[PATCH nf] netfilter: nft_set_pipapo: don't leak bad clone into future transaction
2026-06-17 8:02 UTC (3+ messages)
[PATCH bpf-next 0/2] bpf: Guard conntrack opts error writes
2026-06-16 22:34 UTC (6+ messages)
` [PATCH bpf-next 1/2] "
` [PATCH bpf-next 2/2] selftests/bpf: Cover small "
[PATCH nf] netfilter: nfnetlink: make OOM conditions fatal
2026-06-16 19:16 UTC
[PATCH nf,v1] netfilter: nf_conntrack_expect: use conntrack GC to reap expectations
2026-06-16 18:34 UTC
[PATCH nf-next v3 0/4] netfilter: replace u_int*_t with kernel int types
2026-06-16 18:29 UTC (5+ messages)
` [PATCH nf-next v3 1/4] netfilter: nf_nat_ftp: replace u_int16_t with u16
` [PATCH nf-next v3 2/4] netfilter: nf_nat_irc: "
` [PATCH nf-next v3 3/4] netfilter: nf_sockopt: replace u_int8_t with u8
` [PATCH nf-next v3 4/4] netfilter: xt_TCPOPTSTRIP: replace u_int8_t and u_int16_t with u8 and u16
[PATCH 5.10/5.15/6.1/6.6/6.12/6.18] ipvs: skip ipv6 extension headers for csum checks
2026-06-16 6:30 UTC
[PATCH net-next 00/11] Netfilter/IPVS updates for net-next
2026-06-15 21:20 UTC (14+ messages)
` [PATCH net-next 01/11] ipvs: Replace use of system_unbound_wq with system_dfl_long_wq
` [PATCH net-next 02/11] netfilter: nf_tables: use DEBUG_NET_WARN_ON_ONCE in packet and control paths
` [PATCH net-next 03/11] netfilter: nf_conncount: callers must hold rcu read lock
` [PATCH net-next 04/11] netfilter: nf_conncount: use per nf_conncount_data spinlocks
` [PATCH net-next 05/11] netfilter: nf_conncount: split count_tree_node rbtree walk into helper
` [PATCH net-next 06/11] netfilter: nf_conncount: add sequence counter to detect tree modifications
` [PATCH net-next 07/11] netfilter: nf_conncount: gc and rcu fixes
` [PATCH net-next 08/11] netfilter: conntrack: check NULL when retrieving ct extension
` [PATCH net-next 09/11] netfilter: flowtable: bail out if forward path cannot be discovered
` [PATCH net-next 10/11] ipvs: fix doc syntax for conn_max sysctl
` [PATCH net-next 11/11] netfilter: nf_dup_netdev: add nf_dev_xmit_recursion*() helpers and use them
[PATCH nf 0/1] netfilter: xt_nat: bridge nft_compat rule can trigger NULL-deref
2026-06-15 18:16 UTC (10+ messages)
` [PATCH nf 1/1] netfilter: xt_nat: reject unsupported target families
[PATCH nf] netfilter: nft_compat: ebtables emulation must reject non-bridge targets
2026-06-15 18:10 UTC
[PATCH nf-next v2 0/6] netfilter: replace u_int*_t with kernel int types
2026-06-15 13:38 UTC (7+ messages)
` [PATCH nf-next v2 1/6] netfilter: nf_nat_ftp: replace u_int16_t with u16
` [PATCH nf-next v2 2/6] netfilter: nf_nat_irc: "
` [PATCH nf-next v2 3/6] netfilter: nf_sockopt: replace u_int8_t with u8
` [PATCH nf-next v2 4/6] netfilter: xt_DSCP: "
` [PATCH nf-next v2 5/6] netfilter: xt_TCPOPTSTRIP: replace u_int8_t and u_int16_t with u8 and u16
` [PATCH nf-next v2 6/6] netfilter: nf_log: replace u_int8_t with u8
[PATCH nf v2] netfilter: flowtable: fix and simplify IP6IP6 tunnel handling
2026-06-15 9:18 UTC
[netfilter-nf-next:for-netdev-nf-next-26-06-14 3/11] net/netfilter/nf_conncount.c:502:18: sparse: sparse: incompatible types in comparison expression (different address spaces):
2026-06-15 0:38 UTC
