summaryrefslogtreecommitdiffstats
path: root/extensions
Commit message (Collapse)AuthorAgeFilesLines
* Fixes warning on compilation of iptables matches/targetsYasuyuki KOZAKAI2007-07-2460-177/+177
| | | | | | | | | This changes the type of arguments as follows - ipt_ip * -> void * - ipt_entry * -> void * This patch doesn't change multiport, DNAT, SNAT, MASQUERADE, REDIRECT because these need more changes (casting void * variable with intended type)
* Replaces ip6t_entry_* with xt_entry_* in matches/targetsYasuyuki KOZAKAI2007-07-2434-128/+127
|
* Replaces ipt_entry_* with xt_entry_* in matches/targetsYasuyuki KOZAKAI2007-07-2464-237/+237
|
* Adds missing explanations about FIN in mask part of '--syn' in libip[6]_tcp.cPatrick McHardyYasuyuki KOZAKAI2007-07-163-3/+3
| | | | and libip6t_tcp.man.
* Adds missing FIN to mask part generated by '--syn' of libip6t_tcpYasuyuki KOZAKAI2007-07-162-2/+2
|
* Fixes compile error of connlimit where NO_SHARED_LIBS=1 is specifiedYasuyuki KOZAKAI2007-07-132-2/+2
|
* PATCH: Add connlimit to iptables.Jan Engelhardt2007-07-095-2/+335
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* libipt_statistic: add a few missing validity checksNicolas Bouliane2007-07-031-0/+9
| | | | Signed-off-by: Nicolas Bouliane
* Removes some KERNEL_64_USERSPACE_32 because linux 2.6 has compat layerYasuyuki KOZAKAI2007-06-286-117/+0
|
* Add Jozsef's TRACE target.Patrick McHardy2007-06-255-2/+148
| | | | | Changed to be built unconditionally by myself since it doesn't need any headerfiles anyways.
* Fixes build error of conntrack match because of missing ip_conntrack_tuple.hYasuyuki KOZAKAI2007-06-241-1/+0
| | | | | in linux 2.6.22. It is not needed because nf_conntrack headers can be used instead.
* libipt_hashlimit doc updateJan Engelhardt2007-06-031-2/+2
| | | | | | Add srcip,srcport to hashlimit manpage. Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Add --random option to DNAT and REDIRECT targets and fix the manpage mess ↵Patrick McHardy2007-05-297-27/+76
| | | | this option left behind.
* update quota manpage for SMP (Phil Oester)Phil Oester2007-05-021-1/+0
| | | | | The quota match works fine on SMP, so update the manpage to reflect this. Closes bugzilla #564.
* Fix iptables-save with --random optionPatrick McHardy2007-04-183-3/+14
|
* Remove unnecessary IP_NAT_RANGE_PROTO_RANDOM ifdefs.Patrick McHardy2007-04-183-45/+7
|
* Use nf_conntrack headers instead of ip_conntrack ones and add sanitized ↵Patrick McHardy2007-04-1811-11/+11
| | | | versions.
* Remove unnecessary ip_conntrack/ip_nat includesPatrick McHardy2007-04-182-2/+0
|
* Fix cut and paste error breaking use of groups != 0Patrick McHardy2007-03-062-12/+12
|
* iptables: add random option to SNAT (Eric Leblond)Eric Leblond2007-02-246-9/+117
|
* Reverted r6754. libipt_icmp has the option 'any', so it's unnecessaryYasuyuki KOZAKAI2007-02-191-4/+1
| | | | to check no option of ICMP type.
* Remove and readd with executable bit set. SVN doesn't seem to have a proper ↵Patrick McHardy2007-02-131-0/+0
| | | | way of doing this.
* Fixes man page for tcp, udp, icmp{,6}. They are not loaded when only '-p' isYasuyuki KOZAKAI2007-02-136-6/+6
| | | | specified, but loaded when extra options are specified, too.
* Forgot to add TCPMSS target to PF6_EXT_SLIBPatrick McHardy2007-02-131-1/+1
|
* Error if no ICMP type is specified even though user intendedYasuyuki KOZAKAI2007-02-131-0/+3
| | | | to use icmp match.
* Add ip6tables mh extension (Masahide NAKAMURA <nakam@linux-ipv6.org>)Masahide NAKAMURA2007-02-093-0/+266
| | | | Kernel part will go in 2.6.21
* Bugzilla #535Patrick McHardy2007-01-261-1/+1
| | | | | In the tcpmss section of the iptables manpage, there is an extraneous trailing quote for the --mss option.
