netfilter · Maintained
Maintainers
- M Pablo Neira Ayuso <pablo@netfilter.org>
- M Florian Westphal <fw@strlen.de>
- R Phil Sutter <phil@nwl.cc>
Paths
- F
include/linux/netfilter* - F
include/linux/netfilter/ - F
include/net/netfilter/ - F
include/uapi/linux/netfilter* - F
include/uapi/linux/netfilter/ - F
net/*/netfilter.c - F
net/*/netfilter/ - F
net/bridge/br_netfilter*.c - F
net/netfilter/ - F
tools/testing/selftests/net/netfilter/
Last 30 days
Most active threads (last 7 days)
-
HOTtoday
[PATCH net] ipvs: fix PMTU for GUE/GRE tunnel ICMP errors
2026-07-01 07:00 · 0 replies in 7d · Yizhou Zhao <hidden> -
HOTtoday
[PATCH net] netfilter: nf_nat_masquerade: recalculate TCP TS offset when port is randomized
2026-06-29 09:23 · 0 replies in 7d · xietangxin <hidden> -
DORMANTno replies
[PATCH 5.15.y] netfilter: nf_tables: restore set elements when delete set fails
2026-06-24 21:37 · 0 replies in 7d · Sid Kumar <hidden>
Active reviewers (last 30 days)
-
Florian Westphal <fw@strlen.de>
20 attestations (20 Suggested-by) · last on 2026-06-16 -
Fernando Fernandez Mancera <hidden>
14 attestations (14 Reviewed-by) · last on 2026-06-16 -
Ji'an Zhou <hidden>
10 attestations (10 Reported-by) · last on 2026-06-16 -
<hidden>
7 attestations (7 Reported-by) · last on 2026-06-16 -
Weiming Shi <hidden>
6 attestations (6 Reported-by) · last on 2026-06-16 -
Xiang Mei <hidden>
5 attestations (5 Reported-by) · last on 2026-06-16 -
Jeremy Sowden <hidden>
3 attestations (3 Acked-by) · last on 2026-06-16 -
Yiming Qian <hidden>
2 attestations (2 Reported-by) · last on 2026-06-23 -
Yizhou Zhao <hidden>
1 attestation (1 Reported-by) · last on 2026-07-01 -
Yuxiang Yang <hidden>
1 attestation (1 Reported-by) · last on 2026-07-01
Recent patches
Most-recent 30 patches in this subsystem on stable (capped at 30), ordered by date desc.
-
HOTtoday
[PATCH net] ipvs: fix PMTU for GUE/GRE tunnel ICMP errors
2026-07-01 · Yizhou Zhao <hidden> -
HOTtoday
[PATCH net] netfilter: nf_nat_masquerade: recalculate TCP TS offset when port is randomized
2026-06-29 · xietangxin <hidden> -
DORMANTno replies
[PATCH 5.15.y] netfilter: nf_tables: restore set elements when delete set fails
2026-06-24 · Sid Kumar <hidden> -
DORMANTno replies
[PATCH v2 v6.6-v6.1] netfilter: nf_tables: always walk all pending catchall elements
2026-06-23 · Shivani Agarwal <hidden> -
COOLING12d
Re: Linux 7.0.13
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 6.6.143
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 6.18.36
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 6.12.94
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING12d
Re: Linux 6.1.176
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 5.15.210
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 5.10.259
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING11d
[PATCH v6.1 3/3] netfilter: nf_tables: unconditionally bump set->nelems before insertion
2026-06-19 · Shivani Agarwal <hidden> -
COOLING11d
[PATCH v6.1 2/3] netfilter: nf_tables: fix set size with rbtree backend
2026-06-19 · Shivani Agarwal <hidden> -
COOLING11d
[PATCH v6.1 1/3] netfilter: nf_tables: always increment set element count
2026-06-19 · Shivani Agarwal <hidden> -
COOLING11d
[PATCH v6.6-v6.1] netfilter: nf_tables: always walk all pending catchall elements
2026-06-18 · Shivani Agarwal <hidden> -
COOLING5d
[PATCH 5.10 176/342] netfilter: nft_exthdr: fix register tracking for F_PRESENT flag
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
REVIEWED: 1 (0M) [PATCH 5.10 135/342] netfilter: conntrack_irc: fix possible out-of-bounds read
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.10 134/342] netfilter: synproxy: add mutex to guard hook reference counting
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.10 133/342] ipvs: clear the svc scheduler ptr early on edit
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.10 132/342] netfilter: xt_NFQUEUE: prefer raw_smp_processor_id
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.10 012/342] netfilter: xt_cpu: prefer raw_smp_processor_id
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
REVIEWED: 1 (0M) [PATCH 5.10 011/342] netfilter: synproxy: refresh tcphdr after skb_ensure_writable
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.15 194/411] netfilter: nft_exthdr: fix register tracking for F_PRESENT flag
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.15 193/411] netfilter: nf_log: validate MAC header was set before dumping it
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
REVIEWED: 1 (0M) [PATCH 5.15 153/411] netfilter: conntrack_irc: fix possible out-of-bounds read
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.15 152/411] netfilter: synproxy: add mutex to guard hook reference counting
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.15 151/411] ipvs: clear the svc scheduler ptr early on edit
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.15 150/411] netfilter: xt_NFQUEUE: prefer raw_smp_processor_id
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
[PATCH 5.15 013/411] netfilter: xt_cpu: prefer raw_smp_processor_id
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING5d
REVIEWED: 1 (0M) [PATCH 5.15 012/411] netfilter: synproxy: refresh tcphdr after skb_ensure_writable
2026-06-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Needs attention (review trailers in, no pickup)
Patches with review trailers that haven't landed in mainline and haven't been Acked by a maintainer. Oldest first.
