| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Instead the kernel source code is checked to verify the different
compatibility issues for the supported kernel releases.
This way hopefully backported features will be handled properly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable ipset port set types to match IPv4 package fragments for
protocols that doesn't have ports (or the port information isn't
supported by ipset).
For example this allows a hash:ip,port ipset containing the entry
192.168.0.1,gre:0 to match all package fragments for PPTP VPN tunnels
to/from the host. Without this patch only the first package fragment
(with fragment offset 0) was matched, while subsequent fragments wasn't.
This is not possible for IPv6, where the protocol is in the fragmented
part of the package unlike IPv4, where the protocol is in the IP header.
IPPROTO_ICMPV6 is deliberately not included, because it isn't relevant
for IPv4.
Signed-off-by: Anders K. Pedersen <akp@surftown.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
While parsing through IPv6 extension headers, fragment headers are
skipped making them invisible to the caller. This reports the
fragment offset of the last header in order to make it possible to
determine whether the packet is fragmented and, if so whether it is
a first or last fragment.
Signed-off-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
| |
The tests for inclusion of linux/export.h in
ipset-6.11:kernel/net/netfilter/ipset/{ip_set_getport.c,pfxlen.c} are
incorrect, linux/export.h did not go in until 3.2.0.
|
|
|
|
|
|
|
| |
These files are non modular, but need to export symbols using
the macros now living in export.h -- call out the include so
that things won't break when we remove the implicit presence
of module.h from everywhere.
|
|
|
|
|
| |
ipset is actually using NFPROTO values rather than AF (xt_set passes
that along).
|
|
|
|
| |
SCTP and UDPLITE port support added to the hash:*port* types.
|
|
The kernel/ subdirectory is reorganized to follow the kernel directory
structure.
|