Show patches with: Archived = No       |   28480 patches
« 1 2 ... 3 4 5284 285 »
Patch Series A/F/R/T S/W/F Date Submitter Delegate State
[net-next] netfilter: conntrack: using NF_DROP in test statement in nf_conntrack_in() [net-next] netfilter: conntrack: using NF_DROP in test statement in nf_conntrack_in() - - - - --- 2024-03-08 Jason Xing New
[net-next] netfilter: conntrack: dccp: try not to drop skb in conntrack [net-next] netfilter: conntrack: dccp: try not to drop skb in conntrack - - - - --- 2024-03-08 Jason Xing Changes Requested
iptables-nft: Wrong payload merge of rule filter - "! --sport xx ! --dport xx" iptables-nft: Wrong payload merge of rule filter - "! --sport xx ! --dport xx" 1 - - - --- 2024-03-08 Sriram Rajagopalan New
ipvs: allow netlink configuration from non-initial user namespace ipvs: allow netlink configuration from non-initial user namespace - - - - --- 2024-03-07 Michael Weiß Handled Elsewhere
[net-next] netfilter: conntrack: avoid sending RST to reply out-of-window skb [net-next] netfilter: conntrack: avoid sending RST to reply out-of-window skb - - - - --- 2024-03-07 Jason Xing New
[nf-next,9/9] netfilter: nf_tables: remove gc sequence counter netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,8/9] netfilter: nf_tables: remove expired elements based on key lookup only netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,7/9] netfilter: nf_tables: prepare for key-based deletion from workqueue netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,6/9] netfilter: nf_tables: add in-kernel only query that will return expired/dead elements netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,5/9] netfilter: nf_tables: condense catchall gc netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,4/9] netfilter: remove nft_trans_gc_catchall_async handling netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,3/9] netfilter: nf_tables: add lockdep assertion for chain use counter netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,2/9] netfilter: nf_tables: decrement element counters on set removal/flush netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf-next,1/9] netfilter: nf_tables: warn if set being destroyed is still active netfilter: nf_tables: rewrite gc again - - - - --- 2024-03-07 Florian Westphal Deferred
[nf] netfilter: nf_tables: skip netdev hook unregistration if table is dormant [nf] netfilter: nf_tables: skip netdev hook unregistration if table is dormant - 2 - - --- 2024-03-07 Pablo Neira Ayuso Superseded
[net,5/5] netfilter: nf_conntrack_h323: Add protection for bmp length out of range [net,1/5] netfilter: nf_tables: disallow anonymous set with timeout flag - 1 - - --- 2024-03-07 Pablo Neira Ayuso Accepted
[net,4/5] netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout [net,1/5] netfilter: nf_tables: disallow anonymous set with timeout flag - 1 - - --- 2024-03-07 Pablo Neira Ayuso Accepted
[net,3/5] netfilter: nft_ct: fix l3num expectations with inet pseudo family [net,1/5] netfilter: nf_tables: disallow anonymous set with timeout flag - 1 - - --- 2024-03-07 Pablo Neira Ayuso Accepted
[net,2/5] netfilter: nf_tables: reject constant set with timeout [net,1/5] netfilter: nf_tables: disallow anonymous set with timeout flag - 1 - - --- 2024-03-07 Pablo Neira Ayuso Accepted
[net,1/5] netfilter: nf_tables: disallow anonymous set with timeout flag [net,1/5] netfilter: nf_tables: disallow anonymous set with timeout flag - 1 - - --- 2024-03-07 Pablo Neira Ayuso Accepted