-
STALE167d
REVIEWED: 1 (0M) [PATCH AUTOSEL 6.18-6.6] netfilter: nf_tables: avoid chain re-validation if possible
2025-12-23 · Sasha Levin <sashal@kernel.org> · 1 Tested-by -
DORMANTno replies
REVIEWED: 1 (0M) [PATCH v5.10-v6.6 ] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
2026-02-05 · Keerthana K <hidden> · 1 Reviewed-by -
DORMANTno replies
REVIEWED: 1 (0M) [PATCH 6.6.y 2/2] netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
2026-02-11 · Bin Lan <hidden> · 1 Reviewed-by -
STALE84d
REVIEWED: 1 (0M) [PATCH v3 6.6.y 1/8] netfilter: nft_set_pipapo: move prove_locking helper around
2026-03-04 · Natarajan KV <hidden> · 1 Reviewed-by -
STALE84d
REVIEWED: 1 (0M) [PATCH v3 6.6.y 2/8] netfilter: nft_set_pipapo: make pipapo_clone helper return NULL
2026-03-04 · Natarajan KV <hidden> · 1 Reviewed-by -
STALE84d
REVIEWED: 1 (0M) [PATCH v3 6.6.y 3/8] netfilter: nft_set_pipapo: prepare destroy function for on-demand clone
2026-03-04 · Natarajan KV <hidden> · 1 Reviewed-by -
STALE84d
REVIEWED: 1 (0M) [PATCH v3 6.6.y 4/8] netfilter: nft_set_pipapo: prepare walk function for on-demand clone
2026-03-04 · Natarajan KV <hidden> · 1 Reviewed-by -
STALE84d
REVIEWED: 1 (0M) [PATCH v3 6.6.y 5/8] netfilter: nft_set_pipapo: merge deactivate helper into caller
2026-03-04 · Natarajan KV <hidden> · 1 Reviewed-by -
STALE84d
REVIEWED: 1 (0M) [PATCH v3 6.6.y 6/8] netfilter: nft_set_pipapo: prepare pipapo_get helper for on-demand clone
2026-03-04 · Natarajan KV <hidden> · 1 Reviewed-by -
STALE84d
REVIEWED: 1 (0M) [PATCH v3 6.6.y 7/8] netfilter: nft_set_pipapo: move cloning of match info to insert/removal path
2026-03-04 · Natarajan KV <hidden> · 1 Reviewed-by
Quiet for 30+ days
Patches with no review trailers and no replies. Either the author is heads-down elsewhere or these slipped through. Oldest first.
-
STALE146d
[PATCH 5.10 204/300] netfilter: nf_tables: reject duplicate device on updates
2025-12-03 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
STALE202d
[PATCH 5.15 269/392] netfilter: nf_tables: reject duplicate device on updates
2025-12-03 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
STALE206d
[PATCH 6.1 394/568] netfilter: nf_tables: reject duplicate device on updates
2025-12-03 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 5.10.247
2025-12-06 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 5.15.197
2025-12-06 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
STALE206d
Re: Linux 6.1.159
2025-12-06 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
STALE195d
[PATCH 6.12 265/354] netfilter: flowtable: check for maximum number of encapsulations in bridge vlan
2025-12-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
STALE195d
[PATCH 6.12 266/354] netfilter: nf_conncount: rework API to use sk_buff directly
2025-12-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
STALE195d
[PATCH 6.12 267/354] netfilter: nft_connlimit: update the count if add was skipped
2025-12-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
STALE194d
[PATCH 6.17 394/507] netfilter: nft_connlimit: update the count if add was skipped
2025-12-16 · Greg Kroah-Hartman <gregkh@linuxfoundation.org>