| Published | Title | Version | Author | Status |
|---|---|---|---|---|
| 2025-09-11 14:40 UTC | ipvs: Defer ip_vs_ftp unregister during netns cleanup | 3 | slavin452@gmail.com | in progress |
| 2025-09-11 14:38 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | in progress |
| 2025-09-11 09:50 UTC | netfilter: nft_byteorder: remove multi-register support | 2 | fw@strlen.de | finished in 3h40m0s |
| 2025-09-10 19:03 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 3h41m0s |
| 2025-09-10 08:02 UTC | netfilter: nf_tables: fix false negative lookups with ongoing transaction | 1 | fw@strlen.de | finished in 3h42m0s |
| 2025-09-09 21:21 UTC | ipvs: Check ipvs->enable before unregistration in __ip_vs_ftp_exit() | 2 | slavin452@gmail.com | finished in 3h49m0s |
| 2025-09-09 20:49 UTC | fib: Fix for existence check on Big Endian | 1 | phil@nwl.cc | skipped |
| 2025-09-09 12:45 UTC | netfilter: nft_set_bitmap: fix lockdep splat due to missing annotation | 1 | fw@strlen.de | finished in 57m0s |
| 2025-09-08 22:19 UTC | Makefile: Fix for 'make CFLAGS=...' | 1 | phil@nwl.cc | skipped |
| 2025-09-08 14:08 UTC | netfilter: Set expressions out of range in nft_add_set_elem() | 1 | chenyufeng@iie.ac.cn | finished in 3h37m0s |
| 2025-09-08 06:54 UTC | IPVS: Fix use-after-free issue in ip_vs_unbind_app() | 1 | slavin452@gmail.com | finished in 3h38m0s |
| 2025-09-05 15:36 UTC | prepare for EXPR_SET_ELEM removal | 1 | pablo@netfilter.org | skipped |
| 2025-09-04 15:24 UTC | Run all test suites via 'make check' | 4 | phil@nwl.cc | skipped |
| 2025-09-04 07:25 UTC | netfilter: updates for net | 2 | fw@strlen.de | finished in 3h56m0s |
| 2025-09-03 17:22 UTC | Run all test suites via 'make check' | 3 | phil@nwl.cc | skipped |
| 2025-09-02 21:54 UTC | netfilter: nft_ct: reject ambiguous conntrack expressions in inet tables | 2 | nickgarlis@gmail.com |
finished
in 4h0m0s
[1 findings] |
| 2025-09-02 18:58 UTC | netfilter: updates for net | 1 | fw@strlen.de | finished in 3h38m0s |
| 2025-09-02 13:35 UTC | netfilter: updates for net-next | 2 | fw@strlen.de | finished in 21h44m0s |
| 2025-09-02 11:35 UTC | meta: introduce meta ibrhwdr support | 1 | fmancera@suse.de | skipped |
| 2025-09-02 11:32 UTC | expr: meta: introduce ibrhwdr meta expression | 1 | fmancera@suse.de | skipped |
| 2025-09-02 11:28 UTC | netfilter: nft_meta_bridge: introduce NFT_META_BRI_IIFHWADDR support | 1 | fmancera@suse.de | finished in 3h47m0s |
| 2025-09-02 10:03 UTC | gitignore: ignore "tools/nftables.service" | 1 | fmancera@suse.de | skipped |
| 2025-09-01 13:46 UTC | ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable | 3 | zhtfdev@gmail.com | finished in 3h42m0s |
| 2025-09-01 08:08 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 3h51m0s |
| 2025-08-29 15:51 UTC | Run all test suites via 'make check' | 2 | phil@nwl.cc | skipped |
| 2025-08-29 15:02 UTC | netfilter: nf_reject_ipv4: remove unneeded exports | 1 | fw@strlen.de | finished in 3h40m0s |
