iptables - iptables tree

	Commit message (Collapse)	Author	Age	Files	Lines
*	iptables: documentation for iptables and ip6tables "security" tables	Mark Montague	2011-04-04	1	-0/+11
\| \| \| \| \| \| \| \|	Add documentation for the iptables and ip6tables "security" tables. Based on http://lwn.net/Articles/267140/ and kernel source. Signed-off-by: Mark Montague <mark@catseye.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	iptables: add -C to check for existing rules	Stefan Tomanek	2011-03-08	1	-1/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	It is often useful to check whether a specific rule is already present in a chain without actually modifying the iptables config. Services like fail2ban usually employ techniques like grepping through the output of "iptables -L" which is quite error prone. This patch adds a new operation -C to the iptables command which mostly works like -D; it can detect and indicate the existence of the specified rule by modifying the exit code. The new operation TC_CHECK_ENTRY uses the same code as the -D operation, whose functions got a dry-run parameter appended. Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	doc: add VERSION section to manpages	Jan Engelhardt	2011-03-01	1	-0/+3
\| \| \| \| \| \| \| \|	This shall make it easier to identify outdated HTML renditions on the interwebs, since many of them do not display the .TH header like man(1) does. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	doc: name resolution clarification	Jan Engelhardt	2009-11-18	1	-3/+5
\| \| \| \| \| \| \|	Sometimes there are users who wonder about when name resolutions/DNS queries are done, so let's add that for completeness. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	iptables: manpage updates for augmented -Z syntax	Jan Engelhardt	2009-08-20	1	-3/+4
\| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	manpages: more fixes to minuses, hyphens, dashes	Jan Engelhardt	2009-08-20	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Debian still carries patches patches to the iptables nroff code touching ASCII minuses, so I thought, what's it this time. Eventually, this patch tries to straighten things once more, per http://en.wikipedia.org/wiki/Wikipedia:Manual_of_Style#Hyphens and http://en.wikipedia.org/wiki/Wikipedia:Manual_of_Style#Dashes . Titles will get the em dash; all typed commands or parameters with a hyphen get a minus (so that man(1) hyperlinking and copy-pasting does work), but other mentions get the hyphen. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	manpage: fix lintian warnings	Laurence J. Lane	2009-08-20	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \|	Description: extraneous slash caused this lintian warning: W: iptables: manpage-has-errors-from-man usr/share/man/man8/iptables.8.gz 220: cannot use newline as a starting delimiter W: iptables: manpage-has-errors-from-man usr/share/man/man8/ip6tables.8.gz 1823: warning: `precedence'' not defined Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	iptables: accept multiple IP address specifications for -s, -d	Michael Granzow	2009-06-26	1	-2/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	libiptc already supports adding and deleting multiple rules with different addresses, so it only needs to be wired up to the options. # ip6tables -I INPUT -s 2001:db8::d,2001:db8::e -j DROP References: http://marc.info/?l=netfilter-devel&m=123929790719202&w=2 Adjustments made: syntax, removal of unneeded variables, manpage adjustment, soversion bump. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	doc: resynchronize manpage with in-code help	Jan Engelhardt	2009-02-21	1	-3/+3
\| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
*	doc: escape minus sign in manpage (2)	Jan Engelhardt	2009-01-14	1	-73/+73
\| \| \| \|	Addendum to previous patch.
*	doc: resynchronize markup in iptables,ip6tables.8.in	Jan Engelhardt	2009-01-08	1	-3/+2
\| \| \| \| \| \| \| \|	Change .br to .PP in the intro section and use consistent paragraphing in later ones. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*	doc: put iptables version into manpage	Jan Engelhardt	2009-01-08	1	-1/+1
\| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*	manpage: explain what rule-specification is	Jan Engelhardt	2008-10-29	1	-5/+11
\| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	manpage: use separate paragraphs for command syntax	Jan Engelhardt	2008-10-29	1	-9/+9
\| \| \| \| \| \| \| \|	This makes it (IMO) easier to follow when the terminal is small and the command line specifications begin to wrap. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	manpages: name and markup fixes	Jan Engelhardt	2008-07-30	1	-10/+10
\| \| \| \| \|	Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	manpages: various updates	Jan Engelhardt	2008-07-03	1	-190/+106
\| \| \| \| \| \| \| \| \|	- synchronized iptables--ip6tbales manpages - -S option, list of chain names, protocol names - markup updates Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
*	iptables --list-rules command	Henrik Nordstrom	2008-05-13	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Adds iptables --list-rules (-S) command, acting as a combination of iptables --list and iptables-save. The primary motivation behind this patch is to get iptables-save like output capabilities in iptables-restore, allowing "iptables-restore -n" to be used as a consistent API to iptables for all kind of operations, not only blind updates.. As a bonus iptables also gets the capability of printing the rules as-is. This completely replaces the earlier patch which added the --rules option. Henrik Nordstrom <henrik@henriknordstrom.net>
*	manpages: grammar and spelling	Jan Engelhardt	2008-04-13	1	-5/+5
\|
*	Update coreteam members in manpages	Yasuyuki KOZAKAI	2007-02-15	1	-1/+2
\|
*	Update coreteam members in manpages.	Patrick McHardy	2007-01-28	1	-2/+2
\|
*	note that we can only delete chains that are empty	Harald Welte	2005-11-22	1	-3/+4
\|
*	add 'goto' support (Henrik Nordstrom <hno@marasystems.com>)	Henrik Nordstrom	2005-11-05	1	-1/+9
\|
*	update manpage to reflect QUEUE / nfnetlink_queue / NFQUEUE changes	Harald Welte	2005-07-28	1	-5/+18
\|
*	add pointer to bugzilla	Harald Welte	2005-06-24	1	-0/+1
\|
*	we don't have any counter issues in sparc64	Harald Welte	2005-06-24	1	-1/+0
\|
*	typo	Martin Josefsson	2005-02-01	1	-1/+1
\|
*	be more specific what INPUT means (Matthias Bruestle)	Harald Welte	2005-02-01	1	-1/+1
\|
*	add paragraph about raw table	Harald Welte	2004-10-06	1	-0/+10
\|
*	better wording for '-i' (Matthew Strait)	Matthew Strait	2004-03-17	1	-1/+1
\|
*	Add Patrick to manpage	Martin Josefsson	2004-02-04	1	-1/+1
\|
*	split manpages into per-extension manpage snippet (Henrik Nordstrom)	Henrik Nordstrom	2004-01-22	1	-0/+464
	add lots of missing manpage snippets (Harald Welte)