aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter
AgeCommit message (Expand)AuthorFilesLines
2014-01-23net/netfilter/ipset/ip_set_hash_netiface.c: use rbtree postorder iteration in...Cody P Schafer1-23/+4
2014-01-22Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jik...Linus Torvalds1-1/+1
2014-01-06netfilter: only warn once on wrong seqadj usageJesper Dangaard Brouer1-1/+1
2014-01-06netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helperDaniel Borkmann1-5/+27
2013-12-28netfilter: nf_tables: fix wrong datatype in nft_validate_data_load()Pablo Neira Ayuso1-1/+3
2013-12-28netfilter: nf_tables: fix oops when updating table with user chainsPablo Neira Ayuso1-2/+10
2013-12-28netfilter: nf_tables: fix dumping with large number of setsPablo Neira Ayuso1-3/+7
2013-12-27ipvs: correct usage/allocation of seqadj ext in ipvsJesper Dangaard Brouer1-0/+6
2013-12-27netfilter: WARN about wrong usage of sequence number adjustmentsJesper Dangaard Brouer1-0/+5
2013-12-20netfilter: nf_ct_timestamp: Fix BUG_ON after netns deletionHelmut Schaa1-1/+0
2013-12-20netfilter: nft_exthdr: call ipv6_find_hdr() with explicitly initialized offsetDaniel Borkmann1-1/+1
2013-12-19Merge branch 'master' into for-nextJiri Kosina77-2070/+10307
2013-12-17netfilter: nfnetlink_log: unset nf_loggers for netns when unloading moduleGao feng1-0/+1
2013-12-07netfilter: nf_tables: fix missing rules flushing per tablePablo Neira Ayuso1-13/+33
2013-12-07netfilter: xt_hashlimit: fix proc entry leak in netns destroy pathSergey Popovich1-14/+11
2013-12-02treewide: Fix typo in KconfigMasanari Iida1-1/+1
2013-11-25netfilter: ipset: fix incorret comparison in hash_netnet4_data_equal()Dave Jones1-1/+1
2013-11-21Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfDavid S. Miller5-13/+22
2013-11-19Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds1-2/+2
2013-11-19genetlink: only pass array to genl_register_family_with_ops()Johannes Berg1-1/+1
2013-11-18netfilter: nf_conntrack: decrement global counter after object releasePablo Neira Ayuso1-1/+2
2013-11-18netfilter: nft_compat: fix error path in nft_parse_compat()Pablo Neira Ayuso1-6/+13
2013-11-18netfilter: fix wrong byte order in nf_ct_seqadj_set internal informationPhil Oester1-2/+2
2013-11-18netfilter: synproxy: correct wscale option passingMartin Topholm1-3/+4
2013-11-15Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jik...Linus Torvalds1-2/+2
2013-11-14genetlink: make all genl_ops users constJohannes Berg1-1/+1
2013-11-14Merge branch 'core-locking-for-linus' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds1-3/+22
2013-11-13netfilter: fix connlimit Kconfig prompt stringRandy Dunlap1-1/+1
2013-11-13Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds65-1873/+10075
2013-11-12Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-5/+2
2013-11-11netfilter: push reasm skb through instead of original frag skbsJiri Pirko2-61/+2
2013-11-08nfnetlink: do not ack malformed messagesJiri Benc1-3/+5
2013-11-06net: Explicitly initialize u64_stats_sync structures for lockdepJohn Stultz1-3/+22
2013-11-04Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/...David S. Miller2-8/+12
2013-11-04Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/...David S. Miller17-154/+200
2013-11-04netfilter: nft_compat: use _safe version of list_for_eachDan Carpenter1-4/+4
2013-11-04Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2-2/+12
2013-11-03netfilter: ctnetlink: account both directions in one stepHolger Eitzenberger1-25/+24
2013-11-03netfilter: introduce nf_conn_acct structureHolger Eitzenberger4-20/+30
