| Published | Title | Version | Author | Status |
|---|---|---|---|---|
| 2025-12-24 12:48 UTC | netfilter: nf_tables: Fix memory leak in nf_tables_newrule() | 1 | zilin@seu.edu.cn | finished in 3h58m0s |
| 2025-12-19 11:53 UTC | netfilter: nf_conntrack: Add allow_clash to generic protocol handler | 1 | hamaguchi.yuto@da.mitsubishielectric.co.jp | finished in 3h57m0s |
| 2025-12-19 05:13 UTC | netfilter: replace -EEXIST with -EBUSY | 1 | da.gomez@kernel.org | finished in 3h50m0s |
| 2025-12-17 20:21 UTC | netfilter: nft_synproxy: avoid possible data-race on update operation | 1 | fmancera@suse.de | finished in 3h52m0s |
| 2025-12-16 19:08 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 3h57m0s |
| 2025-12-16 14:46 UTC | tests: monitor: Fix for out-of-path call | 1 | phil@nwl.cc | skipped |
| 2025-12-16 12:24 UTC | netfilter: nf_conncount: increase connection clean up limit to 64 | 1 | fmancera@suse.de | finished in 3h57m0s |
| 2025-12-15 16:15 UTC | net: sched: Fix ethx:ingress -> ethy:egress -> ethx:ingress mirred loop | 3 | jhs@mojatatu.com | finished in 4h2m0s |
| 2025-12-15 15:32 UTC | netfilter: nft_counter: Fix reset of counters on 32bit archs | 2 | anders.grahn@gmail.com | finished in 3h51m0s |
| 2025-12-15 12:12 UTC | netfilter: nft_counter: Fix reset of counters on 32bit archs | 1 | anders.grahn@gmail.com | finished in 3h52m0s |
| 2025-12-11 12:32 UTC | selftests: netfilter: packetdrill: avoid failure on HZ=100 kernel | 1 | fw@strlen.de | finished in 1h0m0s |
| 2025-12-11 12:31 UTC | netfilter: nf_tables: avoid softlockup warnings in nft_chain_validate | 1 | fw@strlen.de | skipped |
| 2025-12-11 12:30 UTC | netfilter: nf_tables: avoid chain re-validation if possible | 3 | fw@strlen.de |
finished
in 4h3m0s
[1 findings] |
| 2025-12-10 21:49 UTC | datatype: Accept IPv4 addresses for ip6addr_type | 1 | phil@nwl.cc | skipped |
| 2025-12-10 15:03 UTC | src: Convert ip {s,d}addr to IPv4-mapped as needed | 2 | phil@nwl.cc | skipped |
| 2025-12-10 11:07 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 3h48m0s |
| 2025-12-09 16:45 UTC | parser_bison: Less STRING more tokens | 1 | phil@nwl.cc | skipped |
| 2025-12-09 15:40 UTC | src: Implement ip {s,d}addr6 expressions | 1 | phil@nwl.cc | skipped |
| 2025-12-09 10:28 UTC | netfilter: nf_nat: remove bogus direction check | 1 | fw@strlen.de | finished in 3h51m0s |
| 2025-12-09 07:35 UTC | Add IP6IP6 flowtable SW acceleration | 2 | lorenzo@kernel.org | finished in 3h49m0s |
| 2025-12-08 23:03 UTC | selftests: netfilter: prefer xfail in case race wasn't triggered | 1 | fw@strlen.de | finished in 51m0s |
| 2025-12-07 16:06 UTC | Add IP6IP6 flowtable SW acceleration | 1 | lorenzo@kernel.org |
finished
in 3h52m0s
[3 findings] |
| 2025-12-07 01:09 UTC | inet: frags: flush pending skbs in fqdir_pre_exit() | 1 | kuba@kernel.org | finished in 4h0m0s |
| 2025-12-06 21:53 UTC | doc: fix typo in man-page | 1 | jeremy@azazel.net | skipped |
| 2025-12-05 23:43 UTC | build: avoid bashism in configure | 1 | jpalus@fastmail.com | skipped |
| 2025-12-05 11:58 UTC | netfilter: nf_conncount: fix leaked ct in error paths | 2 | fmancera@suse.de | finished in 3h56m0s |
