Fernando Fernandez Mancera c4cde57c8a netfilter: nf_conncount: update last_gc only when GC has been performed ...

[ Upstream commit 7811ba4524 ]

Currently last_gc is being updated everytime a new connection is
tracked, that means that it is updated even if a GC wasn't performed.
With a sufficiently high packet rate, it is possible to always bypass
the GC, causing the list to grow infinitely.

Update the last_gc value only when a GC has been actually performed.

Fixes: d265929930 ("netfilter: nf_conncount: reduce unnecessary GC")
Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>

2026-01-19 13:10:16 +01:00

..

ipset

netfilter: ipset: Remove unused htable_bits in macro ahash_region

2025-10-19 16:21:34 +02:00

ipvs

ipvs: fix ipv4 null-ptr-deref in route error path

2026-01-19 13:09:43 +01:00

core.c

netfilter: let reset rules clean out conntrack entries

2024-03-06 14:38:46 +00:00

Kconfig

netfilter: nf_flow_table: count pending offload workqueue tasks

2024-04-27 17:05:24 +02:00

Makefile

netfilter: nf_flow_table: count pending offload workqueue tasks

2024-04-27 17:05:24 +02:00

nf_conncount.c

netfilter: nf_conncount: update last_gc only when GC has been performed

2026-01-19 13:10:16 +01:00

nf_conntrack_acct.c

netfilter: nf_conntrack_acct.c: A typo fix

2021-03-28 17:31:14 -07:00

nf_conntrack_amanda.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_conntrack_broadcast.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_conntrack_core.c

netfilter: conntrack: clamp maximum hashtable size to INT_MAX

2025-01-23 17:15:50 +01:00

nf_conntrack_ecache.c

netfilter: ecache: remove nf_exp_event_notifier structure

2021-08-25 12:50:38 +02:00

nf_conntrack_expect.c

netfilter: conntrack: convert to refcount_t api

2022-04-27 14:39:01 +02:00

nf_conntrack_extend.c

netfilter: conntrack: remove two export symbols

2019-12-17 22:59:31 +01:00

nf_conntrack_ftp.c

netfilter: remove BUG_ON() after skb_header_pointer()

2021-05-05 23:45:48 +02:00

nf_conntrack_h323_asn1.c

netfilter: nf_conntrack_h323: Add protection for bmp length out of range

2024-03-15 10:48:15 -04:00

nf_conntrack_h323_main.c

netfilter: fix clang-12 fmt string warnings

2021-06-01 23:53:51 +02:00

nf_conntrack_h323_types.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 484

2019-06-19 17:09:52 +02:00

nf_conntrack_helper.c

netfilter: conntrack: helper: Replace -EEXIST by -EBUSY

2025-09-09 18:50:18 +02:00

nf_conntrack_irc.c

netfilter: nf_conntrack_irc: Tighten matching on DCC message

2022-09-28 11:11:46 +02:00

nf_conntrack_labels.c

netfilter: not mark a spinlock as __read_mostly

2019-08-27 18:07:03 +02:00

nf_conntrack_netbios_ns.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152

2019-05-30 11:26:32 -07:00

nf_conntrack_netlink.c

netfilter: ctnetlink: fix refcount leak on table dump

2025-08-28 16:24:16 +02:00

nf_conntrack_pptp.c

netfilter: remove BUG_ON() after skb_header_pointer()

2021-05-05 23:45:48 +02:00

nf_conntrack_proto_dccp.c

netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one

2023-07-23 13:46:56 +02:00

nf_conntrack_proto_generic.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

nf_conntrack_proto_gre.c

netfilter: conntrack: nf_ct_gre_keymap_flush() removal

2021-07-02 02:07:01 +02:00

nf_conntrack_proto_icmp.c

netfilter: conntrack: pass hook state to log functions

2021-06-18 14:47:43 +02:00

nf_conntrack_proto_icmpv6.c

netfilter: conntrack: set icmpv6 redirects as RELATED

2022-12-31 13:14:14 +01:00

nf_conntrack_proto_sctp.c

netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new

2024-03-01 13:21:45 +01:00

nf_conntrack_proto_tcp.c

netfilter: let reset rules clean out conntrack entries

2024-03-06 14:38:46 +00:00

nf_conntrack_proto_udp.c

netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream state

2021-11-18 19:16:21 +01:00

nf_conntrack_proto.c

netfilter: conntrack: nf_ct_gre_keymap_flush() removal

2021-07-02 02:07:01 +02:00

nf_conntrack_sane.c

netfilter: remove BUG_ON() after skb_header_pointer()

