summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* libipt_SAME: use guided option parserJan Engelhardt2011-05-091-52/+30
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libipt_REDIRECT: use guided option parserJan Engelhardt2011-05-091-37/+25
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libipt_MASQUERADE: use guided option parserJan Engelhardt2011-05-091-27/+21
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libipt_SNAT: use guided option parserJan Engelhardt2011-05-091-49/+39
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libipt_DNAT: use guided option parserJan Engelhardt2011-05-091-49/+39
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_iprange: use guided option parserJan Engelhardt2011-05-091-90/+54
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libipt_CLUSTERIP: use guided option parserJan Engelhardt2011-05-091-105/+52
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_mac: use guided option parserJan Engelhardt2011-05-091-60/+20
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: XTTYPE_ETHERMAC supportJan Engelhardt2011-05-092-0/+29
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libip6t_rt: use guided option parserJan Engelhardt2011-05-091-115/+44
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libip6t_mh: use guided option parserJan Engelhardt2011-05-091-27/+17
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_conntrack: use guided option parserJan Engelhardt2011-05-091-451/+219
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_ipvs: use guided option parserJan Engelhardt2011-05-091-143/+65
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: XTTYPE_PROTOCOL supportJan Engelhardt2011-05-092-1/+28
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_limit: use guided option parserJan Engelhardt2011-05-091-32/+21
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libipt_NETMAP: use guided option parserJan Engelhardt2011-05-091-90/+16
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_multiport: use guided option parserJan Engelhardt2011-05-093-105/+77
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_osf: use guided option parserJan Engelhardt2011-05-091-68/+29
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_owner: use guided option parserJan Engelhardt2011-05-091-171/+117
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_policy: use guided option parserJan Engelhardt2011-05-091-196/+73
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: XTTYPE_HOSTMASK supportJan Engelhardt2011-05-092-0/+32
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_hashlimit: use guided option parserJan Engelhardt2011-05-091-290/+129
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: XTTYPE_PLEN supportJan Engelhardt2011-05-092-14/+29
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: flag invalid uses of XTOPT_PUTJan Engelhardt2011-05-091-1/+2
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: do not overlay addr and mask parts, and cleanupJan Engelhardt2011-05-094-27/+48
| | | | | | | | | XTTYPE_HOSTMASK will require that what has now become haddr, hmask/hlen are not overlays of another. Thus relax the structure and always set all members of the {haddr, hmask, hlen} triplet now for all types that touch any of the members. Add some more comments and clean out ONEHOST.
* libxt_recent: use guided option parserJan Engelhardt2011-05-091-107/+79
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_connlimit: use guided option parserJan Engelhardt2011-05-091-111/+65
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: support for XTTYPE_PLENMASKJan Engelhardt2011-05-092-1/+46
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_NFLOG: use guided option parserJan Engelhardt2011-05-091-74/+24
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_IDLETIMER: use guided option parserJan Engelhardt2011-05-091-58/+12
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_statistic: use guided option parserJan Engelhardt2011-05-091-88/+56
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: XTTYPE_DOUBLE supportJan Engelhardt2011-05-092-0/+28
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_statistic: increase precision on create and dumpJan Engelhardt2011-05-092-7/+7
| | | | | | | | | | | | | | | | | | | Currently, libxt_statistic only dumps the probability with a granularity of 1/1000000. Assuming only stuffed packets with 1440 bytes payload, this would match approximately every 1.341 GB, which is pretty low for a high-volume router. Trying to match any larger interval than that (e.g. 2 GB) will cause libxt_statistic to output "--probability 0.000000", and when restored, will cause it to never match again. Bump the dump precision to what xt_statistic can really do, and adjust the manpage to include a word about it. Furthermore, employ explicit rounding when reading the argument from the command line, because the previous implicit conversion would use truncation, which is not very exact. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_statistic: streamline and document possible placement of negationJan Engelhardt2011-05-092-9/+10
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* extensions: const annotationsJan Engelhardt2011-05-098-24/+24
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: output name of extension on rev detect failureJan Engelhardt2011-05-081-2/+2
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_owner: remove ifdef IPT_COMM_OWNERJan Engelhardt2011-05-081-20/+0
| | | | | | | Ever since we keep a copy of the header files anyway, IPT_COMM_OWNER is always available. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* extensions: remove bogus use of XT_GETOPT_TABLEENDJan Engelhardt2011-05-083-3/+3
| | | | | | | | | | Commit v1.4.8-36-g32b8e61 added this end marker in a little too many places: at non-getopt places. Fix that. Also change the definition of XT_GETOPT_TABLEEND to reference a struct getopt member by name so that this cannot happen again. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_u32: add missing call to xtables_option_parseJan Engelhardt2011-05-081-0/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: fix assignment in wrong offset (XTTYPE_UINT*RC)Jan Engelhardt2011-05-081-1/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_tos: add inversion support back againJan Engelhardt2011-05-081-2/+2
| | | | | | It was unfortunately removed during the option parser switch. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_dccp: use guided option parserJan Engelhardt2011-05-011-94/+40
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_udp: use guided option parserJan Engelhardt2011-05-011-65/+30
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: XTTYPE_PORTRC supportJan Engelhardt2011-05-012-1/+64
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* extensions: remove unused TOS codeJan Engelhardt2011-05-011-58/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_tos: use guided option parserJan Engelhardt2011-05-011-55/+33
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_TOS: use guided option parserJan Engelhardt2011-05-013-80/+143
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* xtoptions: respect return value in xtables_getportbynameJan Engelhardt2011-04-141-0/+2
| | | | | | If ret was negative, ntohs may make it positive, which is undesired. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_TEE: use guided option parserJan Engelhardt2011-04-141-89/+14
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: bump libxtables ABI versionJan Engelhardt2011-04-141-1/+1
| | | | | | | Adding the x6_* members to struct xtables_{match,target} caused a change requiring a bump. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>