| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | improve netlink overrun handling | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-04-09 | 2 | -1/+11 |
| | | |||||
| * | fix asymmetric path support (still some open concerns) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-04-08 | 1 | -0/+4 |
| | | |||||
| * | Krzysztof Oledzki <ole@ans.pl>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-03-25 | 1 | -0/+1 |
| | | | | | | o add ICMPv6 (-p icmpv6) support o add possibility to distinguish between invalid (unknown) and empty proto | ||||
| * | Pablo Neira Ayuso <pablo@netfilter.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-03-25 | 2 | -2/+2 |
| | | | | | | | | o remove .svn directory from make distcheck tarballs (reported by B.Benjamini) + Krzysztof Oledzki <ole@ans.pl>: o fix minor compilation warning | ||||
| * | compose the file descriptor set at initialization stage to save some cycles | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-02-19 | 3 | -2/+20 |
| | | |||||
| * | From: Max Kellermann <max@duempel.org> | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-02-14 | 1 | -2/+2 |
| | | | | | whitespace cleanups | ||||
| * | add IPv6 support to conntrackd | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-02-02 | 3 | -4/+6 |
| | | |||||
| * | implement a rb-tree based alarm framework | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-29 | 3 | -15/+173 |
| | | |||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-23 | 2 | -5/+6 |
| | | | | | use size_t | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-23 | 1 | -0/+2 |
| | | | | | introduce alarm_pending() | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-23 | 1 | -1/+0 |
| | | | | | remove unused prototype in network.h | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-23 | 2 | -4/+9 |
| | | | | | | | added struct local_server, several cleanups in local socket infrastructure This patch include minor changes by the comitter | ||||
| * | remove alarm counter | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-22 | 1 | -2/+0 |
| | | |||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-22 | 1 | -2/+4 |
| | | | | | | | - Pass next_alarm to __run() only if there is an alarm - Eliminate the "timeout" parameter - the alarm functions get_next_alarm_run() and do_alarm_run() return an timeval pointer instead of a boolean | ||||
| * | Based on patch from Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-20 | 1 | -10/+1 |
| | | | | | merge mod_alarm() into add_alarm(), remove alarm_set_expiration() | ||||
| * | yet another rework of the alarm scheduler | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-18 | 1 | -1/+7 |
| | | |||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-18 | 4 | -28/+3 |
| | | | | | Simplify logging infrastructure | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-17 | 9 | -15/+9 |
| | | | | | import only required C headers and put local headers on top to check | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-17 | 2 | -6/+8 |
| | | | | | use size_t for buffer sizes | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-17 | 1 | -0/+2 |
| | | | | | add buffer_destroy() to buffer.c | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-17 | 8 | -43/+52 |
| | | | | | use C99 integers (uint32_t instead of u_int32_t) | ||||
| * | remove unix socket file on exit | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -1/+1 |
| | | |||||
| * | minor constification fixes | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -1/+1 |
| | | | | | update libnfnetlink dependencies | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 7 | -12/+16 |
| | | | | | Fix tons of gcc warnings | ||||
| * | merge several *_alarm() functions into init_alarm() | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -6/+3 |
| | | |||||
| * | add traffic_stats.h and netlink.h to include/Makefile.am | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -1/+2 |
| | | |||||
| * | Add include/netlink.h and include/traffic_stats.h | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 2 | -0/+31 |
| | | |||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 4 | -0/+30 |
| | | | | | add missing function prototypes | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -4/+4 |
| | | | | | use the comma operator instead of curly braces | ||||
| * | constify queue_iterate() | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -1/+1 |
| | | |||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -1/+1 |
| | | | | | remove prefetch from slist.h since it confuses gcc | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 4 | -4/+4 |
| | | | | | use const when possible | ||||
| * | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-15 | 1 | -2/+2 |
| | | | | | | | the global variable "alarm" conflicts with the alarm() function from unistd.h. resolve that conflict by giving those two global variables a better name. | ||||
| * | improve alarm framework based on suggestions from Max Duempel | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-14 | 1 | -0/+7 |
| | | |||||
| * | wake up the daemon iff there are real events to handle instead of polling ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-09 | 5 | -21/+4 |
| | | | | | (Based on comments from Max Kellerman) | ||||
| * | fix make distcheck | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-07 | 1 | -1/+1 |
| | | |||||
| * | implement buffered connection logging to improve performance | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-05 | 3 | -1/+28 |
| | | |||||
| * | rename class `buffer' to `queue' which is what it really implements | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-05 | 3 | -32/+32 |
| | | |||||
| * | obsolete `-S' option: Use information provided by the config file | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-05 | 1 | -2/+4 |
| | | |||||
| * | o add support for connection logging to the statistics mode via Logfile | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2008-01-03 | 2 | -4/+9 |
| | | | | | | | o minor irrelevant fixes for uncommon error paths and fix several typos o use LOG_INFO for connection logging, use LOG_NOTICE for other information o minor error handling updates | ||||
| * | o Use more appropriate names for the existing synchronization modes: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-12-21 | 2 | -7/+7 |
| | | | | | | | o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm | ||||
| * | = conntrack = | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-12-21 | 1 | -1/+4 |
| | | | | | | | | | | | | o fix missing `-g' and `-n' options in getopt_long control string o add support for secmark (requires Linux kernel >= 2.6.25) o add mark and secmark information to the manpage o cleanup error message = conntrackd = o add support for secmark (requires Linux kernel >= 2.6.25) o add conntrackd (8) manpage | ||||
| * | Add CacheWriteThrough clause: external cache write through policy. This ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-11-25 | 2 | -0/+5 |
| | | | | | feature is particularly useful for active-active setup without connection persistency, ie. you cannot know which firewall would filter a packet that belongs to a connection. | ||||
| * | add syslog support and bump version | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-09-12 | 2 | -1/+5 |
| | | |||||
| * | conntrackd: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-18 | 3 | -8/+30 |
| | | | | | | | | | | - use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst | ||||
| * | - conntrack-tools requires libnetfilter_conntrack >= 0.0.81 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-07-09 | 7 | -67/+147 |
| | | | | | | | | | | | | | | - add len field to nethdr - implement buffered send/recv to batch messages - stop using netlink format for network messages: use similar TLV-based format - reduce synchronization messages size up to 60% - introduce periodic alive messages for sync-nack protocol - timeslice alarm implementation: remove alarm pthread, remove locking - simplify debugging functions: use nfct_snprintf instead - remove major use of libnfnetlink functions: use libnetfilter_conntrack API - deprecate conntrackd -F, use conntrack -F instead - major rework of the network infrastructure: much simple, less messy | ||||
| * | - more cleanups and code refactorization | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-19 | 2 | -13/+15 |
| | | | | | | | - remove several debug calls - create a child to dispatch dump requests: this will help to simplify the current locking schema. Later. | ||||
| * | - local requests return EXIT_FAILURE if it can't connect to the daemon | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-13 | 1 | -2/+3 |
| | | | | | - several cleanups | ||||
| * | remove dlopen infrastructure: simplification, it was too much for it | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-09 | 1 | -0/+4 |
| | | |||||
| * | o remove useless backlog parameter in multicast sockets | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | 2007-06-04 | 4 | -18/+27 |
| | | | | | | | | | o remove reminiscents of delay destroy message and relax transitions o remove confusing StripNAT parameter: NAT support enabled by default o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o lots of cleanups | ||||
 |
index : conntrack-tools | |
| conntrack-tools tree | pablo@netfilter.org |
| summaryrefslogtreecommitdiffstats |