2021-05-05 23:45:48 +02:00

nf_conntrack_seqadj.c

netfilter: conntrack, nat: prefer skb_ensure_writable

2019-05-31 18:02:45 +02:00

nf_conntrack_sip.c

netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.

2023-07-23 13:46:56 +02:00

nf_conntrack_snmp.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152

2019-05-30 11:26:32 -07:00

nf_conntrack_standalone.c

netfilter: conntrack: Bound nf_conntrack sysctl writes

2025-06-04 14:37:57 +02:00

nf_conntrack_tftp.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_conntrack_timeout.c

netfilter: update include directives.

2019-09-13 12:33:06 +02:00

nf_conntrack_timestamp.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 77

2019-05-24 17:37:51 +02:00

nf_dup_netdev.c

netfilter: nf_fwd_netdev: clear timestamp in forwarding path

2020-10-22 14:49:36 +02:00

nf_flow_table_core.c

netfilter: nf_flow_table: count pending offload workqueue tasks

2024-04-27 17:05:24 +02:00

nf_flow_table_inet.c

netfilter: flowtable: validate vlan header

2024-09-04 13:23:34 +02:00

nf_flow_table_ip.c

netfilter: flowtable: validate vlan header

2024-09-04 13:23:34 +02:00

nf_flow_table_offload.c

netfilter: flowtable: initialise extack before use

2024-09-04 13:23:19 +02:00

nf_flow_table_procfs.c

netfilter: nf_flow_table: count pending offload workqueue tasks

2024-04-27 17:05:24 +02:00

nf_hooks_lwtunnel.c

netfilter: add netfilter hooks to SRv6 data plane

2021-08-30 01:51:36 +02:00

nf_internals.h

netfilter: ctnetlink: add kernel side filtering for dump

2020-05-27 22:20:34 +02:00

nf_log_syslog.c

netfilter: nf_log: incorrect offset to network header

2022-07-21 21:24:23 +02:00

nf_log.c

netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger

2024-02-23 08:54:54 +01:00

nf_nat_amanda.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_nat_core.c

minmax: add in_range() macro

2025-10-19 16:21:28 +02:00

nf_nat_ftp.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_nat_helper.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-06-22 08:59:24 -04:00

nf_nat_irc.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_nat_masquerade.c

netfilter: nf_nat_masquerade: defer conntrack walk to work queue

2021-09-21 03:46:56 +02:00

nf_nat_proto.c

netfilter: nat: move nf_xfrm_me_harder to where it is used

2021-04-26 03:20:07 +02:00

nf_nat_redirect.c

netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses

2023-11-20 11:08:29 +01:00

nf_nat_sip.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_nat_tftp.c

netfilter: nf_conntrack_sip: fix expectation clash

2019-07-16 13:16:59 +02:00

nf_queue.c

netfilter: nf_queue: handle socket prefetch

2022-03-08 19:12:45 +01:00

nf_sockopt.c

netfilter: switch nf_setsockopt to sockptr_t

2020-07-24 15:41:54 -07:00

nf_synproxy_core.c

ip: Fix data-races around sysctl_ip_default_ttl.

