Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | rename `examples' directory to `doc' | Ayuso/emailAddress=pablo@netfilter.org | 2007-12-23 | 19 | -1/+2 | |
| | ||||||
* | fix minor typo in warning message | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-12-21 | 1 | -4/+4 | |
| | ||||||
* | o Use more appropriate names for the existing synchronization modes: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-12-21 | 26 | -69/+83 | |
| | | | | | | o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm | |||||
* | raise ignorepoll limit from 1024 to INT_MAX | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-12-21 | 2 | -2/+4 | |
| | ||||||
* | = conntrack = | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-12-21 | 10 | -45/+158 | |
| | | | | | | | | | | | o fix missing `-g' and `-n' options in getopt_long control string o add support for secmark (requires Linux kernel >= 2.6.25) o add mark and secmark information to the manpage o cleanup error message = conntrackd = o add support for secmark (requires Linux kernel >= 2.6.25) o add conntrackd (8) manpage | |||||
* | Add CacheWriteThrough clause: external cache write through policy. This ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-11-25 | 15 | -35/+163 | |
| | | | | feature is particularly useful for active-active setup without connection persistency, ie. you cannot know which firewall would filter a packet that belongs to a connection. | |||||
* | add syslog support and bump version | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-09-12 | 19 | -92/+228 | |
| | ||||||
* | bump libnetfilter_conntrack version dependency | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-09-12 | 1 | -1/+1 | |
| | ||||||
* | Remove window tracking disabling limitation (requires Linux kernel >= 2.6.22) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-09-12 | 2 | -4/+12 | |
| | ||||||
* | improve INSTALL file | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-08-08 | 2 | -3/+23 | |
| | ||||||
* | conntrack-tools compilation problem (K.Kovacs) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-08-06 | 4 | -2/+12 | |
| | ||||||
* | conntrackd requires the connection tracking event API: insist more in INSTALL | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-29 | 2 | -0/+4 | |
| | ||||||
* | remove script_fault.sh script | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-28 | 7 | -12/+5 | |
| | ||||||
* | prepare 0.9.5 release | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-28 | 1 | -1/+1 | |
| | ||||||
* | fix NAT in changes committed in r6904 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-19 | 1 | -19/+30 | |
| | ||||||
* | - simplify cache_flush function: use cache_del() | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-19 | 2 | -12/+2 | |
| | ||||||
* | minor fix in the last commit: check conf->mtu instead of mtu that is < 0 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-19 | 1 | -1/+1 | |
| | ||||||
* | include protocol filter parameters in the manpage | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-18 | 5 | -39/+44 | |
| | ||||||
* | conntrackd: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-18 | 17 | -116/+266 | |
| | | | | | | | | | - use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst | |||||
* | - conntrack-tools requires libnetfilter_conntrack >= 0.0.81 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-09 | 30 | -790/+909 | |
| | | | | | | | | | | | | | - add len field to nethdr - implement buffered send/recv to batch messages - stop using netlink format for network messages: use similar TLV-based format - reduce synchronization messages size up to 60% - introduce periodic alive messages for sync-nack protocol - timeslice alarm implementation: remove alarm pthread, remove locking - simplify debugging functions: use nfct_snprintf instead - remove major use of libnfnetlink functions: use libnetfilter_conntrack API - deprecate conntrackd -F, use conntrack -F instead - major rework of the network infrastructure: much simple, less messy | |||||
* | do not include .svn directories in tarballs | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-02 | 1 | -0/+1 | |
| | ||||||
* | fix dyslexia bug in Changelog (Pablo... we live in 2007, not in 2006) andsvn_t_conntrack-tools-0.9.4 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-02 | 1 | -3/+3 | |
| | | | | update release date of conntrack-tools 0.9.4 | |||||
* | fork when internal/external dump and commit requests are received | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-25 | 3 | -7/+9 | |
| | ||||||
* | - more cleanups and code refactorization | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-19 | 13 | -172/+156 | |
| | | | | | | - remove several debug calls - create a child to dispatch dump requests: this will help to simplify the current locking schema. Later. | |||||
* | - local requests return EXIT_FAILURE if it can't connect to the daemon | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-13 | 5 | -67/+29 | |
