Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Unifies libip[6]t_connmark into libxt_connmark | Yasuyuki KOZAKAI | 2007-08-04 | 1 | -4/+4 | |
| | ||||||
* | Unifies libip[6]t_hashlimit into libxt_hashlimit | Yasuyuki KOZAKAI | 2007-08-04 | 1 | -12/+12 | |
| | ||||||
* | Unifies libip[6]t_MARK into libxt_MARK | Yasuyuki KOZAKAI | 2007-08-04 | 3 | -27/+21 | |
| | ||||||
* | Unifies libip[6]t_CONNSECMARK into libxt_CONNSECMARK | Yasuyuki KOZAKAI | 2007-08-04 | 1 | -0/+13 | |
| | ||||||
* | Add IPv6 support to CONNMARK match | Yasuyuki KOZAKAI | 2007-08-04 | 1 | -7/+7 | |
| | ||||||
* | Unifies libip[6]t_NFQUEUE.c into libxt_NFQUEUE.c | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -4/+4 | |
| | ||||||
* | Unifies libip[6]t_TCPMSS.c into libxt_TCPMSS.c | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -10/+10 | |
| | ||||||
* | Add IPv6 support to comment match | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -10/+10 | |
| | ||||||
* | Add IPv6 support to dscp match. | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -23/+23 | |
| | ||||||
* | Unifies libip[6]t_esp.c into libxt_esp.c | Yasuyuki KOZAKAI | 2007-07-24 | 3 | -39/+14 | |
| | ||||||
* | Unifies libip[6]t_length.c into libxt_length.c | Yasuyuki KOZAKAI | 2007-07-24 | 3 | -19/+9 | |
| | ||||||
* | Unifies libip[6]t_limit.c into libxt_limit.c. | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -27/+6 | |
| | ||||||
* | Unifies libip[6]t_mac.c into libxt_mac.c | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -0/+8 | |
| | ||||||
* | Unifies libip[6]t_physdev.c into libxt_physdev.c | Yasuyuki KOZAKAI | 2007-07-24 | 3 | -48/+24 | |
| | ||||||
* | Add IPv6 support to pkttype match | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -9/+8 | |
| | ||||||
* | Unifies libip[6]t_sctp.c into libxt_sctp.c | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -11/+11 | |
| | ||||||
* | Add IPv6 support to tcpmss match | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -9/+9 | |
| | ||||||
* | Unifies libip[6]t_udp.c into libxt_udp.c | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -0/+36 | |
| | ||||||
* | Unifies libip[6]_mark.c into libxt_mark.c | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -9/+0 | |
| | ||||||
* | Use unified API in libipt_mark.c | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -9/+9 | |
| | ||||||
* | Unifies libip[6]t_multiport.c into libipxt_multiport.c | Yasuyuki KOZAKAI | 2007-07-24 | 2 | -59/+0 | |
| | ||||||
* | Use unified API in multiport match | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -0/+30 | |
| | ||||||
* | Introduces xtables match/target registration | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -0/+123 | |
| | | | | | | | | | | | | | | | | | | | | | | | - moves lib_dir to xtables.c - introduces struct pfinfo which has protocol family dependent infomations. - unifies load_ip[6]tables_ko() and moves them as load_xtables_ko() - introduces xt_{match,match_rule,target,tryload} and replaces ip[6]t_* with them - unifies following functions and move them to xtables.c - find_{match,find_target} - compatible_revision, compatible_{match,target}_revision - introduces xtables_register_{match,target} and make register_{match,target}[6] call them. xtables_register_* register ONLY matches/targets matched protocol family Some concepts: - source compatibility for libip[6]t_xxx.c with warning on compilation not binary compatibility. - binary compatibility between 2.4/2.6 kernel and iptables/ip6tables, of cause. - xtables is enough to support only one address family at runtime. Then xtables keeps infomations of only the focused address famiy in struct afinfo. | |||||
* | PATCH: Add connlimit to iptables. | Jan Engelhardt | 2007-07-09 | 1 | -0/+17 | |
| | | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de> | |||||
* | Removes KERNEL_64_USERSPACE_32 | Yasuyuki KOZAKAI | 2007-06-30 | 2 | -8/+0 | |
