Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Remove old functions, constants | Jan Engelhardt | 2008-04-15 | 1 | -10/+9 |
| | |||||
* | fix gcc warnings | Max Kellermann | 2008-01-29 | 1 | -1/+1 |
| | | | | Max Kellermann <max@duempel.org> | ||||
* | rename overlapping function names | Jan Engelhardt | 2008-01-20 | 1 | -3/+3 |
| | | | | | | Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> | ||||
* | bunch o' renames | Jan Engelhardt | 2008-01-20 | 1 | -2/+2 |
| | | | | | | | | Move a few functions from iptables.c/ip6tables.c to xtables.c so they are available for combined (both AF_INET and AF_INET6) libxt modules. Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> | ||||
* | Unique names 4/6 | Jan Engelhardt | 2007-10-04 | 1 | -22/+16 |
| | | | | | | | | | | | Give symbols of libxt targets unique names (2/3). Adds unique prefixes to all functions (most of them - especially the hook functions) so that debugging programs can unambiguously map a symbol to an address. Also unifies the names of the xtables_match/xtables_target structs, (based upon libxt_connmark.c/libip6t_*.c). Signed-off-by: Jan Engelhardt <jengelh@gmx.de> | ||||
* | Fix sparse warnings: non-ANSI function declarations, 0 used as pointer | Patrick McHardy | 2007-09-08 | 1 | -3/+3 |
| | |||||
* | Make the option structures const. | Jan Engelhardt | 2007-07-30 | 1 | -1/+1 |
| | | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de> | ||||
* | Remove the .next=NULL field. This is automatically initialized to zero. | Jan Engelhardt | 2007-07-30 | 1 | -1/+0 |
| | | | | | | | I've kept .print=NULL and .save=NULL so it stands out (since iptables will do the print/save then). Signed-off-by: Jan Engelhardt <jengelh@gmx.de> | ||||
* | Fixes warning on compilation, part 2 | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -3/+4 |
| | | | | | | | | | | This changes the type of arguments as follows in multiport, DNAT, SNAT, MASQUERADE, and REDIRECT - ip[6]t_ip[6] * -> void * - ip[6]t_entry * -> void * and adds lines to cast these pointer with intended type. | ||||
* | Replaces ipt_entry_* with xt_entry_* in matches/targets | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -5/+5 |
| | |||||
* | Add --random option to DNAT and REDIRECT targets and fix the manpage mess ↵ | Patrick McHardy | 2007-05-29 | 1 | -7/+6 |
| | | | | this option left behind. | ||||
* | Fix iptables-save with --random option | Patrick McHardy | 2007-04-18 | 1 | -2/+4 |
| | |||||
* | Remove unnecessary IP_NAT_RANGE_PROTO_RANDOM ifdefs. | Patrick McHardy | 2007-04-18 | 1 | -15/+3 |
| | |||||
* | Use nf_conntrack headers instead of ip_conntrack ones and add sanitized ↵ | Patrick McHardy | 2007-04-18 | 1 | -1/+1 |
| | | | | versions. | ||||
* | iptables: add random option to SNAT (Eric Leblond) | Eric Leblond | 2007-02-24 | 1 | -4/+35 |
| | |||||
* | Kernels higher than 2.6.10 don't support multiple --to arguments in | Phil Oester | 2005-09-19 | 1 | -0/+7 |
| | | | | | | | | | | | | | | | | | | | | | DNAT and SNAT targets. At present, the error is somewhat vague: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables: Invalid argument But if we want current iptables to work with kernels <= 2.6.10, we cannot simply disallow this in all cases. So the below patch adds kernel version checking to iptables, and utilizes it in [DS]NAT. Now, users will see a more informative error: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables v1.3.3: Multiple --to-source not supported This generic infrastructure (shamelessly lifted from procps btw) may come in handy in the future for other changes. This fixes bugzilla #367. (Phil Oester) | ||||
* | Fix NAT of ICMP ID ranges (Patrick McHardy) | Patrick McHardy | 2005-07-22 | 1 | -1/+2 |
| | |||||
* | This patch prevents user to set negative port value of SNAT/DNAT. | Yasuyuki KOZAKAI | 2005-06-22 | 1 | -2/+2 |
| | | | | (Yasuyuki Kozakai) | ||||
* | Kill NFC_* stuff in iptables (Pablo Neira <pablo@eurodev.net>) | Pablo Neira | 2005-02-14 | 1 | -9/+0 |
| | | | | Fixes build with conntrack event patch for 2.6 | ||||
* | check for colons | Harald Welte | 2005-02-01 | 1 | -1/+6 |
| | |||||
* | Pablo Neira: extensions conversion to C99 structure initialization | Pablo Neira | 2004-12-28 | 1 | -14/+13 |
| | | | | (I removed the revision stuff for the moment, but this needs to go in before the code moves too much --RR) | ||||
* | globally replace NETFILTER_VERSION with IPTABLES_VERSION to have consistent ↵ | Harald Welte | 2002-05-29 | 1 | -2/+2 |
| | | | | naming | ||||
* | Fix 'iptables -p !' bug (segfault when `!' used without argument) | Harald Welte | 2002-03-14 | 1 | -1/+1 |
| | |||||
* | - added patch to support statically linking of iptables | Harald Welte | 2001-08-06 | 1 | -0/+1 |
| | | | | - iptables-save/-restore is no longer experimental | ||||
* | Aligning matchsize and targetsize now responsibility of extension writers | Rusty Russell | 2000-07-03 | 1 | -2/+2 |
| | | | | (PPC fix). | ||||
* | Alignment fixes (requires kernel patch). | Rusty Russell | 2000-04-27 | 1 | -1/+1 |
| | |||||
* | Changes to allow matching (for delete) on part of a rule, for rules which | Rusty Russell | 2000-04-19 | 1 | -0/+1 |
| | | | | change in the kernel (eg. ipt_limit). | ||||
* | reorganized tree after kernel merge | Marc Boucher | 2000-03-20 | 1 | -0/+244 |