| | | | | - several cleanups | |||||
* | remove dlopen infrastructure: simplification, it was too much for it | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-09 | 10 | -47/+19 | |
| | ||||||
* | add library dependency checking | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-09 | 2 | -1/+13 | |
| | ||||||
* | - add support for `-L --src-nat' and `-L --dst-nat' to show natted connections | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-09 | 3 | -9/+43 | |
| | | | | - update conntrack(8) manpage | |||||
* | commit phase: if conntrack exists, update it | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-07 | 2 | -1/+2 | |
| | ||||||
* | add aliases --sport and --dport to make it more iptables-like | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-04 | 4 | -12/+15 | |
| | ||||||
* | o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-04 | 3 | -104/+11 | |
| | | | | o remove bogus option to get a conntrack in test.sh example file | |||||
* | o remove useless backlog parameter in multicast sockets | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-04 | 18 | -198/+122 | |
| | | | | | | | | o remove reminiscents of delay destroy message and relax transitions o remove confusing StripNAT parameter: NAT support enabled by default o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o lots of cleanups | |||||
* | fix error message in configure.in (Eric Leblond) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-31 | 2 | -2/+3 | |
| | ||||||
* | fix silly bug in build_network_message: out of bound memset | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-30 | 2 | -0/+5 | |
| | ||||||
* | conntrack --output requires one parameter (Krzysztof Oledzki) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-29 | 1 | -1/+1 | |
| | ||||||
* | simplify checksum code: use UDP/multicast checksum facilities | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-24 | 8 | -69/+19 | |
| | ||||||
* | - update TODO listsvn_t_conntrack-tools-0.9.3 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-23 | 3 | -20/+32 | |
| | | | | | - update INSTALL - use conntrack instead of conntrackd to flush the conntrack table | |||||
* | add missing ignore_conntrack in the overrun handler | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-21 | 3 | -1/+7 | |
| | ||||||
* | - introduce cache_iterate | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-20 | 10 | -105/+190 | |
| | | | | | | | | - empty debug_ct function if DEBUG_CT is not set - revisit overrun handler: this is a hard battle, just try to do our best here, call Patrick :) - explicit warning message when netlink_buffer_max_growth is reached - fix silly bug in stats-mode when dumping in XML format - fix UDP handler for conntrack | |||||
* | - remove dead code sync-mode.c | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-18 | 7 | -96/+96 | |
| | | | | | | | - flush nack queue in the conntrackd -f path - do not increase add_fail counter for EEXIST errors - cleanup sync-nack code - improve mcast_recv_netmsg: sanity check before checksumming! | |||||
* | add script for keepalived fault state (eg. unplugged cable/link down) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-15 | 7 | -0/+13 | |
| | ||||||
* | o introduce '--output xml,extended,timestamp' option for '-L', '-G' and '-E' | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-07 | 7 | -60/+96 | |
| | | | | o several fixes for the output of usage messages | |||||
* | - update changelog | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-06 | 2 | -13/+25 | |
| | | | | - use positive logic in error handling | |||||
* | - add warning note to ctnl_test.c: old API is deprecated | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-05-06 | 9 | -614/+643 | |
| | | | | | | | | - split expect_api_test.c into small example files expect_*.c - introduce alias tags for original tuple attributes - introduce nfexp_sizeof and nfexp_maxsize - build expectation attributes iif they are set - fix l3num setting in expect/build.c | |||||
* | fix MODULE_DIR enviroment variable | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-25 | 1 | -1/+1 | |
| | ||||||
* | move test.sh into examples/ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-17 | 1 | -0/+0 | |
| | ||||||
* | - remove overkill recursive Makefile.am definition in examples/ (use EXTRA_DIST) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-17 | 11 | -15/+4 | |
| | ||||||
* | - bump version to 0.9.3 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-17 | 4 | -4/+5 | |
| | | | | | - show 'conntrack-tools' string when 'conntrack -V' is issued - include missing headers to include/Makefile.am | |||||
* | introduce conntrack(8) manpage | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-17 | 1 | -2/+1 | |
| | ||||||
* | - Merge conntrack and conntrackd changelogs, even if it will be dropped from ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-04-16 | 4 | -241/+238 | |
| | | | | | | SVN soon. - Update INSTALL documentation |