[net,0/5] Netfilter fixes for net - - - - --- 2024-03-07 Pablo Neira Ayuso Accepted
[nft,v2] evaluate: translate meter into dynamic set [nft,v2] evaluate: translate meter into dynamic set - - - - --- 2024-03-06 Pablo Neira Ayuso Accepted
[nft] evaluate: translate meter into dynamic set [nft] evaluate: translate meter into dynamic set - - - - --- 2024-03-06 Pablo Neira Ayuso Changes Requested
[net] netfilter: nf_tables: Fix a memory leak in nf_tables_updchain [net] netfilter: nf_tables: Fix a memory leak in nf_tables_updchain - 1 - - --- 2024-03-06 Quan Tian Accepted
[net] netfilter: conntrack: fix ct-state for ICMPv6 Multicast Router Discovery [net] netfilter: conntrack: fix ct-state for ICMPv6 Multicast Router Discovery - 1 - - --- 2024-03-06 Linus Lüssing New
[iptables,2/2] xlate: libip6t_mh: Fix and simplify plain '-m mh' match [iptables,1/2] xlate: Improve redundant l4proto match avoidance - 1 - - --- 2024-03-05 Phil Sutter Accepted
[iptables,1/2] xlate: Improve redundant l4proto match avoidance [iptables,1/2] xlate: Improve redundant l4proto match avoidance - - - - --- 2024-03-05 Phil Sutter Accepted
[nf-next] netfilter: nf_tables: remove NETDEV_CHANGENAME from netdev chain event handler [nf-next] netfilter: nf_tables: remove NETDEV_CHANGENAME from netdev chain event handler - - - - --- 2024-03-05 Pablo Neira Ayuso New
[nf-next] netfilter: nf_tables: skip transaction if update object is not implemented [nf-next] netfilter: nf_tables: skip transaction if update object is not implemented - - - - --- 2024-03-05 Pablo Neira Ayuso New
[nf,v2] netfilter: nf_tables: mark set as dead when deactivating anonymous set with timeout [nf,v2] netfilter: nf_tables: mark set as dead when deactivating anonymous set with timeout - 1 - - --- 2024-03-04 Pablo Neira Ayuso Changes Requested
[nf] netfilter: nf_tables: mark set as dead when deactivating anonymous set [nf] netfilter: nf_tables: mark set as dead when deactivating anonymous set - 1 - - --- 2024-03-04 Pablo Neira Ayuso Changes Requested
[conntrack-tools,v2,3/3] conntrackd: exit with failure status fix potential memory loss and exit codes - - - - --- 2024-03-02 Donald Yandt Accepted
[conntrack-tools,v2,2/3] conntrackd: use size_t for element indices fix potential memory loss and exit codes - - - - --- 2024-03-02 Donald Yandt Changes Requested
[conntrack-tools,v2,1/3] conntrackd: prevent memory loss if reallocation fails fix potential memory loss and exit codes - - - - --- 2024-03-02 Donald Yandt Accepted
[conntrack-tools,3/3] conntrackd: exit with failure status fix potential memory loss and exit codes - - - - --- 2024-03-01 Donald Yandt Changes Requested
[conntrack-tools,2/3] conntrackd: use size_t for element indices fix potential memory loss and exit codes - - - - --- 2024-03-01 Donald Yandt Changes Requested
[conntrack-tools,1/3] conntrackd: prevent memory loss if reallocation fails fix potential memory loss and exit codes - - - - --- 2024-03-01 Donald Yandt Changes Requested
[nf,2/2] netfilter: nf_tables: reject constant set with timeout [nf,1/2] netfilter: nf_tables: disallow anonymous set with NFT_SET_{TIMEOUT,EVAL} flags - 1 - - --- 2024-03-01 Pablo Neira Ayuso Changes Requested
[nf,1/2] netfilter: nf_tables: disallow anonymous set with NFT_SET_{TIMEOUT,EVAL} flags [nf,1/2] netfilter: nf_tables: disallow anonymous set with NFT_SET_{TIMEOUT,EVAL} flags - 1 - - --- 2024-03-01 Pablo Neira Ayuso Changes Requested
[iptables] xtables-translate: Leverage stored protocol names [iptables] xtables-translate: Leverage stored protocol names - - - - --- 2024-02-29 Phil Sutter Accepted
