Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | update multiport manpage (Phil Oester <kernel@linuxace.com>) | Phil Oester | 2005-06-11 | 2 | -8/+10 |
| | |||||
* | Fix CONNMARK save/restore (Tom Eastep <teastep@shorewall.net>, Pawel Sikora ↵ | Tom Eastep | 2005-06-11 | 1 | -2/+2 |
| | | | | <pluto@agmk.net>) | ||||
* | Release previously merged options from merge_opts(), reduces memory-usage of ↵ | Pablo Neira | 2005-05-29 | 2 | -11/+34 |
| | | | | iptables-restore dramatically (Pablo Neira) | ||||
* | While adding testing for inversion of multiport, noticed that documentation ↵ | Rusty Russell | 2005-05-25 | 1 | -2/+2 |
| | | | | about --ports is *wrong*. Ports do not have to be equal: either dest or src being in list is enough for match. | ||||
* | include FIN bit in mask of "--syn" bits | Harald Welte | 2005-05-04 | 2 | -3/+3 |
| | |||||
* | Ignore unknown arguments in libipt_ULOG (Patrick McHardy <kaber@trash.net>) | Patrick McHardy | 2005-05-02 | 1 | -0/+2 |
| | |||||
* | Fix connbytes command line parsing bug (Piotrek Kaczmarek <kaczorek@daleka.net>) | Piotrek Kaczmarek | 2005-04-24 | 1 | -0/+1 |
| | |||||
* | pull out pmtu changes to fix compilation issues | Harald Welte | 2005-04-15 | 2 | -124/+3 |
| | |||||
* | poll goto specific changes out of trunk | Harald WeltePablo Neira | 2005-04-15 | 2 | -4/+1 |
| | |||||
* | fix iptables-save/restore of goto (Jonas Berlin) | Jonas Berlin | 2005-04-15 | 2 | -1/+4 |
| | |||||
* | omeone forgot to update ipt_conntrack.h header in user space. So, update it ↵ | Harald WeltePablo Neira | 2005-04-15 | 1 | -1/+22 |
| | | | | to use ip_conntrack_old_tuple. (Pablo Neira) | ||||
* | add REJECT with icmp-frag-needed (Florian Lohoff) | Florian Lohoff | 2005-04-10 | 2 | -3/+124 |
| | |||||
* | don't allow newlines in LOG prefix (Phil Oester) (Closes: #312) | Phil Oester | 2005-04-01 | 2 | -0/+8 |
| | |||||
* | re-sync ip6tables with iptables (check for init functions) (Jonas Berlin) | Jonas Berlin | 2005-04-01 | 1 | -8/+12 |
| | |||||
* | add lots of man pages (Jonas Berlin) | Jonas Berlin | 2005-04-01 | 17 | -0/+474 |
| | |||||
* | the optflags array contains a '3' for the OPT_LINENUMBERS entry while ↵ | Jonas Berlin | 2005-04-01 | 2 | -2/+2 |
| | | | | everywhere else '0' is used (Jonas Berlin) | ||||
* | SET target bugfix by Michal Pokrywka applied | Michal Pokrywka | 2005-03-18 | 1 | -1/+3 |
| | |||||
* | Fix TCPLAG version (Torsten Lüttgert <t.luettgert@pressestimmen.de>) | Torsten Lüttgert | 2005-03-16 | 1 | -1/+1 |
| | |||||
* | improve REDIRECT manpage (Jonas Berlin <xkr47@outerspace.dyndns.org>) | Jonas Berlin | 2005-03-15 | 1 | -3/+4 |
| | |||||
* | bump version to 1.3.1v1.3.1 | Harald Welte | 2005-03-07 | 1 | -2/+2 |
| | |||||
* | This fixes rule deletion in CLUSTERIP in iptables (Pablo Neira) | Pablo Neira | 2005-03-07 | 2 | -2/+40 |
| | |||||
* | Restore chain order (Olaf Rempel <razzor@kopf-tisch.de>) | Olaf Rempel | 2005-03-04 | 1 | -4/+7 |
| | |||||
* | Kill NFC_* stuff in iptables (Pablo Neira <pablo@eurodev.net>) | Pablo Neira | 2005-02-14 | 87 | -508/+26 |
| | | | | Fixes build with conntrack event patch for 2.6 | ||||
* | Allow "--realm ! foo" and "! --realm foo" (Closes: #297) | Harald Welte | 2005-02-13 | 1 | -1/+1 |
| | |||||
* | fix missing comma at end of line | Harald Welte | 2005-02-13 | 1 | -1/+1 |
| | |||||
* | Fix CONNMARK/connmark issues with 64bit kernel and 32bit userspace. | Martin Josefsson | 2005-02-12 | 4 | -25/+91 |
| | | | | | | | Also fixes a typo in CONNMARK, --mask set the mark, not the mask. Initial patch by: Pablo Neira <pablo@eurodev.net> Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se> | ||||
* | time to release 1.3.0 finalv1.3.0 | Harald Welte | 2005-02-12 | 1 | -1/+1 |
| | |||||