| 2025-08-29 15:01 UTC | netfilter: nf_reject: don't reply to icmp error messages | 1 | fw@strlen.de | finished in 3h46m0s |
| 2025-08-29 14:25 UTC | Fixes (and fallout) from running tests/monitor in JSON mode | 1 | phil@nwl.cc | skipped |
| 2025-08-29 12:51 UTC | netfilter: xt_hashlimit: fix inconsistent return type in hashlimit_mt_* | 1 | linmq006@gmail.com | finished in 50m0s |
| 2025-08-29 08:36 UTC | netfilter: ipset: Remove unused htable_bits in macro ahash_region | 1 | zhen.ni@easystack.cn | finished in 42m0s |
| 2025-08-29 06:50 UTC | netfilter: nft_ct: reject ambiguous conntrack expressions in inet tables | 1 | nickgarlis@gmail.com | finished in 3h43m0s |
| 2025-08-28 23:50 UTC | netfilter: nft_set_pipapo: remove redundant test for avx feature bit | 1 | fw@strlen.de | finished in 5m0s |
| 2025-08-28 21:49 UTC | netfilter: nft_flowtable.sh: re-run with random mtu sizes | 1 | fw@strlen.de | finished in 48m0s |
| 2025-08-28 12:48 UTC | netfilter: nft_payload: extend offset to 65535 bytes | 1 | fmancera@suse.de | finished in 4h2m0s |
| 2025-08-28 12:33 UTC | nfct: helper: Extend error message for EBUSY | 2 | phil@nwl.cc | skipped |
| 2025-08-28 09:14 UTC | icmp: fix icmp_ndo_send address translation for reply direction | 3 | fabian@blaese.de | finished in 3h52m0s |
| 2025-08-27 22:33 UTC | net/netfilter/ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable | 2 | zhtfdev@gmail.com | finished in 3h42m0s |
| 2025-08-27 17:17 UTC | selftests: netfilter: fix udpclash tool hang | 1 | fw@strlen.de | finished in 37m0s |
| 2025-08-27 14:02 UTC | build: disable --with-unitdir by default | 1 | pablo@netfilter.org | skipped |
| 2025-08-27 13:38 UTC | netfilter updates for net | 1 | fw@strlen.de | finished in 3h39m0s |
| 2025-08-27 12:43 UTC | build: make `make distcheck` succeed in the face of absolute paths | 1 | jengelh@inai.de | skipped |
| 2025-08-26 17:06 UTC | Makefile: Fix for 'make distcheck' | 1 | phil@nwl.cc | skipped |
| 2025-08-26 13:31 UTC | net/netfilter/ipvs: Fix data-race in ip_vs_add_service / ip_vs_out_hook | 1 | zhtfdev@gmail.com | finished in 3h55m0s |
| 2025-08-26 10:57 UTC | trace: Fix for memleak in trace_alloc_list() error path | 1 | phil@nwl.cc | skipped |
| 2025-08-26 08:45 UTC | libnftables: continue on ENOBUFS errors when processing batch | 1 | pablo@netfilter.org | skipped |
| 2025-08-25 20:38 UTC | icmp: fix icmp_ndo_send address translation for reply direction | 2 | fabian@blaese.de | finished in 3h38m0s |
| 2025-08-25 20:17 UTC | icmp: fix icmp_ndo_send address translation for reply direction | 1 | fabian@blaese.de | finished in 3h55m0s |
| 2025-08-25 09:07 UTC | man: iptables-restore.8: document flush behaviour for user-defined chains | 1 | fw@strlen.de | skipped |
| 2025-08-23 22:03 UTC | tests: monitor: Fix for flag arrays in JSON output | 1 | phil@nwl.cc | skipped |
| 2025-08-22 08:15 UTC | netfilter: nf_tables: avoid atomic allocations for set flush | 2 | fw@strlen.de | finished in 4h1m0s |
