Show patches with: State = Action Required       |    Archived = No       |   94 patches
Patch Series A/F/R/T S/W/F Date Submitter Delegate State
[nft] limit: Support arbitrary unit values [nft] limit: Support arbitrary unit values - - - - --- 2024-04-13 Phil Sutter New
[nftables] include: fix for musl with iptables v1.8.11 [nftables] include: fix for musl with iptables v1.8.11 - - - - --- 2024-12-19 Alyssa Ross New
[nf] netfilter: conntrack: correct sequence on reinitialized TCP connection [nf] netfilter: conntrack: correct sequence on reinitialized TCP connection - 1 - - --- 2025-02-20 Pablo Neira Ayuso New
[V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl [V6] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl - - - - --- 2025-04-15 lvxiafei Under Review
[libnftnl] src: add connlimit stateful object support [libnftnl] src: add connlimit stateful object support - - - - --- 2025-11-04 Fernando Fernandez Mancera New
[nft,v3] src: add connlimit stateful object support [nft,v3] src: add connlimit stateful object support - - 1 - --- 2025-11-24 Fernando Fernandez Mancera New
[nft,v2] src: Convert ip {s,d}addr to IPv4-mapped as needed [nft,v2] src: Convert ip {s,d}addr to IPv4-mapped as needed - - - - --- 2025-12-10 Phil Sutter New
[nft] datatype: Accept IPv4 addresses for ip6addr_type [nft] datatype: Accept IPv4 addresses for ip6addr_type - - - - --- 2025-12-10 Phil Sutter New
[nft] cache: Fix for multiple commands in a single batch [nft] cache: Fix for multiple commands in a single batch - 1 - - --- 2026-03-11 Phil Sutter New
netfilter: ipset: harden payload calculation in call_ad() netfilter: ipset: harden payload calculation in call_ad() 1 - - - --- 2026-03-13 David Baum kadlec Under Review
[v12,nf-next] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() [v12,nf-next] netfilter: nft_flow_offload: Add DEV_PATH_MTK_WDMA to nft_dev_path_info() - - 1 - --- 2026-03-17 Eric Woudstra Needs Review / ACK
[v12,nf-next] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW [v12,nf-next] bridge: Introduce DEV_PATH_BR_VLAN_KEEP_HW - - - - --- 2026-03-17 Eric Woudstra Needs Review / ACK
[nf-next,v2] netfilter: nfnetlink_hook: Dump nat type chains [nf-next,v2] netfilter: nfnetlink_hook: Dump nat type chains - - - - --- 2026-03-20 Phil Sutter Under Review
[nf-next,v2,1/2] netfilter: flowtable: update netdev stats with HW_OFFLOAD flows Update (DSA) netdev stats with offloaded flows - - - - --- 2026-03-24 Ahmed Zaki Needs Review / ACK
[nf-next,v2,2/2] net: dsa: update net_device stats with HW offloaded flows stats Update (DSA) netdev stats with offloaded flows - - - - --- 2026-03-24 Ahmed Zaki Needs Review / ACK
[nft,1/2] parser_json: Accept non-RHS expressions in binop RHS A bit of non-constant binop follow-up - 1 - - --- 2026-04-02 Phil Sutter New
[nft,2/2] parser_bison: Accept non-constant binop on LHS of relationals A bit of non-constant binop follow-up - - - - --- 2026-04-02 Phil Sutter New
[nft,2/5] libnftables: add nft_run_cmd_release() helper and use it support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nft,3/5] libnftables: consolidate evaluation and netlink run support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nft,4/5] libnftables: use nft_eval_run_cmds() in nft_run_cmd_from_filename() support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[nft,5/5] libnftables: support for several list and reset commands support for several list and reset commands - - - - --- 2026-04-08 Pablo Neira Ayuso New
[RFC,net-next,1/4] net: flow_offload: let drivers report byte counter semantics improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[RFC,net-next,2/4] nf_flow_table: track sub-interface and bridge ifindex in flow tuple improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[RFC,net-next,3/4] nf_flow_table: convert hw byte counts and update sub-interface stats improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[RFC,net-next,4/4] net: ethernet: mtk_eth_soc: report INGRESS_L2 byte_type in flow stats improve hw flow offload byte accounting - - - - --- 2026-04-09 Daniel Golle New
