Show patches with: State = Action Required       |   62 patches
Patch Series A/F/R/T S/W/F Date Submitter Delegate State
[nft] limit: Support arbitrary unit values [nft] limit: Support arbitrary unit values - - - - --- 2024-04-13 Phil Sutter New
[v4] net/bridge: Optimizing read-write locks in ebtables.c [v4] net/bridge: Optimizing read-write locks in ebtables.c - - - - --- 2024-09-25 yushengjin New
[nftables] include: fix for musl with iptables v1.8.11 [nftables] include: fix for musl with iptables v1.8.11 - - - - --- 2024-12-19 Alyssa Ross New
[nf] netfilter: conntrack: correct sequence on reinitialized TCP connection [nf] netfilter: conntrack: correct sequence on reinitialized TCP connection - 1 - - --- 2025-02-20 Pablo Neira Ayuso New
[V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl [V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl - - - - --- 2025-04-15 lvxiafei Under Review
[ipset] tests: Fix for standalone calls to setlist_resize.sh [ipset] tests: Fix for standalone calls to setlist_resize.sh - 1 - - --- 2025-07-22 Phil Sutter kadlec Under Review
[libnftnl,v2] expr: add support to math expression [libnftnl,v2] expr: add support to math expression - - - - --- 2025-11-03 Fernando Fernandez Mancera New
[libnftnl] src: add connlimit stateful object support [libnftnl] src: add connlimit stateful object support - - - - --- 2025-11-04 Fernando Fernandez Mancera New
[nft,v3] src: add connlimit stateful object support [nft,v3] src: add connlimit stateful object support - - 1 - --- 2025-11-24 Fernando Fernandez Mancera New
Added netfilter output plugin with ability to write into pcap nflog packets Added netfilter output plugin with ability to write into pcap nflog packets - - - - --- 2025-11-30 Serhii Ivanov New
Update nlog plufin to provide more information to other ones Update nlog plufin to provide more information to other ones - - - - --- 2025-11-30 Serhii Ivanov New
Some common changes in ulogs: 1) Added debug log to indicate when stack is created. Helps to debug … Some common changes in ulogs: 1) Added debug log to indicate when stack is created. Helps to debug … - - - - --- 2025-11-30 Serhii Ivanov New
[nft,v2] src: Convert ip {s,d}addr to IPv4-mapped as needed [nft,v2] src: Convert ip {s,d}addr to IPv4-mapped as needed - - - - --- 2025-12-10 Phil Sutter New
[nft] datatype: Accept IPv4 addresses for ip6addr_type [nft] datatype: Accept IPv4 addresses for ip6addr_type - - - - --- 2025-12-10 Phil Sutter New
netfilter: use function typedefs for __rcu NAT helper hook pointers netfilter: use function typedefs for __rcu NAT helper hook pointers - - - - --- 2026-03-03 Sun Jian Under Review
[nf,v2] netfilter: nft_set_rbtree: allocate same array size on updates [nf,v2] netfilter: nft_set_rbtree: allocate same array size on updates - 1 - - --- 2026-03-07 Pablo Neira Ayuso New
[net] netfilter: ctnetlink: fix use-after-free of exp->master in expectation dump [net] netfilter: ctnetlink: fix use-after-free of exp->master in expectation dump - 1 - - --- 2026-03-07 Hyunwoo Kim Under Review
[net] netfilter: ctnetlink: fix use-after-free of exp->master in single expectation GET [net] netfilter: ctnetlink: fix use-after-free of exp->master in single expectation GET - 1 - - --- 2026-03-07 Hyunwoo Kim Under Review
[net] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() [net] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - - --- 2026-03-07 Hyunwoo Kim Under Review
[net] netfilter: nf_flow_table_offload: fix heap overflow in flow_action_entry_next() [net] netfilter: nf_flow_table_offload: fix heap overflow in flow_action_entry_next() - 1 - - --- 2026-03-07 Hyunwoo Kim New
[nf,v2] netfilter: nft_set_rbtree: allocate same array size on updates [nf,v2] netfilter: nft_set_rbtree: allocate same array size on updates - 1 - - --- 2026-03-08 Pablo Neira Ayuso New
netfilter: nf_tables: Fix typo in enum description netfilter: nf_tables: Fix typo in enum description - - - - --- 2026-03-09 Jelle van der Waa Under Review
[nf] netfilter: conntrack: add missing netlink policy validations [nf] netfilter: conntrack: add missing netlink policy validations - 2 - - --- 2026-03-10 Florian Westphal New
[nf] netfilter: nf_flow_table_ip: reset mac header before vlan push [nf] netfilter: nf_flow_table_ip: reset mac header before vlan push 1 1 - - --- 2026-03-10 Eric Woudstra New
netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() - 1 - - --- 2026-03-10 Lukas Johannes Möller New
[nft,1/5] cache: Include chains, flowtables and objects in netlink debug output Enhance cache filter for list commands - - - - --- 2026-03-10 Phil Sutter New
[nft,2/5] cache: Respect family in all list commands Enhance cache filter for list commands - 2 1 - --- 2026-03-10 Phil Sutter New
[nft,3/5] cache: Relax chain_cache_dump filter application Enhance cache filter for list commands - 1 1 - --- 2026-03-10 Phil Sutter New
[nft,4/5] cache: Filter for table when listing sets or maps Enhance cache filter for list commands - 1 1 - --- 2026-03-10 Phil Sutter New
[nft,5/5] cache: Filter for table when listing flowtables Enhance cache filter for list commands - 1 1 - --- 2026-03-10 Phil Sutter New
[nf-next] netfilter: nft_meta: add double-tagged vlan and pppoe support [nf-next] netfilter: nft_meta: add double-tagged vlan and pppoe support - - - - --- 2026-03-11 Pablo Neira Ayuso New
