Show patches with: Archived = No       |   29164 patches
« 1 2 3 4291 292 »
Patch Series A/F/R/T S/W/F Date Submitter Delegate State
[nf-next,2/2] netfilter: conntrack: conditionally compile ctnetlink_label_size netfilter: conntrack: label helpers conditional compilation updates - - - - --- 2024-09-16 Simon Horman New
[nf-next,1/2] netfilter: conntrack: compile label helpers unconditionally netfilter: conntrack: label helpers conditional compilation updates - - - - --- 2024-09-16 Simon Horman New
[nf-next] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n [nf-next] netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n - 2 - - --- 2024-09-16 Simon Horman New
[nft] doc: tproxy is non-terminal in nftables [nft] doc: tproxy is non-terminal in nftables 1 - - - --- 2024-09-15 Pablo Neira Ayuso New
[net] netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtree_level() [net] netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtree_level() 2 1 - - --- 2024-09-14 Dan Carpenter Accepted
[net] netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() [net] netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() - 1 2 - --- 2024-09-13 Eric Dumazet New
[nf] netfilter: nft_tproxy: make it terminal [nf] netfilter: nft_tproxy: make it terminal 1 1 - - --- 2024-09-13 Pablo Neira Ayuso Not Applicable
[nf] netfilter: nfnetlink_queue: reroute reinjected packets from postrouting [nf] netfilter: nfnetlink_queue: reroute reinjected packets from postrouting - 1 - - --- 2024-09-12 Pablo Neira Ayuso New
[nf-next,v3,16/16] selftests: netfilter: Torture nftables netdev hooks Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,15/16] netfilter: nf_tables: Add notications for hook changes Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,14/16] netfilter: nf_tables: Support wildcard netdev hook specs Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,13/16] netfilter: nf_tables: Handle NETDEV_CHANGENAME events Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,12/16] netfilter: nf_tables: flowtable: Respect NETDEV_REGISTER events Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,11/16] netfilter: nf_tables: chain: Respect NETDEV_REGISTER events Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,10/16] netfilter: nf_tables: Have a list of nf_hook_ops in nft_hook Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,09/16] netfilter: nf_tables: Introduce nft_register_flowtable_ops() Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,08/16] netfilter: nf_tables: Introduce nft_hook_find_ops() Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,07/16] netfilter: nf_tables: Introduce functions freeing nft_hook objects Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,06/16] netfilter: nf_tables: Tolerate chains with no remaining hooks Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,05/16] netfilter: nf_tables: Compare netdev hooks based on stored name Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,04/16] netfilter: nf_tables: Use stored ifname in netdev hook dumps Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,03/16] netfilter: nf_tables: Store user-defined hook ifname Dynamic hook interface binding - - - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,02/16] netfilter: nf_tables: Flowtable hook's pf value never varies Dynamic hook interface binding - 1 - - --- 2024-09-12 Phil Sutter New
[nf-next,v3,01/16] netfilter: nf_tables: Keep deleted flowtable hooks until after RCU Dynamic hook interface binding - 1 - - --- 2024-09-12 Phil Sutter New
docs: tproxy: ipt: ignore non-transparent sockets docs: tproxy: ipt: ignore non-transparent sockets - - - - --- 2024-09-12 谢致邦 (XIE Zhibang) New
[v3] selftests: netfilter: nft_tproxy.sh: add tcp tests [v3] selftests: netfilter: nft_tproxy.sh: add tcp tests - - - - --- 2024-09-12 Antonio Ojea New
[net,2/2] netfilter: nft_socket: make cgroupsv2 matching work with namespaces [net,1/2] netfilter: nft_socket: fix sk refcount leaks - 1 - - --- 2024-09-11 Pablo Neira Ayuso Accepted
[net,1/2] netfilter: nft_socket: fix sk refcount leaks [net,1/2] netfilter: nft_socket: fix sk refcount leaks - 1 - - --- 2024-09-11 Pablo Neira Ayuso Accepted
[net,0/2] Netfilter fixes for net - - - - --- 2024-09-11 Pablo Neira Ayuso Accepted
[net] net: netfilter: move nf flowtable bpf initialization in nf_flow_table_module_init() [net] net: netfilter: move nf flowtable bpf initialization in nf_flow_table_module_init() 2 1 - - --- 2024-09-11 Lorenzo Bianconi Handled Elsewhere
[nf-next,5/5] netfilter: nf_tables: allocate element update information dynamically netfilter: nf_tables: reduce set element - - - - --- 2024-09-11 Florian Westphal New
[nf-next,4/5] netfilter: nf_tables: switch trans_elem to real flex array netfilter: nf_tables: reduce set element - - - - --- 2024-09-11 Florian Westphal New
[nf-next,3/5] netfilter: nf_tables: prepare for multiple elements in nft_trans_elem structure netfilter: nf_tables: reduce set element - - - - --- 2024-09-11 Florian Westphal New