2013-11-01Merge branch 'linus' into sched/coreIngo Molnar1-2/+2
2013-10-30net: ipvs: sctp: do not recalc sctp csum when ports didn't changeDaniel Borkmann1-6/+33
2013-10-29netfilter: xt_NFQUEUE: fix --queue-bypass regressionHolger Eitzenberger1-1/+6
2013-10-28netfilter: nft_nat: Fix endianness issue reported by sparseTomasz Bursztyka1-4/+8
2013-10-28net: ipvs: sctp: add missing verdict assignments in sctp_conn_scheduleDaniel Borkmann1-2/+7
2013-10-27netfilter: ipset: remove duplicate defineMichael Opdenacker1-1/+0
2013-10-27netfilter:ipset: Fix memory allocation for bitmap:portJozsef Kadlecsik1-1/+1
2013-10-23Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfDavid S. Miller1-1/+6
2013-10-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-2/+2
2013-10-22netfilter: ipset: The unnamed union initialization may lead to compilation errorJozsef Kadlecsik2-24/+20
2013-10-22netfilter: ipset: Use netlink callback dump args onlyJozsef Kadlecsik4-54/+58
2013-10-22netfilter: x_tables: fix ordering of jumpstack allocation and table updateWill Deacon1-1/+6
2013-10-21netfilter: nf_conntrack: fix rt6i_gateway checks for H.323 helperJulian Anastasov1-2/+2
2013-10-19net: misc: Remove extern from function prototypesJoe Perches1-17/+11
2013-10-17netfilter: xt_socket: use sock_gen_put()Eric Dumazet1-11/+2
2013-10-15ipvs: improved SH fallback strategyAlexander Frolkin1-10/+29
2013-10-15ipvs: avoid rcu_barrier during netns cleanupJulian Anastasov3-7/+3
2013-10-14netfilter: nf_tables: add trace supportPablo Neira Ayuso2-0/+58
2013-10-14netfilter: nfnetlink: add batch support and use it from nf_tablesPablo Neira Ayuso3-22/+365
2013-10-14netfilter: nf_tables: add insert operationEric Leblond1-6/+32
2013-10-14netfilter: nf_tables: complete net namespace supportPablo Neira Ayuso1-28/+55
2013-10-14netfilter: nf_tables: Add support for IPv6 NATTomasz Bursztyka3-0/+227
2013-10-14netfilter: nf_tables: add support for dormant tablesPablo Neira Ayuso1-7/+90
2013-10-14netfilter: nf_tables: nft_payload: fix transport header basePablo Neira Ayuso2-2/+2
2013-10-14netfilter: nf_tables: add compatibility layer for x_tablesPablo Neira Ayuso8-55/+1008
2013-10-14netfilter: nf_tables: convert built-in tables/chains to chain typesPablo Neira Ayuso1-111/+86
2013-10-14netfilter: nft_payload: add optimized payload implementation for small loadsPatrick McHardy2-28/+72
2013-10-14netfilter: nf_tables: add optimized data comparison for small valuesPatrick McHardy2-24/+110
2013-10-14netfilter: nf_tables: expression ops overloadingPatrick McHardy14-123/+214
2013-10-14netfilter: nf_tables: add netlink set APIPatrick McHardy9-618/+1573
2013-10-14netfilter: add nftablesPatrick McHardy19-0/+4563
2013-10-14treewide: Fix common typo in "identify"Maxime Jayat1-2/+2
2013-10-14netfilter: nf_nat: move alloc_null_binding to nf_nat_core.cPablo Neira Ayuso1-0/+20
2013-10-14netfilter: pass hook ops to hookfnPatrick McHardy2-22/+22
2013-10-09Merge tag 'v3.12-rc4' into sched/coreIngo Molnar18-172/+155
2013-10-09ipv6: make lookups simpler and fasterEric Dumazet2-2/+2
2013-10-04Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/...David S. Miller26-1650/+2414
2013-10-04sched/wait: Make the __wait_event*() interface more friendlyPeter Zijlstra1-5/+2
2013-10-01Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfDavid S. Miller9-145/+125
2013-10-01netfilter: cttimeout: allow to set/get default protocol timeoutsPablo Neira Ayuso1-8/+153
2013-10-01netfilter: nf_ct_sip: consolidate NAT hook functionsholger@eitzenberger.org2-113/+49
