Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | iptables 1.4.1-rc2v1.4.1-rc2 | Patrick McHardy | 2008-05-26 | 1 | -1/+1 | |
| | ||||||
* | REDIRECT: Allow symbolic port in REDIRECT --to-port | Kristof Provost | 2008-05-26 | 1 | -0/+3 | |
| | | | | | | Fixes Bugzilla 482. Signed-off-by: Kristof Provost <kristof@sigsegv.be> | |||||
* | Merge branch 'master' of vishnu.netfilter.org:/data/git/iptables | Patrick McHardy | 2008-05-20 | 1 | -1/+1 | |
|\ | ||||||
| * | Bump version to 1.4.1-rc1v1.4.1-rc1 | Patrick McHardy | 2008-05-19 | 1 | -1/+1 | |
| | | | | | | | | | | Actually its not a bump but a decrease, the autoconf patches apparently sneaked it a version bump to 1.4.1 already. | |||||
* | | Don't assume /bin/sh is bash | Thomas Jacob | 2008-05-20 | 1 | -6/+8 | |
|/ | | | | | | | | The new iptables git version assumes /bin/sh is always GNU bash, that's not the case (Ubuntu 8.04 uses dash), see attachment for a fix. Signed-off-by: Patrick McHardy <kaber@trash.net> | |||||
* | fix ip6tables dest address printing | Jamie Strandboge | 2008-05-16 | 1 | -2/+2 | |
| | | | | | | | | | | | | | | | | | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464244 ip6tables improperly displays the destination address when the address is longer than 18 characters. Here is example output: ... DROP tcp 2001:db8::/32 2001:db8:3:4:5:6:7:8/128tcp spt:25 ... Proper formatting should have a space between '2001:db8:3:4:5:6:7:8/128' and 'tcp'. Signed-off-by: Jamie Strandboge <jamie@ubuntu.com> Signed-off-by: Lawrence J. Lane <ljlane@debian.org> Signed-off-by: Patrick McHardy <kaber@trash.net> | |||||
* | Make --set-counters (-c) accept comma separated counters | Henrik Nordstrom | 2008-05-13 | 2 | -9/+14 | |
| | | | | | | | | | | | | Here is the --set-counters syntax patch requested earlier today making --set-counters (-c) accept comma separated counts. -c packets,bytes I have not updated the manpage to reflect this alternate syntax for the --set-counters (-c) option. Henrik Nordstrom <henrik@henriknordstrom.net> | |||||
* | iptables --list chain rulenum | Henrik Nordstrom | 2008-05-13 | 2 | -30/+62 | |
| | | | | | | | | | | | | Excent --list (and --list-rules) to allow selection of a single rule number iptables --list INPUT 4 iptables --list-rules INPUT 4 list rule number 4 in INPUT. Henrik Nordstrom <henrik@henriknordstrom.net> | |||||
* | iptables --list-rules command | Henrik Nordstrom | 2008-05-13 | 8 | -429/+551 | |
| | | | | | | | | | | | | | | | | | | Adds iptables --list-rules (-S) command, acting as a combination of iptables --list and iptables-save. The primary motivation behind this patch is to get iptables-save like output capabilities in iptables-restore, allowing "iptables-restore -n" to be used as a consistent API to iptables for all kind of operations, not only blind updates.. As a bonus iptables also gets the capability of printing the rules as-is. This completely replaces the earlier patch which added the --rules option. Henrik Nordstrom <henrik@henriknordstrom.net> | |||||
* | Add support for --set-counters to iptables -P | Henrik Nordstrom | 2008-05-12 | 2 | -4/+4 | |
| | | | | | | | | Adds support for setting the policy counters iptables -P INPUT -J DROP -c 10 20 Henrik Nordstrom <henrik@henriknordstrom.net> | |||||
* | Make iptables-restore usable over a pipe | Henrik Nordstrom | 2008-05-12 | 2 | -0/+2 | |
| | | | | | | | | The attached patch flushes stdout between commands to make output operations (-L etc) in iptables-restore usable over a pipe. stdio by defaut buffers output if not connected to a terminal. Henrik Nordstrom <henrik@henriknordstrom.net> | |||||
* | iptables out-of-tree build directory | Jan Engelhardt | 2008-05-12 | 1 | -1/+3 | |
| | | | | | | | Reported by: Henrik Nordstrom When xtables.h is not already found in /usr/include, compilation would fail when ${top_srcdir} != ${top_builddir}. | |||||
* | [PATCH 1] Makefile.am: use PACKAGE_TARNAME | Jan Engelhardt | 2008-04-21 | 1 | -5/+5 | |
| | ||||||
* | iptables-save:remove unnecessary code. | Shan Wei | 2008-04-21 | 1 | -13/+0 | |
| | | | | | | The following code is never be used. It should be removed. Signed-off-by: Shan Wei <shanwei@cn.fujitsu.com> | |||||
* | Properly initialize revision for ip6tables targets | Patrick McHardy | 2008-04-15 | 1 | -1/+8 | |
| | | | | Also resync error handling with iptables. | |||||
* | Remove old functions, constants | Jan Engelhardt | 2008-04-15 | 97 | -606/+514 | |
| | ||||||
* | [PATCH 11] configure.ac: remove already-defined variables | Jan Engelhardt | 2008-04-15 | 1 | -3/+1 | |
| | ||||||
* | Dynamically create xtables.h.in with version | Jan Engelhardt | 2008-04-15 | 2 | -1/+3 | |
