aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6/netfilter
AgeCommit message (Expand)AuthorFilesLines
13 daysnetfilter: use NF_DROP instead of -NF_DROPJason Xing1-1/+1
2024-05-03netfilter: Remove the now superfluous sentinel elements from ctl_table arrayJoel Granados1-1/+0
2024-04-22sysctl: treewide: constify ctl_table_header::ctl_table_argThomas Weißschuh1-1/+1
2024-04-10netfilter: complete validation of user inputEric Dumazet1-0/+4
2024-04-04netfilter: validate user input for expected lengthEric Dumazet1-0/+4
2024-03-28inet: inet_defrag: prevent sk release while still in useFlorian Westphal1-1/+1
2024-03-04net: adopt skb_network_offset() and similar helpersEric Dumazet1-2/+2
2024-03-01ipv6: annotate data-races around cnf.hop_limitEric Dumazet1-2/+2
2024-01-29netfilter: xtables: allow xtables-nft only buildsFlorian Westphal2-7/+15
2024-01-17netfilter: bridge: replace physindev with physinif in nf_bridge_infoPavel Tikhomirov1-3/+8
2024-01-17netfilter: propagate net to nf_bridge_get_physindevPavel Tikhomirov1-1/+1
2023-11-08netfilter: add missing module descriptionsFlorian Westphal4-0/+4
2023-10-18netfilter: xt_mangle: only check verdict part of return valueFlorian Westphal1-4/+5
2023-08-29Merge tag 'sysctl-6.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/m...Linus Torvalds1-1/+2
2023-08-15netfilter: Update to register_net_sysctl_szJoel Granados1-1/+2
2023-07-28netfilter: defrag: Add glue hooks for enabling/disabling defragDaniel Xu1-0/+11
2023-03-22xtables: move icmp/icmpv6 logic to xt_tcpudpFlorian Westphal1-67/+1
2023-03-06netfilter: tproxy: fix deadlock due to missing BH disableFlorian Westphal1-1/+1
2023-02-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nfJakub Kicinski2-3/+8
2023-02-22netfilter: x_tables: fix percpu counter block leak on error path when creatin...Pavel Tikhomirov1-0/+4
2023-02-22netfilter: ebtables: fix table blob use-after-freeFlorian Westphal1-2/+1
2023-02-22netfilter: ip6t_rpfilter: Fix regression with VRF interfacesPhil Sutter1-1/+3
2023-02-17netfilter: let reset rules clean out conntrack entriesFlorian Westphal1-0/+1
2022-11-15netfilter: nf_tables: Extend nft_expr_ops::dump callback parametersPhil Sutter1-1/+2
2022-10-31net: dropreason: add SKB_DROP_REASON_DUP_FRAGEric Dumazet1-1/+1
2022-10-19netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces.Guillaume Nault2-0/+3
2022-10-12netfilter: rpfilter/fib: Populate flowic_l3mdev fieldPhil Sutter2-9/+5
2022-09-28netfilter: nft_fib: Fix for rpath check with VRF devicesPhil Sutter1-1/+5
2022-09-20tcp: Access &tcp_hashinfo via net.Kuniyuki Iwashima2-6/+6
2022-08-24netfilter: nf_defrag_ipv6: allow nf_conntrack_frag6_high_thresh increasesEric Dumazet1-1/+0
2022-05-13netfilter: conntrack: skip verification of zero UDP checksumKevin Mitchell1-2/+2
2022-04-11netfilter: nft_fib: reverse path filter for policy-based routing on iifPablo Neira Ayuso1-0/+4
2022-03-20netfilter: nft_fib: add reduce supportFlorian Westphal1-0/+2
2022-03-20netfilter: nf_tables: do not reduce read-only expressionsPablo Neira Ayuso2-0/+2
2022-03-03net: ipv6: Handle delivery_time in ipv6 defragMartin KaFai Lau1-0/+1
2022-01-27netfilter: Remove flowtable relicsGeert Uytterhoeven3-7/+0
2021-12-23netfilter: flowtable: remove ipv4/ipv6 modulesFlorian Westphal2-44/+2
2021-10-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller1-42/+6
2021-10-18Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller6-44/+14
