iptables - iptables tree

	Commit message (Collapse)	Author	Age	Files	Lines
...
\| *	doc: clarify that -p all is a special keyword only	Jan Engelhardt	2011-05-22	2	-6/+4
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	doc: make usage of libxt_rateest more obvious	Jan Engelhardt	2011-05-22	1	-15/+56
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	doc: add some coded option examples to libxt_hashlimit	Jan Engelhardt	2011-05-22	1	-10/+16
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_rateest: streamline case display of units	Jan Engelhardt	2011-05-20	1	-3/+3
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: check for negative numbers in xtables_strtou*	Jan Engelhardt	2011-05-20	1	-2/+7
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_quota: make sure uint64 is not truncated	JP Abgrall	2011-05-20	3	-5/+5
\| \| \| \| \| \| \| \| \| \|	The xtables_strtoul() would cram a long long into a long. The parse_int would try to cram a UINT64 into a long.
\| *	libxt_quota: readd missing XTOPT_PUT request	Jan Engelhardt	2011-05-20	1	-1/+2
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libipt_REDIRECT: "--to-ports" is not mandatory	Lutz Jaenicke	2011-05-18	1	-2/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The REDIRECT target can be called without the --to-ports option being specified. From the manual page: ...without this, the destination port is never altered. Signed-off-by: Lutz Jaenicke <ljaenicke@innominate.com> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: retract _NE types and use a flag instead	Jan Engelhardt	2011-05-18	3	-18/+15
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* \|	libxt_devgroup: actually set XT_DEVGROUP_OPT_???GROUP flags	Lutz Jaenicke	2011-05-23	1	-0/+2
\|/ \| \| \| \|	Signed-off-by: Lutz Jaenicke <ljaenicke@innominate.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	libip6t_rt: rt-0-not-strict should take no arg	Jan Engelhardt	2011-05-13	1	-1/+1
\| \| \| \| \| \| \|	This unfortunately got mixed up during the getopt -> guided parser move. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libxt_conntrack: resolve erroneous rev-2 port range message	Jan Engelhardt	2011-05-13	1	-0/+8
\| \| \| \| \| \| \|	--ctorigdstport 13 ip6tables-restore v1.4.10: conntrack rev 2 does not support port ranges Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libxt_conntrack: fix assignment to wrong member	Jan Engelhardt	2011-05-13	1	-8/+4
\| \| \| \| \| \| \|	Of course the range end ought to be set, not doing the start value twice. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libxt_conntrack: correct printed module name	Jan Engelhardt	2011-05-13	1	-2/+2
\| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libipt_[SD]NAT: avoid false error about multiple destinations specified	Jan Engelhardt	2011-05-13	2	-6/+12
\| \| \| \| \| \| \| \| \| \| \|	iptables-restore v1.4.10: DNAT: Multiple --to-destination not supported xtables_option_parse sets cb->xflags already, so that it cannot be directly used to test whether an option is being used for the second time. Thus use a private option/flag (X_TO_DEST/SRC) that is not under the control of xtables_option_parse. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libipt_[SD]NAT: flag up module name on error	Jan Engelhardt	2011-05-13	2	-2/+2
\| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libxtables: collapse double protocol parsing	Jan Engelhardt	2011-05-12	2	-41/+22
\| \| \| \| \| \| \|	Un-dent xtables_parse_protocol, and make xtopt_parse_protocol make use of it. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libxt_policy: use XTTYPE_PROTOCOL type	Jan Engelhardt	2011-05-12	1	-2/+2
\| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libxtables: avoid running into .also checks when option not used	Jan Engelhardt	2011-05-12	1	-0/+3
\| \| \| \| \| \| \|	If a particular option was not specified, it should not be subject to .also checks in xtables_option_fcheck2 either. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	libxt_policy: option table fixes, improved error tracking	Jan Engelhardt	2011-05-12	2	-10/+32
\| \| \| \| \| \| \| \| \| \| \|	Most of the flags are multi-use in this extension. Also transfer --next => --strict requirement to option table. Furthermore, augment the error messages emitted from fcheck to contain the policy element number, and elaborate on what an "empty policy element" is. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	src: combine default_command functions	Jan Engelhardt	2011-05-12	4	-137/+75
\|
*	src: replace old IP*T_ALIGN macros	Jan Engelhardt	2011-05-12	6	-34/+20
\| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	Merge branch 'floating/opts' of git://dev.medozas.de/iptables	Patrick McHardy	2011-05-12	12	-611/+370
\|\
\| *	libipt_SAME: use guided option parser	Jan Engelhardt	2011-05-09	1	-52/+30
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libipt_REDIRECT: use guided option parser	Jan Engelhardt	2011-05-09	1	-37/+25
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libipt_MASQUERADE: use guided option parser	Jan Engelhardt	2011-05-09	1	-27/+21
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libipt_SNAT: use guided option parser	Jan Engelhardt	2011-05-09	1	-49/+39
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libipt_DNAT: use guided option parser	Jan Engelhardt	2011-05-09	1	-49/+39
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_iprange: use guided option parser	Jan Engelhardt	2011-05-09	1	-90/+54
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libipt_CLUSTERIP: use guided option parser	Jan Engelhardt	2011-05-09	1	-105/+52
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_mac: use guided option parser	Jan Engelhardt	2011-05-09	1	-60/+20
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: XTTYPE_ETHERMAC support	Jan Engelhardt	2011-05-09	2	-0/+29
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libip6t_rt: use guided option parser	Jan Engelhardt	2011-05-09	1	-115/+44
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libip6t_mh: use guided option parser	Jan Engelhardt	2011-05-09	1	-27/+17
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* \|	Merge branch 'opts' of git://dev.medozas.de/iptables	Patrick McHardy	2011-05-11	15	-1783/+1050
\|\\|
\| *	libxt_conntrack: use guided option parser	Jan Engelhardt	2011-05-09	1	-451/+219
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_ipvs: use guided option parser	Jan Engelhardt	2011-05-09	1	-143/+65
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: XTTYPE_PROTOCOL support	Jan Engelhardt	2011-05-09	2	-1/+28
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_limit: use guided option parser	Jan Engelhardt	2011-05-09	1	-32/+21
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libipt_NETMAP: use guided option parser	Jan Engelhardt	2011-05-09	1	-90/+16
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_multiport: use guided option parser	Jan Engelhardt	2011-05-09	3	-105/+77
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_osf: use guided option parser	Jan Engelhardt	2011-05-09	1	-68/+29
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_owner: use guided option parser	Jan Engelhardt	2011-05-09	1	-171/+117
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_policy: use guided option parser	Jan Engelhardt	2011-05-09	1	-196/+73
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: XTTYPE_HOSTMASK support	Jan Engelhardt	2011-05-09	2	-0/+32
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxt_hashlimit: use guided option parser	Jan Engelhardt	2011-05-09	1	-290/+129
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: XTTYPE_PLEN support	Jan Engelhardt	2011-05-09	2	-14/+29
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: flag invalid uses of XTOPT_PUT	Jan Engelhardt	2011-05-09	1	-1/+2
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
\| *	libxtables: do not overlay addr and mask parts, and cleanup	Jan Engelhardt	2011-05-09	4	-27/+48
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	XTTYPE_HOSTMASK will require that what has now become haddr, hmask/hlen are not overlays of another. Thus relax the structure and always set all members of the {haddr, hmask, hlen} triplet now for all types that touch any of the members. Add some more comments and clean out ONEHOST.
\| *	libxt_recent: use guided option parser	Jan Engelhardt	2011-05-09	1	-107/+79
\| \| \| \| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>