summaryrefslogtreecommitdiffstats
path: root/include/linux
Commit message (Collapse)AuthorAgeFilesLines
* libxt_ownerJan Engelhardt2008-01-201-0/+16
| | | | | | | libxt_owner merges libipt_owner and libip6t_owner, and adds support for the xt_owner match revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* Add rateest match extensionPatrick McHardy2008-01-151-0/+33
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* Add RATEEST target extensionPatrick McHardy2008-01-151-0/+11
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* Fix make/compile error for iptables-1.4.0rc1Jesper Brouer2007-11-253-2/+616
| | | | | | | | | | | | | | | | | | | Fixing a make/compile issue with iptables, release candidate 1.4.0rc1, which has existed since SVN changeset 6920. This patch adds ip_tables.h and ip6_tables.h, and updates x_tables.h, taken from Linus'es git tree. Changeset 6920 added the include file x_tables.h from kernel source, but didn't add ip_tables.h and ip6_tables.h. At some point (Tue Nov 14 19:48:48 2006, by Yasuyuki Kozakai) these kernel headers where changed, which actually removes certain depencencies from ip_tables.h and ip6_tables.h to x_tables.h. If compiling will fail, with old kernel headers (ip_tables.h and ip6_tables.h) available in systems include path, because they depend on certaine defines in x_tables.h with is missing in the version in SVN. Jesper Brouer <jdb@comx.dk>
* Add the libxt_time iptables matchJan Engelhardt2007-09-231-0/+25
| | | | | | | | | | | This is libipt_time from POM-ng enhanced by the following: * day-of-month support (for example "match on the 15th of each month") * inversion support for --weekdays and --monthdays * match against UTC or local timezone * a manpage Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
* Adds u32 to iptables.Jan Engelhardt2007-09-101-0/+40
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Build IPv6 hbh/dst matches unconditionallyPatrick McHardy2007-09-051-0/+23
|
* Build IPv6 rt match unconditionallyPatrick McHardy2007-09-051-0/+33
|
* Build ipv6header match unconditionallyPatrick McHardy2007-09-051-0/+27
|
* Build IPv6 mh match unconditionallyPatrick McHardy2007-09-051-0/+15
|
* Resync header files and build IPv6 frag match unconditionallyPatrick McHardy2007-09-051-9/+0
|
* Resync header file and build IPv6 ah match unconditionallyPatrick McHardy2007-09-051-9/+0
|
* Resync header file and build CLUSTERIP target unconditionallyPatrick McHardy2007-09-051-3/+3
|
* Build recent match unconditionallyPatrick McHardy2007-09-051-0/+27
|
* Build dccp match unconditionallyPatrick McHardy2007-09-051-0/+23
|
* Build string match unconditionallyPatrick McHardy2007-09-051-0/+18
|
* Build statistic match unconditionallyPatrick McHardy2007-09-051-0/+32
|
* Build quota match unconditionallyPatrick McHardy2007-09-051-0/+16
|
* Build NFLOG target unconditionallyPatrick McHardy2007-09-051-0/+18
|
* Resync ip6t_REJECT.h with kernel - seems the entire time we had an imcompatiblePatrick McHardy2007-08-231-1/+3
| | | | | | header :( Noticed by Peter Riley <Peter.Riley@hotpop.com>
* Add IPv6 support to helper matchYasuyuki KOZAKAI2007-08-042-8/+8
|
* Add IPv6 support to connbytes matchYasuyuki KOZAKAI2007-08-041-0/+25
|
* Add IPv6 support to DSCP targetYasuyuki KOZAKAI2007-08-041-8/+8
|
* Add IPv6 support to CLASSIFY targetYasuyuki KOZAKAI2007-08-042-8/+8
