summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ipset 2 related updates (JK)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kadlec/emailAddress=kadlec@netfilter.org2004-12-015-83/+243
|
* fix some compiler warnings and errors/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-11-181-17/+24
|
* sync with latest patch-o-matic-ng update (support direction and mode parameters)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-11-181-11/+84
|
* Search backwards when inserting/deleting in/from the top half of the rules ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org2004-10-241-12/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | in a chain. before: insert 50k rules without any previous rules real 0m1.314s user 0m1.184s sys 0m0.123s insert 50k with one already existing rule real 2m38.052s user 2m37.296s sys 0m0.353s insert 50k rules in the middle of 20k already existing rules real 2m43.831s user 2m43.005s sys 0m0.414s delete rule #70000 10k times with 100k rules real 1m37.990s user 1m37.247s sys 0m0.500s after: insert 50k without any previous rules real 0m1.315s user 0m1.184s sys 0m0.125s insert 50k with one already existing rule real 0m1.313s user 0m1.189s sys 0m0.119s insert 50k rules in the middle of 20k already existing rules real 0m8.550s user 0m8.327s sys 0m0.197s delete rule #70000 10k times with 100k rules real 0m35.566s user 0m35.062s sys 0m0.416s
* Fix module-autoloading in certain cases (Fixse Debian Bug 219686)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-10-222-6/+10
|
* minor syntax fixes/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-10-201-13/+18
|
* - add hashlimit to makefile/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-10-202-2/+2
| | | | - fix typo in libipt_hashlimit
* move ipt_hashlimit to it's correct location/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-10-201-0/+0
|
* add hashlimit kernel header file/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-10-201-0/+40
|
* hashlimit port of userspace plugin/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2004-10-201-0/+365
|
* add paragraph about raw tablelaforge2004-10-061-0/+10
|
* Mention owner brokenness in manpagekaber2004-10-032-0/+4
|
* [PATCH] note owner match brokenness in helptext, closes bugzilla #244 (Phil ↵kaber2004-10-011-0/+2
| | | | Oester)
* Add comment about time not adhering DST (Phil Oester) (Closes: #75)laforge2004-09-261-0/+1
|
* Replace O(n) with O(1) when TC_INSERT_ENTRY() inserts an entry at the end.gandalf2004-09-231-8/+23
| | | | | | | | | | | | | | Do the same with TC_DELETE_NUM_ENTRY() when deleting the last rule. My rule management script does both of these things in certain situations. Created a file with 50.000 rules which my script converted into iptables-restore format but inserting each rule with an index instead of appending like the iptables-save output does. That took a while without this optimization. Same thing when deleting the 45.000 last rules in that chain, the script outputs deletes by number starting from the bottom. Inserting or deleting (by number) in the middle of the chain is still O(n) where n is the rulenumber where the insert/delete is taking place.
* Spelling error.gandalf2004-09-231-2/+2
|
* Fix returnvalue of TC_BUILTIN()gandalf2004-09-231-2/+2
| | | | | All jumps to nonexisting chains were believed to be jumps to builtin chains, that's bad as it made it impossible to add rules with external targets.
* Make sure to zero all the memory we allocate for the new table.gandalf2004-09-221-2/+2
| | | | | Makes flushing of chains containing more than a few entries work without potentially oopsing the kernel.
* Make TC_DELETE_ENTRY() and TC_DELETE_NUM_ENTRY() actually do something practicalgandalf2004-09-221-1/+5
|
* Fix two more rulenumber off by 1 errorsgandalf2004-09-221-3/+3
|
* Insertion of rules with -I was broken.gandalf2004-09-221-5/+15
| | | | | | | It checked if a rule existed on the position we were inserting to. Thus inserting into an empty chain didn't work. And it didn't care about the fact that the first rule in the chain has index 1 the rulenumer we get starts at 0...
* Fix rule countinggandalf2004-09-221-1/+3
|
* Fix listing of module targets.gandalf2004-09-221-1/+4
| | | | | | Type was only set for standard targets. Harald: please review.
* [PATCH] realm: fix inversion (Simon Lodal)kaber2004-09-221-2/+3
|
* Fix half-working ipv6 limit invert check (Phil Oester)kaber2004-09-211-7/+6
|
* Fix half-working dstlimit invert check (Phil Oester)kaber2004-09-211-26/+12
|
* [PATCH] limit match does not support invert, warn about it. Closes bugzilla ↵kaber2004-09-211-7/+6
| | | | #95 (Phil Oester)
* Add comment match extension (Brad Fisher)kaber2004-09-203-1/+138
|
* fix segfault from memory allocation: handle->entries is actualy struct ↵laforge2004-09-191-2/+3
| | | | ipt_get_entries plus the size
* [PATCH] fix psd option parsing (Phil Oester)kaber2004-09-181-5/+0
|
* Print error when '!' is used with multiport. Based on patch by Phil Oester.kaber2004-09-183-0/+21
|
* [PATCH] port physdev to ip6tables (Bart De Schuymer)kaber2004-09-124-1/+299
|
* Fix typo. (Phil Oester) Closes #239gandalf2004-09-091-1/+1
|
* Fix number parsing (Piotr Gasidlo)kaber2004-09-021-1/+1
|
* add delete by matching-rule to libiptc2 (still untested)laforge2004-08-301-67/+19
|
* slightly different semantics of iptc_builtinlaforge2004-08-302-3/+3
|
* fix slightly changed semantics of iptc_is_builtinlaforge2004-08-302-3/+3
|
* complete libiptc rewrite. Time to load 10k rules goes down from 2.20 ↵laforge2004-08-296-920/+1975
| | | | minutes to 1.255 seconds (!). Might still contain bugs, use with caution.
* add missing spaces in 'save' printout (youza@post.cz) (Closes: #235)laforge2004-08-241-4/+4
|
* Cleanup ttl-match option parsing, fixes bugzilla #183 (Phil Oester)kaber2004-08-231-11/+6
|
* Fix conntrack-match typo, fixes bugzilla #194 (Phil Oester)kaber2004-08-231-1/+1
|
* Allocate enough memory for addr-list in host_to_addr()kaber2004-08-031-1/+1
|
* Limit ttl-value to 0-255 (Maciej Soltysiak <solt@dns.toxicfilms.tv>)kaber2004-07-281-5/+7
|
* Check that TTL is between 0 and 255 (Nicolas Bouliane)kaber2004-07-271-6/+8
|
* update to ipt_account 0.1.16 (Piotr Gasid?o)laforge2004-07-231-19/+53
|
* In C, we declare variables at the top of function (Olivier Clerget)laforge2004-07-161-1/+2
|
* Giving --dst-range twice to iprange did not ring the bellkadlec2004-07-121-1/+1
| | | | Bug reported and fixed by Nicolas Bouliane
* fix syntax of help messagelaforge2004-07-112-4/+4
|
* fix dual-free bug with multiple-A dns records (keso@klister.net)laforge2004-07-041-5/+2
|
* Add addrtype match to list of unconditionally built extensionskaber2004-06-282-6/+1
|