* | remove way outdated files | Harald Welte | 2005-02-12 | 2 | -96/+0 |
| | |||||
* | update notes to reflect subversion usage | Harald Welte | 2005-02-12 | 1 | -4/+4 |
| | |||||
* | try to fix realm save/restore issue (Adresses: #297) | Harald Welte | 2005-02-08 | 1 | -11/+14 |
| | |||||
* | Fix rule deletion (hinfo pointer initialized by kernel, don't compare it in ↵ | Samuel Jean | 2005-02-07 | 1 | -2/+1 |
| | | | | userspace). (Samuel Jean) | ||||
* | fix parameter handling in libipt_hashlimit with iptables-save (Nikolai Malykh) | Nikolai Malykh | 2005-02-07 | 1 | -2/+6 |
| | |||||
* | Revert the recent addition of memset()'s to TC_COMMIT. One of them is bogus ↵ | Phil Oester | 2005-02-04 | 1 | -3/+0 |
| | | | | | | and the other one needs more investigation to why valgrind is complaining. Noticed and reverted by Phil Oester. | ||||
* | Add support for inversion to multiport revision 1. | Phil Oester | 2005-02-02 | 2 | -5/+11 |
| | | | | Signed-off-by: Phil Oester <kernel@linuxace.com> | ||||
* | we now need to exclude .svn instead of CVSv1.3.0-rc1 | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | release rc1 | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | re-implement alphabetic sorting to not confuse users who upgrade to 1.3.0 | Harald Welte | 2005-02-01 | 1 | -7/+18 |
| | |||||
* | fix compiler warning about discarding const | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | add missing comma | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | fix typo | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | make structure initializers use C99 standard (Harald Welte) | Harald Welte | 2005-02-01 | 19 | -261/+229 |
| | |||||
* | typo | Martin Josefsson | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | check for colons | Harald Welte | 2005-02-01 | 1 | -1/+6 |
| | |||||
* | be more specific what INPUT means (Matthias Bruestle) | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | Use C99 initializers | Harald Welte | 2005-02-01 | 1 | -11/+11 |
| | |||||
* | - Sets the 'iptc_fn' global variable to the pointer to the current functions ↵ | Derrik Pates | 2005-02-01 | 1 | -13/+36 |
| | | | | | | | | in all major TC_* functions. This is necessary because in certain cases, an error return from a function that doesn't set 'iptc_fn' will conflict with a function-specific error return from one that does, causing TC_STRERROR() to return the wrong error string. This ensures that the right one will be returned. - Implements a simple reference counter for the netlink socket global variable 'sockfd'; this is necessary for IPTables::IPv4, where multiple tables (filter, nat, mangle, untracked) may be opened at one time. The way libiptc does it in the official version causes previously-opened tables to break such that attempts to commit changes will fail. - Adds a couple of memset() invocations in TC_COMMIT, based on past analysis with valgrind. It claimed that allocated structure were not being fully initialized, and adding the memset()s corrected this warning. (Derrik Pates <demon@devrandom.net>) | ||||
* | John McCann points out via bugzilla that iptables happily accepts this | Phil Oester | 2005-02-01 | 1 | -1/+6 |
| | | | | | | | | | | | | | syntax on DNAT/SNAT: --to x.x.x.x:y:z but doesn't actually make use of the second port. Clear up the confusion by only accepting a dash between the ports. This closes bugzilla #265. Signed-off-by: Phil Oester <kernel@linuxace.com> | ||||
* | fix name of 'extra_opts' structure member (Nikolai Malykh) | Nikolai Malykh | 2005-01-22 | 1 | -1/+1 |
| | |||||
* | Make it compile on current kernels, the future isn't here yet. | Martin Josefsson | 2005-01-05 | 1 | -0/+6 |
| | |||||
* | Testsuite found an issue: multiport accepts -p ! tcp. | Rusty Russell | 2005-01-03 | 1 | -0/+4 |
| |