summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* delay the closure of the dump descriptor to fix assertion with cache_wtconntrack-tools-0.9.7Pablo Neira Ayuso2008-05-311-1/+3
|
* increase deletion stats when the timer is scheduled in cache_del_timeout()Pablo Neira Ayuso2008-05-311-2/+7
|
* define SO_[RCV|SND]BUFFORCE if not setPablo Neira Ayuso2008-05-271-0/+8
|
* remove secmark support for conntrackdPablo Neira Ayuso2008-05-272-3/+0
|
* fix leak in cache_destroy(): release objects before destroying the cachePablo Neira Ayuso2008-05-261-0/+1
|
* rework the HELLO logic inside FT-FWPablo Neira Ayuso2008-05-262-7/+47
|
* add best effort replication protocol (aka NOTRACK)Pablo Neira Ayuso2008-05-255-2/+203
|
* add eventfd emulation to communicate receiver -> senderPablo Neira Ayuso2008-05-254-8/+100
|
* only allow the use of --secmark for listing (filtering)Pablo Neira Ayuso2008-05-222-3/+5
| | | | add missing string.h required by strdup in config parsing
* check for missing IPv6 address before hashingPablo Neira Ayuso2008-05-211-0/+8
|
* Updates (-U) show the effect of the operation in the conntrack entryPablo Neira Ayuso2008-05-201-11/+36
|
* add Mcast[Snd|Rcv]SocketBuffer clauses to tune multicast socket buffersPablo Neira Ayuso2008-05-204-1/+50
|
* improve network message sanity checkingsPablo Neira Ayuso2008-05-183-38/+57
|
* - remove (misleading) counters and use information from the statistics modePablo Neira Ayuso2008-05-162-73/+7
| | | | | - use generic nfct_copy() from libnetfilter_conntrack to update objects - use generic nfct_cmp() to compare objects
* Fix reorder possible reordering of destroy messages under message omission. ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-297-47/+100
| | | | This patch introduces the TimeoutDestroy clause to determine how long a conntrack remains in the internal cache once it has been destroy from the kernel table.
* rework of the FT-FW approach/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-264-95/+233
|
* add more verbose error notification when the injection of a conntrack fails/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-164-12/+33
|
* o fix NAT filtering via --src-nat and --dst-nat (reported by K.Oledzki)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-161-40/+52
| | | | | | o recover the ID support o show display counters to stderr o enable filtering by status and ID
* fix conntrack -U -p tcp [...]/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-131-10/+7
|
* This is a major improvement of the conntrack command line tool:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-131-69/+220
| | | | | | | | o check for missing source/address IP/ports in creation and get operations o way more flexible conntrack updates and deletions o fix NAT filtering via --src-nat and --dst-nat (reported by K.Oledzki) o show display counters to stderr o minor cleanups
* o simplify parameter-handling code/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-121-217/+138
| | | | | o check for missing source/address IP/ports o minor cleanups
* improve netlink overrun handling/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-094-74/+99
|
* fix asymmetric path support (still some open concerns)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-082-4/+63
|
* fix compilation in ARM (reported by Thiemo Seufer via Max Kellermann)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-081-0/+1
|
* fix minor compilation issue in amd64 with gcc4.3 (reported by Daniel Schepler/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-261-1/+1
| | | | via M.Kellermann)
* Krzysztof Oledzki <ole@ans.pl>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-252-2/+6
| | | | | o add ICMPv6 (-p icmpv6) support o add possibility to distinguish between invalid (unknown) and empty proto
* revert relicensing... still we use linux_list.h code which seems to be GPLv2 ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-0830-30/+30
| | | | only which is incompatible AFAIK
* relicense conntrack-tools as GPLv3+, so far the most significant contributor ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-0830-30/+30
| | | | has been Max Kellermann and has no issues with relicensing their contributions.
* cleanup: remove config_set from main(), use config_file variable instead/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-221-4/+3
|
* compose the file descriptor set at initialization stage to save some cycles/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-195-19/+99
|
* From: Max Kellermann <max@duempel.org>/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-144-18/+18
| | | | whitespace cleanups
* From: Max Kellermann <max@duempel.org>/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-141-3/+2
| | | | use list_for_each_entry()
* From: Max Kellermann <max@duempel.org>/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-141-1/+2
| | | | make alarm_run_queue a local variable
* From: Max Kellermann <max@duempel.org>/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-141-4/+1
| | | | use "for" loop instead of "while"
* From: Max Kellermann <max@duempel.org>/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-141-2/+2
| | | | eliminate duplicated initialization
* add missing bits for NAT sequence adjusment support/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-091-0/+14
|
* o add IPv6 information to synchronization messages/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-092-6/+31
| | | | | o add support for NAT sequence adjustment (requires Linux kernel >= 2.6.25) o remove TODO file from release tarballs
* add IPv6 support to conntrackd/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-026-103/+189
|
* implement a rb-tree based alarm framework/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-297-122/+457
|
* remain is size_t instead of ssize_t to remove the cast/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-2/+2
|
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-237-25/+26
| | | | use size_t
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-232-0/+11
| | | | introduce alarm_pending()
* missing casting to keep -Werror happy/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-1/+1
|
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-0/+5
| | | | | | check if the received packet is large enough Minor changes by the committer
* add comment to clarify handle_msg()/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-0/+1
|
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-232-14/+17
| | | | | | added struct local_server, several cleanups in local socket infrastructure This patch include minor changes by the comitter
* Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-1/+1
| | | | fix error checking of local_create_server()
* fix inconsistent alarm update in cache_alarm_update/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-221-1/+3
|
* minor cleanups/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-221-5/+5
|
* remove alarm counter/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-221-5/+1
|