2013-10-01netfilter: nfnetlink_log: use proper net to allocate skbGao feng1-5/+6
2013-10-01netfilter: nfnetlink_queue: use proper net namespace to allocate skbGao feng1-3/+3
2013-09-30netfilter: ipset: Add hash:net,port,net module to kernel.Oliver Smith3-0/+598
2013-09-30netfiler: ipset: Add net namespace for ipsetVitaly Lavrov7-138/+232
2013-09-30netfilter: ipset: Use a common function at listing the extensionsJozsef Kadlecsik4-50/+12
2013-09-30netfilter: ipset: For set:list types, replaced elements must be zeroed outJozsef Kadlecsik1-1/+3
2013-09-30netfilter: ipset: Fix hash resizing with commentsJozsef Kadlecsik1-5/+5
2013-09-30netfilter: ipset: Support comments in hash-type ipsets.Oliver Smith9-13/+30
2013-09-30netfilter: ipset: Support comments in the list-type ipset.Oliver Smith1-6/+12
2013-09-30netfilter: ipset: Support comments in bitmap-type ipsets.Oliver Smith4-9/+17
2013-09-30netfilter: ipset: Support comments for ipset entries in the core.Oliver Smith1-0/+14
2013-09-30netfilter: ipset: Add hash:net,net module to kernel.Oliver Smith4-9/+541
2013-09-30netfilter: ipset: Kconfig: ipset needs NETFILTER_NETLINKJozsef Kadlecsik1-1/+1
2013-09-30netfilter: ipset: list:set: make sure all elements are checked by the gcJozsef Kadlecsik1-2/+5
2013-09-30netfilter: ipset: Support extensions which need a per data destroy functionJozsef Kadlecsik3-38/+90
2013-09-30netfilter: ipset: Generalize extensions supportJozsef Kadlecsik13-749/+105
2013-09-30netfilter: ipset: Move extension data to set structureJozsef Kadlecsik13-278/+244
2013-09-30netfilter: ipset: Rename extension offset ids to extension idsJozsef Kadlecsik6-35/+35
2013-09-30netfilter: ipset: Prepare ipset to support multiple networks for hash typesJozsef Kadlecsik5-46/+48
2013-09-30netfilter: ipset: Introduce new operation to get both setname and familyJozsef Kadlecsik1-0/+17
2013-09-30netfilter: ipset: order matches and targets separatedly in xt_set.cJozsef Kadlecsik1-92/+96
2013-09-30netfilter: ipset: Support package fragments for IPv4 protos without portsAnders K. Pedersen1-1/+17
2013-09-30netfilter: ipset: Fix "may be used uninitialized" warningsJozsef Kadlecsik9-12/+12
2013-09-30netfilter: ipset: Rename simple macro names to avoid namespace issues.Jozsef Kadlecsik13-162/+166
2013-09-30netfilter: ipset: Fix sparse warnings due to missing rcu annotationsJozsef Kadlecsik1-32/+55
2013-09-30netfilter: ipset: Sparse warning about shadowed variable fixedJozsef Kadlecsik1-1/+1
2013-09-30netfilter: ipset: Don't call ip_nest_end needlessly in the error pathJozsef Kadlecsik3-3/+3
2013-09-30netfilter: synproxy: fix BUG_ON triggered by corrupt TCP packetsPatrick McHardy1-5/+7
2013-09-27netfilter: xt_TCPMSS: lookup route from proper net namespaceGao feng1-3/+5
2013-09-27netfilter: xt_TCPMSS: Get mtu only if clamp-mss-to-pmtu is specifiedGao feng1-34/+36
2013-09-27netfilter: nf_ct_sip: extend RCU read lock in set_expected_rtp_rtcp()holger@eitzenberger.org1-2/+4
2013-09-19ip: generate unique IP identificator if local fragmentation is allowedAnsis Atteka1-1/+1
2013-09-18ipvs: stats should not depend on CPU 0Julian Anastasov1-1/+3
2013-09-18ipvs: do not use dest after ip_vs_dest_put in LBLCRJulian Anastasov1-30/+20
2013-09-18ipvs: do not use dest after ip_vs_dest_put in LBLCJulian Anastasov1-37/+31
2013-09-18ipvs: make the service replacement more robustJulian Anastasov2-53/+45
2013-09-18ipvs: fix overflow on dest weight multiplySimon Kirby5-19/+19
2013-09-17netfilter: nfnetlink_queue: use network skb for sequence adjustmentGao feng1-1/+1