[PATCH 6.6.y] netfilter: ctnetlink: ensure safe access to master conntrack
2026-06-14 22:28 UTC (4+ messages)
[PATCH net-next] netfilter: x_tables.h: fix all kernel-doc warnings
2026-06-14 5:25 UTC
[PATCH] kdoc: xforms_lists: handle DECLARE_PER_CPU() in kernel-doc
2026-06-14 5:24 UTC
[PATCH v2 net-next 0/2] netdevsim: add fake FT/CLS_FLOWER offload
2026-06-13 17:40 UTC (4+ messages)
` [PATCH v2 net-next 1/2] netdevsim: tc: allow to test nf_tables offload control plane code
` [PATCH v2 net-next 2/2] selftests: netfilter: add phony nft_offload test
[PATCH 6.1.y] netfilter: ctnetlink: ensure safe access to master conntrack
2026-06-13 14:51 UTC (2+ messages)
[PATCH nf-next 0/6] netfilter: replace u_int*_t with kernel int types
2026-06-12 12:51 UTC
[PATCH nf-next 1/6] netfilter: nf_nat_ftp: replace u_int16_t with u16
2026-06-12 12:40 UTC
[PATCH nf-next 6/6] netfilter: nf_log: replace u_int8_t with u8
2026-06-12 12:40 UTC
[PATCH nf-next 3/6] netfilter: nf_sockopt: replace u_int8_t with u8
2026-06-12 12:40 UTC
[PATCH nf-next 4/6] netfilter: xt_DSCP: replace u_int8_t with u8
2026-06-12 12:40 UTC
[PATCH nf-next 5/6] netfilter: xt_TCPOPTSTRIP: replace u_int8_t and u_int16_t with u8 and u16
2026-06-12 12:40 UTC
[PATCH nf-next 2/6] netfilter: nf_nat_irc: replace u_int16_t with u16
2026-06-12 12:40 UTC
[PATCH nf-next] netfilter: conntrack: add deprecation warnings for irc and pptp trackers
2026-06-12 6:03 UTC
[PATCH net-next 0/2] netdevsim: add fake FT/CLS_FLOWER offload
2026-06-11 23:12 UTC (6+ messages)
` [PATCH net-next 1/2] netdevsim: tc: allow to test nf_tables offload control plane code
` [PATCH net-next 2/2] selftests: netfilter: add phony nft_offload test
[PATCH v2 0/9] netfilter: ipset fixes, second batch
2026-06-11 19:47 UTC (13+ messages)
` [PATCH v2 1/9] netfilter: ipset: Don't use test_bit() in lockless RCU readers in hash types
` [PATCH v2 2/9] netfilter: ipset: Don't use test_bit() in lockless RCU readers in bitmap types
` [PATCH v2 3/9] netfilter: ipset: fix order of kfree_rcu() and rcu_assign_pointer()
` [PATCH v2 4/9] netfilter: ipset: Extend the rcu locked area properly
` [PATCH v2 5/9] netfilter: ipset: exlude gc when resize is in progress
` [PATCH v2 6/9] netfilter: ipset: fix potential double free at resize/del
` [PATCH v2 7/9] netfilter: ipset: make sure gc is properly stopped
` [PATCH v2 8/9] netfilter: ipset: fix potential torn read in reuse/forceadd cases
` [PATCH v2 9/9] netfilter: ipset: rework cidr bookkeeping
` [syzbot ci] Re: netfilter: ipset fixes, second batch
[PATCH nf v3] selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test
2026-06-11 14:50 UTC
[nft PATCH v2] parser_bison: Fix for bison < 3.6
2026-06-11 12:52 UTC
[PATCH nf] netfilter: flowtable: use pskb_may_pull() in nf_flow_ip6_tunnel_proto()
2026-06-11 11:03 UTC (8+ messages)
[PATCH net v2] netfilter: nf_log: validate MAC header was set before dumping it
2026-06-11 10:40 UTC (2+ messages)
[PATCH net 0/8] Netfilter fixes for net
2026-06-11 10:40 UTC (10+ messages)
` [PATCH net 1/8] netfilter: revalidate bridge ports
` [PATCH net 2/8] netfilter: nf_tables_offload: drop device refcount on error
