| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is *not* changing the licensing terms of this library (which
was initially released under GPLv2 and later on extended to GPLv2+ after
contacting all the contributors who kindly agreed to extend it to any
later GPL version).
Jan says: "In libnetfilter_conntrack, there are many .c files declaring
GNU GPL incorporated herein by reference without telling which version(s)
exactly apply. Given src/main.c for example is actually GPL-2.0+,
the reference made is ambiguous."
This patch should definitely clarify this.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
static analysis (analysis based only on compiling of sources, not based
on running of binary) of the code revealed the following problem:
conntrack/objopt.c:63: self_assign: Assignment operation
"ct->snat.l4max.all = ct->snat.l4max.all"
has no effect.
Signed-off-by: Jiri Popelka <jpopelka@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
|
| |
This patch fixes the autocomplete feature for ICMP[v6] entries
that makes the kernel return EINVAL. Basically, we skip the
autocomplete since this is already done in the setter.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
| |
Signed-off-by: Hannes Eder <heder@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
| |
This patch adds the size of the arrays to set to NULL unset
elements. This helps to spot unset functions for new attributes.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
|
|
| |
This patch introduces likely() and unlikely() that use
__builtin_expect to assist the compiler in the branch decisions.
I am assuming that we have no clients of libnetfilter_conntrack
that use gcc < 2.96.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
| |
This patch replaces the use of switch by indirect function calls.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
| |
This patch cleanups the internal headers by splitting them into several
logical pieces.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
status flags are set
|
| |
|
|
|
|
| |
status flags bits of conntrack objects in userspace can be set and unset as it happens with other attributes.
- nfct_get_objopt with NAT detectors previously checks if the status attribute is set, otherwise it just skips it.
|
|
|
- object oriented infrastructure
- extensible and configurable output (XML)
- low level functions to interact with netlink details
- fairly documented
Still backward compatible.
|
