Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | ebtables: Allow RETURN target rules in user defined chains | Alin Năstac | 2015-10-28 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | During loop checking ebtables marks entries with '1 << NF_BR_NUMHOOKS' if they're called from a base chain rather than a user defined chain. This can be used by ebtables targets that can encode a special return value to bail out if e.g. RETURN is used from a base chain. Unfortunately, this is broken, since the '1 << NF_BR_NUMHOOKS' is also copied to called user-defined-chains (i.e., a user defined chain can no longer be distinguished from a base chain): root@OpenWrt:~# ebtables -N foo root@OpenWrt:~# ebtables -A OUTPUT -j foo root@OpenWrt:~# ebtables -A foo -j mark --mark-or 3 --mark-target RETURN --mark-target RETURN not allowed on base chain. This works if -A OUTPUT -j foo is omitted, but will still appear if we try to call foo from OUTPUT afterwards. After this patch we still reject '-A OUTPUT -j mark .. --mark-target RETURN'. Signed-off-by: Florian Westphal <fw@strlen.de> | ||||
* | ethernetdb.h: Remove C++ specific compiler hint macro _THROW | Felix Janda | 2015-05-21 | 1 | -6/+5 |
| | | | | | | | Fixes compilation with musl libc Signed-off-by: Felix Janda <felix.janda@posteo.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | extensions: Use stdint types | Felix Janda | 2015-05-21 | 2 | -7/+7 |
| | | | | | Signed-off-by: Felix Janda <felix.janda@posteo.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | Add kernel headers needed from v3.16 | Pedro Alvarez | 2015-03-02 | 20 | -0/+860 |
| | | | | | | | | | | | | | | Ebtables fails to compile with versions of the linux headers greater than v3.16 with this error: extensions/ebt_ulog.c:17:45: fatal error: linux/netfilter_bridge/ebt_ulog.h: No such file or directory #include <linux/netfilter_bridge/ebt_ulog.h> This patch adds netfilter_bridge headers for every supported extension, including filter.h and types.h, to avoid this problem and future problems with changes in the kernel headers. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | don't print IPv6 mask if it's all ones (based on patch by Mariusz Mazur ↵ | Bart De Schuymer | 2014-04-14 | 3 | -2/+16 |
| | | | | <mmazur at axeos.com>) | ||||
* | remove ebtables-restore binary from repository | Bart De Schuymer | 2013-07-31 | 1 | -118/+0 |
| | |||||
* | Add --noflush command line support for ebtables-restore | Sanket Shah | 2013-07-31 | 1 | -4/+25 |
| | |||||
* | workaround for kernel regression bug: IPv6 source/destination addresses are ↵ | Luis Fernando | 2013-07-03 | 1 | -0/+4 |
| | | | | potentially not matched correctly | ||||
* | add info about -Wl,-no-as-needed | Bart De Schuymer | 2013-07-03 | 1 | -0/+2 |
| | |||||
* | fix compilation warning | Petri Gynther | 2013-02-24 | 1 | -1/+1 |
| | |||||
* | add RARP and update iana url | Bart De Schuymer | 2012-07-03 | 1 | -4/+6 |
| | |||||
* | bump release and update program dateebtables-2.0.10-4 | Bart De Schuymer | 2011-12-15 | 1 | -2/+2 |
| | |||||
* | changelog for 2.0.10-4 | Bart De Schuymer | 2011-12-15 | 1 | -0/+3 |
| | |||||
* | bugfix: setting rule in first built-in chain caused setting all counters to ↵ | Bart De Schuymer | 2011-12-15 | 1 | -1/+1 |
| | | | | zero (thanks to James Sinclair) | ||||
* | typo | Bart De Schuymer | 2011-12-04 | 1 | -1/+1 |
| | |||||
* | add changelog for v 2.0.10-3 | Bart De Schuymer | 2011-12-04 | 1 | -0/+3 |
| | |||||
* | bump version | Bart De Schuymer | 2011-12-04 | 1 | -1/+1 |
| | |||||
* | fix rule counter bug (reported by James Sinclair): possible wrong ↵ | Bart De Schuymer | 2011-12-04 | 1 | -0/+1 |
| | | | | initialization of counters | ||||
* | add changelog for v2.0.10-2 | Bart De Schuymer | 2011-08-11 | 1 | -0/+6 |
| | |||||
* | respect LDFLAGS (Peter Volkov) | Bart De Schuymer | 2011-08-11 | 2 | -2/+2 |
| | |||||