| 2025-12-04 21:54 UTC | parser_bison: on syntax errors, output expected tokens | 1 | jan.konczak@cs.put.poznan.pl | skipped |
| 2025-12-04 14:01 UTC | netfilter: nf_conncount: fix leaked ct in error paths | 1 | fmancera@suse.de | finished in 4h3m0s |
| 2025-12-04 11:20 UTC | netfilter: nft_set_pipapo: fix range overlap detection | 1 | fw@strlen.de | finished in 3h58m0s |
| 2025-12-03 13:20 UTC | netfilter: nft_set_hash: fix potential NULL deref in nft_rhash_deactivate | 1 | mlbnkm1@gmail.com | finished in 53m0s |
| 2025-12-03 13:17 UTC | json: support element output | 1 | georg@syscid.com | skipped |
| 2025-12-03 09:03 UTC | netfilter: nft_set_rbtree: use cloned tree for insertions and removal | 2 | fw@strlen.de | finished in 3h53m0s |
| 2025-12-01 13:45 UTC | Add IP6IP6 flowtable SW acceleration | 1 | lorenzo@kernel.org |
finished
in 3h49m0s
[1 findings] |
| 2025-12-01 10:22 UTC | netfilter: Always set route tuple out ifindex | 1 | lorenzo@kernel.org | finished in 1h44m0s |
| 2025-11-30 17:25 UTC | Some common changes in ulogs: 1) Added debug log to indicate when stack is created. Helps to debug settings in configs for users | 1 | icegood1980@gmail.com | skipped |
| 2025-11-30 17:18 UTC | Update nlog plufin to provide more information to other ones | 1 | icegood1980@gmail.com | skipped |
| 2025-11-30 17:00 UTC | Added netfilter output plugin with ability to write into pcap nflog packets | 1 | icegood1980@gmail.com | skipped |
| 2025-11-27 22:21 UTC | selftests: netfilter: nft_flowtable.sh: Add the capability to send IPv6 TCP traffic | 2 | lorenzo@kernel.org | finished in 49m0s |
| 2025-11-27 12:33 UTC | netfilter: x_tables: statistic nth match account GRO/GSO packets | 1 | hawk@kernel.org | finished in 3h51m0s |
| 2025-11-26 15:13 UTC | parser_bison: Less STRING more tokens | 1 | phil@nwl.cc | skipped |
| 2025-11-26 11:47 UTC | netfilter: nf_tables: avoid chain re-validation if possible | 1 | fw@strlen.de | finished in 3h56m0s |
| 2025-11-25 22:32 UTC | Netfilter updates for net-next | 1 | pablo@netfilter.org | finished in 4h9m0s |
| 2025-11-25 13:03 UTC | tests: shell: bad_rule_graphs: add chain linked from different hooks | 1 | fw@strlen.de | skipped |
| 2025-11-24 17:35 UTC | src: add connlimit stateful object support | 3 | fmancera@suse.de | skipped |
| 2025-11-24 16:36 UTC | netfilter: nft_connlimit: add support to object update operation | 2 | fmancera@suse.de | finished in 3h51m0s |
| 2025-11-22 18:41 UTC | selftests: netfilter: nft_flowtable.sh: Add the capability to send IPv6 TCP traffic | 1 | lorenzo@kernel.org | finished in 49m0s |
| 2025-11-22 00:37 UTC | netfilter: nfnetlink_queue: optimize verdict lookup with hash table | 5 | scott.k.mitch1@gmail.com | finished in 3h50m0s |
| 2025-11-21 10:44 UTC | net: ipv4: fix spelling typos in comments | 2 | i.shihao.999@gmail.com | finished in 50m0s |
| 2025-11-21 08:52 UTC | ipvs: fix ipv4 null-ptr-deref in route error path | 2 | slavin452@gmail.com | finished in 3h50m0s |
| 2025-11-20 19:03 UTC | ipvs: fix ipv4 null-ptr-deref in route error path | 1 | slavin452@gmail.com | finished in 3h56m0s |