2021-10-14netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6Xin Long1-42/+6
2021-10-14netfilter: ip6tables: allow use of ip6t_do_table as hookfnFlorian Westphal6-44/+14
2021-09-28netfilter: conntrack: fix boot failure with nf_conntrack.enable_hooks=1Florian Westphal2-17/+10
2021-09-15netfilter: ip6_tables: zero-initialize fragment offsetJeremy Sowden1-0/+1
2021-09-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfJakub Kicinski1-3/+1
2021-09-03netfilter: socket: icmp6: fix use-after-scopeBenjamin Hesmans1-3/+1
2021-08-09netfilter: x_tables: never register tables by defaultFlorian Westphal5-51/+56
2021-06-18Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-4/+18
2021-06-09netfilter: nft_fib_ipv6: skip ipv6 packets from any to link-localFlorian Westphal1-4/+18
2021-05-29netfilter: nf_tables: add and use nft_sk helperFlorian Westphal1-1/+1
2021-05-29netfilter: x_tables: reduce xt_action_param by 8 byteFlorian Westphal1-1/+1
2021-04-26netfilter: allow to turn off xtables compat layerFlorian Westphal1-8/+8
2021-04-26netfilter: ip6_tables: pass table pointer via nf_hook_opsFlorian Westphal6-54/+61
2021-04-26netfilter: xt_nat: pass table to hookfnFlorian Westphal1-10/+35
2021-04-26netfilter: x_tables: remove paranoia testsFlorian Westphal5-15/+0
2021-04-26netfilter: ip6tables: unregister the tables by nameFlorian Westphal6-33/+22
2021-04-26netfilter: x_tables: remove ipt_unregister_tableFlorian Westphal2-10/+1
2021-04-26netfilter: disable defrag once its no longer neededFlorian Westphal1-6/+23
2021-04-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-0/+2
2021-04-13netfilter: x_tables: fix compat match/target pad out-of-bound writeFlorian Westphal1-0/+2
2021-04-06netfilter: nf_defrag_ipv6: use net_generic infraFlorian Westphal2-37/+46
2021-03-31netfilter: nf_log_ipv6: merge with nf_log_syslogFlorian Westphal3-431/+4
2021-03-15Revert "netfilter: x_tables: Switch synchronization to RCU"Mark Tomlinson1-7/+7
2021-03-15Revert "netfilter: x_tables: Update remaining dereference to RCU"Mark Tomlinson1-1/+1
2021-01-27netfilter: nftables: add nft_parse_register_load() and use itPablo Neira Ayuso1-9/+9
2020-12-18Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfJakub Kicinski1-1/+1
2020-12-17netfilter: x_tables: Update remaining dereference to RCUSubash Abhinov Kasiviswanathan1-1/+1
2020-12-16Merge tag 'selinux-pr-20201214' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2020-12-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextJakub Kicinski3-4/+6
2020-12-11Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-7/+7
2020-12-08netfilter: x_tables: Switch synchronization to RCUSubash Abhinov Kasiviswanathan1-7/+7
2020-12-01netfilter: use actual socket sk for REJECT actionJan Engelhardt3-4/+6
2020-11-23lsm,selinux: pass flowi_common instead of flowi to the LSM hooksPaul Moore1-1/+1
2020-11-19Merge https://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-0/+9
2020-11-19ipv6: Remove dependency of ipv6_frag_thdr_truncated on ipv6 moduleGeorg Kohmann1-1/+1
2020-11-16ipv6/netfilter: Discard first fragment not including all headersGeorg Kohmann1-0/+9
2020-11-06Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2020-11-01netfilter: nft_reject_inet: allow to use reject from inet ingressPablo Neira Ayuso1-2/+3
2020-10-31netfilter: nf_reject: add reject skbuff creation helpersJose M. Guisado Gomez1-0/+134
2020-10-30netfilter: use actual socket sk rather than skb sk when routing harderJason A. Donenfeld1-1/+1