|
* Unifies libip[6]t_state into libxt_stateYasuyuki KOZAKAI2007-08-041-0/+13
|
* Unifies libip[6]t_connmark into libxt_connmarkYasuyuki KOZAKAI2007-08-041-4/+4
|
* Unifies libip[6]t_hashlimit into libxt_hashlimitYasuyuki KOZAKAI2007-08-041-12/+12
|
* Unifies libip[6]t_MARK into libxt_MARKYasuyuki KOZAKAI2007-08-043-27/+21
|
* Unifies libip[6]t_CONNSECMARK into libxt_CONNSECMARKYasuyuki KOZAKAI2007-08-041-0/+13
|
* Add IPv6 support to CONNMARK matchYasuyuki KOZAKAI2007-08-041-7/+7
|
* Unifies libip[6]t_NFQUEUE.c into libxt_NFQUEUE.cYasuyuki KOZAKAI2007-07-241-4/+4
|
* Unifies libip[6]t_TCPMSS.c into libxt_TCPMSS.cYasuyuki KOZAKAI2007-07-242-10/+10
|
* Add IPv6 support to comment matchYasuyuki KOZAKAI2007-07-242-10/+10
|
* Add IPv6 support to dscp match.Yasuyuki KOZAKAI2007-07-242-23/+23
|
* Unifies libip[6]t_esp.c into libxt_esp.cYasuyuki KOZAKAI2007-07-243-39/+14
|
* Unifies libip[6]t_length.c into libxt_length.cYasuyuki KOZAKAI2007-07-243-19/+9
|
* Unifies libip[6]t_limit.c into libxt_limit.c.Yasuyuki KOZAKAI2007-07-242-27/+6
|
* Unifies libip[6]t_mac.c into libxt_mac.cYasuyuki KOZAKAI2007-07-241-0/+8
|
* Unifies libip[6]t_physdev.c into libxt_physdev.cYasuyuki KOZAKAI2007-07-243-48/+24
|
* Add IPv6 support to pkttype matchYasuyuki KOZAKAI2007-07-242-9/+8
|
* Unifies libip[6]t_sctp.c into libxt_sctp.cYasuyuki KOZAKAI2007-07-241-11/+11
|
* Add IPv6 support to tcpmss matchYasuyuki KOZAKAI2007-07-242-9/+9
|
* Unifies libip[6]t_udp.c into libxt_udp.cYasuyuki KOZAKAI2007-07-241-0/+36
|
* Unifies libip[6]_mark.c into libxt_mark.cYasuyuki KOZAKAI2007-07-241-9/+0
|
* Use unified API in libipt_mark.cYasuyuki KOZAKAI2007-07-242-9/+9
|
* Unifies libip[6]t_multiport.c into libipxt_multiport.cYasuyuki KOZAKAI2007-07-242-59/+0
|
* Use unified API in multiport matchYasuyuki KOZAKAI2007-07-241-0/+30
|
* Introduces xtables match/target registrationYasuyuki KOZAKAI2007-07-241-0/+123
| | | | | | | | | | | | | | | | | | | | | | | - moves lib_dir to xtables.c - introduces struct pfinfo which has protocol family dependent infomations. - unifies load_ip[6]tables_ko() and moves them as load_xtables_ko() - introduces xt_{match,match_rule,target,tryload} and replaces ip[6]t_* with them - unifies following functions and move them to xtables.c - find_{match,find_target} - compatible_revision, compatible_{match,target}_revision - introduces xtables_register_{match,target} and make register_{match,target}[6] call them. xtables_register_* register ONLY matches/targets matched protocol family Some concepts: - source compatibility for libip[6]t_xxx.c with warning on compilation not binary compatibility. - binary compatibility between 2.4/2.6 kernel and iptables/ip6tables, of cause. - xtables is enough to support only one address family at runtime. Then xtables keeps infomations of only the focused address famiy in struct afinfo.
* PATCH: Add connlimit to iptables.Jan Engelhardt2007-07-091-0/+17
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* Removes KERNEL_64_USERSPACE_32Yasuyuki KOZAKAI2007-06-302-8/+0
| | | | | | | The recent kernel has compat layer for iptables. It doesn't have compat layer for libipq and ip6tables, but ip6tables with KERNEL_64_USERSPACE_32 is still broken. We should fix kernel instead of fixing them if and when we want use their 32bit binary with 64bit kernel.