| 2025-11-20 15:18 UTC | doc/netlink: Expand nftables specification | 5 | one-d-wide@protonmail.com | finished in 55m0s |
| 2025-11-20 14:28 UTC | nft: Support replacing a rule added in the same batch | 1 | phil@nwl.cc | skipped |
| 2025-11-20 11:33 UTC | src: move fuzzer functionality to separate tool | 1 | fw@strlen.de | skipped |
| 2025-11-19 23:51 UTC | rule: skip CMD_OBJ_SETELEMS with no elements after set flush | 1 | pablo@netfilter.org | skipped |
| 2025-11-19 12:42 UTC | netfilter: nf_tables: remove redundant chain validation on register store | 1 | pablo@netfilter.org | finished in 4h5m0s |
| 2025-11-19 03:01 UTC | netfilter: conntrack: Add missing modification about data-race around ct->timeout | 2 | zhaochenguang@kylinos.cn | finished in 4h2m0s |
| 2025-11-18 23:50 UTC | netfilter: nf_tables: skip register jump/goto validation for non-base chain | 1 | pablo@netfilter.org | finished in 3h48m0s |
| 2025-11-18 13:46 UTC | Support socket access-control | 4 | ivanov.mikhail1@huawei-partners.com | finished in 4h18m0s |
| 2025-11-18 11:16 UTC | netfilter: nft_set_rbtree: use cloned tree for insertions and removal | 1 | fw@strlen.de | finished in 4h20m0s |
| 2025-11-17 21:55 UTC | tests: shell: add device to sets/0075tunnel_0 to support older kernels | 1 | pablo@netfilter.org | skipped |
| 2025-11-17 08:56 UTC | netfilter: conntrack: Add missing modification about data-race around ct->timeout | 1 | zhaochenguang@kylinos.cn | finished in 3h57m0s |
| 2025-11-15 11:04 UTC | src: add connlimit stateful object support | 2 | fmancera@suse.de | skipped |
| 2025-11-14 21:01 UTC | xshared: restore legal options for combined `-L -Z` commands | 1 | jeremy@azazel.net | skipped |
| 2025-11-14 12:36 UTC | audit: improve NETFILTER_PKT records | 7 | rrobaina@redhat.com | finished in 3h49m0s |
| 2025-11-14 00:25 UTC | Fix netlink debug output on Big Endian | 2 | phil@nwl.cc | skipped |
| 2025-11-13 20:30 UTC | parser_json: support handle for rule positioning without breaking other objects | 4 | knecht.alexandre@gmail.com | skipped |
| 2025-11-13 15:46 UTC | netfilter: nfnetlink_queue: optimize verdict lookup with hash table | 4 | scott.k.mitch1@gmail.com | finished in 4h1m0s |
| 2025-11-13 15:32 UTC | netfilter: nfnetlink_queue: optimize verdict lookup with hash table | 3 | scott.k.mitch1@gmail.com | finished in 4h0m0s |
| 2025-11-13 09:26 UTC | netfilter: nfnetlink_queue: optimize verdict lookup with hash table | 2 | scott.k.mitch1@gmail.com |
finished
in 3h56m0s
[1 findings] |
| 2025-11-13 07:28 UTC | tests: shell: add packetpath test for meta time expression. | 2 | yiche@redhat.com | finished in 50m0s |
| 2025-11-12 18:42 UTC | tunnel: add missing tunnel object list support | 1 | fmancera@suse.de | skipped |
| 2025-11-12 16:03 UTC | netfilter: nfnetlink_queue: optimize verdict lookup with hash table | 1 | scott.k.mitch1@gmail.com | finished in 3h52m0s |
| 2025-11-12 07:38 UTC | tests: shell: add packetpath test for meta time expression. | 1 | yiche@redhat.com | finished in 44m0s |
| 2025-11-10 10:35 UTC | conntrackd: restrict multicast reception | 1 | pablo@netfilter.org | skipped |
