| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
| |
o Added the comparison infrastructure for layer-4 protocols
o Added libnetfilter_conntrack_[tcp|udp|icmp|sctp].h that contains the protocol flags used by the comparison infrastructure
o Added nfct_conntrack_compare to compare two conntracks based on flags
o Killed nfct_event_netlink_handler
o nfct_event_[conntrack|expect] requires ROOT privileges (reason: netlink multicast)
o Bumped version to 0.29
|
|
|
|
| |
- have only one place where we specify the includes (Make_global.am)
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Munich, Germany for providing the "fast" hardware to reproduce spurious bugs ;)
List of changes:
o Replace misleading flag NFCT_ANY_GROUP by NFCT_ALL_GROUPS
o Update test file to use NFCT_ALL_GROUPS
o Add missing check of CTA_PROTOINFO_TCP that resulted in a segfault in
conjuction with events.
o Fix ICMP conntracks output
o Add missing prototype definition of nfct_default_expect_display_id in
libnetfilter_conntrack.h
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Added some very brief comments to libnetfilter_conntrack.h
o Implemented the conntrack printers API nfct_sprintf_*
o Now nfct_default_conntrack_display display the classical /proc output,
and nfct_default_conntrack_display the classical + conntrack ids
o Use nfnl_talk if there's no data expected from kernel space to be processed,
that is the case of nfct_[get|delete]_conntrack
o Added some missing memset's zeroing
o Code simplification: killed some char *buf where struct nfnlhdr is enough
o Killed protocol handler destructors (fini) and nfct_unregister_proto: The
library is unloaded if something goes wrong (different library versions), the
modules never gets inserted in the proto_list. Fixes a segfault.
o Bumped version to 0.2.0
|
|
|
|
|
|
|
|
|
|
|
| |
o NFCT_COUNTERS splitted in NFCT_COUNTERS_[ORIG|RPLY]
o all global vars are now static
o kill nfct_set_handler, it was too much
o fixed very stupid bug in counters printing
o fixed conntrack getting: invalid netlink flags NLM_F_[ROOT|MATCH]
o nfnl_send returns the proper error to the client, instead of returning -1
o some cleanup's: killed the ret, it was useless
o test for the conntrack API completed, still missing the expectation test
|
|
|
|
|
|
| |
o Define NFCT_ANY_GROUP flag
o Now callback can return a value to stop receiving events
o implement nfct_unset_callback()
|
|
|
|
| |
o Added a simple test case, yet incomplete
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
include/Makefile.am.
- Rename list_conntrack_handler to callback_handler, IMHO a proper name for such function.
- Use new nfnl_open prototype: Now it's got four parameters.
- Kill recurrent definition of the structure nfnlhdr: Actually this should go somewhere in
libnfnetlink, later.
- Ignore utils subdirectory. It contains a testsuite that is currently broken. Yes I know you're
aware of it ;) it's on the TODO list. I'll fix later.
- ctnl_error now has a nicer definition.
- kill some unneeded ctnl_error messages on failure.
(Pablo Neira)
|
|
|
|
| |
- document new 3parameter open function
|
| |
|
| |
|
|
|