| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Moves common fw_malloc() and fw_calloc() to xtables.c | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-07-24 | 4 | -48/+35 |
| | | |||||
| * | Adds xtables.[ch] and change Makefile to compile it | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-07-24 | 3 | -7/+30 |
| | | |||||
| * | [PATCH] iptables-xml | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-07-17 | 3 | -3/+117 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Attached are: 1. A man page for iptables-xml 2. A fix for iptables.xslt allowing for an arbitrary depth of arguments or modifiers. Although iptables-xml cannot generate more than two levels deep, xml generated by other systems may prefer to generate <action> <restore-mark> <mask>0xff00</mask> </restore-mark> </action> than <action> <restore-mark/> <mask>0xff00</mask> </action> (which is what iptables-xml generates) even though the same iptables is re-generated on conversion. 3. A fix for iptables-xml.c so that combining of consecutive targets of rules with the same match into one XML rule, will not combine over a terminating action; i.e. there is no point in converting -A table -p tcp -j DROP -A table -p tcp -j MARK --set-mark 25 -A table -p tcp -j RETURN into one XML rule with multiple actions as they are probably not logically combined in the mind of the author. Signed-off by: Sam Liddicott <azez@ufomechanic.net> | ||||
| * | Ignore generated files | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-07-16 | 0 | -0/+0 |
| | | |||||
| * | Adds missing explanations about FIN in mask part of '--syn' in libip[6]_tcp.c | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-07-16 | 3 | -3/+3 |
| | | | | | and libip6t_tcp.man. | ||||
| * | Adds missing FIN to mask part generated by '--syn' of libip6t_tcp | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-07-16 | 2 | -2/+2 |
| | | |||||
| * | [PATCH] Change default KERNEL_DIR location and add KBUILD_OUTPUT (Sven ↵ | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-07-15 | 1 | -2/+8 |
| | | | | | Wegener <sven.wegener@stealer.net>) | ||||
| * | Fixes compile error of connlimit where NO_SHARED_LIBS=1 is specified | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-07-13 | 2 | -2/+2 |
| | | |||||
| * | PATCH: Add connlimit to iptables. | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-07-09 | 6 | -2/+352 |
| | | | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de> | ||||
| * | [PATCH]: libipt_statistic: add a few missing validity checks | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-07-03 | 1 | -0/+9 |
| | | | | | Signed-off-by: Nicolas Bouliane | ||||
| * | Removes KERNEL_64_USERSPACE_32 | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-06-30 | 6 | -124/+0 |
| | | | | | | | | The recent kernel has compat layer for iptables. It doesn't have compat layer for libipq and ip6tables, but ip6tables with KERNEL_64_USERSPACE_32 is still broken. We should fix kernel instead of fixing them if and when we want use their 32bit binary with 64bit kernel. | ||||
| * | Removes some KERNEL_64_USERSPACE_32 because linux 2.6 has compat layer | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-06-28 | 16 | -167/+3 |
| | | |||||
| * | Fix "iptables getsockopt failed strangely" when querying revisions for ↵ | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-06-26 | 2 | -2/+2 |
| | | | | | | | non-existant matches and targets Reported by Joseph Jezak <josejx@gentoo.org>. | ||||
| * | Add Jozsef's TRACE target. | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-06-25 | 5 | -2/+148 |
| | | | | | | Changed to be built unconditionally by myself since it doesn't need any headerfiles anyways. | ||||
| * | bump versionsvn_t_iptables_1_3_8 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-25 | 1 | -2/+2 |
| | | |||||
| * | Fixes build error of conntrack match because of missing ip_conntrack_tuple.h | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-06-24 | 1 | -1/+0 |
| | | | | | | in linux 2.6.22. It is not needed because nf_conntrack headers can be used instead. | ||||
| * | A white space fix in ip6tables.c | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-06-12 | 1 | -1/+1 |
| | | |||||
| * | '-p all' and '-p 0' should be allowed. And actually ip6tables in kernel | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org | 2007-06-11 | 1 | -7/+6 |
| | | | | | | allows '! -p xxx' where xxx is extension header. It matches all valid IPv6 packets. | ||||
| * | [PATCH] libipt_hashlimit doc update | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-06-03 | 1 | -2/+2 |
| | | | | | | | Add srcip,srcport to hashlimit manpage. Signed-off-by: Jan Engelhardt <jengelh@gmx.de> | ||||
| * | Add --random option to DNAT and REDIRECT targets and fix the manpage mess ↵ | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-05-29 | 7 | -27/+76 |
| | | | | | this option left behind. | ||||
| * | Use posix conform directory existance check (Roy Marples <uberlord@gentoo.org>) | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-05-10 | 1 | -1/+1 |
| | | | | | | | Makefile uses [ -a /dir ] which is invalid on non bash shells Bugzilla #569 | ||||
| * | Fix missing newlines in iptables-save/restore output (Pavol Rusnak ↵ | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-05-10 | 4 | -6/+6 |