2020-10-20netfilter: Drop fragmented ndisc packets assembled in netfilterGeorg Kohmann1-0/+1
2020-10-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-3/+5
2020-10-14netfilter: nf_log: missing vlan offload tag and protoPablo Neira Ayuso1-3/+5
2020-08-28netfilter: ip6t_NPT: rewrite addresses in ICMPv6 original packetMichael Zhou1-0/+39
2020-08-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-nextLinus Torvalds6-83/+59
2020-08-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller4-8/+4
2020-07-29netfilter: ip6tables: Remove redundant null checksGaurav Singh4-8/+4
2020-07-28net: remove sockptr_advanceChristoph Hellwig1-4/+4
2020-07-24netfilter: switch nf_setsockopt to sockptr_tChristoph Hellwig1-12/+12
2020-07-24netfilter: switch xt_copy_counters to sockptr_tChristoph Hellwig1-3/+3
2020-07-19netfilter: remove the compat argument to xt_copy_counters_from_userChristoph Hellwig1-2/+1
2020-07-19netfilter/ip6_tables: clean up compat {get, set}sockopt handlingChristoph Hellwig1-66/+21
2020-07-16treewide: Remove uninitialized_var() usageKees Cook1-1/+1
2020-06-30netfilter: introduce support for reject at prerouting stageLaura Garcia Liebana1-0/+26
2020-06-25netfilter: ip6tables: Add a .pre_exit hook in all ip6table_foo.c.David Wilder5-6/+44
2020-06-25netfilter: ip6tables: Split ip6t_unregister_table() into pre_exit and exit he...David Wilder1-1/+14
2020-06-25netfilter: Add MODULE_DESCRIPTION entries to kernel modulesRob Gill5-0/+5
2020-06-14treewide: replace '---help---' in Kconfig files with 'help'Masahiro Yamada1-3/+3
2020-03-15netfilter: Replace zero-length array with flexible-array memberGustavo A. R. Silva1-2/+2
2020-03-12inet: Use fallthrough;Joe Perches1-1/+1
2019-11-21net: Fix Kconfig indentation, continuedKrzysztof Kozlowski1-14/+14
2019-11-15netfilter: nf_flow_table_offload: add IPv6 supportPablo Neira Ayuso1-1/+1
2019-11-12netfilter: nf_flow_table: hardware offload supportPablo Neira Ayuso1-0/+1
2019-11-12netfilter: nf_tables: add flowtable offload control planePablo Neira Ayuso1-0/+1
2019-10-17netfilter: nft_tproxy: Fix typo in IPv6 module description.Norman Rasmussen1-1/+1
2019-10-01netfilter: drop bridge nf reset from nf_resetFlorian Westphal1-1/+1
2019-09-26net: Fix Kconfig indentationKrzysztof Kozlowski1-8/+8
2019-09-13netfilter: move inline nf_ip6_ext_hdr() function to a more appropriate header.Jeremy Sowden2-4/+4
2019-09-13netfilter: update include directives.Jeremy Sowden1-1/+0
2019-08-19Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller1-1/+1
2019-08-08inet: frags: re-introduce skb coalescing for local deliveryGuillaume Nault1-1/+1
2019-08-03netfilter: synproxy: rename mss synproxy_options fieldFernando Fernandez Mancera1-2/+2
2019-07-16netfilter: synproxy: fix erroneous tcp mss optionFernando Fernandez Mancera1-0/+2
2019-07-16netfilter: Fix rpfilter dropping vrf packets by mistakeMiaohe Lin1-2/+6
2019-07-11ipv6: Use ipv6_authlen for lenyangxingwu4-4/+4
2019-07-11Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds3-439/+36
2019-07-09Merge tag 'docs-5.3' of git://git.lwn.net/linuxLinus Torvalds1-1/+1
2019-06-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextPablo Neira Ayuso25-118/+45
2019-06-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller23-101/+34
2019-06-21Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds1-10/+12
2019-06-19inet: fix various use-after-free in defrags unitsEric Dumazet1-2/+8
