summaryrefslogtreecommitdiffstats
path: root/utils
Commit message (Collapse)AuthorAgeFilesLines
* utils: Add a man page for nfnl_osfPhil Sutter2017-10-043-0/+72
| | | | | Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* utils: nfnl_osf: Fix synopsis in help textPhil Sutter2017-10-041-1/+1
| | | | | | | | | | * -d is optional * -h is not really a flag, just anything not recognized triggers the help output. * That '<del rules>' bit is rather confusing than helpful. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* utils: nfsynproxy: fix build with musl libcBaruch Siach2017-03-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | The musl libc exposes some struct tcphdr field only when _GNU_SOURCE is defined. Fix the following build failure: nfsynproxy.c: In function ‘parse_packet’: nfsynproxy.c:34:9: error: ‘const struct tcphdr’ has no member named ‘syn’ if (!th->syn || !th->ack) ^ nfsynproxy.c:34:21: error: ‘const struct tcphdr’ has no member named ‘ack’ if (!th->syn || !th->ack) ^ nfsynproxy.c:42:8: error: ‘const struct tcphdr’ has no member named ‘res2’ if (th->res2 == 0x1) ^ nfsynproxy.c:45:13: error: ‘const struct tcphdr’ has no member named ‘doff’ length = th->doff * 4 - sizeof(*th); ^ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* iptables: update pf.osXose Vazquez Perez2017-02-011-1/+4
| | | | | | | | | | Sync with latest OpenBSD release. Changelog: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os Cc: Pablo Neira Ayuso <pablo@netfilter.org> Cc: netfilter-devel <netfilter-devel@vger.kernel.org> Signed-off-by: Xose Vazquez Perez <xose.vazquez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* iptables: update pf.osXose Vazquez Perez2016-05-051-9/+28
| | | | | | | | | | | | Sync with latest *BSD release: https://gitweb.dragonflybsd.org/dragonfly.git/blob_plain/HEAD:/etc/pf.os Changelog: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os Cc: Evgeniy Polyakov <johnpol@2ka.mxt.ru> Cc: Jan Engelhardt <jengelh@medozas.de> Cc: Pablo Neira Ayuso <pablo@netfilter.org> Cc: netfilter-devel <netfilter-devel@vger.kernel.org> Signed-off-by: Xose Vazquez Perez <xose.vazquez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* update FSF address in license textJiri Popelka2014-03-131-1/+1
| | | | | | | http://www.gnu.org/licenses/gpl-2.0.html http://www.fsf.org/about/contact/ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* utils: nfsynproxy: fix error while compiling the BPF filterPablo Neira Ayuso2013-11-181-8/+8
| | | | | | | | | | | Fix the following error while running nfsynproxy here: pcap_compile: not-yet-activated pcap_t passed to pcap_compile According to what I have read, we have to compile the filter once the pcap_t handle has been activated. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* utils: add nfsynproxy toolPatrick McHardy2013-11-182-0/+233
| | | | | | | | | [ Originally synconf, but Jesper D. Brouer suggested to change the name to avoid a possible filename clash. I also include nfsynproxy in the final configure report --pablo ] Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* utils: updates .gitignore to include nfbpf_compilePablo Neira Ayuso2013-04-191-0/+1
| | | | | Reported-by: Mart Frauenlob <mart.frauenlob@chello.at> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Merge branch 'stable'Pablo Neira Ayuso2013-04-051-1/+1
|\ | | | | | | | | Resolve conflict with Nicolas' Dichtel update on utils/Makefile.am for nfnl_osf.
| * utils: nfnl_osf: use the right nfnetlink libNicolas Dichtel2013-04-051-1/+1
| | | | | | | | | | | | | | If the user specify libnfnetlink_LIBS during the configure, we must use it. Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* | utils: nfbpf_compileWillem de Bruijn2013-04-022-2/+67
|/ | | | | | | | | | | | | | | | | | | | | | | | | | A BPF compiler to convert tcpdump expressions to the decimal format accepted by the libxt_bpf. Generate a file and pass that to iptables: nfbpf_compile RAW 'udp dst port 9000' > test.bpf iptables -A OUTPUT -m bpf --bytecode-file test.bpf -j LOG Or pass the output directly to iptables using backticks: iptables -A INPUT -m bpf --bytecode \ "`./nfbpf_compile RAW 'udp dst port 9000'" -j LOG This utility depends on libpcap. The library is only compiled if the option --enable-bpf-compiler is explicitly passed to ./configure and libpcap is found. Pablo has mangled the original patch to rename the utility to nfbpf_compile. Also modified the output to match exactly what -m bpf --bytecode needs. Signed-off-by: Willem de Bruijn <willemb@google.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfnl_osf: add missing libnfnetlink_CFLAGS to compile processJan Engelhardt2011-12-311-1/+2
|
* build: move remaining preprocessor flags to CPPFLAGSMike Frysinger2011-06-011-2/+2
| | | | | References; http://bugzilla.netfilter.org/show_bug.cgi?id=713 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: move basic preprocessor flags to regular_CPPFLAGSJan Engelhardt2011-06-011-0/+1
| | | | | | | This is where they belong, after all. References: http://bugzilla.netfilter.org/show_bug.cgi?id=713 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* utils: add missing include flags to MakefileJan Engelhardt2010-05-241-0/+2
| | | | | | | | | | | Fixes this compile error: CC nfnl_osf.o nfnl_osf.c:48:36: fatal error: linux/netfilter/xt_osf.h: No such file or directory compilation terminated. References: http://marc.info/?l=netfilter&m=127449929621579&w=2 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* libxt_osf: import nfnl_osf programJan Engelhardt2010-04-064-0/+1179
xt_osf is pretty useless without the actual fingerprint loader. Import nfnl_osf-2009-06-07 and make it a part of the iptables distribution. Cc: Evgeniy Polyakov <johnpol@2ka.mxt.ru> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>