Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | libxtables: prefix/order - program_name | Jan Engelhardt | 2009-01-30 | 1 | -2/+3 |
| | | | | | | | | | Split XTABLES_VERSION into xtables and iptables, and encode the xtables soversion into the extensions instead. This makes it possible to upgrade iptables without having to recompile 3rd-party extensions (if the libxtables version matches, of course). Signed-off-by: Jan Engelhardt <jengelh@medozas.de> | ||||
* | libxtables: prefix/order - libdir | Jan Engelhardt | 2009-01-27 | 1 | -10/+1 |
| | | | | | | Consolidate the libdir variable initialization code into xtables.c. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> | ||||
* | libxtables: prefix/order - modprobe and xtables.ko loading | Jan Engelhardt | 2009-01-27 | 1 | -2/+3 |
| | | | | | | | | | This change affects: load_xtables_ko -> xtables_load_ko modprobe_program -> xtables_modprobe_program Now uses bool for the "quiet" flag. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> | ||||
* | env: augment deprecation notice | Jan Engelhardt | 2009-01-07 | 1 | -1/+2 |
| | | | | | | | Tell the user what to use instead of IP*TABLES_LIBDIR. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | src: reuse the global modprobe_program variable | Jan Engelhardt | 2008-11-18 | 1 | -6/+4 |
| | | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> | ||||
* | libiptc: remove indirections | Jan Engelhardt | 2008-11-10 | 1 | -7/+9 |
| | | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> | ||||
* | libiptc: remove typedef indirection | Jan Engelhardt | 2008-11-10 | 1 | -3/+3 |
| | | | | | | | | | | | Don't you hate it when iptc_handle_t *x actually is a double-indirection struct iptc_handle **? This also shows the broken constness model, since "const iptc_handle_t x" = "iptc_handle_t const x" = "struct iptc_handle *const x", which is like no const at all. Lots of things to do then. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> | ||||
* | iptables-restore: fix segmentation fault with -tanything | Jan Engelhardt | 2008-08-04 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | Reference: Debian bug #458042 iptables-restore must not pass a table into do_command. It checks for "-t arg" and "--table arg", but not "-targ". (On a related note, using -targ does not work as expected). This should fail gracefully, but crashes: iptables-restore <(echo -e '*filter\n-A INPUT -tx\nCOMMIT') And this should use table "filter", or perhaps raise an error, but instead sets the table to (literally) "-tfilter": iptables -tfilter -A INPUT Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> | ||||
* | sparse warning fixes: integer used as pointer | Patrick McHardy | 2008-06-07 | 1 | -1/+1 |
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> | ||||
* | Make iptables-restore usable over a pipe | Henrik Nordstrom | 2008-05-12 | 1 | -0/+1 |
| | | | | | | | | The attached patch flushes stdout between commands to make output operations (-L etc) in iptables-restore usable over a pipe. stdio by defaut buffers output if not connected to a terminal. Henrik Nordstrom <henrik@henriknordstrom.net> | ||||
* | Remove old functions, constants | Jan Engelhardt | 2008-04-15 | 1 | -2/+2 |
| | |||||
* | iptables: use C99 lists for struct options | Gáspár Lajos | 2008-04-14 | 1 | -9/+9 |
| | |||||
* | Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR | Jan Engelhardt | 2008-04-13 | 1 | -3/+8 |
| | |||||
* | Fix all remaining warnings (missing declarations, missing prototypes) | Jan Engelhardt | 2008-04-13 | 1 | -1/+3 |
| | |||||
* | allow empty strings in argument parser | Max Kellermann | 2008-01-29 | 1 | -7/+5 |
| | | | | Max Kellermann <max@duempel.org> | ||||
* | unescape parameters | Max Kellermann | 2008-01-29 | 1 | -25/+35 |
| | | | | Max Kellermann <max@duempel.org> | ||||
* | whitespace cleanup | Max Kellermann | 2008-01-29 | 1 | -19/+19 |
| | | | | Max Kellermann <max@duempel.org> | ||||
* | let DO_MULTI=1 work for ip6tables* binaries | Hann-Huei Chiou | 2007-10-23 | 1 | -0/+4 |
| | | | | | | | | When defining DO_MULTI=1 in Makefile, only iptables is built as a single multipurpose binary. This patch makes ip6tables also be built in the same manner. Hann-huei Chiou <koala@ascenvision.com> | ||||
* | Fix sscanf type errors | Patrick McHardy | 2007-10-17 | 1 | -5/+9 |
| | |||||
* | Add ip6tables-{save,restore} to non-experimental target, fix strict aliasing ↵ | Patrick McHardy | 2007-10-16 | 1 | -1/+5 |
| | | | | warnings | ||||
