summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* nfq: remove `0x' from HW protocol in output of nfq_snprintf_xml()Pablo Neira Ayuso2010-07-111-2/+2
| | | | | | This patch removes the prefix `0x' of the HW protocol. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfq: fix HW address output in nfq_snprintf_xml()Pablo Neira Ayuso2010-07-111-3/+3
| | | | | | | | | | | | This patch fixes the output of the HW address in XML files: <src>800:800:800:800:800:</src> now it looks fine: <src>0019a917a400</src> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfq: consistent nfq_snprintf_xml() return value with snprintf()Pablo Neira Ayuso2010-07-111-58/+61
| | | | | | | | | | With this patch, nfq_snprintf_xml() returns the number of characters printed. If the output was truncated, then the return value is the number of characters that would have been written if enough space had been available. This makes nfq_snprintf_xml() consistent with the behaviour of snprintf(). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfq: fix compilation warning in nfq_snprintf_xml()Pablo Neira Ayuso2010-07-111-1/+1
| | | | | | | In 21fd1834b5ce0a1f5b590f7e1ad23bba64fbafdf, we changed nfq_get_payload() to take an unsigned char * instead of signed char *. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* add nfq_snprintf_xml() to output a packet in XML formatPablo Neira Ayuso2010-06-132-0/+163
| | | | | | This patch adds a new function to output the packet in XML format. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* added .gitignore for base directoryDavid Fabro2010-06-101-0/+17
| | | | | Signed-off-by: David Favro <netfilter@meta-dynamic.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* payload buffer datatypes are consistentDavid Fabro2010-06-103-3/+3
| | | | | | | | | | | | | | The 'data' parameter to nfq_get_payload() returns pointer to unsigned char (rather than signed char) to make it consistent with the 'buf' parameter of nfq_set_verdict(), nfq_set_verdict2(), and nfq_set_verdict_mark(), all of which refer to the same data. Either signed or unsigned is fine, but they should be consistent as the output of nfq_get_payload() may be passed back into nfq_set_verdict*(); in that case, this change eliminates the need for typecasting in the calling code when using compilers that enforce strict typecasting. Signed-off-by: David Favro <netfilter@meta-dynamic.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* non-modified payload arguments are pointer-to-constDavid Fabro2010-06-102-8/+9
| | | | | | | | | | | | | | The payload parameters to nfq_set_verdict(), nfq_set_verdict2(), and nfq_set_verdict_mark() are not modified by those functions, and therefore should have datatype pointer-to-const. This both causes the source-code to more effectively represent what is the purpose of the parameter, and eliminates the need to cast away const-ness when calling the functions with compilers that enforce strict casting. All existing calling code should not need modification as pointer-to-X automatically converts to pointer-to-const-X. Signed-off-by: David Favro <netfilter@meta-dynamic.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: remove references to deprecated nfq_set_verdict_mark()Pablo Neira Ayuso2010-05-101-2/+2
| | | | | | Now, we refer to nfq_set_verdict2() instead. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: document possible verdicts on packets and minor change in exampleAlessandro Vesely2010-05-101-2/+11
| | | | | Signed-off-by: Alessandro Vessely <vesely@tana.it> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: enhancementsDavid Favro2010-05-101-14/+17
| | | | | | | | | | * Several parameters are clarified. * Several previously undocumented return-values are documented. * nfq_set_verdict_mark() [now deprecated]: notes that mark is in network byte order. Signed-off-by: David Favro <netfilter@meta-dynamic.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfq: deprecate nfq_set_verdict_mark() in favour of nfq_set_verdict2()Pablo Neira Ayuso2010-05-092-6/+33
| | | | | | | | | | | | This patch deprecates nfq_set_verdict_mark() in favour of nfq_set_verdict2() which does exactly the same but it also convert the mark value from host-byte order to network-byte order as expected by nfnetlink_queue. I know, this is hackish, but I prefer adding new functions instead of API versioning which is also ugly. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: make doxygen.cfg.in work with doxygen 1.6.1Holger Hans Peter Freyther2009-12-271-2/+1
| | | | | | | | | | | | * DETAILS_AT_TOP is deprecated and newer versions of doxygens are warning about this. Remove this option. * Empty HTML_HEADER as newer versions of doxygen check if the file exists and fail if it doesn't. Looking at the history of this project the file never existed. * This continues to work with doxygen 1.5.6. Signed-off-by: Holger Hans Peter Freyther <zecke@selfish.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* remove libipq_compatPatrick McHardy2009-09-172-254/+1
| | | | | | | | It has never been finished and nowadays people should be using libnfnetlink_queue directly anyways. In case someone wants to finish it, it can easily be restored from the history. Signed-off-by: Patrick McHardy <kaber@trash.net>
* nfq: add minor comment in the documentation to warn about privilegesPablo Neira Ayuso2009-07-161-0/+4
| | | | | | | | This patch adds a minor notice to warn developers that its application needs CAP_NET_ADMIN in order to send to and receive packets from kernel-space. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* build: bump version to 0.0.17libnetfilter_queue-0.0.17Pablo Neira Ayuso2009-03-061-1/+1
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfq: replace nfnl_talk by nfnl_query and disable sequence trackingPablo Neira Ayuso2009-02-172-4/+7
| | | | | | | | | | This patch replaces the nfnl_talk() calls by the newer nfnl_query(). This patch also disables netlink sequence tracking by default. Spurious race conditions in the sequence tracking may occur while creating queues and receiving high load of packets at the same time. Reported-by: Anton Vazir <anton.vazir@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfqnl_test: add hw src address, physindev and physoutdev supportBart De Schuymer2009-01-261-3/+21
| | | | | | | | This adds the hardware source address, physindev and physoutdev support to nfqnl_test Signed-off-by: Bart De Schuymer <bdschuym@pandora.be> Signed-off-by: Patrick McHardy <kaber@trash.net>
* doc: put doxygen configuration file into dietPablo Neira Ayuso2009-01-061-1171/+0
| | | | | | | | | This patch puts the doxygen config file into diet since it was bloated with tons of comments. If we need help, we can go look for the official documentation instead of consuming ~50KB. With this patch, the file results in ~5KB. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Add doxygen config file.Eric Leblond2008-12-222-1/+1357
| | | | | This patch adds a doxygen configuration file which is generated by the configure script.