| | ||||||
* | configure.ac: AC_SUBST must be separate | Jan Engelhardt | 2008-04-15 | 1 | -1/+2 | |
| | ||||||
* | Update documentation about building the package | Jan Engelhardt | 2008-04-15 | 2 | -36/+64 | |
| | ||||||
* | Resolve libipt_set warnings | Jan Engelhardt | 2008-04-15 | 1 | -9/+9 | |
| | ||||||
* | Remove support for compilation of conditional extensions | Jan Engelhardt | 2008-04-15 | 10 | -233/+522 | |
| | ||||||
* | Wrap dlopen code into NO_SHARED_LIBS | Jan Engelhardt | 2008-04-15 | 1 | -0/+2 | |
| | ||||||
* | Resolve warnings on 64-bit compile | Jan Engelhardt | 2008-04-15 | 1 | -2/+2 | |
| | ||||||
* | Combine ipt and ip6t manpages | Jan Engelhardt | 2008-04-14 | 15 | -204/+12 | |
| | | | | Combine ipt and ip6t manpages | |||||
* | Implement AF_UNSPEC as a wildcard for extensions | Jan Engelhardt | 2008-04-14 | 17 | -281/+37 | |
| | ||||||
* | RATEEST: add manpage | Jan Engelhardt | 2008-04-14 | 2 | -3/+13 | |
| | ||||||
* | iptables: use C99 lists for struct options | Gáspár Lajos | 2008-04-14 | 6 | -93/+93 | |
| | ||||||
* | Install libiptc header files because xtables.h depends on it | Jan Engelhardt | 2008-04-14 | 1 | -0/+3 | |
| | ||||||
* | Add all necessary header files - compilation fix for various cases | Jan Engelhardt | 2008-04-14 | 16 | -101/+239 | |
| | | | | | | Allow iptables to compile without a kernel source tree. This implies fixing build for older kernels, such as 2.6.17 which lack xt_SECMARK.h. | |||||
* | Import iptables-apply | Martin F. Krafft | 2008-04-14 | 2 | -0/+218 | |
| | ||||||
* | configure: split --enable-libipq from --enable-devel | Jan Engelhardt | 2008-04-13 | 2 | -2/+6 | |
| | ||||||
* | manpages: update to reflect fine-grained control | Jan Engelhardt | 2008-04-13 | 10 | -17/+17 | |
| | ||||||
* | manpages: grammar and spelling | Jan Engelhardt | 2008-04-13 | 10 | -16/+16 | |
| | ||||||
* | manpages: fix broken markup (missing close tags) | Jan Engelhardt | 2008-04-13 | 8 | -11/+11 | |
| | ||||||
* | Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR | Jan Engelhardt | 2008-04-13 | 12 | -83/+108 | |
| | ||||||
* | Add support for xt_hashlimit match revision 1 | Jan Engelhardt | 2008-04-13 | 3 | -64/+458 | |
| | ||||||
* | xtables.h: move non-exported parts to internal.h | Jan Engelhardt | 2008-04-13 | 2 | -61/+60 | |
| | ||||||
* | Fix all remaining warnings (missing declarations, missing prototypes) | Jan Engelhardt | 2008-04-13 | 21 | -27/+55 | |
| | ||||||
* | Update the libxt_owner manpage with the UID/GID-range feature | Jan Engelhardt | 2008-04-06 | 1 | -6/+9 | |
| | ||||||
* | Fix -Wshadow warnings and clean up xt_sctp.h | Jan Engelhardt | 2008-04-06 | 17 | -153/+140 | |
| | | | | | Note: xt_sctp.h is still not merged upstream in the kernel as of this commit. But a refactoring was really needed. | |||||
* | Drop -W from CFLAGS and some tiny code cleanups | Jan Engelhardt | 2008-04-06 | 10 | -18/+18 | |
| | | | | | - change "unsigned" to explicit "unsigned int" - remove some casts | |||||
* | Makefile: add a "tarball" target | Jan Engelhardt | 2008-04-06 | 1 | -0/+8 | |
| | ||||||
* | Correct the family member value of libxt_mark revision 1 | Jan Engelhardt | 2008-04-06 | 1 | -1/+1 | |
| | | | | | libxt_mark rev1 used AF_INET6 in the class structure where it should have used AF_INET. | |||||
* | Fix compilation of iptables-static build | Jan Engelhardt | 2008-04-06 | 1 | -3/+3 | |
| | | | | | | | | Adjust the _INIT macro and thus fix the build/linking procedure of the monolithic do-it-all binary (iptables-static). Also fix the Makefile since unfortunately, lib%.o does not seem to have a higher precedence than %.o | |||||
* | Retry ruleset dump when kernel returns EAGAIN. | Patrick McHardy | 2008-04-02 | 1 | -1/+4 | |
| | | | | Bugzilla #104 | |||||
* | [IPTABLES]: libxt_iprange: Fix IP validation logic | James King | 2008-04-02 | 1 | -2/+2 | |
| | | | | | | | IP address validation logic was inverted, causing valid addresses to be rejected. Signed-off-by: James King <t.james.king@gmail.com> | |||||
* | removes useless white spaces from iptables-xml manpages. | Filippo Zangheri | 2008-03-07 | 1 | -9/+9 | |
| | | | | Signed-off-by: Filippo Zangheri <filippo.zangheri@yahoo.it> | |||||
* | bump iptables version to prepare 1.4.1 release | Pablo Neira Ayuso | 2008-03-02 | 1 | -1/+1 | |
| | ||||||
* | Fix define value of SCTP chunk type. | Naohiro Ooiwa | 2008-02-29 | 1 | -2/+2 | |
| | | | | | | | There are wrong chunk_type values in sctp table. The chunk_type of ASCONF and ASCNF_ACK must be 193 and 128, respectively. Naohiro Ooiwa <nooiwa@miraclelinux.com> |