summaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* [patch 3/4] iptables --list-rules command/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-05-132-0/+3
| | | | | | | | | | | | | | | | | | Adds iptables --list-rules (-S) command, acting as a combination of iptables --list and iptables-save. The primary motivation behind this patch is to get iptables-save like output capabilities in iptables-restore, allowing "iptables-restore -n" to be used as a consistent API to iptables for all kind of operations, not only blind updates.. As a bonus iptables also gets the capability of printing the rules as-is. This completely replaces the earlier patch which added the --rules option. Henrik Nordstrom <henrik@henriknordstrom.net>
* [PATCH 08/10] Remove old functions, constants/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-152-10/+0
|
* [PATCH 07/10] Dynamically create xtables.h.in with version/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-151-0/+2
|
* [PATCH 03/10] Remove support for compilation of conditional extensions/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-152-0/+519
|
* [PATCH 2/8] Add all necessary header files - compilation fix for various cases/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-1413-96/+230
| | | | | | Allow iptables to compile without a kernel source tree. This implies fixing build for older kernels, such as 2.6.17 which lack xt_SECMARK.h.
* [PATCH 05/13] Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-132-8/+0
|
* [PATCH 04/13] Add support for xt_hashlimit match revision 1/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-131-6/+32
|
* [PATCH 03/13] xtables.h: move non-exported parts to internal.h/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-132-61/+60
|
* [PATCH 02/13] Fix all remaining warnings (missing declarations, missing ↵/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-135-2/+17
| | | | prototypes)
* [PATCH 05/24] Fix -Wshadow warnings and clean up xt_sctp.h/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-04-062-52/+39
| | | | | Note: xt_sctp.h is still not merged upstream in the kernel as of this commit. But a refactoring was really needed.
* Remove compiler.h inclusions./C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-02-223-4/+0
|
* Add netfilter.h/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-291-0/+48
|
* [PATCH]: fix gcc warnings/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-292-2/+2
| | | | Max Kellermann <max@duempel.org>
* [PATCH]: escape strings/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-291-0/+6
| | | | Max Kellermann <max@duempel.org>
* [IPTABLES]: libxt_owner: UID/GID range support/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-291-2/+2
| | | | | | UID/GID range support for libxt_owner Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_CONNMARK revision 1/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-291-0/+5
| | | | | | Add support for xt_CONNMARK target revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_TCPOPTSTRIP/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-0/+13
| | | | | | | Import libxt_TCPOPTSTRIP into iptables. Signed-off-by: Sven Schnelle <svens@bitebene.org> Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_iprange r0/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-202-5/+20
| | | | | | Move libipt_iprange to libxt_iprange. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_mark r1/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-1/+6
| | | | | | Introduce libxt_mark match revision 1 support. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: rename overlapping function names/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-202-5/+7
| | | | | | Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: bunch o' renames/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-202-3/+8
| | | | | | | | Move a few functions from iptables.c/ip6tables.c to xtables.c so they are available for combined (both AF_INET and AF_INET6) libxt modules. Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_conntrack r0/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-202-77/+83
| | | | | | Move libipt_conntrack to libxt_conntrack. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_connmark r1/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-0/+5
| | | | | | Add support for xt_connmark match revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_MARK r2/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-0/+4
| | | | | | | Add support for xt_MARK target revision 2. Also consolidate libip6t_MARK.man and libipt_MARK.man. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_TOS/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-0/+5
| | | | | | | Move libipt_TOS revision 0 to libxt_TOS revision 0 and add support for xt_TOS target revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_tos/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-0/+6
| | | | | | | Move libipt_tos revision 0 to libxt_tos revision 0 and add support for xt_tos match revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: libxt_owner/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-0/+16
| | | | | | | libxt_owner merges libipt_owner and libip6t_owner, and adds support for the xt_owner match revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: common error messages/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-1/+6
| | | | | | | | Error messages vary wildly among modules, and there is a lot of reundance in it too. Introduce a helper function that does all of the parameter checking boilerplate and gives unique messages. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* Introduce strtonum(), which works like string_to_number(), but passes/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-0/+5
| | | | | | | | | | | | | | | | | | | | back the 'end' pointer. It is useful where you want to do boundary checking yet work with strings that are not entirely slurped by strtoul(), e.g.: s = "1/2"; /* one half */ if (!strtonum(s, &end, &value, 0, 5)) error("Zero-length string, or value out of bounds"); if (*end != '/') error("Malformed string"); info->param1 = value; if (!strtonum(end + 1, &end, &value, 2, 4)) error(".."); if (*end != '\0') error("Malformed string"); info->param2 = value; Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* Converts the iptables build infrastructure to autotools./C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-201-6/+7
| | | | | | | | | | | | | - Can build both static and dynamic at the same time - iptables-static will be a multi-binary, semi-static (link against libc but w/o dynamic plugins) - Always build IPv6 modules - consider INSTALL Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* Add rateest match extension/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-151-0/+33
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* Add RATEEST target extension/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2008-01-151-0/+11
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* [PATCH]: use <linux/types.h>/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-12-173-5/+3
| | | | | | | | Remove our own definitions of the Linux types and use <linux/types.h> instead. libiptc needs it too, or otherwise will choke on union nf_inet_addr. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH] Fix make/compile error for iptables-1.4.0rc1/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-11-253-2/+616
| | | | | | | | | | | | | | | | | | | Fixing a make/compile issue with iptables, release candidate 1.4.0rc1, which has existed since SVN changeset 6920. This patch adds ip_tables.h and ip6_tables.h, and updates x_tables.h, taken from Linus'es git tree. Changeset 6920 added the include file x_tables.h from kernel source, but didn't add ip_tables.h and ip6_tables.h. At some point (Tue Nov 14 19:48:48 2006, by Yasuyuki Kozakai) these kernel headers where changed, which actually removes certain depencencies from ip_tables.h and ip6_tables.h to x_tables.h. If compiling will fail, with old kernel headers (ip_tables.h and ip6_tables.h) available in systems include path, because they depend on certaine defines in x_tables.h with is missing in the version in SVN. Jesper Brouer <jdb@comx.dk>
* [PATCH]: Add the libxt_time iptables match/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-231-0/+25
| | | | | | | | | | | This is libipt_time from POM-ng enhanced by the following: * day-of-month support (for example "match on the 15th of each month") * inversion support for --weekdays and --monthdays * match against UTC or local timezone * a manpage Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* [PATCH]: Adds u32 to iptables./C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-101-0/+40
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Fix more sparse warnings: non-C99 array declaration, incorrect function ↵/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-081-2/+0
| | | | prototypes
* Fix aligned_u64 type on 64 bit: its an unsigned long, not an unsigned long long./C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-1/+1
| | | | Fixes compiler warning in quota match.
* Build IPv6 hbh/dst matches unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+23
|
* Build IPv6 rt match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+33
|
* Build ipv6header match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+27
|
* Build IPv6 mh match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+15
|
* Resync header files and build IPv6 frag match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-9/+0
|
* Resync header file and build IPv6 ah match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-9/+0
|
* Resync header file and build CLUSTERIP target unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-3/+3
|
* Build recent match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+27
|
* Build dccp match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+23
|
* Build string match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+18
|
* Build statistic match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+32
|
* Build quota match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+16
|