summaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* Build statistic match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+32
|
* Build quota match unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+16
|
* Build NFLOG target unconditionally/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-051-0/+18
|
* [PATCH]: Remove last vestiges of NFC (Peter Riley <Peter.Riley@hotpop.com>)/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-09-021-3/+2
|
* Resync ip6t_REJECT.h with kernel - seems the entire time we had an imcompatible/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-08-231-1/+3
| | | | | | header :( Noticed by Peter Riley <Peter.Riley@hotpop.com>
* Add IPv6 support to helper match/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-042-8/+8
|
* Add IPv6 support to connbytes match/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-041-0/+25
|
* Add IPv6 support to DSCP target/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-041-8/+8
|
* Add IPv6 support to CLASSIFY target/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-042-8/+8
|
* Unifies libip[6]t_state into libxt_state/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-041-0/+13
|
* Unifies libip[6]t_connmark into libxt_connmark/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-041-4/+4
|
* Unifies libip[6]t_hashlimit into libxt_hashlimit/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-041-12/+12
|
* Unifies libip[6]t_MARK into libxt_MARK/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-043-27/+21
|
* Unifies libip[6]t_CONNSECMARK into libxt_CONNSECMARK/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-041-0/+13
|
* Add IPv6 support to CONNMARK match/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-041-7/+7
|
* Make @msg argument a const char *, just like printf()./C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-08-011-1/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Make xtables_target->extra_opts const (xtables_match->extra_opts already is)/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-301-1/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Unifies libip[6]t_NFQUEUE.c into libxt_NFQUEUE.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-4/+4
|
* Unifies libip[6]t_TCPMSS.c into libxt_TCPMSS.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-10/+10
|
* Add IPv6 support to comment match/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-10/+10
|
* Add IPv6 support to dscp match./C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-23/+23
|
* Unifies libip[6]t_esp.c into libxt_esp.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-243-39/+14
|
* Unifies libip[6]t_length.c into libxt_length.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-243-19/+9
|
* Unifies libip[6]t_limit.c into libxt_limit.c./C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-27/+6
|
* Unifies libip[6]t_mac.c into libxt_mac.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-0/+8
|
* Unifies libip[6]t_physdev.c into libxt_physdev.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-243-48/+24
|
* Add IPv6 support to pkttype match/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-9/+8
|
* Unifies libip[6]t_sctp.c into libxt_sctp.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-11/+11
|
* Add IPv6 support to tcpmss match/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-9/+9
|
* Unifies libip[6]t_udp.c into libxt_udp.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-0/+36
|
* Unifies libip[6]_mark.c into libxt_mark.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-9/+0
|
* Use unified API in libipt_mark.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-9/+9
|
* Unifies libip[6]t_multiport.c into libipxt_multiport.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-242-59/+0
|
* Use unified API in multiport match/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-0/+30
|
* Moves all declarations in iptables_common.h to xtables.h./C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-244-38/+31
|
* Moves IPPROTO_* and IP[6]T_LIB_DIR definitions to xtables.h/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-243-22/+16
|
* Moves some duplicated functions in ip[6]tables.c to xtables.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-244-18/+17
| | | | | string_to_number_ll, string_to_number_l, string_to_number, service_to_port, parse_port, parse_interface, are moved.
* Introduces xtables match/target registration/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-246-276/+342
| | | | | | | | | | | | | | | | | | | | | | | - moves lib_dir to xtables.c - introduces struct pfinfo which has protocol family dependent infomations. - unifies load_ip[6]tables_ko() and moves them as load_xtables_ko() - introduces xt_{match,match_rule,target,tryload} and replaces ip[6]t_* with them - unifies following functions and move them to xtables.c - find_{match,find_target} - compatible_revision, compatible_{match,target}_revision - introduces xtables_register_{match,target} and make register_{match,target}[6] call them. xtables_register_* register ONLY matches/targets matched protocol family Some concepts: - source compatibility for libip[6]t_xxx.c with warning on compilation not binary compatibility. - binary compatibility between 2.4/2.6 kernel and iptables/ip6tables, of cause. - xtables is enough to support only one address family at runtime. Then xtables keeps infomations of only the focused address famiy in struct afinfo.
* Moves ip[6]tables_insmod() to xtables.c as xtables_insmod()/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-243-4/+3
|
* Moves common fw_malloc() and fw_calloc() to xtables.c/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-0/+3
|
* Adds xtables.[ch] and change Makefile to compile it/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-07-241-0/+4
|
* PATCH: Add connlimit to iptables./C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-07-091-0/+17
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Removes KERNEL_64_USERSPACE_32/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-06-304-75/+0
| | | | | | | The recent kernel has compat layer for iptables. It doesn't have compat layer for libipq and ip6tables, but ip6tables with KERNEL_64_USERSPACE_32 is still broken. We should fix kernel instead of fixing them if and when we want use their 32bit binary with 64bit kernel.
* Removes some KERNEL_64_USERSPACE_32 because linux 2.6 has compat layer/C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org2007-06-2810-50/+3
|
* Use nf_conntrack headers instead of ip_conntrack ones and add sanitized ↵/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net2007-04-185-1/+297
| | | | versions.
* Fixes typos in the argument of ip[6]tables_insmod: quit -> quiet/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org2007-03-202-4/+6
|
* Supress error message from modprobe on checking revision./C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=yasuyuki/emailAddress=yasuyuki@netfilter.org2007-03-132-4/+4
|
* Add ip6tables TCPMSS extension (Arnaud Ebalard <arno@natisbad.org>)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2007-01-161-0/+10
| | | | Kernel part will go in 2.6.21.
* Add UDPLITE multiport support/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2007-01-112-0/+6
|
* [PATCH]: Fix /etc/network usage (Pablo Neira)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2006-11-291-0/+1
| | | | | | | | | | | | | | | | | | | | | | http://bugs.debian.org/398082 iptables 1.3.5 and 1.3.6 appear to read /etc/networks, but the information is lost somewhere with 1.3.6. # cat /etc/networks foonet 10.0.0.0 # strace -s 255 -o /tmp/foo iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.5 [1] ACCEPT all opt -- in * out * 10.0.0.0/8 -> 0.0.0.0/0 # strace -s 255 -o /tmp/bar iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.6 [2] iptables v1.3.6: host/network `foonet.0.0.0' not found Try `iptables -h' or 'iptables --help' for more information. 1. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.5.txt 2. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.6.txt