Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | omeone forgot to update ipt_conntrack.h header in user space. So, update it ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-04-10 | 1 | -1/+22 |
| | | | | to use ip_conntrack_old_tuple. (Pablo Neira) | ||||
* | add REJECT with icmp-frag-needed (Florian Lohoff) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-04-10 | 2 | -3/+124 |
| | |||||
* | don't allow newlines in LOG prefix (Phil Oester) (Closes: #312) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-04-01 | 2 | -0/+8 |
| | |||||
* | re-sync ip6tables with iptables (check for init functions) (Jonas Berlin) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-04-01 | 1 | -8/+12 |
| | |||||
* | add lots of man pages (Jonas Berlin) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-04-01 | 17 | -0/+474 |
| | |||||
* | the optflags array contains a '3' for the OPT_LINENUMBERS entry while ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-04-01 | 2 | -2/+2 |
| | | | | everywhere else '0' is used (Jonas Berlin) | ||||
* | SET target bugfix by Michal Pokrywka applied | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kadlec/emailAddress=kadlec@netfilter.org | 2005-03-18 | 1 | -1/+3 |
| | |||||
* | Fix TCPLAG version (Torsten Lüttgert <t.luettgert@pressestimmen.de>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2005-03-16 | 1 | -1/+1 |
| | |||||
* | [PATCH] improve REDIRECT manpage (Jonas Berlin <xkr47@outerspace.dyndns.org>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2005-03-15 | 1 | -3/+4 |
| | |||||
* | bump version to 1.3.1svn_t_iptables_1_3_1 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-03-07 | 1 | -2/+2 |
| | |||||
* | This fixes rule deletion in CLUSTERIP in iptables (Pablo Neira) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-03-07 | 2 | -2/+40 |
| | |||||
* | Restore chain order (Olaf Rempel <razzor@kopf-tisch.de>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2005-03-04 | 1 | -4/+7 |
| | |||||
* | Kill NFC_* stuff in iptables (Pablo Neira <pablo@eurodev.net>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2005-02-14 | 87 | -508/+26 |
| | | | | Fixes build with conntrack event patch for 2.6 | ||||
* | Allow "--realm ! foo" and "! --realm foo" (Closes: #297) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-13 | 1 | -1/+1 |
| | |||||
* | fix missing comma at end of line | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-13 | 1 | -1/+1 |
| | |||||
* | Fix CONNMARK/connmark issues with 64bit kernel and 32bit userspace. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2005-02-12 | 4 | -25/+91 |
| | | | | | | | Also fixes a typo in CONNMARK, --mask set the mark, not the mask. Initial patch by: Pablo Neira <pablo@eurodev.net> Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se> | ||||
* | time to release 1.3.0 finalsvn_t_iptables_1_3_0 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-12 | 1 | -1/+1 |
| | |||||
* | remove way outdated files | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-12 | 2 | -96/+0 |
| | |||||
* | update notes to reflect subversion usage | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-12 | 1 | -4/+4 |
| | |||||
* | try to fix realm save/restore issue (Adresses: #297) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-08 | 1 | -11/+14 |
| | |||||
* | Fix rule deletion (hinfo pointer initialized by kernel, don't compare it in ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-07 | 1 | -2/+1 |
| | | | | userspace). (Samuel Jean) | ||||
* | fix parameter handling in libipt_hashlimit with iptables-save (Nikolai Malykh) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-07 | 1 | -2/+6 |
| | |||||
* | Revert the recent addition of memset()'s to TC_COMMIT. One of them is bogus ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2005-02-04 | 1 | -3/+0 |
| | | | | | | and the other one needs more investigation to why valgrind is complaining. Noticed and reverted by Phil Oester. | ||||
* | Add support for inversion to multiport revision 1. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2005-02-02 | 2 | -5/+11 |
| | | | | Signed-off-by: Phil Oester <kernel@linuxace.com> | ||||
* | we now need to exclude .svn instead of CVSsvn_t_iptables_1_3_0rc1 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | release rc1 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | re-implement alphabetic sorting to not confuse users who upgrade to 1.3.0 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -7/+18 |
| | |||||
