Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | src: remove dependency on libiptc headers | Jan Engelhardt | 2008-08-04 | 1 | -2/+2 |
| | | | | | | | | xtables.h does not need really need libxtc.h, and we can drop it from the install as it is internal-only. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> | ||||
* | iptables --list-rules command | Henrik Nordstrom | 2008-05-13 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | | | Adds iptables --list-rules (-S) command, acting as a combination of iptables --list and iptables-save. The primary motivation behind this patch is to get iptables-save like output capabilities in iptables-restore, allowing "iptables-restore -n" to be used as a consistent API to iptables for all kind of operations, not only blind updates.. As a bonus iptables also gets the capability of printing the rules as-is. This completely replaces the earlier patch which added the --rules option. Henrik Nordstrom <henrik@henriknordstrom.net> | ||||
* | Remove old functions, constants | Jan Engelhardt | 2008-04-15 | 1 | -5/+0 |
| | |||||
* | Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR | Jan Engelhardt | 2008-04-13 | 1 | -4/+0 |
| | |||||
* | Moves all declarations in iptables_common.h to xtables.h. | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -1/+0 |
| | |||||
* | Moves IPPROTO_* and IP[6]T_LIB_DIR definitions to xtables.h | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -11/+1 |
| | |||||
* | Moves some duplicated functions in ip[6]tables.c to xtables.c | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -3/+0 |
| | | | | | string_to_number_ll, string_to_number_l, string_to_number, service_to_port, parse_port, parse_interface, are moved. | ||||
* | Introduces xtables match/target registration | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -136/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | - moves lib_dir to xtables.c - introduces struct pfinfo which has protocol family dependent infomations. - unifies load_ip[6]tables_ko() and moves them as load_xtables_ko() - introduces xt_{match,match_rule,target,tryload} and replaces ip[6]t_* with them - unifies following functions and move them to xtables.c - find_{match,find_target} - compatible_revision, compatible_{match,target}_revision - introduces xtables_register_{match,target} and make register_{match,target}[6] call them. xtables_register_* register ONLY matches/targets matched protocol family Some concepts: - source compatibility for libip[6]t_xxx.c with warning on compilation not binary compatibility. - binary compatibility between 2.4/2.6 kernel and iptables/ip6tables, of cause. - xtables is enough to support only one address family at runtime. Then xtables keeps infomations of only the focused address famiy in struct afinfo. | ||||
* | Moves ip[6]tables_insmod() to xtables.c as xtables_insmod() | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -2/+0 |
| | |||||
* | Fixes typos in the argument of ip[6]tables_insmod: quit -> quiet | Yasuyuki KOZAKAI | 2007-03-20 | 1 | -2/+3 |
| | |||||
* | Supress error message from modprobe on checking revision. | Yasuyuki KOZAKAI | 2007-03-13 | 1 | -2/+2 |
| | |||||
* | Add UDPLITE multiport support | Patrick McHardy | 2007-01-11 | 1 | -0/+3 |
| | |||||
* | load ip_[6]tables.ko just before checking revision support in kernel. | Yasuyuki KOZAKAI | 2006-11-13 | 1 | -0/+1 |
| | |||||
* | changes IP6T_SO_GET_REVISION_{MATCH,TARGET} to 68,69 | Yasuyuki KOZAKAI | 2006-11-13 | 1 | -2/+2 |
| | | | | 66 and 67 is conflicted with IPv6 Advanced API in kernel <= 2.6.18. | ||||
* | - Add revision support to ip6tables. | Rémi Denis-Courmont | 2006-10-20 | 1 | -0/+15 |
| | | | | | - Add support port range match to libip6t_multiport (R?mi Denis-Courmont <rdenis@simphalempin.com>) | ||||
* | reduce parse_*_port duplication (Phil Oester <kernel@linuxace.com>) | Phil Oester | 2006-07-20 | 1 | -0/+1 |
| | | | | | The below patch (dependent upon my 'reduce service_to_port duplication' patch) centralizes the parse_*_port functions into parse_port. | ||||
* | reduce service_to_port duplication (Phil Oester <kernel@linuxace.com>) | Phil Oester | 2006-07-20 | 1 | -0/+1 |
| | | | | | The service_to_port function is used in a number of places, and could benefit from some centralization instead of being duplicated everywhere. | ||||
* | Add DCCP/SCTP support to multiport. Patch for kernel will go in 2.6.18. | Patrick McHardy | 2006-04-28 | 1 | -0/+7 |
| | |||||
* | Multiple matches of the same type can be specified on the commandline. | Joszef Kadlecsik | 2006-03-03 | 1 | -0/+4 |
| | | | | | | | | | | If two or more matches of the same type are detected then the options are assumed to be grouped in order to tell which option belongs to which match: ... -m foo ... <options0> ... -m foo ... <options1> ... Otherwise the commandline parsing is unmodified. | ||||
* | Fix probing for supported revisions (Jones Desougi <jones@ingate.com>) | Jones Desougi | 2005-12-22 | 1 | -0/+1 |
| | | | | Bugzilla #413 | ||||
* | reduce code replication of parse_interface() (Yasuyuki Kozakai) | Yasuyuki KOZAKAI | 2005-06-22 | 1 | -0/+2 |
| | |||||
* | Fix setting lib_dir in ip*tables-{save,restore} | Martin Josefsson | 2004-12-27 | 1 | -0/+4 |
| | |||||
* | Bloody copy-n-edit. Make sure to use matches in the order they are given... | Martin Josefsson | 2004-02-02 | 1 | -2/+8 |
| | |||||
* | port 'line number on error in iptables-restore' from ipv4 | Harald Welte | 2003-03-05 | 1 | -0/+2 |
| | |||||
* | - added patch to support statically linking of iptables | Harald Welte | 2001-08-06 | 1 | -0/+6 |
| | | | | - iptables-save/-restore is no longer experimental | ||||
* | Added support for iptables-restore module-load-on-demand (a. van schie) | Harald Welte | 2001-06-16 | 1 | -0/+1 |
| | |||||
* | ip6tables fixes by Fabrice Maurie | Fabrice MARIE | 2001-05-05 | 1 | -2/+4 |
| | |||||
* | ip6tables-save/-restore by Kis-Szabo Andras | András Kis-Szabó | 2001-02-26 | 1 | -0/+5 |
| | |||||
* | Jan Echternach's const tweak. | Jan Echternach | 2000-08-27 | 1 | -1/+1 |
| | |||||
* | Philip Blundell's IPv6 fixes. | Philip Blundell | 2000-05-15 | 1 | -2/+14 |
| | |||||
* | IPv6 enhancements. | Rusty Russell | 2000-05-02 | 1 | -0/+107 |