2022-07-29 17:25:09 +02:00

nf_tables_api.c

netfilter: nf_tables: fix memory leak in nf_tables_newrule()

2026-01-19 13:10:16 +01:00

nf_tables_core.c

netfilter: nft_cmp: optimize comparison for 16-bytes

2022-08-31 17:16:41 +02:00

nf_tables_offload.c

netfilter: nf_tables: bail out early if hardware offload is not supported

2022-06-14 18:36:17 +02:00

nf_tables_trace.c

netfilter: nf_tables: convert pktinfo->tprot_set to flags field

2022-07-12 16:34:55 +02:00

nfnetlink_acct.c

netfilter: use nfnetlink_unicast()

2021-05-29 01:04:53 +02:00

nfnetlink_cthelper.c

Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net

2021-06-07 13:01:52 -07:00

nfnetlink_cttimeout.c

netfilter: use nfnetlink_unicast()

2021-05-29 01:04:53 +02:00

nfnetlink_hook.c

Remove DECnet support from kernel

2023-06-21 15:59:15 +02:00

nfnetlink_log.c

netfilter: nfnetlink_log: silence bogus compiler warning

2023-11-08 17:26:47 +01:00

nfnetlink_osf.c

netfilter: nfnetlink_osf: avoid OOB read

2023-09-19 12:23:00 +02:00

nfnetlink_queue.c

netfilter: nf_queue: drop packets with cloned unconfirmed conntracks

2024-09-04 13:23:19 +02:00

nfnetlink.c

netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM

2023-06-21 15:59:16 +02:00

nft_bitwise.c

netfilter: nf_tables: upfront validation of data via nft_data_init()

2022-08-31 17:16:41 +02:00

nft_byteorder.c

netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()

2023-11-28 16:56:24 +00:00

nft_chain_filter.c

netfilter: nf_tables: honor table dormant flag from netdev release event path

2024-05-02 16:24:46 +02:00

nft_chain_nat.c

netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()

2021-05-29 01:04:54 +02:00

nft_chain_route.c

netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()

2021-05-29 01:04:54 +02:00

nft_cmp.c

netfilter: nf_tables: upfront validation of data via nft_data_init()

2022-08-31 17:16:41 +02:00

nft_compat.c

netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()

2024-03-06 14:38:46 +00:00

nft_connlimit.c

netfilter: nft_connlimit: update the count if add was skipped

2026-01-19 13:09:35 +01:00

nft_counter.c

netfilter: nft_counter: Synchronize nft_counter_reset() against reader.

2024-09-04 13:23:32 +02:00

nft_ct.c

netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template.

2025-04-10 14:31:48 +02:00

nft_dup_netdev.c

netfilter: nf_tables_offload: incorrect flow offload action array size

2022-03-02 11:47:51 +01:00

nft_dynset.c

netfilter: nf_tables: allow clone callbacks to sleep

2024-08-19 05:45:50 +02:00

nft_exthdr.c

netfilter: nft_exthdr: fix offset with ipv4_find_option()

2025-04-10 14:31:49 +02:00

nft_fib_inet.c

netfilter: Add MODULE_DESCRIPTION entries to kernel modules

2020-06-25 00:50:31 +02:00

nft_fib_netdev.c

netfilter: Add MODULE_DESCRIPTION entries to kernel modules

2020-06-25 00:50:31 +02:00

nft_fib.c

netfilter: nf_tables: fix 'exist' matching on bigendian arches

2023-12-20 15:17:33 +01:00

nft_flow_offload.c

netfilter: flowtable: check for maximum number of encapsulations in bridge vlan

2026-01-19 13:09:35 +01:00

nft_fwd_netdev.c

netfilter: nf_tables_offload: incorrect flow offload action array size

2022-03-02 11:47:51 +01:00

nft_hash.c

netfilter: nftables: add nft_parse_register_store() and use it

2021-01-27 23:16:02 +01:00

nft_immediate.c

netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx

2025-05-22 14:08:27 +02:00

nft_last.c

netfilter: nf_tables: allow clone callbacks to sleep

2024-08-19 05:45:50 +02:00

nft_limit.c

netfilter: nf_tables: allow clone callbacks to sleep

2024-08-19 05:45:50 +02:00

nft_log.c

netfilter: nft_log: perform module load from nf_tables

2021-03-31 22:34:11 +02:00

nft_lookup.c

netfilter: nf_tables: missing iterator type in lookup walk

2024-10-17 15:10:41 +02:00

nft_masq.c

netfilter: nft_masq: correct length for loading protocol registers

2023-03-22 13:31:23 +01:00

nft_meta.c

netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()