* | enable compiler optimizations, bump release number | Bart De Schuymer | 2011-08-11 | 1 | -2/+2 |
| | |||||
* | small changes to remove warnings when optimization is on (thanks to Peter ↵ | Bart De Schuymer | 2011-08-11 | 1 | -4/+4 |
| | | | | Volkov) | ||||
* | initialize some variables to get rid of warnings when compiling with ↵ | Bart De Schuymer | 2011-08-11 | 2 | -4/+4 |
| | | | | optimization | ||||
* | remove definition of __EXPORTED_HEADERS__: we use sanitized header files now | Bart De Schuymer | 2011-08-11 | 2 | -2/+0 |
| | |||||
* | add changelog for v2.0.10-1 | Bart De Schuymer | 2011-07-10 | 1 | -0/+15 |
| | |||||
* | bump prog version, add LOCKDIR variable, add -Werror compile flag | Bart De Schuymer | 2011-07-10 | 1 | -10/+13 |
| | |||||
* | remove compile warning, conditionally define LOCKFILE | Bart De Schuymer | 2011-07-10 | 1 | -0/+4 |
| | |||||
* | define __EXPORTED_HEADERS__ to get access to kernel headers | Bart De Schuymer | 2011-07-10 | 1 | -1/+1 |
| | |||||
* | add a reference to the lock file | Bart De Schuymer | 2011-07-10 | 1 | -0/+1 |
| | |||||
* | add info about the lock file compile time option | Bart De Schuymer | 2011-07-10 | 1 | -3/+6 |
| | |||||
* | remove irrelevant negative value check for the result of strtoul, found by ↵ | Bart De Schuymer | 2011-06-23 | 1 | -7/+0 |
| | | | | Coverity static analysis (thanks to Jiri Popelka) | ||||
* | free possible memory leak found by Coverity static analysis (Jiri Popelka) | Bart De Schuymer | 2011-06-23 | 1 | -0/+2 |
| | |||||
* | fix use-after-free issue found by Coverity static analysis (thanks to Jiri ↵ | Bart De Schuymer | 2011-06-23 | 1 | -2/+2 |
| | | | | Popelka) | ||||
* | fix possible issues found by Coverity static analysis (thanks to Jiri Popelka) | Bart De Schuymer | 2011-06-23 | 1 | -3/+7 |
| | |||||
* | Make the error message printed when an update of a table is rejected by the ↵ | Bart De Schuymer | 2011-06-19 | 1 | -3/+7 |
| | | | | kernel | ||||
* | export use_lockfd | Bart De Schuymer | 2011-06-19 | 1 | -0/+2 |
| | |||||
* | add logic to support the --concurrent option: use a file lock to support ↵ | Bart De Schuymer | 2011-06-19 | 1 | -0/+67 |
| | | | | concurrent scripts running ebtables | ||||
* | add logic to support the --concurrent option: use a file lock to support ↵ | Bart De Schuymer | 2011-06-19 | 1 | -0/+14 |
| | | | | concurrent scripts running ebtables | ||||
* | add option --concurrent | Bart De Schuymer | 2011-06-19 | 1 | -0/+3 |
| | |||||
* | rename the libebtc target to libebtc.so and remove the .PHONY for libebtc ↵ | Bart De Schuymer | 2011-06-19 | 1 | -5/+4 |
| | | | | (thanks to Bertrand Jacquin) | ||||
* | only test on errno when an error occurred (especially on mips); fix some ↵ | Bart De Schuymer | 2011-05-29 | 1 | -5/+5 |
| | | | | warnings | ||||
* | extend ebt_ip6 to allow matching on ipv6-icmp types/codes (by Florian Westphal) | Bart De Schuymer | 2011-01-18 | 3 | -2/+240 |
| | |||||
* | put include of ebtables_u.h higher so that __EXPORTED_HEADERS__ is defined | Bart De Schuymer | 2010-12-18 | 3 | -3/+3 |
| | |||||
* | define __EXPORTED_HEADERS__ so we don't get warnings about: Attempt to use ↵ | Bart De Schuymer | 2010-12-18 | 1 | -0/+1 |
| | | | | kernel headers from user space | ||||
* | remove reference to old mailing lists and refer to the relevant web pages ↵ | Bart De Schuymer | 2010-12-18 | 1 | -3/+3 |
| | | | | instead | ||||
* | *** empty log message *** | Bart De Schuymer | 2010-04-22 | 1 | -0/+2 |
| | |||||
* | fix --among-dst-file, which translated into --among-src (reported by Thierry ↵ | Bart De Schuymer | 2010-04-22 | 1 | -1/+1 |
| | | | | Watelet) | ||||
* | fix syntax error with DESTDIR | Bart De Schuymer | 2010-03-18 | 1 | -2/+2 |
| | |||||
* | use PRIu64 instead of llu with 64-bit unsigned integers | Bart De Schuymer | 2010-03-16 | 1 | -1/+1 |
| | |||||
* | add LDFLAGS (Peter Volkov) | Bart De Schuymer | 2010-03-16 | 2 | -5/+4 |
| |