summaryrefslogtreecommitdiffstats
path: root/ip6tables-save.c
Commit message (Collapse)AuthorAgeFilesLines
* Move common parts of libext{4,6}.a into libext.aMaciej Żenczykowski2011-04-191-0/+1
| | | | Signed-off-by: Maciej Zenczykowski <maze@google.com>
* v6: rename print_rule() to print_rule6()Maciej Zenczykowski2011-04-041-1/+1
| | | | | Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* v6: rename init_extensions() to init_extensions6()Maciej Zenczykowski2011-04-041-1/+1
| | | | | Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* mark newly opened fds as FD_CLOEXEC (close on exec)Maciej Zenczykowski2011-04-041-1/+1
| | | | | | | (This is iptables-1.4.3.1-cloexec.patch from RedHat iptables.src.rpm) Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* build: combine iptables-multi and iptables-staticJan Engelhardt2009-07-251-1/+1
| | | | | | | | | | | | | | | Changed the Makefile so that: 1. --enable-shared / --disable-shared control the linkage against libdl (and thus the potential to use 3rd party extensions) 2. --enable-static / --disable-static controls whether shipped extensions are built-in or provided as modules iptables-static becomes redundant by this action; iptables-multi now has the feature. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables: close open file descriptorsJan Engelhardt2009-06-101-0/+1
| | | | | | | Just for correctness, close some file descriptors that were opened. (E.g. ip6tables-save reading from procfs files.) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables-save: module loading correctionsJan Engelhardt2009-03-191-3/+9
| | | | | | | | | | | | | | | | | | | 1. Ignore the absence of /proc/net/ip_tables_names, which happens when x_tables.ko is not loaded. This is equivalent to having x_tables.ko, but no tabe modules, loaded. As such, success should be returned. 2. Load table when explicitly requested by the -t option. Users might expect "*foo" etc. to be output when `iptables-save -t foo` is executed. So do autoload x_tables.ko and the table in this case. *. Do this for both iptables-save and ip6tables-save, and adjust the manpages for the new -M (modprobe program location) option that is introduced. Based upon a patch by Soren Hansen. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix exit_error to xtables_errorJan Engelhardt2009-02-211-4/+4
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: general follow-up cleanupJamal Hadi Salim2009-02-131-4/+0
| | | | | | Kill program_name, program_version and xtables_program_name. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
* libxtables: consolidate init calls into one functionJamal Hadi Salim2009-02-131-2/+7
| | | | | | | | | | | Introduce xtables_init_all() which hides three calls xtables_init(), xtables_set_nfproto(), and xtables_set_params(). Make ip[6]tables-restore, ip[6]tables-save and ip[6]tables-standalone use it. I moved xtables_set_params around for readability reasons. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
* libxtables: set names of programsJamal Hadi Salim2009-02-121-0/+1
| | | | | | Set proper name of application. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
* libxtables: move afinfo aroundJan Engelhardt2009-02-071-0/+1
| | | | | | | libxtables should not rely on the program executable providing the magic constants for using [gs]etsockopt. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix/order - program_nameJan Engelhardt2009-01-301-2/+3
| | | | | | | | | Split XTABLES_VERSION into xtables and iptables, and encode the xtables soversion into the extensions instead. This makes it possible to upgrade iptables without having to recompile 3rd-party extensions (if the libxtables version matches, of course). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix/order - libdirJan Engelhardt2009-01-271-10/+1
| | | | | | Consolidate the libdir variable initialization code into xtables.c. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* env: augment deprecation noticeJan Engelhardt2009-01-071-1/+2
| | | | | | | Tell the user what to use instead of IP*TABLES_LIBDIR. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* libiptc: remove indirectionsJan Engelhardt2008-11-101-9/+9
| | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* libiptc: remove typedef indirectionJan Engelhardt2008-11-101-1/+1
| | | | | | | | | | | Don't you hate it when iptc_handle_t *x actually is a double-indirection struct iptc_handle **? This also shows the broken constness model, since "const iptc_handle_t x" = "iptc_handle_t const x" = "struct iptc_handle *const x", which is like no const at all. Lots of things to do then. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* iptables --list-rules commandHenrik Nordstrom2008-05-131-193/+0
| | | | | | | | | | | | | | | | | | Adds iptables --list-rules (-S) command, acting as a combination of iptables --list and iptables-save. The primary motivation behind this patch is to get iptables-save like output capabilities in iptables-restore, allowing "iptables-restore -n" to be used as a consistent API to iptables for all kind of operations, not only blind updates.. As a bonus iptables also gets the capability of printing the rules as-is. This completely replaces the earlier patch which added the --rules option. Henrik Nordstrom <henrik@henriknordstrom.net>
* Remove old functions, constantsJan Engelhardt2008-04-151-4/+4
|
* iptables: use C99 lists for struct optionsGáspár Lajos2008-04-141-6/+6
|
* Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIRJan Engelhardt2008-04-131-3/+8
|
* Fix all remaining warnings (missing declarations, missing prototypes)Jan Engelhardt2008-04-131-0/+1
|
* Fix -Wshadow warnings and clean up xt_sctp.hJan Engelhardt2008-04-061-5/+5
| | | | | Note: xt_sctp.h is still not merged upstream in the kernel as of this commit. But a refactoring was really needed.