2013-09-16netfilter: ipset: Fix serious failure in CIDR trackingOliver Smith1-12/+16
2013-09-16netfilter: ipset: Validate the set family and not the set type family at swap...Jozsef Kadlecsik1-1/+1
2013-09-16netfilter: ipset: Consistent userspace testing with nomatch flagJozsef Kadlecsik5-10/+9
2013-09-16netfilter: ipset: Skip really non-first fragments for IPv6 when getting port/...Jozsef Kadlecsik1-2/+2
2013-09-05netfilter: Fix build errors with xt_socket.cDavid S. Miller1-0/+1
2013-09-04netfilter: xt_TCPMSS: correct return value in tcpmss_mangle_packetPhil Oester1-1/+1
2013-09-04netfilter: synproxy_core: fix warning in __nf_ct_ext_add_length()Patrick McHardy1-2/+2
2013-08-28netfilter: ctnetlink: fix uninitialized variableFlorian Westphal1-1/+1
2013-08-28netfilter: add SYNPROXY core/targetPatrick McHardy6-0/+480
2013-08-28netfilter: nf_conntrack: make sequence number adjustments usuable without NATPatrick McHardy9-328/+296
2013-08-20Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/...David S. Miller18-271/+484
2013-08-16Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller5-22/+39
2013-08-13netfilter: nfnetlink_queue: allow to attach expectations to conntracksPablo Neira Ayuso3-16/+103
2013-08-13netfilter: ctnetlink: refactor ctnetlink_create_expectPablo Neira Ayuso1-69/+87
2013-08-10netfilter: nf_conntrack: fix tcp_in_window for Fast OpenYuchung Cheng1-4/+8
2013-08-09netfilter: nf_conntrack: don't send destroy events from iteratorFlorian Westphal3-37/+9
2013-08-07ipvs: ip_vs_sh: ip_vs_sh_get_port: check skb_header_pointer for NULLDaniel Borkmann1-0/+6
2013-08-06ipvs: fixed spacing at for statementsDragos Foianu1-4/+4
2013-08-05netfilter: nfnetlink_{log,queue}: fix information leaks in netlink messageDan Carpenter2-2/+9
2013-08-05netfilter: tproxy: fix build with IP6_NF_IPTABLES=nFlorian Westphal1-1/+1
2013-08-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2-3/+12
2013-08-01netfilter: xt_TCPOPTSTRIP: fix possible off by one accessPablo Neira Ayuso1-4/+6
2013-08-01netfilter: xt_TCPMSS: fix handling of malformed TCP header and optionsPablo Neira Ayuso1-12/+16
2013-07-31netfilter: nf_nat: use per-conntrack locking for sequence number adjustmentsPatrick McHardy1-13/+6
2013-07-31netfilter: nf_nat: change sequence number adjustments to 32 bitsPatrick McHardy3-7/+7
2013-07-31netfilter: nf_nat: fix locking in nf_nat_seq_adjust()Patrick McHardy1-1/+6
2013-07-31netfilter: nf_conntrack: remove duplicate code in ctnetlinkFlorian Westphal2-28/+19
2013-07-31netfilter: tproxy: remove nf_tproxy_core.hFlorian Westphal2-6/+220
2013-07-31netfilter: tproxy: remove nf_tproxy_core, keep tw sk assigned to skbFlorian Westphal4-82/+14
2013-07-31netfilter: nf_queue: relax NFQA_CT attribute checkFlorian Westphal1-3/+1
2013-07-31netfilter: connlabels: remove unneeded includesFlorian Westphal1-4/+0
2013-07-31netfilter: nf_conntrack: constify sk_buff argument to nf_ct_attach()Patrick McHardy2-4/+5
2013-07-31netfilter: xt_addrtype: fix trivial typoPhil Oester1-1/+1
2013-07-27net/sctp: Refactor SCTP skb checksum computationJoe Stringer2-27/+4
2013-07-15netfilter: xt_socket: fix broken v0 supportEric Dumazet1-3/+7
2013-07-15netfilter: ctnetlink: fix incorrect NAT expectation dumpingPablo Neira Ayuso1-0/+5
2013-07-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller4-3/+6
2013-06-30netfilter: nf_queue: add NFQA_SKB_CSUM_NOTVERIFIED info flagFlorian Westphal1-2/+14
2013-06-26ipvs: add sync_persist_mode flagJulian Anastasov2-0/+19
2013-06-26ipvs: SH fallback and L4 hashingAlexander Frolkin1-15/+85