[nft] rule: fix ASAN errors in priority to string conversion [nft] rule: fix ASAN errors in priority to string conversion - 1 - - --- 2024-02-29 Pablo Neira Ayuso Accepted
[iptables] nft: Fix for broken recover_rule_compat() [iptables] nft: Fix for broken recover_rule_compat() - 1 - - --- 2024-02-27 Phil Sutter Accepted
[libnftnl,3/3] utils: remove unused code [libnftnl,1/3] expr: immediate: check for chain attribute to release chain name - - - - --- 2024-02-26 Pablo Neira Ayuso pablo Accepted
[libnftnl,2/3] udata: incorrect userdata buffer size validation [libnftnl,1/3] expr: immediate: check for chain attribute to release chain name - - - - --- 2024-02-26 Pablo Neira Ayuso pablo Accepted
[libnftnl,1/3] expr: immediate: check for chain attribute to release chain name [libnftnl,1/3] expr: immediate: check for chain attribute to release chain name - - - - --- 2024-02-26 Pablo Neira Ayuso pablo Accepted
[v3] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() [v3] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() - 1 - - --- 2024-02-22 Ignat Korchagin pablo Accepted
[net,5/5] netfilter: nf_tables: use kzalloc for hook allocation [net,1/5] netfilter: nf_tables: set dormant flag on hook register failure - 1 - - --- 2024-02-22 Pablo Neira Ayuso Accepted
[net,4/5] netfilter: nf_tables: register hooks last when adding new chain/flowtable [net,1/5] netfilter: nf_tables: set dormant flag on hook register failure - 2 - - --- 2024-02-22 Pablo Neira Ayuso Accepted
[net,3/5] netfilter: nft_flow_offload: release dst in case direct xmit path is used [net,1/5] netfilter: nf_tables: set dormant flag on hook register failure - 1 - - --- 2024-02-22 Pablo Neira Ayuso Accepted
[net,2/5] netfilter: nft_flow_offload: reset dst in route object after setting up flow [net,1/5] netfilter: nf_tables: set dormant flag on hook register failure - 1 - - --- 2024-02-22 Pablo Neira Ayuso Accepted
[net,1/5] netfilter: nf_tables: set dormant flag on hook register failure [net,1/5] netfilter: nf_tables: set dormant flag on hook register failure - 1 - - --- 2024-02-22 Pablo Neira Ayuso Accepted
[net,0/5] Netfilter fixes for net - - - - --- 2024-02-22 Pablo Neira Ayuso Accepted
[nf] netfilter: nf_tables: use kzalloc for hook allocation [nf] netfilter: nf_tables: use kzalloc for hook allocation - 1 - - --- 2024-02-21 Florian Westphal pablo Accepted
[nf] netfilter: nf_tables: register hooks last when adding new chain/flowtable [nf] netfilter: nf_tables: register hooks last when adding new chain/flowtable - 2 - - --- 2024-02-21 Pablo Neira Ayuso pablo Accepted
[nf,2/2] netfilter: nft_flow_offload: release dst in case direct xmit path is used [nf,1/2] netfilter: nft_flow_offload: reset dst in route object after setting up flow - 1 - - --- 2024-02-21 Pablo Neira Ayuso pablo Accepted
[nf,1/2] netfilter: nft_flow_offload: reset dst in route object after setting up flow [nf,1/2] netfilter: nft_flow_offload: reset dst in route object after setting up flow - 1 - - --- 2024-02-21 Pablo Neira Ayuso pablo Accepted
[v2] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() [v2] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() - 1 - - --- 2024-02-20 Ignat Korchagin Changes Requested
[libnftnl] obj: ct_timeout: setter checks for timeout array boundaries [libnftnl] obj: ct_timeout: setter checks for timeout array boundaries - 1 - - --- 2024-02-20 Pablo Neira Ayuso pablo Accepted
[nf] netfilter: nf_tables: set dormant flag on hook register failure [nf] netfilter: nf_tables: set dormant flag on hook register failure - 1 - - --- 2024-02-19 Florian Westphal pablo Accepted