| | | | | | | | <prusnak@suse.cz>) Bugzilla #568 | ||||
| * | [PATCH] update quota manpage for SMP (Phil Oester) | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-05-02 | 1 | -1/+0 |
| | | | | | | The quota match works fine on SMP, so update the manpage to reflect this. Closes bugzilla #564. | ||||
| * | In fixing bug #446 [1], the output for unspecified proto was changed from ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-30 | 2 | -0/+2 |
| | | | | | "all" to "0". This reverts to the original behaviour, and closes bugzilla #543. (Phil Oester) | ||||
| * | Fix iptables-save with --random option | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-04-18 | 3 | -3/+14 |
| | | |||||
| * | Remove unnecessary IP_NAT_RANGE_PROTO_RANDOM ifdefs. | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-04-18 | 3 | -45/+7 |
| | | |||||
| * | Remove libnsl from LDLIBS | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-04-18 | 1 | -1/+1 |
| | | | | | Bugzilla 557 | ||||
| * | fix problem with iptables-restore and quotes (close bugzilla id 505) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-18 | 1 | -15/+32 |
| | | |||||
| * | Use nf_conntrack headers instead of ip_conntrack ones and add sanitized ↵ | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-04-18 | 16 | -12/+308 |
| | | | | | versions. | ||||
| * | Remove unnecessary ip_conntrack/ip_nat includes | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-04-18 | 2 | -2/+0 |
| | | |||||
| * | revert some slipped through patches | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-16 | 2 | -33/+16 |
| | | |||||
| * | prepare conntrack and conntrackd merge: rename conntrack to conntrack-tools | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-16 | 2 | -16/+33 |
| | | |||||
| * | Fix iptables --modprobe parameter (Maurice van der Pot <griffon26@kfk4ever.com>) | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net | 2007-04-16 | 1 | -1/+1 |
| | | | | | | | Supply modprobe parameter to iptables_insmod function. Bugzilla #556 | ||||
| * | ip6tables-restore should output error of modprobe if failed to load | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-03-20 | 1 | -1/+1 |
| | | | | | ip6tables.ko after failed to initialize handle. | ||||
| * | Fixes typos in the argument of ip[6]tables_insmod: quit -> quiet | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-03-20 | 4 | -12/+14 |
| | | |||||
| * | Supress error message from modprobe on checking revision. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-03-13 | 6 | -22/+34 |
| | | |||||
| * | Fix cut and paste error breaking use of groups != 0 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-03-06 | 2 | -12/+12 |
| | | |||||
| * | iptables: add random option to SNAT (Eric Leblond) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-02-24 | 6 | -9/+117 |
| | | |||||
| * | Reverted r6754. libipt_icmp has the option 'any', so it's unnecessary | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-02-19 | 1 | -4/+1 |
| | | | | | to check no option of ICMP type. | ||||
| * | Update coreteam members in manpages | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-02-15 | 2 | -2/+4 |
| | | |||||
| * | Fix missing space in error message (Bugzilla 544) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-02-14 | 2 | -2/+2 |
| | | |||||
| * | Remove and readd with executable bit set. SVN doesn't seem to have a proper ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-02-13 | 1 | -0/+0 |
| | | | | | way of doing this. | ||||
| * | Fixes man page for tcp, udp, icmp{,6}. They are not loaded when only '-p' is | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-02-13 | 6 | -6/+6 |
| | | | | | specified, but loaded when extra options are specified, too. | ||||
| * | Forgot to add TCPMSS target to PF6_EXT_SLIB | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-02-13 | 1 | -1/+1 |
| | | |||||
| * | Error if no ICMP type is specified even though user intended | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-02-13 | 1 | -0/+3 |
| | | | | | to use icmp match. | ||||
| * | Add ip6tables mh extension (Masahide NAKAMURA <nakam@linux-ipv6.org>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org | 2007-02-09 | 4 | -0/+271 |
| | | | | | Kernel part will go in 2.6.21 | ||||
| * | Update coreteam members in manpages. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-01-28 | 2 | -4/+4 |
| | | |||||
| * | Bugzilla #535 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-01-26 | 1 | -1/+1 |
| | | | | | | In the tcpmss section of the iptables manpage, there is an extraneous trailing quote for the --mss option. | ||||
| * | Bugzilla #534: | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-01-26 | 1 | -4/+0 |
| | | | | | | Please remove --mss from libipt_tcp.man. The tcp match doesn't handle that option, while the tcpmss match does. | ||||
| * | Add ip6tables TCPMSS extension (Arnaud Ebalard <arno@natisbad.org>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2007-01-16 | 3 | -0/+186 |
| | | | | | Kernel part will go in 2.6.21. | ||||
 |
index : iptables.old-history | |
| iptables historical tree | pablo@netfilter.org |
| summaryrefslogtreecommitdiffstats |