| | | | | | | | The recent kernel has compat layer for iptables. It doesn't have compat layer for libipq and ip6tables, but ip6tables with KERNEL_64_USERSPACE_32 is still broken. We should fix kernel instead of fixing them if and when we want use their 32bit binary with 64bit kernel. | |||||
* | Removes some KERNEL_64_USERSPACE_32 because linux 2.6 has compat layer | Yasuyuki KOZAKAI | 2007-06-28 | 10 | -50/+3 | |
| | ||||||
* | Use nf_conntrack headers instead of ip_conntrack ones and add sanitized ↵ | Patrick McHardy | 2007-04-18 | 5 | -1/+297 | |
| | | | | versions. | |||||
* | Add ip6tables TCPMSS extension (Arnaud Ebalard <arno@natisbad.org>) | Arnaud Ebalard | 2007-01-16 | 1 | -0/+10 | |
| | | | | Kernel part will go in 2.6.21. | |||||
* | - Add revision support to ip6tables. | Rémi Denis-Courmont | 2006-10-20 | 1 | -0/+30 | |
| | | | | | - Add support port range match to libip6t_multiport (R?mi Denis-Courmont <rdenis@simphalempin.com>) | |||||
* | make policy match compile independant of kernel headersv1.3.5 | Harald Welte | 2006-02-01 | 1 | -0/+4 | |
| | ||||||
* | fix ipt_conntrack compilation against very early (2.4.0) kernel releases | Harald Welte | 2006-02-01 | 1 | -1/+1 | |
| | ||||||
* | Prepare policy match for x_tables unification by making sure both | Patrick McHardy | 2006-01-31 | 2 | -0/+116 | |
| | | | | ipt_policy and ip6t_policy use the same data structure. | |||||
* | add NFQUEUE support for ipv4 and ipv6 | Harald Welte | 2005-07-19 | 1 | -0/+16 | |
| | ||||||
* | fix various missing header file / #define issues on old kernels. I've now ↵v1.3.2 | Harald Welte | 2005-07-10 | 2 | -16/+17 | |
| | | | | tested compilation with kernels starting 2.4.17 | |||||
* | we need to have this header file included, since old kernels don't define ↵ | Harald Welte | 2005-07-10 | 1 | -0/+16 | |
| | | | | IP6T_LOG_UID. | |||||
* | omeone forgot to update ipt_conntrack.h header in user space. So, update it ↵ | Harald WeltePablo Neira | 2005-04-15 | 1 | -1/+22 | |
| | | | | to use ip_conntrack_old_tuple. (Pablo Neira) | |||||
* | This fixes rule deletion in CLUSTERIP in iptables (Pablo Neira) | Pablo Neira | 2005-03-07 | 1 | -0/+37 | |
| | ||||||
* | Fix CONNMARK/connmark issues with 64bit kernel and 32bit userspace. | Martin Josefsson | 2005-02-12 | 2 | -0/+9 | |
| | | | | | | | Also fixes a typo in CONNMARK, --mask set the mark, not the mask. Initial patch by: Pablo Neira <pablo@eurodev.net> Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se> | |||||
* | Add support for inversion to multiport revision 1. | Phil Oester | 2005-02-02 | 1 | -0/+1 | |
| | | | | Signed-off-by: Phil Oester <kernel@linuxace.com> | |||||
* | Pablo Neira: | Pablo Neira | 2005-01-03 | 1 | -0/+28 | |
| | | | | Multiport revision 1 userspace support. | |||||
* | Extension revision number support (if kernel supports the getsockopts). | Rusty Russell | 2005-01-03 | 1 | -0/+15 | |
| | | | | | Enhance MARK match with second revision. Committed in anticipation of the kernel patch being applied. | |||||
* | move ipt_hashlimit to it's correct location | Harald Welte | 2004-10-20 | 1 | -0/+40 | |
| | ||||||
* | Add comment match extension (Brad Fisher) | Brad Fisher | 2004-09-20 | 1 | -0/+10 | |
| | ||||||
* | port physdev to ip6tables (Bart De Schuymer) | Bart De Schuymer | 2004-09-12 | 1 | -0/+24 | |
| | ||||||
* | Add ipt_addrtype.h | Patrick McHardy | 2004-06-28 | 1 | -0/+11 | |
| | ||||||
* | add missing include | Harald Welte | 2004-06-21 | 1 | -0/+39 | |
| | ||||||
* | With a 64bit kernel only the high 32bits of nfmark was used regardless of | Martin Josefsson | 2004-05-26 | 4 | -0/+50 | |
| | | | | | | | 32/64bit userspace. This makes it quite hard to interoperate with 'tc'. Sync ipv6 versions with ipv4 versions. Tested on x86 and sparc64 with both 32bit and 64bit userspace. | |||||
* | Fix 64bit kernel / 32bit userspace issue. | Martin Josefsson | 2004-05-26 | 2 | -6/+15 | |
| | | | | Sync header with kernel. | |||||
* | Fix 64bit kernel / 32bit userspace issue. | Martin Josefsson | 2004-05-26 | 3 | -1/+56 | |
| | ||||||
* | update for matching chunk flags (Kiran Kumar) | Kiran Kumar | 2004-03-02 | 1 | -0/+11 | |
| |