* whitespace cleanupMax Kellermann2008-01-291-15/+15
| | | | Max Kellermann <max@duempel.org>
* iptables and NO_SHARED_LIBS/dlfcn.hMike Frysinger2007-12-191-1/+4
| | | | | | | | if NO_SHARED_LIBS is defined, then iptables shouldnt even include dlfcn.h. otherwise you hit a build failure when using toolchains that do not provide dlfcn.h because they do not support shared objects. Signed-Off-By: Mike Frysinger <vapier@gentoo.org>
* let DO_MULTI=1 work for ip6tables* binariesHann-Huei Chiou2007-10-231-0/+4
| | | | | | | | When defining DO_MULTI=1 in Makefile, only iptables is built as a single multipurpose binary. This patch makes ip6tables also be built in the same manner. Hann-huei Chiou <koala@ascenvision.com>
* Don't silenty exit on failure to open /proc/net/{ip,ip6}_tables_namesVictor Stinner2007-10-181-1/+3
| | | | Victor Stinner <victor.stinner@inl.fr>
* Fix missing newlines in iptables-save/restore output (Pavol Rusnak ↵Pavel Rusnak2007-05-101-1/+1
| | | | | | <prusnak@suse.cz>) Bugzilla #568
* Fix iptables-save not printing -s !0/0 and -d !0/0 as well as ip6tablesPatrick McHardy2006-12-021-1/+1
| | | | unnecessarily printing the address. Base on patch by Daniel De Graaf.
* Fix setting lib_dir in ip*tables-{save,restore}Martin Josefsson2004-12-271-0/+4
|
* Get rid of some warnings when compiling 64bit.Martin Josefsson2004-05-261-2/+2
|
* Bloody copy-n-edit. Make sure to use matches in the order they are given...Martin Josefsson2004-02-021-1/+1
|
* fix memory leak(s) in libiptc. Reverts the previous (wrong) patch. (Martin ↵Martin Josefsson2003-05-021-0/+2
| | | | Josefsson)
* minor fixes by kisza:András Kis-Szabó2002-08-141-4/+1
| | | | | | | | - remove -C(check) function from ip6tables - -M added to the getopts()'s list (missed) - small change in the iptables help - remove some unused code - some GPL notice added
* globally replace NETFILTER_VERSION with IPTABLES_VERSION to have consistent ↵Harald Welte2002-05-291-2/+2
| | | | naming
* add ip6tables-save/restore manpages; sync with ipv4 (kisza)András Kis-Szabó2002-03-031-30/+29
|
* ip6tables-(save/restore) sync with IPv4 codeHarald Welte2001-10-041-4/+13
|
* - added patch to support statically linking of iptablesHarald Welte2001-08-061-0/+4
| | | | - iptables-save/-restore is no longer experimental
* Major icmpv6 cleanup / fixes by Kis-Szabo Andras.András Kis-Szabó2001-07-141-1/+1
|
* ip6tables-save without target fix, scoreboardHarald Welte2001-07-051-1/+4
|
* fixes '_' in interface names bug (iptables)Harald Welte2001-05-121-1/+1
| | | | fixes '+' in interface names bug (iptables-save)
* forgot to add those two...András Kis-Szabó2001-02-271-0/+341