[nf-next,2/5] netfilter: nf_tables: add nft_trans_commit_list_add_elem helper netfilter: nf_tables: reduce set element - - - - --- 2024-09-11 Florian Westphal New
[nf-next,1/5] netfilter: nf_tables: prefer nft_trans_elem_alloc helper netfilter: nf_tables: reduce set element - - - - --- 2024-09-11 Florian Westphal New
[nf-next,3/3] selftests: netfilter: add reverse-clash resolution test case netfilter: conntrack: clash resolution for reverse collisions - - - - --- 2024-09-10 Florian Westphal New
[nf-next,2/3] netfilter: conntrack: add clash resolution for reverse collisions netfilter: conntrack: clash resolution for reverse collisions - - - - --- 2024-09-10 Florian Westphal New
[nf-next,1/3] netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash netfilter: conntrack: clash resolution for reverse collisions - - - - --- 2024-09-10 Florian Westphal New
[net-next,v3,1/1] netfilter: conntrack: Guard possible unused functions [net-next,v3,1/1] netfilter: conntrack: Guard possible unused functions - - 1 - --- 2024-09-10 Andy Shevchenko Accepted
netfilter: nf_tables: replace deprecated strncpy with strscpy_pad netfilter: nf_tables: replace deprecated strncpy with strscpy_pad - - 1 - --- 2024-09-09 Justin Stitt New
[net-next,v2,1/1] netfilter: conntrack: Guard possible unused functions [net-next,v2,1/1] netfilter: conntrack: Guard possible unused functions - - - - --- 2024-09-09 Andy Shevchenko Changes Requested
[nft,2/2] proto: use NFT_PAYLOAD_L4CSUM_PSEUDOHDR flag to mangle UDP checksum [nft,1/2] tests: shell: stabilize packetpath/payload - 1 - - --- 2024-09-09 Pablo Neira Ayuso Accepted
[nft,1/2] tests: shell: stabilize packetpath/payload [nft,1/2] tests: shell: stabilize packetpath/payload - 1 - - --- 2024-09-09 Pablo Neira Ayuso Accepted
[nf-next,v5,2/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable netfilter: Make IP_NF_IPTABLES_LEGACY selectable - - - - --- 2024-09-09 Breno Leitao New
[nf-next,v5,1/2] netfilter: Make IP6_NF_IPTABLES_LEGACY selectable netfilter: Make IP_NF_IPTABLES_LEGACY selectable - - - - --- 2024-09-09 Breno Leitao New
[nf,v2,2/2] netfilter: nft_socket: make cgroupsv2 matching work with namespaces Untitled series #422862 - 1 - - --- 2024-09-07 Florian Westphal Accepted
[net,v1,1/1] netfilter: nf_reject: Fix build error when CONFIG_BRIDGE_NETFILTER=n [net,v1,1/1] netfilter: nf_reject: Fix build error when CONFIG_BRIDGE_NETFILTER=n - 2 - - --- 2024-09-06 Andy Shevchenko New
[net,v1,1/1] netfilter: conntrack: Guard possoble unused functions [net,v1,1/1] netfilter: conntrack: Guard possoble unused functions - 1 - - --- 2024-09-05 Andy Shevchenko Changes Requested
[net-next,12/12] sctp: Unmask upper DSCP bits in sctp_v4_get_dst() Unmask upper DSCP bits - part 4 (last) - - 2 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,11/12] ipv4: udp_tunnel: Unmask upper DSCP bits in udp_tunnel_dst_lookup() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,10/12] netfilter: nf_dup4: Unmask upper DSCP bits in nf_dup_ipv4_route() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,09/12] netfilter: nft_flow_offload: Unmask upper DSCP bits in nft_flow_route() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,08/12] ipv4: netfilter: Unmask upper DSCP bits in ip_route_me_harder() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,07/12] ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,06/12] ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,05/12] ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,04/12] ipv4: icmp: Unmask upper DSCP bits in icmp_reply() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,03/12] bpf: lwtunnel: Unmask upper DSCP bits in bpf_lwt_xmit_reroute() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,02/12] ipv4: ip_gre: Unmask upper DSCP bits in ipgre_open() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[net-next,01/12] netfilter: br_netfilter: Unmask upper DSCP bits in br_nf_pre_routing_finish() Unmask upper DSCP bits - part 4 (last) - - 1 - --- 2024-09-05 Ido Schimmel Awaiting Upstream
[nf,1/2] netfilter: nft_socket: fix sk refcount leaks [nf,1/2] netfilter: nft_socket: fix sk refcount leaks - 1 - - --- 2024-09-05 Florian Westphal Accepted
netfilter: tproxy: Add RCU protection in nf_tproxy_laddr4 netfilter: tproxy: Add RCU protection in nf_tproxy_laddr4 - 1 - - --- 2024-09-04 Jiawei Ye Not Applicable