2023-11-28 16:56:24 +00:00

nft_nat.c

netfilter: nf_tables: validate NFPROTO_* family

2024-02-23 08:54:29 +01:00

nft_numgen.c

netfilter: use get_random_u32 instead of prandom

2022-06-29 09:03:21 +02:00

nft_objref.c

netfilter: nf_tables: report use refcount overflow

2023-08-16 18:22:03 +02:00

nft_osf.c

netfilter: nf_tables: use the correct get/put helpers

2023-11-28 16:56:24 +00:00

nft_payload.c

netfilter: nft_payload: sanitize offset and length before calling skb_checksum()

2024-11-08 16:25:53 +01:00

nft_queue.c

netfilter: nftables: add nft_parse_register_load() and use it

2021-01-27 22:53:29 +01:00

nft_quota.c

netfilter: nft_quota: match correctly when the quota just depleted

2025-06-27 11:05:12 +01:00

nft_range.c

netfilter: nf_tables: upfront validation of data via nft_data_init()

2022-08-31 17:16:41 +02:00

nft_redir.c

netfilter: nft_redir: use struct nf_nat_range2 throughout and deduplicate eval call-backs

2023-11-20 11:08:29 +01:00

nft_reject_inet.c

netfilter: nf_tables: add and use nft_sk helper

2021-05-29 01:04:53 +02:00

nft_reject_netdev.c

netfilter: nft_reject: add reject verdict support for netdev

2020-10-31 10:41:00 +01:00

nft_reject.c

netfilter: nft_reject: unify reject init and dump into nft_reject

2020-10-31 10:40:42 +01:00

nft_rt.c

netfilter: nf_tables: validate NFPROTO_* family

2024-02-23 08:54:29 +01:00

nft_set_bitmap.c

netfilter: nf_tables: drop map element references from preparation phase

2023-07-23 13:46:44 +02:00

nft_set_hash.c

netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets only

2025-04-10 14:32:04 +02:00

nft_set_pipapo_avx2.c

netfilter: nf_set_pipapo_avx2: fix initial map fill

2025-06-27 11:05:18 +01:00

nft_set_pipapo_avx2.h

netfilter: nf_tables: prefer direct calls for set lookups

2021-05-29 01:04:27 +02:00

nft_set_pipapo.c

netfilter: nf_tables: missing iterator type in lookup walk

2024-10-17 15:10:41 +02:00

nft_set_pipapo.h

netfilter: nf_set_pipapo: fix initial map fill

2024-08-19 05:45:07 +02:00

nft_set_rbtree.c

netfilter: nf_tables: use timestamp to check for set element timeout

2024-08-19 05:45:50 +02:00

nft_socket.c

netfilter: nft_socket: fix sk refcount leaks

2024-10-17 15:10:37 +02:00

nft_synproxy.c

netfilter: nft_synproxy: avoid possible data-race on update operation

2026-01-19 13:10:16 +01:00

nft_tproxy.c

netfilter: nf_tables: validate NFPROTO_* family

2024-02-23 08:54:29 +01:00

nft_tunnel.c

netfilter: nft_tunnel: fix geneve_opt dump

2025-06-27 11:05:13 +01:00

nft_xfrm.c

netfilter: nf_tables: validate NFPROTO_* family

2024-02-23 08:54:29 +01:00

utils.c

netfilter: use actual socket sk rather than skb sk when routing harder

2020-10-30 12:57:39 +01:00

x_tables.c

netfilter: Fix use-after-free in get_info()

2024-11-08 16:25:53 +01:00

xt_addrtype.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_AUDIT.c

netfilter: fix clang-12 fmt string warnings

2021-06-01 23:53:51 +02:00

xt_bpf.c

bpf: Refactor BPF_PROG_RUN into a function

2021-08-17 00:45:07 +02:00

xt_cgroup.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_CHECKSUM.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_CLASSIFY.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_cluster.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_comment.c

treewide: Add SPDX license identifier for more missed files

2019-05-21 10:50:45 +02:00

xt_connbytes.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_connlabel.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_connlimit.c

netfilter: nf_conncount: rework API to use sk_buff directly

2026-01-19 13:09:35 +01:00

xt_connmark.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_CONNSECMARK.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_conntrack.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_cpu.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_CT.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_dccp.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_devgroup.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_dscp.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_DSCP.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-06-22 08:59:24 -04:00

xt_ecn.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_esp.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_hashlimit.c

netfilter: Replace zero-length array with flexible-array member

2020-03-15 15:20:16 +01:00

xt_helper.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_hl.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_HL.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-06-22 08:59:24 -04:00

xt_HMARK.c

netfilter: xt_HMARK: Use ip_is_fragment() helper

2020-08-28 19:55:51 +02:00

xt_IDLETIMER.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_ipcomp.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152