| 2025-08-22 03:52 UTC | netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm | 2 | wangliang74@huawei.com | finished in 3h43m0s |
| 2025-08-21 10:39 UTC | extensions: man: Add a note about route_localnet sysctl | 1 | l.stelmach@samsung.com | skipped |
| 2025-08-21 10:38 UTC | doc: Add a note about route_localnet sysctl | 1 | l.stelmach@samsung.com | skipped |
| 2025-08-21 09:17 UTC | evaluate: simplify set to list normalisation for device expressions | 1 | pablo@netfilter.org | skipped |
| 2025-08-20 14:47 UTC | netfilter: updates for net-next | 1 | fw@strlen.de | finished in 3h49m0s |
| 2025-08-20 12:44 UTC | mnl: silence compiler warning | 1 | fw@strlen.de | skipped |
| 2025-08-20 12:37 UTC | netfilter: nf_reject: don't leak dst refcount for loopback packets | 1 | fw@strlen.de | finished in 3h48m0s |
| 2025-08-20 12:26 UTC | tests: shell: cover sets as set elems evaluation | 1 | pablo@netfilter.org | finished in 40m0s |
| 2025-08-20 04:33 UTC | netfilter: br_netfilter: reread nf_conn from skb after confirm() | 1 | wangliang74@huawei.com | finished in 3h43m0s |
| 2025-08-19 18:17 UTC | netfilter: conntrack: drop expectations before freeing templates | 1 | xqjcool@gmail.com | finished in 1h59m0s |
| 2025-08-19 09:23 UTC | fib: restore JSON output for relational expressions | 1 | pablo@netfilter.org | skipped |
| 2025-08-18 15:40 UTC | net: Convert to skb_dstref_steal and skb_dstref_restore | 2 | sdf@fomichev.me |
finished
in 3h50m0s
[1 findings] |
| 2025-08-18 11:22 UTC | netfilter: conntrack: helper: Replace -EEXIST by -EBUSY | 1 | phil@nwl.cc | finished in 3h50m0s |
| 2025-08-18 11:02 UTC | netfilter: nft_set_pipapo: Use nested-BH locking for nft_pipapo_scratch | 3 | bigeasy@linutronix.de | skipped |
| 2025-08-18 09:48 UTC | netfilter: nft_payload: Use csum_replace4() instead of opencoding | 2 | christophe.leroy@csgroup.eu | finished in 3h47m0s |
| 2025-08-18 09:07 UTC | Add IPIP flowtable SW acceleratio | 6 | lorenzo@kernel.org | finished in 4h6m0s |
| 2025-08-17 21:47 UTC | src: ensure chain policy evaluation when specified | 1 | pablo@netfilter.org | skipped |
| 2025-08-17 09:15 UTC | netfilter: ebtables: Use vmalloc_array() to improve code | 1 | rongqianfeng@vivo.com | finished in 1h46m0s |
| 2025-08-15 16:09 UTC | netfilter: nft_set_pipapo: Use nested-BH locking for nft_pipapo_scratch | 2 | bigeasy@linutronix.de | finished in 3h46m0s |
| 2025-08-15 15:57 UTC | nfct: helper: Extend error message for EEXIST | 1 | phil@nwl.cc | skipped |
| 2025-08-15 14:36 UTC | netfilter: nft_set_pipapo: speed up insertions | 1 | fw@strlen.de | finished in 3h50m0s |
| 2025-08-14 16:22 UTC | netfilter: ctnetlink: remove refcounting in dying list dumping | 1 | fw@strlen.de | finished in 3h51m0s |
| 2025-08-14 16:08 UTC | netfilter: nf_reject: don't leak dst refcount for loopback packets | 1 | fw@strlen.de | finished in 3h51m0s |
| 2025-08-13 17:07 UTC | table: Embed creating nft version into userdata | 1 | phil@nwl.cc | skipped |