* Bugzilla #534:Patrick McHardy2007-01-261-4/+0
| | | | | Please remove --mss from libipt_tcp.man. The tcp match doesn't handle that option, while the tcpmss match does.
* Add ip6tables TCPMSS extension (Arnaud Ebalard <arno@natisbad.org>)Arnaud Ebalard2007-01-162-0/+176
| | | | Kernel part will go in 2.6.21.
* Add UDPLITE multiport supportPatrick McHardy2007-01-111-3/+6
|
* Fix missing space in ruleset listingPatrick McHardy2007-01-111-1/+1
|
* Remove extensions for unmaintained/obsolete patchletsPatrick McHardy2007-01-1065-5009/+2
|
* fix typo in manpage (thomas@aktaia.intevation.org)thomas2007-01-071-1/+1
|
* Move extensions for pom patches to individual patchlets.Patrick McHardy2006-12-1218-1337/+1
|
* Add target extensions for new NFLOG targetPatrick McHardy2006-12-034-0/+326
|
* Fix /etc/network usage (Pablo Neira)Pablo Neira Ayuso2006-11-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | http://bugs.debian.org/398082 iptables 1.3.5 and 1.3.6 appear to read /etc/networks, but the information is lost somewhere with 1.3.6. # cat /etc/networks foonet 10.0.0.0 # strace -s 255 -o /tmp/foo iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.5 [1] ACCEPT all opt -- in * out * 10.0.0.0/8 -> 0.0.0.0/0 # strace -s 255 -o /tmp/bar iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.6 [2] iptables v1.3.6: host/network `foonet.0.0.0' not found Try `iptables -h' or 'iptables --help' for more information. 1. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.5.txt 2. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.6.txt
* Add ip6tables support for hashlimit matchPatrick McHardy2006-11-132-0/+372
|
* Add ip6tables support for sctp matchPatrick McHardy2006-11-132-0/+553
|
* - Add revision support to ip6tables.Rémi Denis-Courmont2006-10-201-1/+200
| | | | | - Add support port range match to libip6t_multiport (R?mi Denis-Courmont <rdenis@simphalempin.com>)
* iptables segfaults when given "" to --log-prefix (Mike Frysinger ↵Mike Frysinger2006-10-103-0/+16
| | | | | | <vapier@gentoo.org>) Bugzilla #516
* Use correct types at error reporting (patch sent by H. Nakano)Joszef Kadlecsik2006-10-061-2/+2
|
* Named realm (Simon Lodal <simon@parknet.dk>)Simon Lodal2006-09-022-13/+158
| | | | Optionally read realm values from /etc/iproute2/rt_realms
* Add statistic match extensionPatrick McHardy2006-08-312-0/+177
|
* iptables: fix ipt_MARK documentation (Eric Leblond)Eric Leblond2006-08-291-1/+8
| | | | | This patch documents --or-mask and --and-mask options of the MARK target. Description is directly taken from the source code.
* update quota match for xtables + fix -D bug (Phil Oester <kernel@linuxace.com>)Phil Oester2006-08-082-7/+8
|
* Revert "proto_to_name duplication" patch, as noticed by Yasuyuki it can causePatrick McHardyJesper Brouer2006-07-251-2/+19
| | | | invalid arguments to get accepted.
* proto_to_name duplication (Phil Oester <kernel@linuxace.com>)Phil Oester2006-07-221-19/+2
| | | | | Update multiport match to use the iptables version of proto_to_name instead of reinventing the wheel.
* reduce parse_*_port duplication (Phil Oester <kernel@linuxace.com>)Phil Oester2006-07-209-137/+18
| | | | | The below patch (dependent upon my 'reduce service_to_port duplication' patch) centralizes the parse_*_port functions into parse_port.
* reduce service_to_port duplication (Phil Oester <kernel@linuxace.com>)Phil Oester2006-07-209-105/+6
| | | | | The service_to_port function is used in a number of places, and could benefit from some centralization instead of being duplicated everywhere.
* please kill santa-claus (Pierre-Yves Ritschard <pierre-yves@spootnik.org>)Pierre-Yves Ritschard2006-07-051-1/+0
| | | | Remove "hoho" message :)
generated by cgit v1.2.3 (git 2.25.0) at 2024-11-12 18:06:21 +0000