summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* add nfct_send/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-091-1/+32
|
* fix segfault while getting the conntrack ID (reported by Thomas Mader)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-041-0/+6
|
* This patch adds invmap support and duplicate code/id for reply direction,/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-251-0/+43
| | | | | | | | | so inserted conntracks get proper type, code and id. Without this fix "type", "code" and "id" in reply direction were always set to 0. It "automagically" worked for ICMP and ICMP_ECHOREPLY (ICMP_ECHOREPLY==8 -> ICMP_ECHO==*0*), but not with with other ICMP codes nor with ICMPv6. Signed-off-by: Krzysztof Oledzki <ole@ans.pl>
* This rather trivial patch adds ICMPv6 support for libnetfilter_conntrack,/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-254-0/+33
| | | | | | but only for the new API - deprecated/extensions was left unchanged. Signed-off-by: Krzysztof Oledzki <ole@ans.pl>
* - fix broken 'deprecated backward compatibility'svn_t_libnetfilter_conntrack-0.0.89/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-2211-80/+30
| | | | - fix glibc 2.7.20 compilation (based on patch from Paul P. Konkoff)
* add support for NAT sequence adjusment/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-094-0/+170
|
* add deprecated/Makefile.am/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-131-0/+3
|
* Several tree reorganizations:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-139-2/+657
| | | | | - move l3extensions/ and extensions/ to src/deprecated/ - don't create submodules under /usr/lib/libnetfilter_conntrack/ anymore
* several cleanups for Makefile.am/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-133-24/+16
|
* add NFCT_OF_TIME output flag to nfct_snprintf/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-132-2/+43
|
* add secmark getter and setters/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-052-0/+12
|
* add support for udplite/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-172-0/+4
|
* - add support for secmark/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-174-1/+35
| | | | - fix typo s/test_but/test_bit/
* - add missing getter for TCP flags/mask/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-152-7/+41
| | | | - add TCP flags/mask attributes if they are set, otherwise skip
* fix several compilation warnings (reported by J.Engelhardt)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-092-1/+3
|
* - move old API implementation to deprecated.c/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-083-100/+115
| | | | - rename libnetfilter_conntrack.c to main.c
* Add support for conntrack master setup/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-083-0/+84
|
* add support for TCP flagssvn_t_libnetfilter_conntrack-0.0.82/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-09-123-0/+46
|
* The getters have to point to the right sized types, otherwise they don't ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-09-022-6/+6
| | | | work on big-endian. Philip Craig <philipc@snapgear.com>
* add layer 4 protocol comparison to nfct_compare()svn_t_libnetfilter_conntrack-0.0.81/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-07-181-0/+12
|
* - introduce nfct_nfnlh() to use functions like nfnl_rcvbufsiz(): return ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-07-092-8/+6
| | | | | | | read-only nfnl_handle - remove unused build_id() from build.c - bump version to 0.0.81
* fix type in snprintf_default.c (Jozsef Kladecsik)svn_t_libnetfilter_conntrack-0.0.80/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-151-1/+1
|
* Introduce NFCT_Q_CREATE_UPDATE: create conntrack, if it exists, update it/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-071-7/+12
|
* nfexp_snprintf behaves as snprintf C99/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-072-27/+14
|
* nfct_snprintf now returns the number of bytes that would have been written, ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-072-109/+109
| | | | not just the number of bytes written. Emulate snprintf behaviour as in specified in C99
* fix nfct_snprintf behaviour if the buffer passed is too small (similar to ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-074-183/+62
| | | | C99 convention)
* introduce NFCT_SOPT_SETUP_* options to simplify object setup/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-041-0/+24
|
* fix silly bug in nfct_getobjopt(..., NFCT_GOPT_IS_*NAT), always return 1 if ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-041-8/+8
| | | | status flags are set
* fix invalid argument error: status flags may not be present in update messages/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-041-2/+7
|
* add support for 64 bits counters (Krzysztof Oledzki)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-05-291-8/+24
|
* - delete ctnl_test.c since it contains examples of the old *deprecated* API/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-05-202-4/+4
| | | | | - fix wrong port display in the XML output (Morten Isaksen) - use ntohs instead htons in snprintf_default.c
* - add warning note to ctnl_test.c: old API is deprecated/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-05-062-23/+54
| | | | | | | | - split expect_api_test.c into small example files expect_*.c - introduce alias tags for original tuple attributes - introduce nfexp_sizeof and nfexp_maxsize - build expectation attributes iif they are set - fix l3num setting in expect/build.c
* introduce the new expectation API/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-05-0112-18/+904
|
* - fix compilation warning in snprintf.c/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-04-243-3/+146
| | | | | | - introduce the new compare infrastructure: much simple than previous - introduce nfct_maxsize for nf_conntrack object allocated in the stack - more strict checkings in nfct_set_attr: third parameter is const
* Set status bit if whatever status flags are available, not only for ASSURED ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-03-211-4/+1
| | | | and SEEN_REPLY
* [PATCH] Fix icmp_id setter and doc (Phil Dibowitz <phil@ipom.com>)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2007-03-171-1/+1
| | | | | | | | ICMP ID is stored as a u_int16_t, but its setter function derefs it's arguement as a u_int8_t. Additionally the api "doc" claims it's a u8, when it's not. This patch fixes both.
* - fix inconsistency in the behaviour of nfct_set_attr with ATTR_STATUS: now ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-02-272-6/+10
| | | | | | status flags bits of conntrack objects in userspace can be set and unset as it happens with other attributes. - nfct_get_objopt with NAT detectors previously checks if the status attribute is set, otherwise it just skips it.
* fix wrong documentation in nfct_attr_get_u[*] functions/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-02-121-6/+9
|
* - fix a crash on trying to set the counters of a conntracksvn_t_libnetfilter_conntrack-0.0.50/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-01-052-2/+16
| | | | | | | - document that ATTR_*_COUNTER_*, ATTR_USE and ATTR_ID are unsettable - implement getter for the ATTR_USE attribute Based on patches from Victor Stinner.
* Minor fix in the counter parsing: replace htonl by ntonl, anyway they are ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-12-292-4/+4
| | | | actually the same function so this should not break anything.
* Fix minor nitpick in the XML output (Victor Stinner)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-12-291-2/+2
|
* - replace ntohs by htons in the example file (reported by Victor Stinner)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-12-231-3/+0
| | | | | - introduce NFCT_O_PLAIN flag: NFCT_O_DEFAULT points to NFCT_O_PLAIN - remove commented line in nfct_new()
* Introduce the new libnetfilter_conntrack API, features:/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-12-1913-13/+2492
| | | | | | | | | - object oriented infrastructure - extensible and configurable output (XML) - low level functions to interact with netlink details - fairly documented Still backward compatible.
* Remove check for UID == 0, it is wrong for multiple reasons. (Sebastian ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2006-08-161-12/+0
| | | | Hagen <sebastian_hagen@memespace.net>)
* [PATCH 1/6] libnetfilter_conntrack pkt-config modifications (KOVACS ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2006-08-031-2/+2
| | | | Krisztian <hidden@balabit.hu>)
* Fix expectation mask dumping/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-03-011-1/+33
|
* export a function required by nfct helper support/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-02-091-2/+2
|
* add version info/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-02-091-1/+1
|
* Simplification: nfnl_send + nfnl_listen calls for nfnl_talk/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-02-091-18/+3
|
* flush stdout, so realtime output to a pipe is broken (Daniel De Graaf)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-01-221-0/+1
|