Show patches with: State = Action Required       |   55 patches
Patch Series A/F/R/T S/W/F Date Submitter Delegate State
netfilter: ipset: harden payload calculation in call_ad() netfilter: ipset: harden payload calculation in call_ad() 1 - - - --- 2026-03-13 David Baum kadlec Under Review
[nf] netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO [nf] netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO - 1 - - --- 2026-04-10 Xiang Mei New
[2/2] netfilter: validate values parsed by try_number [1/2] netfilter fix u16 overflow in get_port() - - - - --- 2026-04-10 Cyber-JA New
[1/2] netfilter fix u16 overflow in get_port() [1/2] netfilter fix u16 overflow in get_port() - - - - --- 2026-04-10 Cyber-JA New
[nf-next] netfilter: nat: switch release of ops to kfree_rcu [nf-next] netfilter: nat: switch release of ops to kfree_rcu - - - - --- 2026-04-10 Florian Westphal New
[nf] netfilter: nf_tables: use RCU-safe list primitives for basechain hook list [nf] netfilter: nf_tables: use RCU-safe list primitives for basechain hook list - 1 - - --- 2026-04-10 Weiming Shi New
[v3,next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings [v3,next] netfilter: x_tables: Avoid a couple -Wflex-array-member-not-at-end warnings - - - - --- 2026-04-09 Gustavo A. R. Silva Under Review
[nft,v2,1/5] main: consolidate EPERM to non-root users [nft,v2,1/5] main: consolidate EPERM to non-root users - - - - --- 2026-04-09 Pablo Neira Ayuso New
[RFC,net-next,4/4] net: ethernet: mtk_eth_soc: report INGRESS_L2 byte_type in flow stats improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[RFC,net-next,3/4] nf_flow_table: convert hw byte counts and update sub-interface stats improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[RFC,net-next,2/4] nf_flow_table: track sub-interface and bridge ifindex in flow tuple improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[RFC,net-next,1/4] net: flow_offload: let drivers report byte counter semantics improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[nft] tests: py: don't use a fixed filename [nft] tests: py: don't use a fixed filename - - - - --- 2026-04-09 Florian Westphal New
[nf-next] netfilter: nft_fwd_netdev: check ttl/hl before forwarding [nf-next] netfilter: nft_fwd_netdev: check ttl/hl before forwarding - 1 - - --- 2026-04-09 Florian Westphal Under Review
[v2] netfilter: nft_fwd_netdev: use recursion counter in neigh egress path [v2] netfilter: nft_fwd_netdev: use recursion counter in neigh egress path - 1 - - --- 2026-04-09 Weiming Shi Under Review
[nf-next] netfilter: x_physdev: reject empty or not-nul terminated device names [nf-next] netfilter: x_physdev: reject empty or not-nul terminated device names - - - - --- 2026-04-09 Florian Westphal Under Review
[nft,5/5] libnftables: support for several list and reset commands support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nft,4/5] libnftables: use nft_eval_run_cmds() in nft_run_cmd_from_filename() support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nft,3/5] libnftables: consolidate evaluation and netlink run support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nft,2/5] libnftables: add nft_run_cmd_release() helper and use it support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nft,1/5] libnftables: report EPERM to non-root users with -f/--filename support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nf] netfilter: arp_tables: fix IEEE1394 ARP payload parsing in arp_packet_match() [nf] netfilter: arp_tables: fix IEEE1394 ARP payload parsing in arp_packet_match() - 1 - - --- 2026-04-08 Weiming Shi Under Review
[PATCHv2,nf-next,3/3] ipvs: add conn_lfactor and svc_lfactor sysctl vars IPVS changes, part 4 of 4 - extras - - - - --- 2026-04-04 Julian Anastasov Under Review
[PATCHv2,nf-next,2/3] ipvs: add ip_vs_status info IPVS changes, part 4 of 4 - extras - - - - --- 2026-04-04 Julian Anastasov Under Review
[PATCHv2,nf-next,1/3] ipvs: show the current conn_tab size to users IPVS changes, part 4 of 4 - extras - - - - --- 2026-04-04 Julian Anastasov Under Review
[nf-next] netfilter: xt_socket: enable defrag after all other checks [nf-next] netfilter: xt_socket: enable defrag after all other checks - 1 - - --- 2026-04-04 Florian Westphal Under Review
[nf,v2,2/2] netfilter: require Ethernet MAC header before using eth_hdr() [1/1] netfilter: ip6t_eui64: validate MAC header before using it - - - 1 --- 2026-04-04 Ren Wei Under Review
[v3] netfilter: xt_HL: add pr_fmt and checkentry validation [v3] netfilter: xt_HL: add pr_fmt and checkentry validation - - - - --- 2026-04-03 Marino Dzalto Under Review
