summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* add hashlimit kernel header fileHarald Welte2004-10-201-0/+40
|
* hashlimit port of userspace pluginHarald Welte2004-10-201-0/+365
|
* add paragraph about raw tableHarald Welte2004-10-061-0/+10
|
* Mention owner brokenness in manpagePatrick McHardy2004-10-032-0/+4
|
* note owner match brokenness in helptext, closes bugzilla #244 (Phil Oester)Phil Oester2004-10-011-0/+2
|
* Add comment about time not adhering DST (Phil Oester) (Closes: #75)Phil Oester2004-09-261-0/+1
|
* Replace O(n) with O(1) when TC_INSERT_ENTRY() inserts an entry at the end.Martin Josefsson2004-09-231-8/+23
| | | | | | | | | | | | | | Do the same with TC_DELETE_NUM_ENTRY() when deleting the last rule. My rule management script does both of these things in certain situations. Created a file with 50.000 rules which my script converted into iptables-restore format but inserting each rule with an index instead of appending like the iptables-save output does. That took a while without this optimization. Same thing when deleting the 45.000 last rules in that chain, the script outputs deletes by number starting from the bottom. Inserting or deleting (by number) in the middle of the chain is still O(n) where n is the rulenumber where the insert/delete is taking place.
* Spelling error.Martin Josefsson2004-09-231-2/+2
|
* Fix returnvalue of TC_BUILTIN()Martin Josefsson2004-09-231-2/+2
| | | | | All jumps to nonexisting chains were believed to be jumps to builtin chains, that's bad as it made it impossible to add rules with external targets.
* Make sure to zero all the memory we allocate for the new table.Martin Josefsson2004-09-221-2/+2
| | | | | Makes flushing of chains containing more than a few entries work without potentially oopsing the kernel.
* Make TC_DELETE_ENTRY() and TC_DELETE_NUM_ENTRY() actually do something practicalMartin Josefsson2004-09-221-1/+5
|
* Fix two more rulenumber off by 1 errorsMartin Josefsson2004-09-221-3/+3
|
* Insertion of rules with -I was broken.Martin Josefsson2004-09-221-5/+15
| | | | | | | It checked if a rule existed on the position we were inserting to. Thus inserting into an empty chain didn't work. And it didn't care about the fact that the first rule in the chain has index 1 the rulenumer we get starts at 0...
* Fix rule countingMartin Josefsson2004-09-221-1/+3
|
* Fix listing of module targets.Martin Josefsson2004-09-221-1/+4
| | | | | | Type was only set for standard targets. Harald: please review.
* realm: fix inversion (Simon Lodal)Simon Lodal2004-09-221-2/+3
|
* Fix half-working ipv6 limit invert check (Phil Oester)Phil Oester2004-09-211-7/+6
|
* Fix half-working dstlimit invert check (Phil Oester)Phil Oester2004-09-211-26/+12
|
* limit match does not support invert, warn about it. Closes bugzilla #95 ↵Phil Oester2004-09-211-7/+6
| | | | (Phil Oester)
* Add comment match extension (Brad Fisher)Brad Fisher2004-09-203-1/+138
|
* fix segfault from memory allocation: handle->entries is actualy struct ↵Harald Welte2004-09-191-2/+3
| | | | ipt_get_entries plus the size
* fix psd option parsing (Phil Oester)Phil Oester2004-09-181-5/+0
|
* Print error when '!' is used with multiport. Based on patch by Phil Oester.Patrick McHardy2004-09-183-0/+21
|
* port physdev to ip6tables (Bart De Schuymer)Bart De Schuymer2004-09-124-1/+299
|
* Fix typo. (Phil Oester) Closes #239Phil Oester2004-09-091-1/+1
|
* Fix number parsing (Piotr Gasidlo)Piotr Gasidło2004-09-021-1/+1
|
* add delete by matching-rule to libiptc2 (still untested)Harald Welte2004-08-301-67/+19
|
* slightly different semantics of iptc_builtinHarald Welte2004-08-302-3/+3
|
* fix slightly changed semantics of iptc_is_builtinHarald Welte2004-08-302-3/+3
|
* complete libiptc rewrite. Time to load 10k rules goes down from 2.20 ↵Harald Welte2004-08-296-920/+1975
| | | | minutes to 1.255 seconds (!). Might still contain bugs, use with caution.
* add missing spaces in 'save' printout (youza@post.cz) (Closes: #235)Youza Youzovic2004-08-241-4/+4
|
* Cleanup ttl-match option parsing, fixes bugzilla #183 (Phil Oester)Phil Oester2004-08-231-11/+6
|
* Fix conntrack-match typo, fixes bugzilla #194 (Phil Oester)Phil Oester2004-08-231-1/+1
|
* Allocate enough memory for addr-list in host_to_addr()Patrick McHardy2004-08-031-1/+1
|
* Limit ttl-value to 0-255 (Maciej Soltysiak <solt@dns.toxicfilms.tv>)Maciej Soltysiak2004-07-281-5/+7
|
* Check that TTL is between 0 and 255 (Nicolas Bouliane)Nicolas Bouliane2004-07-271-6/+8
|
* update to ipt_account 0.1.16 (Piotr Gasid?o)Piotr Gasidło2004-07-231-19/+53
|
* In C, we declare variables at the top of function (Olivier Clerget)Harald Welte2004-07-161-1/+2
|
* Giving --dst-range twice to iprange did not ring the bellNicolas Bouliane2004-07-121-1/+1
| | | | Bug reported and fixed by Nicolas Bouliane
* fix syntax of help messageHarald Welte2004-07-112-4/+4
|
* fix dual-free bug with multiple-A dns records (keso@klister.net)keso2004-07-041-5/+2
|
* Add addrtype match to list of unconditionally built extensionsPatrick McHardy2004-06-282-6/+1
|
* Add ipt_addrtype.hPatrick McHardy2004-06-281-0/+11
|
* make DO_MULTI=1 documented in INSTALL fileJoszef Kadlecsik2004-06-281-0/+6
|
* Missing file from multi patch addedJoszef Kadlecsik2004-06-271-0/+31
|
* Bastiaan Bakker's patch to combine iptables, iptables-save and iptables-restoreBastiaan Bakker2004-06-254-3/+39
| | | | for size reduction applied
* add missing includeHarald Welte2004-06-211-0/+39
|
* pom-ng only deals with numerical versionsHarald Welte2004-06-171-2/+2
|
* Semicolon were missing in the added assigment linesJoszef Kadlecsik2004-06-171-4/+4
|
* Fix for empty extra match/target man page list processingJoszef Kadlecsik2004-06-171-4/+8
|