summaryrefslogtreecommitdiffstats
path: root/src/sync-mode.c
Commit message (Collapse)AuthorAgeFilesLines
* revert relicensing... still we use linux_list.h code which seems to be GPLv2 ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-081-1/+1
| | | | only which is incompatible AFAIK
* relicense conntrack-tools as GPLv3+, so far the most significant contributor ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-081-1/+1
| | | | has been Max Kellermann and has no issues with relicensing their contributions.
* compose the file descriptor set at initialization stage to save some cycles/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-191-5/+4
|
* add IPv6 support to conntrackd/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-021-2/+0
|
* remain is size_t instead of ssize_t to remove the cast/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-2/+2
|
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-4/+5
| | | | use size_t
* missing casting to keep -Werror happy/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-1/+1
|
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-0/+5
| | | | | | check if the received packet is large enough Minor changes by the committer
* add comment to clarify handle_msg()/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-0/+1
|
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-181-16/+16
| | | | Simplify logging infrastructure
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-171-1/+1
| | | | remove superfluous initialization
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-171-7/+7
| | | | import only required C headers and put local headers on top to check
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-171-0/+3
| | | | fix memory leaks in several error output paths
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-1/+1
| | | | Fix tons of gcc warnings
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-0/+4
| | | | add missing function prototypes
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-11/+12
| | | | fix wrong invocations after prototype cleanup
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-3/+3
| | | | | | the global variable "alarm" conflicts with the alarm() function from unistd.h. resolve that conflict by giving those two global variables a better name.
* set up the configuration flags when defaulting/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-141-0/+1
|
* wake up the daemon iff there are real events to handle instead of polling ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-091-2/+2
| | | | (Based on comments from Max Kellerman)
* rename class `buffer' to `queue' which is what it really implements/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-051-1/+0
|
* obsolete `-S' option: Use information provided by the config file/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-051-3/+7
|
* o add support for connection logging to the statistics mode via Logfile/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-031-2/+3
| | | | | | o minor irrelevant fixes for uncommon error paths and fix several typos o use LOG_INFO for connection logging, use LOG_NOTICE for other information o minor error handling updates
* o Use more appropriate names for the existing synchronization modes:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-211-4/+4
| | | | | | o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm
* Add CacheWriteThrough clause: external cache write through policy. This ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-11-251-5/+17
| | | | feature is particularly useful for active-active setup without connection persistency, ie. you cannot know which firewall would filter a packet that belongs to a connection.
* add syslog support and bump version/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-09-121-16/+17
|
* conntrackd:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-07-181-1/+8
| | | | | | | | | - use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst
* - conntrack-tools requires libnetfilter_conntrack >= 0.0.81 /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-07-091-63/+89
| | | | | | | | | | | | | - add len field to nethdr - implement buffered send/recv to batch messages - stop using netlink format for network messages: use similar TLV-based format - reduce synchronization messages size up to 60% - introduce periodic alive messages for sync-nack protocol - timeslice alarm implementation: remove alarm pthread, remove locking - simplify debugging functions: use nfct_snprintf instead - remove major use of libnfnetlink functions: use libnetfilter_conntrack API - deprecate conntrackd -F, use conntrack -F instead - major rework of the network infrastructure: much simple, less messy
* fork when internal/external dump and commit requests are received/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-251-2/+6
|
* - more cleanups and code refactorization/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-191-41/+28
| | | | | | - remove several debug calls - create a child to dispatch dump requests: this will help to simplify the current locking schema. Later.
* o remove useless backlog parameter in multicast sockets/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-041-60/+44
| | | | | | | | o remove reminiscents of delay destroy message and relax transitions o remove confusing StripNAT parameter: NAT support enabled by default o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o lots of cleanups
* add missing ignore_conntrack in the overrun handler/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-05-211-0/+3
|
* - introduce cache_iterate/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-05-201-3/+82
| | | | | | | | - empty debug_ct function if DEBUG_CT is not set - revisit overrun handler: this is a hard battle, just try to do our best here, call Patrick :) - explicit warning message when netlink_buffer_max_growth is reached - fix silly bug in stats-mode when dumping in XML format - fix UDP handler for conntrack
* - remove dead code sync-mode.c/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-05-181-38/+13
| | | | | | | - flush nack queue in the conntrackd -f path - do not increase add_fail counter for EEXIST errors - cleanup sync-nack code - improve mcast_recv_netmsg: sanity check before checksumming!
* first step forward to merge conntrackd and conntrack into the same building ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-04-161-0/+416
chain