[nft,2/2] parser_bison: Accept non-constant binop on LHS of relationals A bit of non-constant binop follow-up - - - - --- 2026-04-02 Phil Sutter New
[nft,1/2] parser_json: Accept non-RHS expressions in binop RHS A bit of non-constant binop follow-up - 1 - - --- 2026-04-02 Phil Sutter New
[net,v3] ipvs: fix MTU check for GSO packets in tunnel mode [net,v3] ipvs: fix MTU check for GSO packets in tunnel mode 1 1 - - --- 2026-04-02 Yingnan Zhang Under Review
[nf-next] netfilter: nft_set_pipapo_avx2: restore performance optimization [nf-next] netfilter: nft_set_pipapo_avx2: restore performance optimization - - - - --- 2026-04-01 Florian Westphal New
[2/2,nf-next] netfilter: conntrack: remove unused MAX_NF_CT_PROTO constant [1/2,nf-next] netfilter: conntrack: remove UDP-Lite conntrack support - - - - --- 2026-03-30 Fernando Fernandez Mancera Under Review
[1/2,nf-next] netfilter: conntrack: remove UDP-Lite conntrack support [1/2,nf-next] netfilter: conntrack: remove UDP-Lite conntrack support - - - - --- 2026-03-30 Fernando Fernandez Mancera Under Review
selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test - - - - --- 2026-03-30 Yi Chen New
[nf-next] netfilter: Kconfig: make NF_FLOW_TABLE_INET depend on NF_TABLES_INET [nf-next] netfilter: Kconfig: make NF_FLOW_TABLE_INET depend on NF_TABLES_INET - - - - --- 2026-03-26 Fernando Fernandez Mancera Under Review
[nf-next,v2,2/2] net: dsa: update net_device stats with HW offloaded flows stats Update (DSA) netdev stats with offloaded flows - - - - --- 2026-03-24 Ahmed Zaki Needs Review / ACK
[nf-next,v2,1/2] netfilter: flowtable: update netdev stats with HW_OFFLOAD flows Update (DSA) netdev stats with offloaded flows - - - - --- 2026-03-24 Ahmed Zaki Needs Review / ACK
[nf-next,v2] netfilter: nfnetlink_hook: Dump nat type chains [nf-next,v2] netfilter: nfnetlink_hook: Dump nat type chains - - - - --- 2026-03-20 Phil Sutter Under Review
[v12,nf-next] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW [v12,nf-next] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW - - - - --- 2026-03-17 Eric Woudstra Needs Review / ACK
[v12,nf-next] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() [v12,nf-next] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() - - 1 - --- 2026-03-17 Eric Woudstra Needs Review / ACK
[nf-next,2/2] netfilter: nf_tables: add netlink policy based cap on registers [nf-next,1/2] netfilter: add more netlink-based policy range checks - - - - --- 2026-03-16 Florian Westphal Under Review
[nf-next,1/2] netfilter: add more netlink-based policy range checks [nf-next,1/2] netfilter: add more netlink-based policy range checks - - - - --- 2026-03-16 Florian Westphal Under Review
[v2] netfilter: nf_conntrack_sip: add bounds-checked port parsing helper [v2] netfilter: nf_conntrack_sip: add bounds-checked port parsing helper - 1 - 1 --- 2026-03-13 Guanni Qu Under Review
[nft] cache: Fix for multiple commands in a single batch [nft] cache: Fix for multiple commands in a single batch - 1 - - --- 2026-03-11 Phil Sutter New
[nft] datatype: Accept IPv4 addresses for ip6addr_type [nft] datatype: Accept IPv4 addresses for ip6addr_type - - - - --- 2025-12-10 Phil Sutter New
[nft,v2] src: Convert ip {s,d}addr to IPv4-mapped as needed [nft,v2] src: Convert ip {s,d}addr to IPv4-mapped as needed - - - - --- 2025-12-10 Phil Sutter New
[nft,v3] src: add connlimit stateful object support [nft,v3] src: add connlimit stateful object support - - 1 - --- 2025-11-24 Fernando Fernandez Mancera New
[libnftnl] src: add connlimit stateful object support [libnftnl] src: add connlimit stateful object support - - - - --- 2025-11-04 Fernando Fernandez Mancera New
[libnftnl,v2] expr: add support to math expression [libnftnl,v2] expr: add support to math expression - - - - --- 2025-11-03 Fernando Fernandez Mancera New
[V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl [V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl - - - - --- 2025-04-15 lvxiafei Under Review
[nf] netfilter: conntrack: correct sequence on reinitialized TCP connection [nf] netfilter: conntrack: correct sequence on reinitialized TCP connection - 1 - - --- 2025-02-20 Pablo Neira Ayuso New
[nftables] include: fix for musl with iptables v1.8.11 [nftables] include: fix for musl with iptables v1.8.11 - - - - --- 2024-12-19 Alyssa Ross New
[v4] net/bridge: Optimizing read-write locks in ebtables.c [v4] net/bridge: Optimizing read-write locks in ebtables.c - - - - --- 2024-09-25 yushengjin New
[nft] limit: Support arbitrary unit values [nft] limit: Support arbitrary unit values - - - - --- 2024-04-13 Phil Sutter New