2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner22-91/+22
2019-06-18Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfDavid S. Miller1-10/+12
2019-06-17netfilter: synproxy: extract SYNPROXY infrastructure from {ipt, ip6t}_SYNPROXYFernando Fernandez Mancera1-411/+9
2019-06-14docs: kbuild: convert docs to ReST and rename to *.rstMauro Carvalho Chehab1-1/+1
2019-06-10Update my email addressJozsef Kadlecsik1-1/+1
2019-06-07Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller3-15/+3
2019-06-07netfilter: ipv6: nf_defrag: accept duplicate fragments againGuillaume Nault1-3/+7
2019-06-04netfilter: ipv6: nf_defrag: fix leakage of unqueued fragmentsGuillaume Nault1-7/+5
2019-05-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-14/+2
2019-05-31Merge tag 'spdx-5.2-rc3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/g...Linus Torvalds3-15/+3
2019-05-30treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152Thomas Gleixner3-15/+3
2019-05-26net: dynamically allocate fqdir structuresEric Dumazet1-13/+14
2019-05-26net: add a net pointer to struct fqdirEric Dumazet1-4/+2
2019-05-26net: rename inet_frags_init_net() to fdir_init()Eric Dumazet1-2/+1
2019-05-26netfilter: ipv6: nf_defrag: no longer reference init_net in nf_ct_frag6_sysct...Eric Dumazet1-12/+7
2019-05-26net: rename struct fqdir fieldsEric Dumazet1-20/+20
2019-05-26net: rename inet_frags_exit_net() to fqdir_exit()Eric Dumazet1-2/+2
2019-05-26inet: rename netns_frags to fqdirEric Dumazet1-2/+2
2019-05-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfDavid S. Miller1-14/+2
2019-05-21netfilter: nft_fib: Fix existence check supportPhil Sutter1-14/+2
2019-05-21treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 3Thomas Gleixner1-4/+1
2019-05-21treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner1-0/+1
2019-05-21treewide: Add SPDX license identifier for more missed filesThomas Gleixner3-0/+3
2019-04-11netfilter: x_tables: merge ip and ipv6 masquerade modulesFlorian Westphal3-90/+3
2019-04-11netfilter: nf_nat: merge ip/ip6 masquerade headersFlorian Westphal1-1/+1
2019-04-08netfilter: nf_tables: merge route type into coreFlorian Westphal3-100/+0
2019-03-18netfilter: ip6t_srh: fix NULL pointer dereferencesKangjie Lu1-0/+6
2019-03-01netfilter: nf_tables: merge ipv4 and ipv6 nat chain typesFlorian Westphal3-95/+0
2019-03-01netfilter: nf_tables: nat: merge nft_masq protocol specific modulesFlorian Westphal3-101/+0
2019-03-01netfilter: nf_tables: nat: merge nft_redir protocol specific modulesFlorian Westphal3-92/+0
2019-02-27netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.hFlorian Westphal2-9/+5
2019-02-27netfilter: nat: merge nf_nat_ipv4,6 into nat coreFlorian Westphal3-383/+2
2019-02-27netfilter: nat: move nlattr parse and xfrm session decode to coreFlorian Westphal1-60/+0
2019-02-27netfilter: nat: merge ipv4 and ipv6 masquerade functionalityFlorian Westphal3-250/+2
2019-02-26net: remove unused struct inet_frag_queue.fragments fieldPeter Oskolkov1-1/+0
2019-02-18Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller4-10/+40
2019-02-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-0/+1
2019-02-13netfilter: reject: skip csum verification for protocols that don't support itAlin Nastac1-0/+3
2019-02-11netfilter: nat: fix spurious connection timeoutsFlorian Westphal1-0/+1
2019-02-04netfilter: ipv6: avoid indirect calls for IPV6=y caseFlorian Westphal1-7/+2
2019-02-04netfilter: nat: remove module dependency on ipv6 coreFlorian Westphal2-3/+35