[nf] netfilter: revert nft_set_rbtree: validate open interval overlap [nf] netfilter: revert nft_set_rbtree: validate open interval overlap 1 1 - - --- 2026-03-11 Florian Westphal New
[nft] parser_bison: add range check for synproxy wscale [nft] parser_bison: add range check for synproxy wscale - - - - --- 2026-03-11 Florian Westphal New
[nft] cache: Fix for multiple commands in a single batch [nft] cache: Fix for multiple commands in a single batch - 1 - - --- 2026-03-11 Phil Sutter New
[nf] netfilter: nft_set_rbtree: revisit array resize logic [nf] netfilter: nft_set_rbtree: revisit array resize logic - 1 - - --- 2026-03-12 Pablo Neira Ayuso New
[nf,v2] nf_tables: nft_dynset: fix possible stateful expression memleak in error path [nf,v2] nf_tables: nft_dynset: fix possible stateful expression memleak in error path - 1 - - --- 2026-03-12 Pablo Neira Ayuso Under Review
[nf,1/2] netfilter: nft_ct: drop pending enqueued packets on removal [nf,1/2] netfilter: nft_ct: drop pending enqueued packets on removal - 1 - - --- 2026-03-12 Pablo Neira Ayuso Under Review
[nf,2/2] netfilter: xt_CT: drop pending enqueued packets on template removal [nf,1/2] netfilter: nft_ct: drop pending enqueued packets on removal - 1 - - --- 2026-03-12 Pablo Neira Ayuso Under Review
netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() - 1 - 1 --- 2026-03-12 Jenny Guanni Qu New
netfilter: nf_conntrack_sip: fix OOB read in SIP URI port parsing netfilter: nf_conntrack_sip: fix OOB read in SIP URI port parsing - 1 - 1 --- 2026-03-12 Jenny Guanni Qu New
netfilter: xt_time: use unsigned int for monthday bit shift netfilter: xt_time: use unsigned int for monthday bit shift - 1 - 1 --- 2026-03-12 Jenny Guanni Qu Under Review
[nf-next] netfilter: nf_conntrack_h323: remove unreliable debug code in decode_octstr [nf-next] netfilter: nf_conntrack_h323: remove unreliable debug code in decode_octstr - - - - --- 2026-03-12 Florian Westphal New
[nf-next] netfilter: nf_conntrack_sip: remove net variable shadowing [nf-next] netfilter: nf_conntrack_sip: remove net variable shadowing - - - - --- 2026-03-12 Florian Westphal Under Review
[nf-next] netfilter: add deprecation warning for dccp support [nf-next] netfilter: add deprecation warning for dccp support - - - - --- 2026-03-12 Florian Westphal Under Review
[nf-next] netfilter: nfnetlink_queue: prefer skb_mac_header helpers [nf-next] netfilter: nfnetlink_queue: prefer skb_mac_header helpers - - - - --- 2026-03-12 Florian Westphal Under Review
[net-next,v2] netfilter: conntrack: expose gc_scan_interval_max via sysctl [net-next,v2] netfilter: conntrack: expose gc_scan_interval_max via sysctl - - - - --- 2026-03-12 Prasanna Panchamukhi New
[net,00/11] netfilter: updates for net - - - - --- 2026-03-13 Florian Westphal New
[net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - - --- 2026-03-13 Florian Westphal New
[net,02/11] netfilter: conntrack: add missing netlink policy validations [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 2 - - --- 2026-03-13 Florian Westphal New
[net,03/11] netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - - --- 2026-03-13 Florian Westphal New
[net,04/11] netfilter: revert nft_set_rbtree: validate open interval overlap [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() 1 1 - - --- 2026-03-13 Florian Westphal New
[net,05/11] netfilter: nf_flow_table_ip: reset mac header before vlan push [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() 1 1 - - --- 2026-03-13 Florian Westphal New
[net,06/11] netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - - --- 2026-03-13 Florian Westphal New
[net,07/11] nf_tables: nft_dynset: fix possible stateful expression memleak in error path [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - - --- 2026-03-13 Florian Westphal New
[net,08/11] netfilter: nft_ct: drop pending enqueued packets on removal [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - - --- 2026-03-13 Florian Westphal New
[net,09/11] netfilter: xt_CT: drop pending enqueued packets on template removal [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - - --- 2026-03-13 Florian Westphal New
[net,10/11] netfilter: xt_time: use unsigned int for monthday bit shift [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - 1 --- 2026-03-13 Florian Westphal New
[net,11/11] netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() [net,01/11] netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() - 1 - 1 --- 2026-03-13 Florian Westphal New
[nf-next] netfilter: nfnetlink_hook: Dump nat type chains [nf-next] netfilter: nfnetlink_hook: Dump nat type chains - - - - --- 2026-03-13 Phil Sutter New
netfilter: ipset: harden payload calculation in call_ad() netfilter: ipset: harden payload calculation in call_ad() - - - - --- 2026-03-13 David Baum New
[v2] netfilter: nf_conntrack_sip: add bounds-checked port parsing helper [v2] netfilter: nf_conntrack_sip: add bounds-checked port parsing helper - 1 - 1 --- 2026-03-13 Jenny Guanni Qu New
netfilter: nf_nat_sip: validate exp->dir in nf_nat_sip_expected() netfilter: nf_nat_sip: validate exp->dir in nf_nat_sip_expected() - 1 - 1 --- 2026-03-13 Jenny Guanni Qu New