summaryrefslogtreecommitdiffstats
path: root/iptables-xml.c
Commit message (Collapse)AuthorAgeFilesLines
* src: move all iptables pieces into a separate directoryJan Engelhardt2011-06-071-874/+0
| | | | | | (Unclutter top-level dir) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* xtables-multi: fix absence of xml translator in IPv6-only buildsMaciej ┼╗enczykowski2011-06-071-2/+2
| | | | | | | | Commit v1.4.11-4-gde791ff did not actually build the iptables-xml code into the xtables-multi binary. Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: remove dead code partsJan Engelhardt2011-05-301-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | gcc-4.6 has a new warning, -Wunused-but-set-variable, which flags no-op code. CC libiptc/libip4tc.lo In file included from libiptc/libip4tc.c:118:0: libiptc/libiptc.c: In function "iptcc_chain_index_delete_chain": libiptc/libiptc.c:611:32: warning: variable "index_ptr2" set but not used libiptc/libiptc.c: In function "alloc_handle": libiptc/libiptc.c:1282:9: warning: variable "len" set but not used CC libiptc/libip6tc.lo In file included from libiptc/libip6tc.c:113:0: libiptc/libiptc.c: In function "iptcc_chain_index_delete_chain": libiptc/libiptc.c:611:32: warning: variable "index_ptr2" set but not used libiptc/libiptc.c: In function "alloc_handle": libiptc/libiptc.c:1282:9: warning: variable "len" set but not used CC xtables_multi-iptables-xml.o iptables-xml.c: In function "do_rule_part": iptables-xml.c:376:8: warning: variable "thisChain" set but not used CC xtables_multi-ip6tables.o ip6tables.c: In function "print_firewall": ip6tables.c:552:10: warning: variable "flags" set but not used Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* v4: rename do_command() to do_command4()Maciej Zenczykowski2011-04-041-1/+1
| | | | | Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* mark newly opened fds as FD_CLOEXEC (close on exec)Maciej Zenczykowski2011-04-041-1/+1
| | | | | | | (This is iptables-1.4.3.1-cloexec.patch from RedHat iptables.src.rpm) Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* Remove unused CVS expanded keywordsJan Engelhardt2011-02-191-2/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables-xml: resolve compiler warningsJan Engelhardt2010-09-131-1/+1
| | | | | | | | iptables-xml.c: In function "parse_counters": iptables-xml.c:70:8: warning: assignment from incompatible pointer type iptables-xml.c:71:8: warning: assignment from incompatible pointer type Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables: close open file descriptorsJan Engelhardt2009-06-101-0/+2
| | | | | | | Just for correctness, close some file descriptors that were opened. (E.g. ip6tables-save reading from procfs files.) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables: replace open-coded sizeof by ARRAY_SIZEJan Engelhardt2009-05-261-1/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix exit_error to xtables_errorJan Engelhardt2009-02-211-8/+8
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: general follow-up cleanupJamal Hadi Salim2009-02-131-18/+14
| | | | | | Kill program_name, program_version and xtables_program_name. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
* libxtables: simple aliasing macro for exit_errorJamal Hadi Salim2009-02-111-13/+0
| | | | | | | | | | | Rename xtables_globals exit_error cb to exit_err and introduce a very simple aliasing macro to point to it. convert iptables, ip6tables and iptables_xml to use it. Note iptables_xml does not have to define its own exit_error() since it can use the basic one provided. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Patrick McHardy <kaber@trash.net>
* libxtables: Make ip6tables, iptables and iptables-xml use xtables_globalsJamal Hadi Salim2009-02-111-0/+8
| | | | | | | | convert ip6tables, iptables and iptables-xml to use xtables_globals/xtables_set_params() Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Patrick McHardy <kaber@trash.net>
* libxtables: prefix/order - param_actJan Engelhardt2009-01-301-1/+1
| | | | | | | | Changes: exittype -> xtables_exittype P_* -> XTF_* flags Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxtables: prefix/order - program_nameJan Engelhardt2009-01-301-2/+2
| | | | | | | | | Split XTABLES_VERSION into xtables and iptables, and encode the xtables soversion into the extensions instead. This makes it possible to upgrade iptables without having to recompile 3rd-party extensions (if the libxtables version matches, of course). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: remove redundant returns at end of void-returning functionsJan Engelhardt2009-01-271-2/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables-xml: sparse fixesPatrick McHardy2008-06-071-7/+7
| | | | | | | - Using plain integer as NULL pointer - Undeclared non-static variables Signed-off-by: Patrick McHardy <kaber@trash.net>
* Remove old functions, constantsJan Engelhardt2008-04-151-2/+2
|
* Fix all remaining warnings (missing declarations, missing prototypes)Jan Engelhardt2008-04-131-0/+1
|
* Fix -Wshadow warnings and clean up xt_sctp.hJan Engelhardt2008-04-061-4/+3
| | | | | Note: xt_sctp.h is still not merged upstream in the kernel as of this commit. But a refactoring was really needed.
* Drop -W from CFLAGS and some tiny code cleanupsJan Engelhardt2008-04-061-7/+7
| | | | | - change "unsigned" to explicit "unsigned int" - remove some casts
* fix gcc warningsMax Kellermann2008-01-291-12/+12
| | | | Max Kellermann <max@duempel.org>
* Fix strict aliasing warningsPatrick McHardy2007-09-051-4/+8
|
* Make @msg argument a const char *, just like printf().Jan Engelhardt2007-08-011-1/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
* iptables-xmlSam Liddicott2007-07-171-1/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Attached are: 1. A man page for iptables-xml 2. A fix for iptables.xslt allowing for an arbitrary depth of arguments or modifiers. Although iptables-xml cannot generate more than two levels deep, xml generated by other systems may prefer to generate <action> <restore-mark> <mask>0xff00</mask> </restore-mark> </action> than <action> <restore-mark/> <mask>0xff00</mask> </action> (which is what iptables-xml generates) even though the same iptables is re-generated on conversion. 3. A fix for iptables-xml.c so that combining of consecutive targets of rules with the same match into one XML rule, will not combine over a terminating action; i.e. there is no point in converting -A table -p tcp -j DROP -A table -p tcp -j MARK --set-mark 25 -A table -p tcp -j RETURN into one XML rule with multiple actions as they are probably not logically combined in the mind of the author. Signed-off by: Sam Liddicott <azez@ufomechanic.net>
* fix compile/install error for iptables-xml with DO_MULTI=1 (Lutz Jaenicke)Lutz Jaenicke2006-12-091-5/+6
|
* Add iptables-xml tool (Amin Azez <azez@ufomechanic.net>)Amin Azez2006-11-131-0/+859