2019-01-28Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-1/+1
2019-01-25net: IP6 defrag: use rbtrees in nf_conntrack_reasm.cPeter Oskolkov1-189/+71
2019-01-18netfilter: conntrack: avoid unneeded nf_conntrack_l4proto lookupsFlorian Westphal1-1/+1
2018-12-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller3-129/+6
2018-12-19netfilter: avoid using skb->nf_bridge directlyFlorian Westphal1-3/+7
2018-12-17netfilter: nat: remove nf_nat_l4proto structFlorian Westphal3-46/+4
2018-12-17netfilter: nat: remove l4proto->manip_pktFlorian Westphal2-28/+2
2018-12-17netfilter: nat: remove l4proto->nlattr_to_rangeFlorian Westphal1-3/+0
2018-12-17netfilter: nat: remove l4proto->in_rangeFlorian Westphal1-11/+0
2018-12-17netfilter: nat: fold in_range indirection into callerFlorian Westphal1-8/+0
2018-12-17netfilter: nat: remove l4proto->unique_tupleFlorian Westphal1-26/+0
2018-12-17netfilter: remove NF_NAT_RANGE_PROTO_RANDOM supportFlorian Westphal1-7/+0
2018-12-05ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changesJiri Wiesner1-1/+7
2018-11-27netfilter: nat: fix double register in masquerade modulesTaehee Yoo1-7/+16
2018-11-27netfilter: add missing error handling code for register functionsTaehee Yoo3-12/+32
2018-10-25netfilter: ipv6: fix oops when defragmenting locally generated fragmentsFlorian Westphal1-4/+9
2018-09-28netfilter: masquerade: don't flush all conntracks if only one address deleted...Tan Hu1-3/+16
2018-09-17netfilter: xtables: avoid BUG_ONFlorian Westphal2-3/+12
2018-09-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-0/+1
2018-09-10net: Add and use skb_mark_not_on_list().David S. Miller1-1/+1
2018-09-09ip: frags: fix crash in ip_do_fragment()Taehee Yoo1-0/+1
2018-08-16netfilter: ip6t_rpfilter: set F_IFACE for linklocal addressesFlorian Westphal1-1/+11
2018-08-05ipv6: defrag: drop non-last frags smaller than min mtuFlorian Westphal1-0/+4
2018-08-05ip: use rb trees for IP frag queue.Peter Oskolkov1-0/+1
2018-07-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller6-879/+17
2018-07-20Merge ra.kernel.org:/pub/scm/linux/kernel/git/torvalds/linuxDavid S. Miller3-6/+15
2018-07-18ipv6: remove dependency of nf_defrag_ipv6 on ipv6 moduleFlorian Westphal2-7/+13
2018-07-17netfilter: conntrack: remove l3proto abstractionFlorian Westphal4-771/+4
2018-07-16netfilter: conntrack: remove get_timeout() indirectionFlorian Westphal1-4/+10
2018-07-16netfilter: conntrack: remove get_l4proto indirection from l3 protocol trackersFlorian Westphal1-29/+0
2018-07-16netfilter: conntrack: remove invert_tuple indirection from l3 protocol trackersFlorian Westphal2-12/+1
2018-07-16netfilter: conntrack: remove pkt_to_tuple indirection from l3 protocol trackersFlorian Westphal1-18/+0
2018-07-16netfilter: conntrack: remove ctnetlink callbacks from l3 protocol trackersFlorian Westphal2-49/+0
2018-07-09netfilter: ipv6: nf_defrag: drop skb dst before queueingFlorian Westphal1-0/+2
2018-07-06netfilter: nf_tproxy: fix possible non-linear access to transport headerMáté Eckl1-6/+12
2018-07-05netfilter: x_tables: set module owner for icmp(6) matchesFlorian Westphal1-0/+1
2018-07-03Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-3/+3
2018-06-28netfilter: check if the socket netns is correct.Flavio Leitner1-4/+4
2018-06-18netfilter: ipv6: nf_defrag: reduce struct net memory wasteEric Dumazet1-3/+3
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-20 01:32:29 +0000