summaryrefslogtreecommitdiffstats
path: root/extensions
Commit message (Collapse)AuthorAgeFilesLines
* Moves libipt_string.c to libxt_string.cYasuyuki KOZAKAI2007-07-243-2/+3
|
* Use unified API in string matchYasuyuki KOZAKAI2007-07-241-20/+21
|
* Unifies libip[6]t_multiport.c into libipxt_multiport.cYasuyuki KOZAKAI2007-07-243-465/+86
|
* Moves libipt_multiport.c to libxt_multiport.cYasuyuki KOZAKAI2007-07-242-2/+2
|
* Splits ipt_multport into family dependent parts and othersYasuyuki KOZAKAI2007-07-241-34/+68
|
* Use unified API in multiport matchYasuyuki KOZAKAI2007-07-241-46/+50
|
* Add IPv6 support to NOTRACKYasuyuki KOZAKAI2007-07-241-0/+16
|
* Renames libipt_NOTRACK.c to libxt_NOTRACK.cYasuyuki KOZAKAI2007-07-242-1/+2
|
* Use unified API in NOTRACK target.Yasuyuki KOZAKAI2007-07-241-16/+15
|
* Moves all declarations in iptables_common.h to xtables.h.Yasuyuki KOZAKAI2007-07-241-2/+1
|
* Installs libxt_*.so to DEST_IPT_LIBIDR and link libip[6]t_*.so to it.Yasuyuki KOZAKAI2007-07-241-0/+26
|
* Introduces DEST_IPT_LIBDIR to simplify $(DESTDIR)$(LIBDIR)/iptablesYasuyuki KOZAKAI2007-07-241-8/+9
|
* Fixes warning on compilation, part 2Yasuyuki KOZAKAI2007-07-246-29/+46
| | | | | | | | | | This changes the type of arguments as follows in multiport, DNAT, SNAT, MASQUERADE, and REDIRECT - ip[6]t_ip[6] * -> void * - ip[6]t_entry * -> void * and adds lines to cast these pointer with intended type.
* Fixes warning on compilation of ip6tables matches/targetsYasuyuki KOZAKAI2007-07-2436-107/+107
| | | | | | This changes the type of arguments as follows - ip6t_ip6 * -> void * - ip6t_entry * -> void *
* Fixes warning on compilation of iptables matches/targetsYasuyuki KOZAKAI2007-07-2460-177/+177
| | | | | | | | | This changes the type of arguments as follows - ipt_ip * -> void * - ipt_entry * -> void * This patch doesn't change multiport, DNAT, SNAT, MASQUERADE, REDIRECT because these need more changes (casting void * variable with intended type)
* Replaces ip6t_entry_* with xt_entry_* in matches/targetsYasuyuki KOZAKAI2007-07-2434-128/+127
|
* Replaces ipt_entry_* with xt_entry_* in matches/targetsYasuyuki KOZAKAI2007-07-2464-237/+237
|
* Adds missing explanations about FIN in mask part of '--syn' in libip[6]_tcp.cPatrick McHardyYasuyuki KOZAKAI2007-07-163-3/+3
| | | | and libip6t_tcp.man.
* Adds missing FIN to mask part generated by '--syn' of libip6t_tcpYasuyuki KOZAKAI2007-07-162-2/+2
|
* Fixes compile error of connlimit where NO_SHARED_LIBS=1 is specifiedYasuyuki KOZAKAI2007-07-132-2/+2
|
* PATCH: Add connlimit to iptables.Jan Engelhardt2007-07-095-2/+335
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* libipt_statistic: add a few missing validity checksNicolas Bouliane2007-07-031-0/+9
| | | | Signed-off-by: Nicolas Bouliane
* Removes some KERNEL_64_USERSPACE_32 because linux 2.6 has compat layerYasuyuki KOZAKAI2007-06-286-117/+0
|
* Add Jozsef's TRACE target.Patrick McHardy2007-06-255-2/+148
| | | | | Changed to be built unconditionally by myself since it doesn't need any headerfiles anyways.
* Fixes build error of conntrack match because of missing ip_conntrack_tuple.hYasuyuki KOZAKAI2007-06-241-1/+0
| | | | | in linux 2.6.22. It is not needed because nf_conntrack headers can be used instead.
