Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | get rid of numerous gcc-4 warnings | Harald Welte | 2005-07-19 | 10 | -15/+17 |
| | |||||
* | add NFQUEUE support for ipv4 and ipv6 | Harald Welte | 2005-07-19 | 3 | -2/+228 |
| | |||||
* | fix various missing header file / #define issues on old kernels. I've now ↵v1.3.2 | Harald Welte | 2005-07-10 | 1 | -0/+6 |
| | | | | tested compilation with kernels starting 2.4.17 | ||||
* | attempt to fix save/restore of '! --uid-owner squid' problem as reported by ↵ | Harald Welte | 2005-06-29 | 1 | -2/+2 |
| | | | | Costa Tsaousis (backport from ipv4 owner) | ||||
* | Add --log-uid support to libip6t_LOG (Patrick McHardy <kaber@trash.net>) | Patrick McHardy | 2005-06-24 | 2 | -1/+20 |
| | |||||
* | reduce code replication of parse_interface() (Yasuyuki Kozakai) | Yasuyuki KOZAKAI | 2005-06-22 | 2 | -78/+0 |
| | |||||
* | This patch prevents user to set negative port value of SNAT/DNAT. | Yasuyuki KOZAKAI | 2005-06-22 | 2 | -4/+4 |
| | | | | (Yasuyuki Kozakai) | ||||
* | OSF: lib_ipt.c changes to support connector notifications (Evgeniy Polyakov ↵ | Evgeniy Polyakov | 2005-06-11 | 1 | -3/+11 |
| | | | | <johnpol@2ka.mipt.ru>) | ||||
* | update multiport manpage (Phil Oester <kernel@linuxace.com>) | Phil Oester | 2005-06-11 | 2 | -8/+10 |
| | |||||
* | Fix CONNMARK save/restore (Tom Eastep <teastep@shorewall.net>, Pawel Sikora ↵ | Tom Eastep | 2005-06-11 | 1 | -2/+2 |
| | | | | <pluto@agmk.net>) | ||||
* | While adding testing for inversion of multiport, noticed that documentation ↵ | Rusty Russell | 2005-05-25 | 1 | -2/+2 |
| | | | | about --ports is *wrong*. Ports do not have to be equal: either dest or src being in list is enough for match. | ||||
* | include FIN bit in mask of "--syn" bits | Harald Welte | 2005-05-04 | 2 | -3/+3 |
| | |||||
* | Ignore unknown arguments in libipt_ULOG (Patrick McHardy <kaber@trash.net>) | Patrick McHardy | 2005-05-02 | 1 | -0/+2 |
| | |||||
* | Fix connbytes command line parsing bug (Piotrek Kaczmarek <kaczorek@daleka.net>) | Piotrek Kaczmarek | 2005-04-24 | 1 | -0/+1 |
| | |||||
* | pull out pmtu changes to fix compilation issues | Harald Welte | 2005-04-15 | 2 | -124/+3 |
| | |||||
* | add REJECT with icmp-frag-needed (Florian Lohoff) | Florian Lohoff | 2005-04-10 | 2 | -3/+124 |
| | |||||
* | don't allow newlines in LOG prefix (Phil Oester) (Closes: #312) | Phil Oester | 2005-04-01 | 2 | -0/+8 |
| | |||||
* | add lots of man pages (Jonas Berlin) | Jonas Berlin | 2005-04-01 | 17 | -0/+474 |
| | |||||
* | SET target bugfix by Michal Pokrywka applied | Michal Pokrywka | 2005-03-18 | 1 | -1/+3 |
| | |||||
* | Fix TCPLAG version (Torsten Lüttgert <t.luettgert@pressestimmen.de>) | Torsten Lüttgert | 2005-03-16 | 1 | -1/+1 |
| | |||||
* | improve REDIRECT manpage (Jonas Berlin <xkr47@outerspace.dyndns.org>) | Jonas Berlin | 2005-03-15 | 1 | -3/+4 |
| | |||||
* | This fixes rule deletion in CLUSTERIP in iptables (Pablo Neira) | Pablo Neira | 2005-03-07 | 1 | -2/+3 |
| | |||||
* | Kill NFC_* stuff in iptables (Pablo Neira <pablo@eurodev.net>) | Pablo Neira | 2005-02-14 | 83 | -471/+18 |
| | | | | Fixes build with conntrack event patch for 2.6 | ||||
* | Allow "--realm ! foo" and "! --realm foo" (Closes: #297) | Harald Welte | 2005-02-13 | 1 | -1/+1 |
| | |||||
* | fix missing comma at end of line | Harald Welte | 2005-02-13 | 1 | -1/+1 |
| | |||||
* | Fix CONNMARK/connmark issues with 64bit kernel and 32bit userspace. | Martin Josefsson | 2005-02-12 | 2 | -25/+82 |