` [PATCH net 3/8] netfilter: nf_conntrack: destroy stale expectfn expectations on unregister
` [PATCH net 4/8] netfilter: x_tables: avoid leaking percpu counter pointers
` [PATCH net 5/8] netfilter: nf_log: validate MAC header was set before dumping it
` [PATCH net 6/8] netfilter: nft_exthdr: fix register tracking for F_PRESENT flag
` [PATCH net 7/8] netfilter: nft_fib: fix stale stack leak via the OIFNAME register
` [PATCH net 8/8] netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register
[PATCH net] netfilter: nft_synproxy: stop bypassing the priv->info snapshot
2026-06-11 9:49 UTC (3+ messages)
[PATCH nf 1/1] netfilter: xt_cluster: reject template conntracks in hash match
2026-06-11 7:21 UTC
[nft PATCH] profiling: Include unistd.h to avoid compiler warnings
2026-06-10 21:28 UTC (2+ messages)
[nft PATCH] parser_bison: Fix for bison < 3.6
2026-06-10 21:26 UTC (3+ messages)
[PATCH libnetfilter_conntrack,v2] objopt: restrict NFCT_GOPT_IS_{S,D}PAT to supported layer 4 protocols
2026-06-10 15:17 UTC
[PATCH libnetfilter_conntrack,v2] objopt: restrict NFCT_GOPT_IS_{S,D}PAT to supported layer 4 protocols
2026-06-10 15:12 UTC
[PATCH nf-next,v3] netfilter: nf_dup_netdev: add nf_dev_xmit_recursion*() helpers and use them
2026-06-10 11:12 UTC
[PATCH nf-next,v3] netfilter: conntrack: check NULL when retrieving ct extension
2026-06-10 11:09 UTC
[PATCH v2 0/2] netfilter: fix two remaining stale-stack register leaks
2026-06-10 10:39 UTC (3+ messages)
` [PATCH v2 1/2] netfilter: nft_fib: fix stale stack leak via the OIFNAME register
` [PATCH v2 2/2] netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register
[PATCH libnetfilter_conntrack] objopt: restrict NFCT_GOPT_IS_{S,D}PAT to supported layer 4 protocols
2026-06-10 10:30 UTC
[PATCH 0/2] netfilter: fix two remaining stale-stack register leaks
2026-06-10 10:18 UTC (5+ messages)
` [PATCH 1/2] netfilter: nft_fib: fix stale stack leak via the OIFNAME register
` [PATCH 2/2] netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register
[PATCH nf-next,v2] netfilter: nf_dup_netdev: add nf_dev_xmit_recursion*() helpers and use them
2026-06-10 10:16 UTC
[PATCH nf-next,v2] netfilter: flowtable: bail out if forward path cannot be discovered
2026-06-10 10:13 UTC
[PATCH nf-next,v2] netfilter: conntrack: check NULL when retrieving ct extension
2026-06-10 9:58 UTC
[Kernel Bug] INFO: task hung in xt_find_table
2026-06-10 9:26 UTC (4+ messages)
[PATCH nf-next] netfilter: ebtables: bound num_counters like nentries in do_replace()
2026-06-10 3:02 UTC
[PATCH net-next] net: dummy: add phony ndo_setup_tc stub
2026-06-09 23:03 UTC (6+ messages)
[PATCH nf] netfilter: nf_log: validate MAC header was set before dumping it
2026-06-09 22:56 UTC (6+ messages)
[PATCH nf-next] netfilter: nf_dup_netdev: add nf_dev_xmit_recursion*() helpers and use them
2026-06-09 22:18 UTC
[PATCH nf-next] netfilter: flowtable: bail out if forward path cannot be discovered
2026-06-09 21:32 UTC
[PATCH v3 nf] netfilter: nft_exthdr: fix register tracking for F_PRESENT flag
2026-06-09 19:28 UTC
[PATCH v2 nf] netfilter: nft_exthdr: fix register tracking for F_PRESENT flag
2026-06-09 19:14 UTC