[1/2] netfilter fix u16 overflow in get_port() [1/2] netfilter fix u16 overflow in get_port() - - - - --- 2026-04-10 Cyber-JA New
[2/2] netfilter: validate values parsed by try_number [1/2] netfilter fix u16 overflow in get_port() - - - - --- 2026-04-10 Cyber-JA New
[v2,nf-next] netfilter: nft_set_pipapo_avx2: restore performance optimization [v2,nf-next] netfilter: nft_set_pipapo_avx2: restore performance optimization - - 1 - --- 2026-04-11 Florian Westphal New
netfilter: nfnl_cthelper: apply per-class values when updating policies netfilter: nfnl_cthelper: apply per-class values when updating policies - 1 - - --- 2026-04-11 David CARLIER New
[nf-next,v2] netfilter: nft_set_rbtree: remove dead conditional [nf-next,v2] netfilter: nft_set_rbtree: remove dead conditional - - - - --- 2026-04-11 Florian Westphal New
netfilter: nfnetlink_cthelper: fix expect policy update copying only first class values to all clas… netfilter: nfnetlink_cthelper: fix expect policy update copying only first class values to all clas… - 1 - - --- 2026-04-13 Dudu Lu New
netfilter module-autoload: duplicate request for netfilter module netfilter module-autoload: duplicate request for netfilter module - - - - --- 2026-04-14 Zhe Zhao New
[nf-next] netfilter: allow nfnetlink built-in only [nf-next] netfilter: allow nfnetlink built-in only - - 1 - --- 2026-04-15 Pablo Neira Ayuso New
[net,v2] selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test [net,v2] selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test 1 - - - --- 2026-04-18 Yi Chen New
[nft] json: output set/map element count [nft] json: output set/map element count - - - - --- 2026-04-19 Niklas Fiekas New
[nf-next,v5] netfilter: nf_tables: add math expression support [nf-next,v5] netfilter: nf_tables: add math expression support - - - - --- 2026-04-21 Fernando Fernandez Mancera New
[libnftnl,v4] expr: add support to math expression [libnftnl,v4] expr: add support to math expression - - - - --- 2026-04-21 Fernando Fernandez Mancera New
[BUG] KASAN: slab-use-after-free in hash_ipportip6_resize [BUG] KASAN: slab-use-after-free in hash_ipportip6_resize - - - - --- 2026-04-23 Eulgyu Kim New
[nf,1/1] netfilter: ebtables: fix OOB read in compat_mtw_from_user [nf,1/1] netfilter: ebtables: fix OOB read in compat_mtw_from_user - 1 - - --- 2026-04-24 Ren Wei New
[nf,v4] netfilter: nft_bitwise: fix dst corruption in same register shifts [nf,v4] netfilter: nft_bitwise: fix dst corruption in same register shifts - 1 - - --- 2026-04-27 Fernando Fernandez Mancera New
[net] netfilter: nf_nat: avoid invalid nat_net pointer use on failed nf_nat_init() [net] netfilter: nf_nat: avoid invalid nat_net pointer use on failed nf_nat_init() - 1 - - --- 2026-04-28 Mathias Krause New
[nf-next] netfilter: nf_conncount: use per-rule hash initval [nf-next] netfilter: nf_conncount: use per-rule hash initval - - - - --- 2026-04-29 Florian Westphal New
[nf-next] netfilter: x_tables: disable 32bit compat interface in user namespaces [nf-next] netfilter: x_tables: disable 32bit compat interface in user namespaces - - - - --- 2026-04-29 Florian Westphal New
[nf-next] netfilter: flowtable_offload: propagate CT mark to hardware offload path [nf-next] netfilter: flowtable_offload: propagate CT mark to hardware offload path - - - - --- 2026-04-29 Lorenzo Bianconi New
[net-next,v3,1/4] netfilter: conntrack: add shared port and uint parsers for helpers netfilter: conntrack: shared port parser for helpers - - - - --- 2026-05-03 HACKE-RC New
[net-next,v3,2/4] netfilter: nf_conntrack_irc: use nf_ct_helper_parse_port() netfilter: conntrack: shared port parser for helpers - 1 - - --- 2026-05-03 HACKE-RC New
[net-next,v3,3/4] netfilter: nf_conntrack_amanda: use nf_ct_helper_parse_port() netfilter: conntrack: shared port parser for helpers - 1 - - --- 2026-05-03 HACKE-RC New
[net-next,v3,4/4] netfilter: nf_conntrack_sip: use nf_ct_helper_parse_port() netfilter: conntrack: shared port parser for helpers - - - - --- 2026-05-03 HACKE-RC New
[net,8/8] sched/isolation: Make HK_TYPE_KTHREAD an alias of HK_TYPE_DOMAIN [net,1/8] ipvs: fixes for the new ip_vs_status info - 1 - - --- 2026-05-05 Pablo Neira Ayuso New
[net] netfilter: ctnetlink: use nf_ct_exp_net() in expectation dump [net] netfilter: ctnetlink: use nf_ct_exp_net() in expectation dump - 1 - - --- 2026-05-05 Pratham Gupta New
[nft] tests: shell: also test byte-based rate limiting [nft] tests: shell: also test byte-based rate limiting - - - - --- 2026-05-05 Florian Westphal New
[nf-next,v2,1/6] net: netfilter: Add ether_type to net_device_path_ctx Add IPv4 over IPv6 and SIT flowtable SW acceleration - - - - --- 2026-05-06 Lorenzo Bianconi New
[nf-next,v2,2/6] net: netfilter: Add encap_proto to flow_offload_tunnel Add IPv4 over IPv6 and SIT flowtable SW acceleration - - - - --- 2026-05-06 Lorenzo Bianconi New
[nf-next,v2,3/6] net: netfilter: Add IPv4 over IPv6 tunnel flowtable acceleration Add IPv4 over IPv6 and SIT flowtable SW acceleration - - - - --- 2026-05-06 Lorenzo Bianconi New
[nf-next,v2,4/6] selftests: netfilter: nft_flowtable.sh: Add IPv4 over IPv6 flowtable selftest Add IPv4 over IPv6 and SIT flowtable SW acceleration - - - - --- 2026-05-06 Lorenzo Bianconi New
[nf-next,v2,5/6] net: netfilter: Add SIT tunnel flowtable acceleration Add IPv4 over IPv6 and SIT flowtable SW acceleration - - - - --- 2026-05-06 Lorenzo Bianconi New
[nf-next,v2,6/6] selftests: netfilter: nft_flowtable.sh: Add SIT flowtable selftest Add IPv4 over IPv6 and SIT flowtable SW acceleration - - - - --- 2026-05-06 Lorenzo Bianconi New
[nft] scanner: Accept all statements' first words in all scopes [nft] scanner: Accept all statements' first words in all scopes - 1 - - --- 2026-05-07 Phil Sutter New
[nft,v2] scanner: Accept all statements' first words in all scopes [nft,v2] scanner: Accept all statements' first words in all scopes - 1 - - --- 2026-05-08 Phil Sutter New
[net-next,2/2] ipvs: Replace use of system_unbound_wq with system_dfl_wq Untitled series #503729 - - - - --- 2026-05-11 Marco Crivellari New
[nf,v4] netfilter: nf_tables: fix dst corruption in same register operation [nf,v4] netfilter: nf_tables: fix dst corruption in same register operation 1 1 - - --- 2026-05-11 Fernando Fernandez Mancera New
[nf] netfilter: conntrack: tcp: do not force CLOSE on invalid-seq RST without direction check [nf] netfilter: conntrack: tcp: do not force CLOSE on invalid-seq RST without direction check - 1 - - --- 2026-05-11 Hamza Mahfooz New
[nft] cache: honor -c/--check for reset commands [nft] cache: honor -c/--check for reset commands - 1 - - --- 2026-05-11 Pablo Neira Ayuso New
[v20,nf-next,1/2] netfilter: utils: nf_ip(6)_checksum(_partial) correct data!=networkheader conntrack: bridge: add double vlan, pppoe and pppoe-in-q - - - - --- 2026-05-12 Eric Woudstra New
[v20,nf-next,2/2] netfilter: bridge: Add conntrack double vlan and pppoe conntrack: bridge: add double vlan, pppoe and pppoe-in-q - - - - --- 2026-05-12 Eric Woudstra New
[v5,nf-next] selftests: netfilter: Add bridge_fastpath.sh [v5,nf-next] selftests: netfilter: Add bridge_fastpath.sh - - - - --- 2026-05-12 Eric Woudstra New
[v3,nf-next] netfilter: nft_byteorder: remove multi-register support [v3,nf-next] netfilter: nft_byteorder: remove multi-register support - 1 - - --- 2026-05-12 Florian Westphal New
[nf-next,v2] netfilter: add option for GCOV profiling [nf-next,v2] netfilter: add option for GCOV profiling 1 - - - --- 2026-05-12 Florian Westphal New
[net-next] netfilter: nf_conntrack_proto_tcp: fix typos in comments [net-next] netfilter: nf_conntrack_proto_tcp: fix typos in comments - - - - --- 2026-05-12 Avinash Duduskar New
[nf,1/1] netfilter: ipset: fix comment extension lifetime during hash resize [nf,1/1] netfilter: ipset: fix comment extension lifetime during hash resize - 1 - 1 --- 2026-05-13 Ren Wei kadlec Needs Review / ACK
