| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
o clean up layer-4 compare functions
o finish the comparison infrastructure: support for tuple/mark matching
o fix bug in the default event display when used in conjunction with the
comparison infrastructure.
o Bumped version to 0.0.30
Thanks to Yasuyuki Kozakai for:
[LIBNETFILTER_CONNTRACK] fix dumping IPv6 connections
that in included in this commit.
|
|
|
|
|
|
|
|
|
| |
o Added the comparison infrastructure for layer-4 protocols
o Added libnetfilter_conntrack_[tcp|udp|icmp|sctp].h that contains the protocol flags used by the comparison infrastructure
o Added nfct_conntrack_compare to compare two conntracks based on flags
o Killed nfct_event_netlink_handler
o nfct_event_[conntrack|expect] requires ROOT privileges (reason: netlink multicast)
o Bumped version to 0.29
|
|
|
|
| |
linux_nnfnetlink_conntrack.h
|
|
|
|
|
|
|
|
| |
o fixed ICMP ID handling
o fix -> libtool: link: libtool library `nfct_proto_*.la' must begin with `lib'
o remove wrong flag at extensions/Makefile.am
o bumped version to 0.0.26
o fixed versioning :(
|
|
|
|
|
|
|
|
| |
o move build_tuple_proto and build_protoinfo to the extensions where it
really belongs to.
o Reworked the conntrack and expect netlink handlers
o Fix expectation table output, now it's similar to the /proc output
o Bumped version to 0.2.1
|
|
|
|
|
|
|
|
|
|
| |
o libnetfilter_conntrack.h splitted into two parts: what is visible to
application programs and what is visible to extensions.
o Killed includes asm/types.h and linux/if.h
o Fixed nasty wrong ipv6 definition
o Stolen the status bits from ip_conntrack.h, we don't include ip_conntrack.h
anymore.
o move nfct_handle to libnetfilter_conntrack.c: better for encapsulation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Added some very brief comments to libnetfilter_conntrack.h
o Implemented the conntrack printers API nfct_sprintf_*
o Now nfct_default_conntrack_display display the classical /proc output,
and nfct_default_conntrack_display the classical + conntrack ids
o Use nfnl_talk if there's no data expected from kernel space to be processed,
that is the case of nfct_[get|delete]_conntrack
o Added some missing memset's zeroing
o Code simplification: killed some char *buf where struct nfnlhdr is enough
o Killed protocol handler destructors (fini) and nfct_unregister_proto: The
library is unloaded if something goes wrong (different library versions), the
modules never gets inserted in the proto_list. Fixes a segfault.
o Bumped version to 0.2.0
|
|
We provide an high level interface that abstracts from the netlink
sockets. Now users don't need to know anything about them.
|