Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add DCCP/SCTP support to multiport. Patch for kernel will go in 2.6.18. | Patrick McHardy | 2006-04-28 | 1 | -0/+3 |
| | |||||
* | Multiple matches of the same type can be specified on the commandline. | Joszef Kadlecsik | 2006-03-03 | 1 | -0/+4 |
| | | | | | | | | | | If two or more matches of the same type are detected then the options are assumed to be grouped in order to tell which option belongs to which match: ... -m foo ... <options0> ... -m foo ... <options1> ... Otherwise the commandline parsing is unmodified. | ||||
* | Fix probing for supported revisions (Jones Desougi <jones@ingate.com>) | Jones Desougi | 2005-12-22 | 1 | -0/+1 |
| | | | | Bugzilla #413 | ||||
* | Kernels higher than 2.6.10 don't support multiple --to arguments in | Phil Oester | 2005-09-19 | 1 | -0/+9 |
| | | | | | | | | | | | | | | | | | | | | | DNAT and SNAT targets. At present, the error is somewhat vague: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables: Invalid argument But if we want current iptables to work with kernels <= 2.6.10, we cannot simply disallow this in all cases. So the below patch adds kernel version checking to iptables, and utilizes it in [DS]NAT. Now, users will see a more informative error: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables v1.3.3: Multiple --to-source not supported This generic infrastructure (shamelessly lifted from procps btw) may come in handy in the future for other changes. This fixes bugzilla #367. (Phil Oester) | ||||
* | reduce code replication of parse_interface() (Yasuyuki Kozakai) | Yasuyuki KOZAKAI | 2005-06-22 | 1 | -0/+1 |
| | |||||
* | Extension revision number support (if kernel supports the getsockopts). | Rusty Russell | 2005-01-03 | 1 | -0/+18 |
| | | | | | Enhance MARK match with second revision. Committed in anticipation of the kernel patch being applied. | ||||
* | Fix setting lib_dir in ip*tables-{save,restore} | Martin Josefsson | 2004-12-27 | 1 | -0/+4 |
| | |||||
* | add definition for IPPROTO_SCTP for systems with old header files | Harald Welte | 2004-03-04 | 1 | -0/+4 |
| | |||||
* | Make sure to use matches in the order they are given when calling ↵ | Martin Josefsson | 2004-02-02 | 1 | -2/+8 |
| | | | | do_command() multiple times. | ||||
* | make iptables-restore print the line number in case of an error | Illes Marci | 2003-03-03 | 1 | -0/+2 |
| | | | | (Illes Marci <marci@balabit.hu>) | ||||
* | Export addr_to_anyname(), mask_to_dotted(), parse_hostnetworkmask() | Marc Boucher | 2001-12-06 | 1 | -0/+6 |
| | | | | | and parse_protocol() as they are needed by the upcoming ipt_conntrack match module. | ||||
* | - added patch to support statically linking of iptables | Harald Welte | 2001-08-06 | 1 | -0/+6 |
| | | | | - iptables-save/-restore is no longer experimental | ||||
* | make iptables-restore and iptables-save work again | Harald Welte | 2000-12-01 | 1 | -0/+9 |
| | |||||
* | Jan Echternach's const tweak. | Jan Echternach | 2000-08-27 | 1 | -1/+1 |
| | |||||
* | IPv6 enhancements. | Rusty Russell | 2000-05-02 | 1 | -17/+11 |
| | |||||
* | Changes to allow matching (for delete) on part of a rule, for rules which | Rusty Russell | 2000-04-19 | 1 | -0/+6 |
| | | | | change in the kernel (eg. ipt_limit). | ||||
* | reorganized tree after kernel merge | Marc Boucher | 2000-03-20 | 1 | -0/+122 |