[nf,1/1] bridge: br_netfilter: give fake rtable its own lifetime [nf,1/1] bridge: br_netfilter: give fake rtable its own lifetime - 1 - - --- 2026-05-14 Ren Wei New
[nf,v2] netfilter: nf_conncount: prevent connlimit drops for early confirmed ct [nf,v2] netfilter: nf_conncount: prevent connlimit drops for early confirmed ct - 1 - - --- 2026-05-14 Fernando Fernandez Mancera New
[v2,net-next,2/2] ipvs: Replace use of system_unbound_wq with system_dfl_long_wq Untitled series #504460 - - - - --- 2026-05-15 Marco Crivellari New
[nf] netfilter: disable payload mangling in userns [nf] netfilter: disable payload mangling in userns - - - 1 --- 2026-05-16 Qi Tang New
[nf,v2,1/1] netfilter: ipset: preserve comment lifetime across resize and gc expiry [nf,v2,1/1] netfilter: ipset: preserve comment lifetime across resize and gc expiry - 1 - - --- 2026-05-17 Ren Wei New
[nf,v4,1/3] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags [nf,v4,1/3] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - - - - --- 2026-05-18 Pablo Neira Ayuso New
[nf,v4,2/3] netfilter: conntrack: add dead flag to helpers [nf,v4,1/3] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-18 Pablo Neira Ayuso New
[nf,v4,3/3] netfilter: nf_conntrack_helper: add null check in nfct_help_data() calls [nf,v4,1/3] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-18 Pablo Neira Ayuso New
[4/3,nf,v4] netfilter: nf_conntrack_helper: call .destroy() when helper is unregistered Untitled series #504819 - 1 - - --- 2026-05-18 Pablo Neira Ayuso New
[v2,nf] netfilter: nf_conntrack_gre: fix gre keymap list corruption [v2,nf] netfilter: nf_conntrack_gre: fix gre keymap list corruption - - - - --- 2026-05-19 Florian Westphal New
[nf] netfilter: xt_cpu: prefer raw_smp_processor_id [nf] netfilter: xt_cpu: prefer raw_smp_processor_id - 1 - - --- 2026-05-19 Florian Westphal New
netfilter: synproxy: refresh tcphdr after skb_ensure_writable netfilter: synproxy: refresh tcphdr after skb_ensure_writable - 1 - - --- 2026-05-19 Chris Mason New
netfilter: nf_conntrack_irc: fix parse_dcc() off-by-one OOB read netfilter: nf_conntrack_irc: fix parse_dcc() off-by-one OOB read - 1 - - --- 2026-05-19 Muhammad Bilal New
[nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags [nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-19 Pablo Neira Ayuso New
[nf,2/7] netfilter: conntrack: add dead flag to helpers [nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-19 Pablo Neira Ayuso New
[nf,3/7] netfilter: nf_conntrack_helper: add null check in nfct_help_data() calls [nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-19 Pablo Neira Ayuso New
[nf,4/7] netfilter: conntrack: add null check in nfct_help() calls [nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-19 Pablo Neira Ayuso New
[nf,5/7] netfilter: conntrack: add nf_ct_iterate_destroy_net() [nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - - - - --- 2026-05-19 Pablo Neira Ayuso New
[nf,6/7] netfilter: nf_conntrack_timeout: use nf_ct_iterate_destroy() to cleanup timeout going away [nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-19 Pablo Neira Ayuso New
[nf,7/7] netfilter: xt_CT: fix race with rule removal and nfnetlink_queue [nf,1/7] netfilter: nfnetlink_cthelper: use {READ,WRITE}_ONCE for accessing helper flags - 1 - - --- 2026-05-19 Pablo Neira Ayuso New
[nf,v2,1/3] netfilter: nft_fib_ipv6: walk fib6_siblings under RCU netfilter: nft_fib_ipv6: handle routes via external nexthop - 1 - - --- 2026-05-20 Jiayuan Chen New
[nf,v2,2/3] netfilter: nft_fib_ipv6: handle routes via external nexthop netfilter: nft_fib_ipv6: handle routes via external nexthop - 1 - - --- 2026-05-20 Jiayuan Chen New
[nf,v2,3/3] selftests: netfilter: add nft_fib_nexthop test netfilter: nft_fib_ipv6: handle routes via external nexthop - - - - --- 2026-05-20 Jiayuan Chen New
[nf] netfilter: ebtables: fix OOB read in compat_mtw_from_user [nf] netfilter: ebtables: fix OOB read in compat_mtw_from_user - 1 - - --- 2026-05-20 Florian Westphal New