2013-06-26ipvs: drop SCTP connections depending on stateJulian Anastasov1-0/+12
2013-06-26ipvs: replace the SCTP state machineJulian Anastasov2-704/+157
2013-06-26ipvs: sloppy TCP and SCTPAlexander Frolkin3-14/+32
2013-06-26ipvs: provide iph to schedulersJulian Anastasov11-34/+32
2013-06-24netfilter: ctnetlink: send event when conntrack label was modifiedFlorian Westphal2-1/+2
2013-06-24netfilter: nf_nat_sip: fix manglingBalazs Peter Odor1-1/+2
2013-06-20netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flagEric Dumazet1-8/+62
2013-06-20netfilter: nf_conntrack: avoid large timeout for mid-stream pickupFlorian Westphal1-0/+6
2013-06-20netfilter: check return code from nla_parse_testedDaniel Borkmann3-13/+39
2013-06-19Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller6-12/+38
2013-06-19ipvs: SCTP ports should be writable in ICMP packetsJulian Anastasov1-1/+2
2013-06-13net: Convert uses of typedef ctl_table to struct ctl_tableJoe Perches5-9/+9
2013-06-12netfilter: xt_TCPMSS: Fix missing fragmentation handlingPhil Oester1-0/+4
2013-06-12netfilter: xt_TCPMSS: Fix IPv6 default MSS tooPhil Oester1-7/+14
2013-06-11net_sched: add 64bit rate estimatorsEric Dumazet1-1/+1
2013-06-11netfilter: xt_TCPOPTSTRIP: don't use tcp_hdr()Pablo Neira Ayuso1-2/+4
2013-06-10ipvs: info leak in __ip_vs_get_dest_entries()Dan Carpenter1-0/+1
2013-06-07netfilter: nfnetlink_queue: fix missing HW protocolPablo Neira Ayuso1-3/+3
2013-06-06Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/...David S. Miller8-74/+116
2013-06-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller5-13/+55
2013-06-05netfilter: xt_TCPMSS: Fix violation of RFC879 in absence of MSS optionPhil Oester1-0/+6
2013-06-05netfilter: nfnetlink_queue: only add CAP_LEN attr when neededFlorian Westphal1-1/+2
2013-06-05netfilter: nfnetlink_queue: cleanup copy_range usageFlorian Westphal1-10/+12
2013-06-05netfilter: nfnetlink_cttimeout: fix incomplete dumping of objectsPablo Neira Ayuso1-2/+5
2013-06-05netfilter: nfnetlink_acct: fix incomplete dumping of objectsPablo Neira Ayuso1-2/+5
2013-05-31netfilter: Correct calculation using skb->tail and skb-network_headerSimon Horman1-1/+1
2013-05-29ipvs: ip_vs_sh: fix buildJan Beulich1-1/+1
2013-05-29netfilter: xt_LOG: fix mark logging for IPv6 packetsMichal Kubeček1-1/+1
2013-05-28net: pass info struct via netdevice notifierJiri Pirko3-4/+4
2013-05-27netfilter: Implement RFC 1123 for FTP conntrackJeff Mahoney1-19/+54
2013-05-27ipvs: Fix reuse connection if real server is deadGrzegorz Lyczba1-0/+35
2013-05-26netfilter: nfnetlink_queue: avoid peer_portid testFlorian Westphal1-4/+0
2013-05-26ipvs: change type of netns_ipvs->sysctl_sync_qlen_maxZhang Yanfei1-2/+2
2013-05-23ipvs: use cond_resched_rcu() helper when walking connectionsSimon Horman1-15/+8
2013-05-23netfilter: don't panic on error while walking through the init pathPablo Neira Ayuso2-10/+16
2013-05-23netfilter: add nf_ipv6_ops hook to fix xt_addrtype with IPv6Florian Westphal2-11/+18
2013-05-23netfilter: xt_socket: use IP early demuxEric Dumazet1-10/+16
2013-05-23netfilter: xt_CT: optimize XT_CT_NOTRACKEric Dumazet1-4/+6
2013-05-16netfilter: xt_TCPOPTSTRIP: fix possible mangling beyond packet boundaryPablo Neira Ayuso1-3/+14
2013-05-15netfilter: log: netns NULL ptr bug when calling from conntrackHans Schillstrom4-10/+12
2013-05-06netfilter: nf_{log,queue}: fix compilation without CONFIG_PROC_FSPablo Neira Ayuso3-1/+8
2013-05-01Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds3-13/+18
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-31 08:05:37 +0000