| | | | | | | | Also fixes a typo in CONNMARK, --mask set the mark, not the mask. Initial patch by: Pablo Neira <pablo@eurodev.net> Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se> | ||||
* | try to fix realm save/restore issue (Adresses: #297) | Harald Welte | 2005-02-08 | 1 | -11/+14 |
| | |||||
* | Fix rule deletion (hinfo pointer initialized by kernel, don't compare it in ↵ | Samuel Jean | 2005-02-07 | 1 | -2/+1 |
| | | | | userspace). (Samuel Jean) | ||||
* | fix parameter handling in libipt_hashlimit with iptables-save (Nikolai Malykh) | Nikolai Malykh | 2005-02-07 | 1 | -2/+6 |
| | |||||
* | Add support for inversion to multiport revision 1. | Phil Oester | 2005-02-02 | 1 | -5/+10 |
| | | | | Signed-off-by: Phil Oester <kernel@linuxace.com> | ||||
* | fix compiler warning about discarding const | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | add missing comma | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | fix typo | Harald Welte | 2005-02-01 | 1 | -1/+1 |
| | |||||
* | make structure initializers use C99 standard (Harald Welte) | Harald Welte | 2005-02-01 | 19 | -261/+229 |
| | |||||
* | check for colons | Harald Welte | 2005-02-01 | 1 | -1/+6 |
| | |||||
* | Use C99 initializers | Harald Welte | 2005-02-01 | 1 | -11/+11 |
| | |||||
* | John McCann points out via bugzilla that iptables happily accepts this | Phil Oester | 2005-02-01 | 1 | -1/+6 |
| | | | | | | | | | | | | | syntax on DNAT/SNAT: --to x.x.x.x:y:z but doesn't actually make use of the second port. Clear up the confusion by only accepting a dash between the ports. This closes bugzilla #265. Signed-off-by: Phil Oester <kernel@linuxace.com> | ||||
* | fix name of 'extra_opts' structure member (Nikolai Malykh) | Nikolai Malykh | 2005-01-22 | 1 | -1/+1 |
| | |||||
* | Make it compile on current kernels, the future isn't here yet. | Martin Josefsson | 2005-01-05 | 1 | -0/+6 |
| | |||||
* | Testsuite found an issue: multiport accepts -p ! tcp. | Rusty Russell | 2005-01-03 | 1 | -0/+4 |
| | |||||
* | Pablo Neira: | Pablo Neira | 2005-01-03 | 1 | -1/+199 |
| | | | | Multiport revision 1 userspace support. | ||||
* | Extension revision number support (if kernel supports the getsockopts). | Rusty Russell | 2005-01-03 | 1 | -14/+126 |
| | | | | | Enhance MARK match with second revision. Committed in anticipation of the kernel patch being applied. | ||||
* | Prevent user from using --helper multiple times (Nicolas Bouliane ↵ | Nicolas Bouliane | 2005-01-02 | 1 | -0/+3 |
| | | | | <nib@cookinglinux.org>) | ||||
* | Add --log-uid option (John Lange <john.lange@open-it.ca>) | John Lange | 2005-01-02 | 2 | -1/+20 |
| | |||||
* | Fix compile error introduced by C99 conversion. | Rusty Russell | 2004-12-29 | 1 | -1/+0 |
| | |||||
* | Pablo Neira: extensions conversion to C99 structure initialization | Pablo Neira | 2004-12-28 | 69 | -939/+893 |
| | | | | (I removed the revision stuff for the moment, but this needs to go in before the code moves too much --RR) | ||||
* | Use string_to_number. Don't check for no optarg: we set has_arg to 1 in ↵ | Rusty Russell | 2004-12-22 | 1 | -5/+5 |
| | | | | option array, so getopt does that for us. | ||||
* | Nicolas Bouliane: I was writing an nfsim .sim for the match tos, when I ↵ | Nicolas Bouliane | 2004-12-20 | 1 | -0/+5 |
| | | | | realized that when we enter --tos twice the second overwrite the first. | ||||
* | ROUTE --tee target extension (Patrick Schaaf) | Patrick Schaaf | 2004-12-14 | 4 | -13/+84 |
| | |||||
* | ipset 2 related updates (JK) | Joszef Kadlecsik | 2004-12-01 | 5 | -83/+243 |
| |