iptables - iptables tree

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix a few cases of pointless assignments	Phil Sutter	2018-09-24	1	-1/+1
\| \| \| \| \| \| \| \|	This gets rid of a number of assignments which are either redundant or not used afterwards. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
*	libxtables: Avoid calling memcpy() with NULL source	Phil Sutter	2018-09-24	1	-4/+8
\| \| \| \| \| \| \| \| \| \|	Both affected functions check if 'oldopts' is NULL once but later seem to ignore that possibility. To catch up on that, increment the pointer only if it isn't NULL, also don't copy its content into the merged options buffer in that case. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
*	libxtables: Fix potential array overrun in xtables_option_parse()	Phil Sutter	2018-09-13	1	-1/+1
\| \| \| \| \| \| \| \|	If entry->type is to be used as array index, it needs to be at max one less than that array's size. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
*	xtables: Introduce and use common function to parse val[/mask] arguments	Serhey Popovych	2018-04-27	1	-21/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	There are a couple of places in both core and extensions where arguments in the form of val[/mask] is parsed (see XTTYPE_MARKMASK32). In some cases symbolic name might be used which is mapped in code to numeric value. Introduce common function to handle both cases where value given is either val[/mask] or symbolic name. Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de>
*	libxtables: fix getaddrinfo return value usage	Domen Puncer	2014-06-13	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	getaddrinfo return value on error can also be positive. On Android they're positive, e.g.: android-ndk-r9d/platforms/android-19/arch-arm/usr/include/netdb.h 147 #define EAI_NONAME 8 /* hostname nor servname provided, or not known */ And as a plus, it's not bad to conform to specs. Signed-off-by: Domen Puncer Kugler <domen.puncer@samsung.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*	libxtables: Print meaningful error message for an invalid MAC address string	Mart Frauenlob	2014-02-02	1	-1/+1
\| \| \| \| \| \| \| \|	If an invalid MAC address is used on the commmand line, the error message `ether' was not really describing the problem. Signed-off-by: Mart Frauenlob <mart.frauenlob@chello.at> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*	libxtables: fix parsing of dotted network mask format	Pablo Neira Ayuso	2013-05-09	1	-3/+35
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	After upgrade from iptables 1.4.8 to 1.4.18 netmask parsing got broken: -A foo -m policy --mode tunnel --dir in --tunnel-src 192.168.123.0/255.255.255.0 -j RETURN With iptables 1.4.18: iptables-restore v1.4.18: policy: bad value for option "--tunnel-src", or out of range (0-32) This was probably broken by the augmented parser. Reported-by: Thomas Jarosch <thomas.jarosch@intra2net.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*	libxtables: Fix file descriptor leak in xtables_lmap_init on error	Thomas Jarosch	2011-09-28	1	-0/+1
\| \| \| \| \|	Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*	build: restore build order of modules	Jan Engelhardt	2011-09-19	1	-0/+1171
	iptables(exe) requires libext.a, but extensions/ require libxtables.la (in iptables/). This circular dependency does not work out, so separate libxtables into its own directory and put it in front. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>