| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Stating the option again in the first (single?) sentence is pointless.
Get rid of that initial half-sentence in MASQUERADE options and unify
the texts a bit.
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is the year of the great revolution, nobody cares about kernel
versions below 2.6.11 anymore. Time to get rid of the cruft.
While being at it, drop the explicit duplicate argument check and
instead just remove XTOPT_MULTI flag from the respective
xt_option_entry.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch provides the userspace part for snat in order to make
randomize-full support available in {ip,nf}tables. It allows for
enabling full port randomization that was motivated in [1] and
introduced to the kernel in [2].
Joint work between Hannes Frederic Sowa and Daniel Borkmann.
[1] https://sites.google.com/site/hayashulman/files/NIC-derandomisation.pdf
[2] http://patchwork.ozlabs.org/patch/304306/
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch renames libipt_SNAT.man to libxt_SNAT.man thus informing
about the IPv6 version.
Also the list of valid protocols for port mapping is updated to:
tcp, udp, dccp and sctp.
Signed-off-by: Mart Frauenlob <mart.frauenlob@chello.at>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|