[nf-next] netfilter: nft_byteorder: remove multi-register support [nf-next] netfilter: nft_byteorder: remove multi-register support - 1 - - --- 2024-02-14 Florian Westphal New
[libnetfilter_queue,1/1] Convert libnetfilter_queue to use entirely libmnl functions Convert libnetfilter_queue to use entirely libmnl functions - - - - --- 2024-02-13 Duncan Roe RFC
[nft] expression: missing line in describe command with invalid expression [nft] expression: missing line in describe command with invalid expression - 1 - - --- 2024-02-13 Pablo Neira Ayuso Accepted
[1/1] tests: use common shebang in "packetpath/flowtables" test [1/1] tests: use common shebang in "packetpath/flowtables" test - - - - --- 2024-02-09 Thomas Haller New
[nft] cache: Always set NFT_CACHE_TERSE for list cmd with --terse [nft] cache: Always set NFT_CACHE_TERSE for list cmd with --terse - - - - --- 2024-02-08 Phil Sutter Accepted
[nft,2/2] netlink_linearize: add assertion to catch for buggy byteorder [v2,nft,1/2] evaluate: skip byteorder conversion for selector smaller than 2 bytes - - - - --- 2024-02-08 Pablo Neira Ayuso Accepted
[v2,nft,1/2] evaluate: skip byteorder conversion for selector smaller than 2 bytes [v2,nft,1/2] evaluate: skip byteorder conversion for selector smaller than 2 bytes - 1 - - --- 2024-02-08 Pablo Neira Ayuso Accepted
[nft] cache: Reduce caching when terse listing a table [nft] cache: Reduce caching when terse listing a table - - - - --- 2024-02-08 Phil Sutter Superseded
[nft] evaluate: skip byteorder conversion for selector smaller than 2 bytes [nft] evaluate: skip byteorder conversion for selector smaller than 2 bytes - 1 - - --- 2024-02-07 Pablo Neira Ayuso Changes Requested
[nf,v2,3/3] netfilter: nft_set_pipapo: remove scratch_aligned pointer netfilter: nft_set_pipapo: nft_set_pipapo: map_index must be per set - 1 1 - --- 2024-02-07 Florian Westphal Accepted
[nf,v2,2/3] netfilter: nft_set_pipapo: add helper to release pcpu scratch area netfilter: nft_set_pipapo: nft_set_pipapo: map_index must be per set - - 1 - --- 2024-02-07 Florian Westphal Accepted
[nf,v2,1/3] netfilter: nft_set_pipapo: store index in scratch maps netfilter: nft_set_pipapo: nft_set_pipapo: map_index must be per set - 1 1 - --- 2024-02-07 Florian Westphal Accepted
[nft] cache: Optimize caching for 'list tables' command [nft] cache: Optimize caching for 'list tables' command - - - - --- 2024-02-07 Phil Sutter Accepted
[nft,v3] evaluate: fix check for unknown in cmd_op_to_name [nft,v3] evaluate: fix check for unknown in cmd_op_to_name - 1 - - --- 2024-02-07 谢致邦 (XIE Zhibang) Accepted
[nf] netfilter: nf_tables: use timestamp to check for set element timeout [nf] netfilter: nf_tables: use timestamp to check for set element timeout - 1 - - --- 2024-02-07 Pablo Neira Ayuso Accepted
Makefile.am: don't silence -Wimplicit-function-declaration Makefile.am: don't silence -Wimplicit-function-declaration - - - - --- 2024-02-07 Sam James Accepted
[nf] netfilter: nfnetlink_queue: un-break NF_REPEAT [nf] netfilter: nfnetlink_queue: un-break NF_REPEAT - 1 - - --- 2024-02-06 Florian Westphal Accepted
[nf,3/3] netfilter: nft_set_pipapo: remove scratch_aligned pointer netfilter: nft_set_pipapo: map_index must be per set - 1 1 - --- 2024-02-06 Florian Westphal Changes Requested
[nf,2/3] netfilter: nft_set_pipapo: add helper to release pcpu scratch area netfilter: nft_set_pipapo: map_index must be per set - - 1 - --- 2024-02-06 Florian Westphal Changes Requested