[PATCH v3 nf-next 0/3] netfilter: add restrictions/validations for packet rewrite
2026-06-09 11:51 UTC (4+ messages)
` [PATCH v3 nf-next 1/3] netfilter: nfnetlink_queue: restrict writes to network header
` [PATCH v3 nf-next 2/3] netfilter: nftables: restrict linklayer and network header writes
` [PATCH v3 nf-next 3/3] netfilter: nftables: restrict checkum update offset
[PATCH nf 1/1] netfilter: nf_flow_table: separate tunnel route state from direct xmit
2026-06-08 23:56 UTC (2+ messages)
[PATCH net-next 00/15] Netfilter/IPVS updates for net-next
2026-06-08 23:13 UTC (15+ messages)
` [PATCH net-next 07/15] netfilter: synproxy: protect nf_ct_seqadj_init() with conntrack lock
` [PATCH net-next 08/15] netfilter: cttimeout: detach dataplane timeout policy and repurpose refcount
` [PATCH net-next 09/15] netfilter: nf_conntrack_helper: dynamically allocate struct nf_conntrack_helper
` [PATCH net-next 10/15] netfilter: nf_conntrack_pptp: move GRE specific cleanup to GRE tracker
` [PATCH net-next 11/15] netfilter: nf_conntrack_helper: add refcounting from datapath
` [PATCH net-next 12/15] netfilter: conntrack: revert ct extension genid infrastructure
` [PATCH net-next 13/15] netfilter: conntrack: call nf_ct_gre_keymap_destroy() if master helper is pptp
` [PATCH net-next 14/15] netfilter: flowtable: avoid num_encaps underflow on bridge VLAN untag
` [PATCH net-next 15/15] netfilter: nf_conntrack: use get_unaligned_be32() in tcp_sack()
[PATCH net-next] ipvs: fix doc syntax for conn_max sysctl
2026-06-08 22:56 UTC
[PATCH net-next 01/15] ipvs: add conn_max sysctl to limit connections
2026-06-08 22:40 UTC (2+ messages)
[PATCH nf-next] netfilter: conntrack: check NULL when calling nf_ct_ext_find()
2026-06-08 21:36 UTC (3+ messages)
[PATCH nf-next v2 0/3] netfilter: add restrictions/validations for packet rewrite
2026-06-08 15:23 UTC (5+ messages)
` [PATCH nf-next v2 1/3] netfilter: nfnetlink_queue: restrict writes to network header
` [PATCH] netfilter: x_tables: avoid leaking percpu counter pointers
` [PATCH nf-next v2 2/3] netfilter: nftables: restrict linklayer and network header writes
` [PATCH nf-next v2 3/3] netfilter: nftables: restrict checkum update offset
[PATCH nf v2] netfilter: flowtable: Validate iph->ihl in nf_flow_ip4_tunnel_proto()
2026-06-08 12:33 UTC
[PATCH nf] netfilter: flowtable: Validate iph->ihl in nf_flow_ip4_tunnel_proto()
2026-06-08 12:21 UTC (3+ messages)
[PATCH nf-next] netfilter: nf_reject_ipv6: do not reject ICMPv6 Redirect with an ICMPv6 error
2026-06-08 11:42 UTC (2+ messages)
[PATCH net-next] net/netfilter/nfnetlink_cttimeout: Use strscpy() to copy strings into arrays
2026-06-08 9:54 UTC
[PATCH] netfilter: TCPMSS: fix dropped packets when MSS option is unaligned
2026-06-08 8:56 UTC (6+ messages)
` [PATCH v2] "
[PATCH nf v5 1/1] bridge: br_netfilter: pin bridge device while NFQUEUE holds fake dst
2026-06-08 5:43 UTC
[PATCH nf v4 1/1] bridge: br_netfilter: pin bridge device while NFQUEUE holds fake dst
2026-06-08 1:30 UTC (3+ messages)
[PATCH] netfilter: synproxy: fix unaligned access to TCP timestamp option
2026-06-07 21:29 UTC (3+ messages)
page: next (older)
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox