summaryrefslogtreecommitdiffstats
path: root/extensions/libxt_NFQUEUE.c
Commit message (Collapse)AuthorAgeFilesLines
* extensions: libxt_NFQUEUE: add --queue-cpu-fanout parameterholger@eitzenberger.org2013-05-291-3/+60
| | | | | Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* libxt_NFQUEUE: fix --queue-bypass ipt-save outputFlorian Westphal2011-11-011-1/+1
| | | | | | | else, this will print "--queue-num 0--queue-bypass ". Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* libxt_NFQUEUE: add mutual exclusion between qnum and qbalJan Engelhardt2011-05-251-2/+5
| | | | | | | Only one is printed on save operation, which leads me to believe that only one is meant to be used. The manpage seems to corroborate. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_NFQUEUE: avoid double attempt at parsingJan Engelhardt2011-05-251-4/+1
| | | | | | | | Fixes this error: NFQUEUE: option "--queue-num" can only be used once. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_NFQUEUE: use guided option parserJan Engelhardt2011-04-131-92/+47
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables: do not print trailing whitespacesJan Engelhardt2011-01-311-6/+6
| | | | | | | | | | | | | | | | | Due to the use of printf("foobar "), iptables emits spaces at the end-of-line, which looks odd to some users because it causes the terminal to wrap even if there is seemingly nothing to print. It may also have other points of annoyance, such as mailers interpreting a trailing space as an indicator that the paragraph continues when format=flowed is also on. And git highlights trailing spaces in red, so let's avoid :) Preexisting inconsistencies in outputting spaces in the right spot are also addressed right away. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429579 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* extensions: libxt_NFQUEUE: add v2 revision with --queue-bypass optionFlorian Westphal2011-01-201-6/+58
| | | | | | | | --queue-bypass: if no userpace program is listening on the queue, then allow packets to continue through the ruleset instead of dropping them. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* extensions: remove no longer necessary default: casesJan Engelhardt2011-01-081-4/+0
| | | | | | | Match and target parse functions now only get option characters they have defined themselves. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* all: consistent syntax use in struct optionJan Engelhardt2010-07-231-3/+4
| | | | | | Try to inhibit copypasting old stuff. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_NFQUEUE: add new v1 version with queue-balance optionFlorian Westphal2009-08-201-4/+112
| | | | | | | | | | | | | | | | New version that adds support for specifying a queue range instead of a single queue id. The kernel will distribute flows across the given queue range. This is useful for multicore systems, simply start multiple instances of the userspace program on queues x, x+1, .. x+n and use "--queue-balance x:x+n". Packets belonging to the same connection are put into the same queue. With fixes from Jan Engelhardt. Signed-off-by: Florian Westphal <fwestphal@astaro.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* extensions: collapse registration structuresJan Engelhardt2009-06-261-15/+1
| | | | | | | | | | | | There are no different code paths between IPV4 and IPV6, so data can be consolidated here. text data bss dec hex filename 243757 12212 2576 258545 3f1f1 ip6tables-static[before.i586] 243613 9428 2576 255617 3e681 ip6tables-static[after.i586] -144 -2784 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix exit_error to xtables_errorJan Engelhardt2009-02-211-2/+2
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix/order - strtouiJan Engelhardt2009-01-271-1/+1
| | | | | | This commit also throws out the redundant string_to_number_*. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* extensions: use UINT_MAX constants over open-coded numbers (2/2)Jan Engelhardt2009-01-271-1/+1
| | | | | | Use the handy constants for ranges. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: remove redundant returns at end of void-returning functionsJan Engelhardt2009-01-271-1/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: use NFPROTO_ constantsJan Engelhardt2008-11-181-2/+2
| | | | | | | | Resync netfilter.h from the latest kernel and make use of the new NFPROTO_ constants that have been introduced. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* src: Update commentsJan Engelhardt2008-09-011-2/+0
| | | | | | | | A number of comments are redundant, some outdated and others outright wrong in their own way. Remove and fixup. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* Remove old functions, constantsJan Engelhardt2008-04-151-2/+2
|
* fix gcc warningsMax Kellermann2008-01-291-1/+1
| | | | Max Kellermann <max@duempel.org>
* Unique names 2/6Jan Engelhardt2007-10-041-25/+21
| | | | | | | | | | | Give symbols of libxt targets unique names (1/3). Adds unique prefixes to all functions (most of them - especially the hook functions) so that debugging programs can unambiguously map a symbol to an address. Also unifies the names of the xtables_match/xtables_target structs, (based upon libxt_connmark.c/libip6t_*.c). Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Delete empty ->final_check() functionsJan Engelhardt2007-10-041-7/+0
| | | | | | | Deletes empty ->final_check() functions, and makes ip[6]tables checks for NULL on these. Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Delete empty ->init() functionsJan Engelhardt2007-10-041-6/+0
| | | | | | | Deletes empty ->init() functions. ip[6]tables already checks for .init being NULL or not. Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Fix sparse warnings: non-ANSI function declarations, 0 used as pointerPatrick McHardy2007-09-081-2/+2
|
* Remove last vestiges of NFC (Peter Riley <Peter.Riley@hotpop.com>)Peter Riley2007-09-021-1/+1
|
* Make the option structures const.Jan Engelhardt2007-07-301-1/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Remove the .next=NULL field. This is automatically initialized to zero.Jan Engelhardt2007-07-301-2/+0
| | | | | | | I've kept .print=NULL and .save=NULL so it stands out (since iptables will do the print/save then). Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Unifies libip[6]t_NFQUEUE.c into libxt_NFQUEUE.cYasuyuki KOZAKAI2007-07-241-0/+132