Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Replace O(n) with O(1) when TC_INSERT_ENTRY() inserts an entry at the end. | Martin Josefsson | 2004-09-23 | 1 | -8/+23 | |
| | | | | | | | | | | | | | | Do the same with TC_DELETE_NUM_ENTRY() when deleting the last rule. My rule management script does both of these things in certain situations. Created a file with 50.000 rules which my script converted into iptables-restore format but inserting each rule with an index instead of appending like the iptables-save output does. That took a while without this optimization. Same thing when deleting the 45.000 last rules in that chain, the script outputs deletes by number starting from the bottom. Inserting or deleting (by number) in the middle of the chain is still O(n) where n is the rulenumber where the insert/delete is taking place. | |||||
* | Spelling error. | Martin Josefsson | 2004-09-23 | 1 | -2/+2 | |
| | ||||||
* | Fix returnvalue of TC_BUILTIN() | Martin Josefsson | 2004-09-23 | 1 | -2/+2 | |
| | | | | | All jumps to nonexisting chains were believed to be jumps to builtin chains, that's bad as it made it impossible to add rules with external targets. | |||||
* | Make sure to zero all the memory we allocate for the new table. | Martin Josefsson | 2004-09-22 | 1 | -2/+2 | |
| | | | | | Makes flushing of chains containing more than a few entries work without potentially oopsing the kernel. | |||||
* | Make TC_DELETE_ENTRY() and TC_DELETE_NUM_ENTRY() actually do something practical | Martin Josefsson | 2004-09-22 | 1 | -1/+5 | |
| | ||||||
* | Fix two more rulenumber off by 1 errors | Martin Josefsson | 2004-09-22 | 1 | -3/+3 | |
| | ||||||
* | Insertion of rules with -I was broken. | Martin Josefsson | 2004-09-22 | 1 | -5/+15 | |
| | | | | | | | It checked if a rule existed on the position we were inserting to. Thus inserting into an empty chain didn't work. And it didn't care about the fact that the first rule in the chain has index 1 the rulenumer we get starts at 0... | |||||
* | Fix rule counting | Martin Josefsson | 2004-09-22 | 1 | -1/+3 | |
| | ||||||
* | Fix listing of module targets. | Martin Josefsson | 2004-09-22 | 1 | -1/+4 | |
| | | | | | | Type was only set for standard targets. Harald: please review. | |||||
* | fix segfault from memory allocation: handle->entries is actualy struct ↵ | Harald Welte | 2004-09-19 | 1 | -2/+3 | |
| | | | | ipt_get_entries plus the size | |||||
* | add delete by matching-rule to libiptc2 (still untested) | Harald Welte | 2004-08-30 | 1 | -67/+19 | |
| | ||||||
* | complete libiptc rewrite. Time to load 10k rules goes down from 2.20 ↵ | Harald Welte | 2004-08-29 | 1 | -909/+1199 | |
| | | | | minutes to 1.255 seconds (!). Might still contain bugs, use with caution. | |||||
* | Get rid of some warnings when compiling 64bit. | Martin Josefsson | 2004-05-26 | 1 | -3/+3 | |
| | ||||||
* | cosmetic fix (space between include directive and filename) | Harald Welte | 2004-05-16 | 1 | -3/+3 | |
| | ||||||
* | Compiler warnings due to missing include files (Stephane Ouellette) | Stephane Ouellette | 2004-05-14 | 1 | -1/+4 | |
| | ||||||
* | Fix even more possibly not zero-terminated strings after copy (Karsten Desler) | Karsten Desler | 2004-01-31 | 1 | -1/+2 | |
| | ||||||
* | oops, don't commit this to the stable tree | Harald Welte | 2004-01-06 | 1 | -547/+641 | |
| | ||||||
* | commit all current changes | Harald Welte | 2004-01-06 | 1 | -642/+548 | |
| | ||||||
* | fix rule deletion in modified libiptc (Martin Josefsson) | Martin Josefsson | 2003-07-05 | 1 | -5/+9 | |
| | ||||||
* | Add my recent performance optimization work, might destabilize iptables. | Harald Welte | 2003-06-24 | 1 | -13/+108 | |