[RFC,v3,19/19] landlock: Document socket rule type support Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,18/19] samples/landlock: Support socket protocol restrictions Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,17/19] samples/landlock: Replace atoi() with strtoull() in populate_ruleset_net() Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,16/19] selftests/landlock: Test that accept(2) is not restricted Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,15/19] selftests/landlock: Test SCTP peeloff restriction Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,14/19] selftests/landlock: Test socketpair(2) restriction Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,13/19] selftests/landlock: Test packet protocol alias Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,12/19] selftests/landlock: Test that kernel space sockets are not restricted Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,11/19] selftests/landlock: Test unsupported protocol restriction Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,10/19] selftests/landlock: Test adding a rule with family and type outside the range Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,09/19] selftests/landlock: Test creating a ruleset with unknown access Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,08/19] selftests/landlock: Test overlapped restriction Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,07/19] selftests/landlock: Test adding a rule for empty access Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,06/19] selftests/landlock: Test adding a rule for unhandled access Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,05/19] selftests/landlock: Test adding a rule for each unknown access Support socket access-control - - 1 - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,04/19] selftests/landlock: Test adding a rule with each supported access Support socket access-control - - 1 - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,03/19] selftests/landlock: Test basic socket restriction Support socket access-control - - 1 - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,02/19] landlock: Add hook on socket creation Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[RFC,v3,01/19] landlock: Support socket access-control Support socket access-control - - - - --- 2024-09-04 Mikhail Ivanov RFC
[net-next,v2,5/5] net/core: make use of the helper macro LIST_HEAD() make use of the helper macro LIST_HEAD() - - - - --- 2024-09-04 Hongbo Li Awaiting Upstream
[net-next,v2,4/5] net/ipv6: make use of the helper macro LIST_HEAD() make use of the helper macro LIST_HEAD() - - - - --- 2024-09-04 Hongbo Li Awaiting Upstream
[net-next,v2,3/5] net/netfilter: make use of the helper macro LIST_HEAD() make use of the helper macro LIST_HEAD() - - 1 - --- 2024-09-04 Hongbo Li Awaiting Upstream
[net-next,v2,2/5] net/tipc: make use of the helper macro LIST_HEAD() make use of the helper macro LIST_HEAD() - - - - --- 2024-09-04 Hongbo Li Awaiting Upstream
[net-next,v2,1/5] net/ipv4: make use of the helper macro LIST_HEAD() make use of the helper macro LIST_HEAD() - - - - --- 2024-09-04 Hongbo Li Awaiting Upstream
[nft] libnftables: Zero ctx->vars after freeing it [nft] libnftables: Zero ctx->vars after freeing it - 1 - - --- 2024-09-03 Phil Sutter Accepted
[nf-next,v3,9/9] netfilter: nf_tables: set element timeout update support [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - - - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,8/9] netfilter: nf_tables: zero timeout means element never times out [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - - - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,7/9] netfilter: nf_tables: consolidate timeout extension for elements [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - - - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,6/9] netfilter: nf_tables: annotate data-races around element expiration [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - - - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,5/9] netfilter: nft_dynset: annotate data-races around set timeout [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - 1 - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,4/9] netfilter: nf_tables: remove annotation to access set timeout while holding lock [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - 1 - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,3/9] netfilter: nf_tables: reject expiration higher than timeout [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - 1 - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,2/9] netfilter: nf_tables: reject element expiration with no timeout [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - 1 - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire [nf-next,v3,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - 1 - - --- 2024-09-03 Pablo Neira Ayuso Accepted
[nft] libnftables: set variable array to NULL after release [nft] libnftables: set variable array to NULL after release - 1 - - --- 2024-09-03 Pablo Neira Ayuso Superseded
conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA) conntrack: -L doesn't take a value, so don't discard one (same for -IUDGEFA) - - - - --- 2024-09-03 Ahelenia Ziemiańska Under Review
[nft,v2] src: support for timeout never in elements [nft,v2] src: support for timeout never in elements - - - - --- 2024-09-02 Pablo Neira Ayuso New
[nf-next,v2,9/9] netfilter: nf_tables: set element timeout update support [nf-next,v2,1/9] netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire - - - - --- 2024-09-02 Pablo Neira Ayuso Changes Requested
« 1 2 3 4291 292 »