2019-05-30 11:26:32 -07:00

xt_iprange.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next

2019-06-25 01:32:59 +02:00

xt_ipvs.c

treewide: Add SPDX license identifier for more missed files

2019-05-21 10:50:45 +02:00

xt_l2tp.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_LED.c

netfilter: x_tables: fix LED ID check in led_tg_check()

2024-12-14 19:51:26 +01:00

xt_length.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_limit.c

netfilter: x_tables: improve limit_mt scalability

2021-05-29 01:04:52 +02:00

xt_LOG.c

netfilter: log: work around missing softdep backend module

2021-09-21 03:46:56 +02:00

xt_mac.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_mark.c

netfilter: xtables: fix typo causing some targets not to load on IPv6

2024-11-01 01:52:36 +01:00

xt_MASQUERADE.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_multiport.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_nat.c

netfilter: Add MODULE_DESCRIPTION entries to kernel modules

2020-06-25 00:50:31 +02:00

xt_NETMAP.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_nfacct.c

netfilter: xt_nfacct: don't assume acct name is null-terminated

2025-08-28 16:24:09 +02:00

xt_NFLOG.c

netfilter: xtables: fix typo causing some targets not to load on IPv6

2024-11-01 01:52:36 +01:00

xt_NFQUEUE.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_osf.c

netfilter: nfnetlink_osf: fix module autoload

2023-06-28 10:29:49 +02:00

xt_owner.c

netfilter: xt_owner: Fix for unsafe access of sk->sk_socket

2023-12-13 18:36:37 +01:00

xt_physdev.c

netfilter: inline xt_hashlimit, ebt_802_3 and xt_physdev headers

2019-09-13 12:32:48 +02:00

xt_pkttype.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_policy.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_quota.c

treewide: Add SPDX license identifier for more missed files

2019-05-21 10:50:45 +02:00

xt_rateest.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_RATEEST.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_realm.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_recent.c

netfilter: xt_recent: fix (increase) ipv6 literal buffer length

2023-11-20 11:08:29 +01:00

xt_REDIRECT.c

netfilter: nft_redir: use struct nf_nat_range2 throughout and deduplicate eval call-backs

2023-11-20 11:08:29 +01:00

xt_repldata.h

…

xt_sctp.c

netfilter: xt_sctp: validate the flag_info count

2023-09-19 12:22:49 +02:00

xt_SECMARK.c

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

2024-10-17 15:11:56 +02:00

xt_set.c

netfilter: inline four headers files into another one.

2019-08-13 12:14:26 +02:00

xt_socket.c

netfilter: xt_socket: missing ifdef CONFIG_IP6_NF_IPTABLES dependency

2022-03-02 11:47:51 +01:00

xt_state.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_statistic.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_string.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_tcpmss.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

xt_TCPMSS.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-06-22 08:59:24 -04:00

xt_TCPOPTSTRIP.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-06-22 08:59:24 -04:00

xt_tcpudp.c

treewide: Add SPDX license identifier for more missed files

2019-05-21 10:50:45 +02:00

xt_TEE.c

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 3

2019-05-21 11:28:40 +02:00

xt_time.c

netfilter: Replace HTTP links with HTTPS ones

2020-07-29 20:09:18 +02:00

xt_TPROXY.c

netfilter: disable defrag once its no longer needed

2021-04-26 03:20:07 +02:00

xt_TRACE.c

netfilter: xtables: fix typo causing some targets not to load on IPv6

2024-11-01 01:52:36 +01:00

xt_u32.c

netfilter: xt_u32: validate user space input

2023-09-19 12:22:49 +02:00