| 2025-11-09 19:24 UTC | conntrack: bridge: add double vlan, pppoe and pppoe-in-q | 17 | ericwouds@gmail.com | finished in 3h38m0s |
| 2025-11-09 09:23 UTC | Added netfilter output plugin with ability to write into pcap nflog packets | 1 | icegood1980@gmail.com | skipped |
| 2025-11-07 11:14 UTC | Add IPIP flowtable SW acceleration | 9 | lorenzo@kernel.org | skipped |
| 2025-11-06 16:53 UTC | audit: improve NETFILTER_PKT records | 5 | rrobaina@redhat.com | finished in 1h57m0s |
| 2025-11-06 11:17 UTC | doc: libnftables-json: Describe RULESET object | 1 | phil@nwl.cc | skipped |
| 2025-11-06 08:35 UTC | parser_json: support handle for rule positioning in JSON add rule | 3 | knecht.alexandre@gmail.com | skipped |
| 2025-11-04 17:20 UTC | netfilter: nft_connlimit: add support to object update operation | 1 | fmancera@suse.de | finished in 3h56m0s |
| 2025-11-04 17:13 UTC | src: add connlimit stateful object support | 1 | fmancera@suse.de | skipped |
| 2025-11-04 17:11 UTC | src: add connlimit stateful object support | 1 | fmancera@suse.de | skipped |
| 2025-11-04 14:59 UTC | selftests: netfilter: Add bridge_fastpath.sh | 4 | ericwouds@gmail.com | finished in 55m0s |
| 2025-11-04 14:57 UTC | conntrack: bridge: add double vlan, pppoe and pppoe-in-q | 16 | ericwouds@gmail.com | finished in 3h57m0s |
| 2025-11-03 18:16 UTC | rule: add missing documentation for cmd_obj enum | 1 | fmancera@suse.de | skipped |
| 2025-11-03 14:31 UTC | netfilter: nf_tables: add math expression support | 2 | fmancera@suse.de | finished in 45m0s |
| 2025-11-03 14:28 UTC | expr: add support to math expression | 2 | fmancera@suse.de | skipped |
| 2025-11-01 19:20 UTC | netfilter: ip6t_srh: fix UAPI kernel-doc comments format | 1 | rdunlap@infradead.org | finished in 48m0s |
| 2025-11-01 19:20 UTC | netfilter: nf_tables: improve UAPI kernel-doc comments | 1 | rdunlap@infradead.org | finished in 47m0s |
| 2025-10-31 13:59 UTC | audit: improve NETFILTER_PKT records | 4 | rrobaina@redhat.com | finished in 3h54m0s |
| 2025-10-31 13:08 UTC | netfilter: nft_connlimit: fix duplicated tracking of a connection | 3 | fmancera@suse.de | finished in 4h15m0s |
| 2025-10-30 14:57 UTC | tests: shell: nat_ftp SNAT/DNAT only testcases | 3 | a.melnychenko@vyos.io | skipped |
| 2025-10-30 12:19 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 4h6m0s |
| 2025-10-30 08:35 UTC | treewide: Rename ERR_PTR_PCPU() --> PCPU_ERR_PTR() | 1 | andriy.shevchenko@linux.intel.com | finished in 44m0s |
| 2025-10-29 22:45 UTC | parser_json: support handle for rule positioning in JSON add rule | 2 | knecht.alexandre@gmail.com | skipped |
| 2025-10-29 13:56 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 3h51m0s |
| 2025-10-29 13:23 UTC | netfilter: nft_connlimit: fix duplicated tracking of a connection | 2 | fmancera@suse.de | skipped |
| 2025-10-29 00:30 UTC | parser_json: support handle for rule positioning in JSON add rule | 1 | knecht.alexandre@gmail.com | skipped |
| 2025-10-28 17:29 UTC | selftest: net: fix socklen_t type mismatch in sctp_collision test | 2 | ankitkhushwaha.linux@gmail.com | finished in 49m0s |