira Ayuso Changes Requested
[nft] rule: do not crash if to-be-printed flowtable lacks priority [nft] rule: do not crash if to-be-printed flowtable lacks priority - - - - --- 2024-01-12 Florian Westphal New
[1/2] parser: reject raw payload expressions with 0 length [1/2] parser: reject raw payload expressions with 0 length - - - - --- 2024-01-12 Florian Westphal Accepted
[nft,v3] src: do not merge a set with a erroneous one [nft,v3] src: do not merge a set with a erroneous one - - - - --- 2024-01-12 Florian Westphal Accepted
[libnftnl] set_elem: use nftnl_data_cpy() in NFTNL_SET_ELEM_{KEY,KEY_END,DATA} [libnftnl] set_elem: use nftnl_data_cpy() in NFTNL_SET_ELEM_{KEY,KEY_END,DATA} - - - - --- 2024-01-12 Pablo Neira Ayuso Changes Requested
[libnftnl] set: buffer overflow in NFTNL_SET_DESC_CONCAT setter [libnftnl] set: buffer overflow in NFTNL_SET_DESC_CONCAT setter - 1 - - --- 2024-01-11 Pablo Neira Ayuso Accepted
[nft,2/2] evaluate: release mpz type in expr_evaluate_list() error path memleak fixes for tests/shell/testcases/bogons/nft-f/ - 1 - - --- 2024-01-11 Pablo Neira Ayuso Accepted
[nft,1/2] evaluate: release key expression in error path of implicit map with unknown datatype memleak fixes for tests/shell/testcases/bogons/nft-f/ - 1 - - --- 2024-01-11 Pablo Neira Ayuso Accepted
[nft,v2] evaluate: bail out if anonymous concat set defines a non concat expression [nft,v2] evaluate: bail out if anonymous concat set defines a non concat expression - - - - --- 2024-01-11 Pablo Neira Ayuso Accepted
[nft,v2,2/2] evaluate: add missing range checks for dup,fwd and payload statements evaluate: add more checks for '... set 1-3' - - - - --- 2024-01-11 Florian Westphal Accepted
[nft,1/2] evaluate: tproxy: move range error checks after arg evaluation evaluate: add more checks for '... set 1-3' - - - - --- 2024-01-11 Florian Westphal Accepted
[nft] evaluate: error out when expression has no datatype [nft] evaluate: error out when expression has no datatype - - - - --- 2024-01-11 Florian Westphal Accepted
[v3,4/4] netfilter: bridge: replace physindev with physinif in nf_bridge_info netlink: bridge: fix nf_bridge->physindev use after free - 1 - - --- 2024-01-11 Pavel Tikhomirov Accepted
[v3,3/4] netfilter: propagate net to nf_bridge_get_physindev netlink: bridge: fix nf_bridge->physindev use after free - - 1 - --- 2024-01-11 Pavel Tikhomirov Accepted
[v3,2/4] netfilter: nf_queue: remove excess nf_bridge variable netlink: bridge: fix nf_bridge->physindev use after free - - 1 - --- 2024-01-11 Pavel Tikhomirov Accepted
[v3,1/4] netfilter: nfnetlink_log: use proper helper for fetching physinif netlink: bridge: fix nf_bridge->physindev use after free - - 1 - --- 2024-01-11 Pavel Tikhomirov Accepted
[nft] evaluate: disable ct set with ranges [nft] evaluate: disable ct set with ranges - - - - --- 2024-01-11 Florian Westphal Superseded
[nft] payload: only assert if l2 header base has no length [nft] payload: only assert if l2 header base has no length - - - - --- 2024-01-11 Florian Westphal Accepted
[iptables,v2,3/3] iptables-save: Avoid /etc/protocols lookups iptables-save: Avoid /etc/protocols lookups - - - - --- 2024-01-10 Phil Sutter Accepted
[iptables,v2,2/3] libxtables: Add dccp and ipcomp to xtables_chain_protos iptables-save: Avoid /etc/protocols lookups - - - - --- 2024-01-10 Phil Sutter Accepted
[iptables,v2,1/3] Revert "xshared: Print protocol numbers if --numeric was given" iptables-save: Avoid /etc/protocols lookups - - - - --- 2024-01-10 Phil Sutter Accepted
[nft,4/4] Revert "datatype: do not assert when value exceeds expected width" assorted fixes - - - - --- 2024-01-10 Pablo Neira Ayuso Not Applicable
[nft,3/4] evaluate: bail out if anonymous concat set defines a non concat expression assorted fixes - - - - --- 2024-01-10 Pablo Neira Ayuso Changes Requested
[nft,2/4] evaluate: do not fetch next expression on runaway number of concatenation components assorted fixes - 1 - - --- 2024-01-10 Pablo Neira Ayuso Accepted
[nft,1/4] evaluate: skip anonymous set optimization for concatenations assorted fixes - 1 - - --- 2024-01-10 Pablo Neira Ayuso Accepted
[iptables,2/2] iptables-save: Avoid /etc/protocols lookups [iptables,1/2] Revert "xshared: Print protocol numbers if --numeric was given" - - - - --- 2024-01-10 Phil Sutter Superseded
[iptables,1/2] Revert "xshared: Print protocol numbers if --numeric was given" [iptables,1/2] Revert "xshared: Print protocol numbers if --numeric was given" - - - - --- 2024-01-10 Phil Sutter Superseded
[v2,nft,3/3] evaluate: don't assert if set->data is NULL set related parser fixes - 1 - - --- 2024-01-10 Florian Westphal Rejected
« 1 2 ... 6 7 8300 301 »