* | Introduces xtables match/target registration | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | - moves lib_dir to xtables.c - introduces struct pfinfo which has protocol family dependent infomations. - unifies load_ip[6]tables_ko() and moves them as load_xtables_ko() - introduces xt_{match,match_rule,target,tryload} and replaces ip[6]t_* with them - unifies following functions and move them to xtables.c - find_{match,find_target} - compatible_revision, compatible_{match,target}_revision - introduces xtables_register_{match,target} and make register_{match,target}[6] call them. xtables_register_* register ONLY matches/targets matched protocol family Some concepts: - source compatibility for libip[6]t_xxx.c with warning on compilation not binary compatibility. - binary compatibility between 2.4/2.6 kernel and iptables/ip6tables, of cause. - xtables is enough to support only one address family at runtime. Then xtables keeps infomations of only the focused address famiy in struct afinfo. | ||||
* | Moves ip[6]tables_insmod() to xtables.c as xtables_insmod() | Yasuyuki KOZAKAI | 2007-07-24 | 1 | -1/+2 |
| | |||||
* | Fix missing newlines in iptables-save/restore output (Pavol Rusnak ↵ | Pavel Rusnak | 2007-05-10 | 1 | -2/+2 |
| | | | | | | <prusnak@suse.cz>) Bugzilla #568 | ||||
* | ip6tables-restore should output error of modprobe if failed to load | Yasuyuki KOZAKAI | 2007-03-20 | 1 | -1/+1 |
| | | | | ip6tables.ko after failed to initialize handle. | ||||
* | Supress error message from modprobe on checking revision. | Yasuyuki KOZAKAI | 2007-03-13 | 1 | -1/+1 |
| | |||||
* | Fix missing space in error message (Bugzilla 544) | Patrick McHardy | 2007-02-14 | 1 | -1/+1 |
| | |||||
* | fix compile/install error for iptables-xml with DO_MULTI=1 (Lutz Jaenicke) | Lutz Jaenicke | 2006-12-09 | 1 | -1/+1 |
| | |||||
* | fix segfault or loading of invalid counters in ip[6]tables-restore (Olaf ↵ | Harald Welte | 2006-02-09 | 1 | -1/+4 |
| | | | | Rempel) (Closes: #437) | ||||
* | Flush chain with noflush when it is redefined (Charlie Brady ↵ | Charlie Brady | 2005-06-12 | 1 | -6/+15 |
| | | | | <charlieb-netfilter-devel@budge.apana.org.au>) | ||||
* | Fix setting lib_dir in ip*tables-{save,restore} | Martin Josefsson | 2004-12-27 | 1 | -1/+5 |
| | |||||
* | slightly different semantics of iptc_builtin | Harald Welte | 2004-08-30 | 1 | -2/+2 |
| | |||||
* | Get rid of some warnings when compiling 64bit. | Martin Josefsson | 2004-05-26 | 1 | -2/+2 |
| | |||||
* | (Continuing the bloody-series) Bloody missing resync (Did I mention how much ↵ | Martin Josefsson | 2004-02-02 | 1 | -2/+2 |
| | | | | I hate copy-n-edits?) | ||||
* | (Continuing the bloody-series) Bloody typos :) | Martin Josefsson | 2004-02-02 | 1 | -2/+2 |
| | |||||
* | Bloody copy-n-edit. Add --test (-t) in order to test... | Martin Josefsson | 2004-02-02 | 1 | -6/+16 |
| | |||||
* | Bloody copy-n-edit. Complain when COMMIT is missing... | Martin Josefsson | 2004-02-02 | 1 | -1/+6 |
| | |||||
* | Another minor codestyle fix | Martin Josefsson | 2004-01-31 | 1 | -2/+3 |
| | |||||
* | Minor codestyle fix | Martin Josefsson | 2004-01-31 | 1 | -2/+3 |
| | |||||
* | I guess nobody actually used --verbose | Martin Josefsson | 2004-01-31 | 1 | -2/+2 |
| | |||||
* | Fix even more possibly not zero-terminated strings after copy (Karsten Desler) | Karsten Desler | 2004-01-31 | 1 | -1/+2 |
| | |||||
* | allow embedding of quote character inside quoted string (Michael Rash) | Michael Rash | 2004-01-05 | 1 | -2/+6 |
| | |||||
* | fix memory leak(s) in libiptc. Reverts the previous (wrong) patch. (Martin ↵ | Martin Josefsson | 2003-05-02 | 1 | -2/+5 |
| | | | | Josefsson) | ||||
* | port 'line number on error in iptables-restore' from ipv4 | Harald Welte | 2003-03-05 | 1 | -6/+9 |
| | |||||
* | minor fixes by kisza: | András Kis-Szabó | 2002-08-14 | 1 | -7/+2 |
| | | | | | | | | - remove -C(check) function from ip6tables - -M added to the getopts()'s list (missed) - small change in the iptables help - remove some unused code - some GPL notice added | ||||
* | globally replace NETFILTER_VERSION with IPTABLES_VERSION to have consistent ↵ | Harald Welte | 2002-05-29 | 1 | -3/+3 |
| | | | | naming | ||||
* | add ip6tables-save/restore manpages; sync with ipv4 (kisza) | András Kis-Szabó | 2002-03-03 | 1 | -98/+104 |
| | |||||
* | check for --table as well as -t (Andreas Ferber) | Harald Welte | 2001-10-22 | 1 | -1/+2 |
| | |||||
* | fix stupid bug introduced with too-lazy "-t" checking. | Harald Welte | 2001-10-21 | 1 | -16/+8 |
| | |||||
* | prevent ip(6)tables-restore from crashing when a line contains -t | Harald Welte | 2001-10-16 | 1 | -0/+16 |
| | |||||
* | ip6tables-(save/restore) sync with IPv4 code | Harald Welte | 2001-10-04 | 1 | -60/+115 |
| |