* Switch documentation style to doxygen.Eric Leblond2008-12-191-125/+307
| | | | | | | This patch modifies the documentation format to switch to doxygen format. This leads to a interesting and useful output. An example can be found at the following url: http://www.nufw.org/doc/libnetfilter_queue/
* Suppress double call of nfnl_subsys_close()Eric Leblond2008-12-191-1/+0
| | | | | | | | nfnl_close() is calling nfnl_subsys_close() for all available subsys. Thus it is not necessary to call it in the nfq_close() function. Signed-off-by: Eric Leblond <eric@inl.fr>
* Use nfq_fd function instead of call to nfnetlink function.Eric Leblond2008-12-191-2/+1
| | | | | | | This patch modifies the example program to use nfq_fd function instead of call to nfnetlink function. Signed-off-by: Eric Leblond <eric@inl.fr>
* Change variable name to have an homogeneous namingEric Leblond2008-12-191-2/+2
| | | | | | | This patch modifies a function to have through the file. Data length variable was named data_len everywhere but in this function. Signed-off-by: Eric Leblond <eric@inl.fr>
* doc: complete missing function documentationEric Leblond2008-10-261-15/+98
| | | | | | | | | This patch adds documentation for functions that were not existing when the documentation was initially made. It also fixes some minor typos. Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: add library documentation from Brad FisherPablo Neira Ayuso2008-10-231-6/+249
| | | | | | | | | | | | | This patch adds the documentation that Brad Fisher <brad@info-link.net> made time ago, you can get the original post from: http://lists.netfilter.org/pipermail/netfilter-devel/2006-February/023286.html This patch contains documentation that I did not have time to review in deep yet. However, several developers has refered to this documentation as a good kick-off to start developing applications for libnetfilter_queue. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* conditional compilation of testsuite utilsPablo Neira Ayuso2008-07-021-1/+1
| | | | | | Use `make check' to compile the examples in utils/ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Merge branch 'master' of vishnu.netfilter.org:/data/git/libnetfilter_queuelibnetfilter_queue-0.0.16Pablo Neira Ayuso2008-06-272-1/+15
|\
| * Merge branch 'master' of vishnu.netfilter.org:/data/git/libnetfilter_queuePatrick McHardy2008-06-242-29/+37
| |\
| * | libnfq: mark functions as extern CJan Engelhardt2008-06-242-1/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mark functions as extern C This is needed when #included from C++. Reported-by: Simon <turner25@gmail.com> Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* | | bump version to 0.0.16 and bump libnfnetlink dependenciesPablo Neira Ayuso2008-06-271-2/+2
| |/ |/| | | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* | fix alignment issuesFabian Hugelshofer2008-06-232-29/+37
|/
* Signed-off-by: Paul P. Komkoff/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-02-221-0/+1
| | | | fix compilation issues on newer toolchains
* remove linux/types.h include/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-06-131-1/+0
|
* Bump version to 0.0.15svn_t_libnetfilter_queue-0.0.15/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-03-221-1/+1
|
* interface index to name API (Eric Leblond)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-01-312-0/+37
|
* comment `autoheader' invocation from autogen.sh, we don't need any config.h ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-01-231-1/+1
| | | | file to compile the conntrack tool
* Bump versionsvn_t_libnetfilter_queue-0.0.13/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2007-01-111-1/+1
|
* Add patch to set max. queue length (Eric Leblond)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2006-11-133-3/+24
|
* [PATCH 3/6] libnetfilter_queue pkt-config changes (KOVACS Krisztian ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2006-08-032-4/+12
| | | | <hidden@balabit.hu>)
* only copy include file from kernel directory if 'autogen.sh' is run with ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-02-141-1/+1
| | | | 'distrib' argument
* pkg-config enable all netfilter libraries/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-02-093-1/+19
|
* fix __set_verdict() to correctly handle payload (Closes: #435) (Andreas Florath)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-231-2/+12
|
* fix segfault due to missing h->nfnlh initialization (Closes: #434) (Andreas ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-231-0/+1
| | | | Florath)
* make sure configure fails if libnfnetlink is too old (< 0.0.16)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-141-2/+2
|
* Introduce various API changes throughout the library stack/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-144-17/+38
| | | | | | | | | | | 1) make libnfnetlink dynamically allocate it's handles 2) apply that change throughout libnetfilter_* 3) add {nfq,nflog,nfct}_open_nfnl() functions that open the specific subsystem on top of an existing nfnl_handle, which is required for upcoming libnetfilter_conntrack_helper The changes break ABI and API compatibility of libnfnetlink, but don't break ABI or API compatibility of the libnetfilter_* libraries.
* add KERNEL_DIR option to autogen.sh for all new libraries (Krzysztof Oledzki)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-11-171-2/+2
|
* This patch add the ability to copy and mangle the kernel headers/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-11-141-0/+35
| | | | | required by libnfnetlink and libnetfilter_[queue|log|conntrack] at autogen.sh stage. (Pablo Neira)
* - don't install test program/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-11-115-47/+99
| | | | | - use local copy of nfnetlink_queue header - bump version number to 0.0.11
* - add library api versioning/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-11-061-2/+8
| | | | - missing link dependencly from libipq to libnetfilter_queue