| | | | | | Please report bugs to bugzilla, we need to fix this up before releasing the next iptables version. | |||||
* | implement chain cache ussing relative offsets instead of absolute entry | Harald Welte | 2003-06-23 | 1 | -50/+73 | |
| | | | | | | pointers. This is needed for my current libiptc optimization work, since it needs the chain cache to still be correct after it has been reallocated to a different address. | |||||
* | Fix possible doubleclose of sockfd. | Martin Josefsson | 2003-06-13 | 1 | -2/+7 | |
| | | | | This shouldn't break anything, things were already broken. | |||||
* | fix memory leak(s) in libiptc. Reverts the previous (wrong) patch. (Martin ↵ | Martin Josefsson | 2003-05-02 | 1 | -16/+28 | |
| | | | | Josefsson) | |||||
* | Fix libiptc memory hole during iptc_chain_next() (Tomas Lejdar) | Tomáš Lejdar | 2003-04-30 | 1 | -2/+4 | |
| | ||||||
* | globally replace NETFILTER_VERSION with IPTABLES_VERSION to have consistent ↵ | Harald Welte | 2002-05-29 | 1 | -2/+2 | |
| | | | | naming | |||||
* | - don't need -DNDEBUG anymore. Instead, use -DIPTC_DEBUG to enable | Harald Welte | 2002-02-13 | 1 | -2/+2 | |
| | | | | | | | | libiptc debugging. This is to make people at RedHat and Mandrake happy. - add debugging code for mangle5hooks table (will break debugging of iptables >= 1.2.6 on old kernels <= 2.4.18-pre6. *sigh* | |||||
* | libiptc socket leaking fix | Harald Welte | 2002-01-07 | 1 | -1/+4 | |
| | ||||||
* | move defaults to bottom, print reasonable message for CHECK functions | Harald Welte | 2001-07-30 | 1 | -8/+12 | |
| | ||||||
* | ipt_get_target is declared non-static in ip_tables.h, so it is non-static here | Harald Welte | 2001-05-26 | 1 | -2/+2 | |
| | ||||||
* | added iptables --set-counters | Harald Welte | 2001-01-23 | 1 | -2/+2 | |
| | ||||||
* | libiptc counter function | Harald Welte | 2001-01-05 | 1 | -5/+137 | |
| | ||||||
* | two libiptc bugs fixed, including the 'segv while doing more than one | Harald Welte | 2000-10-30 | 1 | -4/+5 | |
| | | | | action per commit' one. | |||||
* | Fix allocation (base new alloc on current size, not original size). | Rusty Russell | 2000-09-19 | 1 | -1/+1 | |
| | ||||||
* | Added DROPPING chain. | Rusty Russell | 2000-09-14 | 1 | -1/+4 | |
| | ||||||
* | Finally fixed sparc64 counter bug (I hope). | Rusty Russell | 2000-09-04 | 1 | -22/+14 | |
| | ||||||
* | More debugging. | Rusty Russell | 2000-09-04 | 1 | -2/+2 | |
| | ||||||
* | More debugging. | Rusty Russell | 2000-09-04 | 1 | -0/+5 | |
| | ||||||
* | More debugging. | Rusty Russell | 2000-09-04 | 1 | -1/+19 | |
| | ||||||
* | Stop shadowing parameter. | Rusty Russell | 2000-08-26 | 1 | -6/+6 | |
| | ||||||
* | Handle *really* large index values without segfaulting. | Rusty Russell | 2000-08-26 | 1 | -2/+6 | |
| | ||||||
* | Better message for table does not exist. | Rusty Russell | 2000-08-23 | 1 | -0/+1 | |
| | ||||||
* | Modifications for new header (entries -> entrytable, for alignment reasons) | Rusty Russell | 2000-07-07 | 1 | -19/+19 | |
| | ||||||
* | More PPC alignment fixes. | Rusty Russell | 2000-07-03 | 1 | -2/+2 | |
| | ||||||
* | Made error message clearer. | Rusty Russell | 2000-06-05 | 1 | -1/+1 | |
| | ||||||
* | Minor change for debugging. | Rusty Russell | 2000-05-31 | 1 | -1/+1 | |
| | ||||||
* | Philip Blundell's IPv6 fixes. | Philip Blundell | 2000-05-15 | 1 | -8/+8 | |
| | ||||||
* | IPv6 Fixes | Rusty Russell | 2000-05-10 | 1 | -22/+26 | |
| | | | | Alignment fixes. | |||||
* | IPv6 enhancements. | Rusty Russell | 2000-05-02 | 1 | -616/+267 | |
| | ||||||
* | Alignment fixes (requires kernel patch). | Rusty Russell | 2000-04-27 | 1 | -47/+52 | |
| | ||||||
* | More fixes and testsuite enhancements. | Rusty Russell | 2000-04-23 | 1 | -62/+7 | |
| |