summaryrefslogtreecommitdiffstats
path: root/extensions/libxt_time.c
Commit message (Collapse)AuthorAgeFilesLines
* libxt_time: add support to ignore day transitionFlorian Westphal2012-09-301-0/+20
| | | | | | | | | | | | | | | | Currently, if you want to do something like: "match Monday, starting 23:00, for two hours" You need two rules, one for Mon 23:00 to 0:00 and one for Tue 0:00-1:00. The rule --weekdays Mo --timestart 23:00 --timestop 01:00 looks correct, but it will first match on monday from midnight to 1 a.m. and then again for another hour from 23:00 onwards. This permits userspace to explicitly ignore the day transition and match for a single, continuous time period instead. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* libxt_time: deprecate --localtz option, document kernel TZ caveatsJan Engelhardt2011-05-251-10/+14
| | | | | | | | | | | | Comparing against the kernel time zone has significant caveats. This patch adds documentation about the issue, and makes --utc the default setting for libxt_time. Furthremore, throw a warning on using the "--localtz" option, to avoid confusion with one's shell TZ environment variable, and rename it to "--kerneltz" to be explicit about whose timezone will be used. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_time: --utc and --localtz are mutually exclusiveJan Engelhardt2011-05-251-2/+6
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_time: always ignore libc timezoneJan Engelhardt2011-05-251-1/+7
| | | | | | | | | Since xt_time is meant to work across many months, libc doing automatic conversion from local time to UTC (during parse) is unwanted, especially when --utc is specified. The same goes for dumping. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_time: use guided option parserJan Engelhardt2011-04-061-101/+52
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables: do not print trailing whitespacesJan Engelhardt2011-01-311-18/+17
| | | | | | | | | | | | | | | | | Due to the use of printf("foobar "), iptables emits spaces at the end-of-line, which looks odd to some users because it causes the terminal to wrap even if there is seemingly nothing to print. It may also have other points of annoyance, such as mailers interpreting a trailing space as an indicator that the paragraph continues when format=flowed is also on. And git highlights trailing spaces in red, so let's avoid :) Preexisting inconsistencies in outputting spaces in the right spot are also addressed right away. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429579 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_time: fix random --datestart skipsFlorian Westphal2011-01-091-0/+1
| | | | | | | | | | | | | | | | | | | | | Frank Lichtenheld points out that -m time --datestart ... sometimes messes up --datestart: $ iptables -A INPUT -m time --datestart 2010-11-24T16:50:00 -j ACCEPT $ iptables-save | grep 11 -A INPUT -m time --datestart 2010-11-24T16:50:00 -j ACCEPT $ iptables-save | iptables-restore $ iptables-save | grep 11 -A INPUT -m time --datestart 2010-11-24T15:50:00 -j ACCEPT --datestart moved by one hour. As the --timestart option does not care about DST, always set dst=0 when parsing --starttime input. Reported-by: Frank Lichtenheld <flichtenheld@astaro.com> Signed-off-by: Florian Westphal <fwestphal@astaro.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* include: update files with headers from Linux 2.6.37-rc1Jan Engelhardt2010-12-031-0/+1
| | | | Also includes the type change to __u{8,16,32} kernel types already.
* all: consistent syntax use in struct optionJan Engelhardt2010-07-231-9/+9
| | | | | | Try to inhibit copypasting old stuff. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* extensions: use NFPROTO_UNSPEC for .family fieldJan Engelhardt2009-06-011-1/+1
| | | | | | | | This constant would be the designated one for the .family field; it also, given recent changes, makes grep for NFPROTO_UNSPEC work to finally recollect all manpages. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* extensions: add const qualifiers in print/save functionsJan Engelhardt2009-05-261-1/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix exit_error to xtables_errorJan Engelhardt2009-02-211-18/+18
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix/order - move parse_protocol to xtables.cJan Engelhardt2009-01-301-1/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: Missing limits.h includesPhil Oester2008-09-011-0/+2
| | | | | | | | | Latest git doesn't compile for me on Fedora 9 due to various *MAX constants being undefined. Below adds the include in 3 files which need it (although I can't see why this isn't required in 1.4.1.1). Signed-off-by: Phil Oester <kernel@linuxace.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* src: remove dependency on libiptc headersJan Engelhardt2008-08-041-0/+1
| | | | | | | | xtables.h does not need really need libxtc.h, and we can drop it from the install as it is internal-only. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* manpage updatesJan Engelhardt2008-06-081-10/+10
| | | | | | | | | A number of options support negation, but the manpage did not reflect this ("[!]" was absent). Also fix a few [] (optional arguments) to {} (required arguments) in the option-BNF. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* Remove old functions, constantsJan Engelhardt2008-04-151-4/+3
|
* Implement AF_UNSPEC as a wildcard for extensionsJan Engelhardt2008-04-141-16/+1
|
* fix gcc warningsMax Kellermann2008-01-291-1/+1
| | | | Max Kellermann <max@duempel.org>
* Transfer all my copyright over to our company.Jan Engelhardt2007-10-201-1/+2
| | | | Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* Fix the compile warning fixPatrick McHardy2007-10-181-2/+2
| | | | | | | | According to Jan: While the fields of struct xt_time are uints, the defined time_t span is by definition 0..231-1, i.e. it should be INT_MAX, not UINT_MAX.
* Fix compiler warning on 64 bit: date_stop is an u_int32_t, so use UINT_MAX ↵Patrick McHardy2007-10-181-2/+2
| | | | instead of LONG_MAX
* Unique symbols 1/6Jan Engelhardt2007-10-041-4/+4
| | | | | | | | | | | Give symbols of libxt matches unique names (1/3). Adds unique prefixes to all functions (most of them - especially the hook functions) so that debugging programs can unambiguously map a symbol to an address. Also unifies the names of the xtables_match/xtables_target structs, (based upon libxt_connmark.c/libip6t_*.c). Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Delete empty ->final_check() functionsJan Engelhardt2007-10-041-6/+0
| | | | | | | Deletes empty ->final_check() functions, and makes ip[6]tables checks for NULL on these. Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Add the libxt_time iptables matchJan Engelhardt2007-09-231-0/+504
This is libipt_time from POM-ng enhanced by the following: * day-of-month support (for example "match on the 15th of each month") * inversion support for --weekdays and --monthdays * match against UTC or local timezone * a manpage Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>