[nf,1/3] netfilter: nft_set_pipapo: store index in scratch maps netfilter: nft_set_pipapo: map_index must be per set - 1 1 - --- 2024-02-06 Florian Westphal Changes Requested
ipvs: generic netlink multicast event group ipvs: generic netlink multicast event group - - - - --- 2024-02-05 Terin Stock Changes Requested
[nf] netfilter: nft_ct: reject direction for ct id [nf] netfilter: nft_ct: reject direction for ct id - 1 - - --- 2024-02-05 Pablo Neira Ayuso Accepted
[net] net: ctnetlink: fix filtering for zone 0 [net] net: ctnetlink: fix filtering for zone 0 - 1 - - --- 2024-02-05 Felix Huettner Accepted
[1/1] netfilter: ipset: Missing gc cancellations fixed [1/1] netfilter: ipset: Missing gc cancellations fixed - 1 - 2 --- 2024-02-04 Jozsef Kadlecsik Accepted
[iptables,12/12] libxtables: xtoptions: Respect min/max values when completing ranges Range value related fixes/improvements - - - - --- 2024-02-02 Phil Sutter Accepted
[iptables,11/12] extensions: tcp/udp: Save/xlate inverted full ranges Range value related fixes/improvements - 2 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,10/12] nft: Do not omit full ranges if inverted Range value related fixes/improvements - 1 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,09/12] extensions: ipcomp: Save inverted full ranges Range value related fixes/improvements - 1 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,08/12] extensions: esp: Save/xlate inverted full ranges Range value related fixes/improvements - 1 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,07/12] extensions: rt: Save/xlate inverted full ranges Range value related fixes/improvements - 1 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,06/12] extensions: mh: Save/xlate inverted full ranges Range value related fixes/improvements - 1 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,05/12] extensions: frag: Save/xlate inverted full ranges Range value related fixes/improvements - 1 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,04/12] extensions: ah: Save/xlate inverted full ranges Range value related fixes/improvements - 2 - - --- 2024-02-02 Phil Sutter Accepted
[iptables,03/12] libxtables: Reject negative port ranges Range value related fixes/improvements - - - - --- 2024-02-02 Phil Sutter Accepted
[iptables,02/12] libxtables: xtoptions: Assert ranges are monotonic increasing Range value related fixes/improvements - - - - --- 2024-02-02 Phil Sutter Accepted
[iptables,01/12] extensions: *.t/*.txlate: Test range corner-cases Range value related fixes/improvements - - - - --- 2024-02-02 Phil Sutter Accepted
[nf] netfilter: nft_compat: reject unused compat flag [nf] netfilter: nft_compat: reject unused compat flag - 1 - - --- 2024-02-02 Pablo Neira Ayuso Accepted
[nf] netfilter: nft_compat: restrict match/target protocol to u16 [nf] netfilter: nft_compat: restrict match/target protocol to u16 - 1 - - --- 2024-02-02 Pablo Neira Ayuso Accepted
[nf] netfilter: nft_compat: narrow down revision to unsigned 8-bits [nf] netfilter: nft_compat: narrow down revision to unsigned 8-bits - 1 - - --- 2024-02-02 Pablo Neira Ayuso Accepted
[nf] netfilter: nft_set_pipapo: remove static in nft_pipapo_get() [nf] netfilter: nft_set_pipapo: remove static in nft_pipapo_get() - 1 - - --- 2024-02-02 Pablo Neira Ayuso Accepted
[v5.10.y] netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() [v5.10.y] netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() - 1 - - --- 2024-02-02 Ajay Kaher Awaiting Upstream
« 1 2 ... 3 4 5284 285 »