* | fix compiler warning about discarding const | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | add missing comma | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | fix typo | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | make structure initializers use C99 standard (Harald Welte) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 19 | -261/+229 |
| | |||||
* | typo | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | check for colons | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+6 |
| | |||||
* | be more specific what INPUT means (Matthias Bruestle) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | Use C99 initializers | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -11/+11 |
| | |||||
* | - Sets the 'iptc_fn' global variable to the pointer to the current functions ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -13/+36 |
| | | | | | | | | in all major TC_* functions. This is necessary because in certain cases, an error return from a function that doesn't set 'iptc_fn' will conflict with a function-specific error return from one that does, causing TC_STRERROR() to return the wrong error string. This ensures that the right one will be returned. - Implements a simple reference counter for the netlink socket global variable 'sockfd'; this is necessary for IPTables::IPv4, where multiple tables (filter, nat, mangle, untracked) may be opened at one time. The way libiptc does it in the official version causes previously-opened tables to break such that attempts to commit changes will fail. - Adds a couple of memset() invocations in TC_COMMIT, based on past analysis with valgrind. It claimed that allocated structure were not being fully initialized, and adding the memset()s corrected this warning. (Derrik Pates <demon@devrandom.net>) | ||||
* | John McCann points out via bugzilla that iptables happily accepts this | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-02-01 | 1 | -1/+6 |
| | | | | | | | | | | | | | syntax on DNAT/SNAT: --to x.x.x.x:y:z but doesn't actually make use of the second port. Clear up the confusion by only accepting a dash between the ports. This closes bugzilla #265. Signed-off-by: Phil Oester <kernel@linuxace.com> | ||||
* | fix name of 'extra_opts' structure member (Nikolai Malykh) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | 2005-01-22 | 1 | -1/+1 |
| | |||||
* | Make it compile on current kernels, the future isn't here yet. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2005-01-05 | 1 | -0/+6 |
| | |||||
* | Testsuite found an issue: multiport accepts -p ! tcp. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org | 2005-01-03 | 1 | -0/+4 |
| | |||||
* | Pablo Neira: | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org | 2005-01-03 | 2 | -1/+227 |
| | | | | Multiport revision 1 userspace support. | ||||
* | Remove leftover debug printf | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2005-01-03 | 1 | -3/+0 |
| | |||||
* | Replace memchr with strlen and fix up one of the statements. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2005-01-03 | 1 | -4/+4 |
| | |||||
* | Extension revision number support (if kernel supports the getsockopts). | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org | 2005-01-03 | 5 | -21/+281 |
| | | | | | Enhance MARK match with second revision. Committed in anticipation of the kernel patch being applied. | ||||
* | Prevent user from using --helper multiple times (Nicolas Bouliane ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2005-01-02 | 1 | -0/+3 |
| | | | | <nib@cookinglinux.org>) | ||||
* | Add --log-uid option (John Lange <john.lange@open-it.ca>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | 2005-01-02 | 2 | -1/+20 |
| | |||||
* | Stupid typo that meant we didn't compare target data when doing ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org | 2004-12-29 | 1 | -1/+1 |
| | | | | delete-by-matching-rule (found by nfsim test). | ||||
* | Fix compile error introduced by C99 conversion. | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org | 2004-12-29 | 1 | -1/+0 |
| | |||||
* | Pablo Neira: extensions conversion to C99 structure initialization | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org | 2004-12-28 | 69 | -939/+893 |
| | | | | (I removed the revision stuff for the moment, but this needs to go in before the code moves too much --RR) | ||||
* | Fix setting lib_dir in ip*tables-{save,restore} | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org | 2004-12-27 | 11 | -22/+37 |
| |