| 2025-08-13 17:07 UTC | udata: Introduce NFTNL_UDATA_TABLE_NFT{VER,BLD} | 1 | phil@nwl.cc | skipped |
| 2025-08-13 17:05 UTC | json: Do not reduce single-item arrays on output | 1 | phil@nwl.cc | skipped |
| 2025-08-13 14:11 UTC | replace compound_expr_*() by type safe function | 1 | pablo@netfilter.org | skipped |
| 2025-08-13 11:36 UTC | Netfilter fixes for net | 1 | fw@strlen.de | finished in 3h49m0s |
| 2025-08-13 00:38 UTC | netfilter: nf_tables: reject duplicate device on updates | 1 | pablo@netfilter.org | finished in 3h45m0s |
| 2025-08-12 15:52 UTC | net: Convert to skb_dst_reset and skb_dst_restore | 1 | sdf@fomichev.me |
finished
in 3h46m0s
[1 findings] |
| 2025-08-12 09:58 UTC | netfilter: nft_payload: Use csum_replace4() instead of opencoding | 1 | christophe.leroy@csgroup.eu | finished in 3h42m0s |
| 2025-08-11 10:31 UTC | netfilter: nft_set_pipapo: fix null deref for empty set | 1 | fw@strlen.de | finished in 3h48m0s |
| 2025-08-11 09:25 UTC | tests: py: revert dccp python tests | 1 | fw@strlen.de | skipped |
| 2025-08-08 12:46 UTC | table: Embed creating nft version into userdata | 1 | phil@nwl.cc | skipped |
| 2025-08-08 12:45 UTC | src: netlink: netlink_delinearize_table() may return NULL | 1 | phil@nwl.cc | skipped |
| 2025-08-07 13:49 UTC | netfilter: nf_tables: Introduce NFTA_DEVICE_PREFIX | 1 | phil@nwl.cc | finished in 3h38m0s |
| 2025-08-07 11:29 UTC | Netfilter fixes for net | 1 | pablo@netfilter.org | finished in 3h46m0s |
| 2025-08-07 10:05 UTC | netfilter: nft_socket: remove WARN_ON_ONCE with giant cgroup tree | 1 | pablo@netfilter.org | finished in 2m0s |
| 2025-08-06 14:38 UTC | tests: shell: Fix packetpath/rate_limit for old socat | 1 | phil@nwl.cc | skipped |
| 2025-08-05 19:40 UTC | evaluate: check XOR RHS operand is a constant value | 1 | fw@strlen.de | skipped |
| 2025-08-04 10:35 UTC | netfilter: clean up returns in nf_conntrack_log_invalid_sysctl() | 1 | dan.carpenter@linaro.org | finished in 4h32m0s |
| 2025-08-04 10:10 UTC | netfilter: nft_set_pipapo: don't return bogus extension pointer | 1 | fw@strlen.de | finished in 3h38m0s |
| 2025-08-01 16:11 UTC | Run all test suites via 'make check' | 1 | phil@nwl.cc | skipped |
| 2025-08-01 15:25 UTC | netfilter: ctnetlink: fix memory leak in ctnetlink dump | 1 | fw@strlen.de | finished in 3h37m0s |
| 2025-08-01 10:52 UTC | doc: nft.8: Minor NAT STATEMENTS section review | 1 | phil@nwl.cc | skipped |
| 2025-08-01 09:47 UTC | bpf: Check flow_dissector ctx accesses are aligned | 1 | paul.chaignon@gmail.com | finished in 4h33m0s |
| 2025-07-31 22:29 UTC | Support wildcard netdev hooks | 5 | phil@nwl.cc | skipped |
| 2025-07-31 22:17 UTC | utils: Add helpers for interface name wildcards | 4 | phil@nwl.cc | skipped |
| 2025-07-30 22:25 UTC | evaluate: Fix for 'meta hour' ranges spanning date boundaries | 3 | phil@nwl.cc | skipped |
| 2025-07-30 21:45 UTC | netfilter: add back NETFILTER_XTABLES dependencies | 1 | arnd@kernel.org | finished in 1h23m0s |