* libipt_hashlimit doc updateJan Engelhardt2007-06-031-2/+2
| | | | | | Add srcip,srcport to hashlimit manpage. Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Add --random option to DNAT and REDIRECT targets and fix the manpage mess ↵Patrick McHardy2007-05-297-27/+76
| | | | this option left behind.
* update quota manpage for SMP (Phil Oester)Phil Oester2007-05-021-1/+0
| | | | | The quota match works fine on SMP, so update the manpage to reflect this. Closes bugzilla #564.
* Fix iptables-save with --random optionPatrick McHardy2007-04-183-3/+14
|
* Remove unnecessary IP_NAT_RANGE_PROTO_RANDOM ifdefs.Patrick McHardy2007-04-183-45/+7
|
* Use nf_conntrack headers instead of ip_conntrack ones and add sanitized ↵Patrick McHardy2007-04-1811-11/+11
| | | | versions.
* Remove unnecessary ip_conntrack/ip_nat includesPatrick McHardy2007-04-182-2/+0
|
* Fix cut and paste error breaking use of groups != 0Patrick McHardy2007-03-062-12/+12
|
* iptables: add random option to SNAT (Eric Leblond)Eric Leblond2007-02-246-9/+117
|
* Reverted r6754. libipt_icmp has the option 'any', so it's unnecessaryYasuyuki KOZAKAI2007-02-191-4/+1
| | | | to check no option of ICMP type.
* Remove and readd with executable bit set. SVN doesn't seem to have a proper ↵Patrick McHardy2007-02-131-0/+0
| | | | way of doing this.
* Fixes man page for tcp, udp, icmp{,6}. They are not loaded when only '-p' isYasuyuki KOZAKAI2007-02-136-6/+6
| | | | specified, but loaded when extra options are specified, too.
* Forgot to add TCPMSS target to PF6_EXT_SLIBPatrick McHardy2007-02-131-1/+1
|
* Error if no ICMP type is specified even though user intendedYasuyuki KOZAKAI2007-02-131-0/+3
| | | | to use icmp match.
* Add ip6tables mh extension (Masahide NAKAMURA <nakam@linux-ipv6.org>)Masahide NAKAMURA2007-02-093-0/+266
| | | | Kernel part will go in 2.6.21
* Bugzilla #535Patrick McHardy2007-01-261-1/+1
| | | | | In the tcpmss section of the iptables manpage, there is an extraneous trailing quote for the --mss option.
* Bugzilla #534:Patrick McHardy2007-01-261-4/+0
| | | | | Please remove --mss from libipt_tcp.man. The tcp match doesn't handle that option, while the tcpmss match does.
* Add ip6tables TCPMSS extension (Arnaud Ebalard <arno@natisbad.org>)Arnaud Ebalard2007-01-162-0/+176
| | | | Kernel part will go in 2.6.21.
* Add UDPLITE multiport supportPatrick McHardy2007-01-111-3/+6
|
* Fix missing space in ruleset listingPatrick McHardy2007-01-111-1/+1
|
* Remove extensions for unmaintained/obsolete patchletsPatrick McHardy2007-01-1065-5009/+2
|
* fix typo in manpage (thomas@aktaia.intevation.org)thomas2007-01-071-1/+1
|
* Move extensions for pom patches to individual patchlets.Patrick McHardy2006-12-1218-1337/+1
|
* Add target extensions for new NFLOG targetPatrick McHardy2006-12-034-0/+326
|
* Fix /etc/network usage (Pablo Neira)Pablo Neira Ayuso2006-11-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | http://bugs.debian.org/398082 iptables 1.3.5 and 1.3.6 appear to read /etc/networks, but the information is lost somewhere with 1.3.6. # cat /etc/networks foonet 10.0.0.0 # strace -s 255 -o /tmp/foo iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.5 [1] ACCEPT all opt -- in * out * 10.0.0.0/8 -> 0.0.0.0/0 # strace -s 255 -o /tmp/bar iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.6 [2] iptables v1.3.6: host/network `foonet.0.0.0' not found Try `iptables -h' or 'iptables --help' for more information. 1. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.5.txt 2. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.6.txt