Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | src: add support for queue | Eric Leblond | 2014-01-04 | 1 | -0/+11 |
| | | | | | | | | | | | This patch adds support for the queue target. It is now possible to specify rule sending packet to a given queue and using load balancing: nft add rule filter output queue num 3 total 2 options fanout Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | src: operational limit match | Phil Oester | 2013-10-22 | 1 | -1/+0 |
| | | | | | | | | | | | | | | | | | | | | The nft limit match currently does not work at all. Below patches to nftables, libnftables, and kernel address the issue. A few notes on the implementation: - Removed support for nano/micro/milli second limits. These seem pointless, given we are using jiffies in the limit match, not a hpet. And who really needs to limit items down to sub-second level?? - 'depth' member is removed as unnecessary. All we need in the kernel is the rate and the unit. - 'stamp' member becomes the time we need to next refresh the token bucket, instead of being updated on every packet which goes through the match. This closes netfilter bugzilla #827, reported by Eric Leblond. Signed-off-by: Phil Oester <kernel@linuxace.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | log: convert group and qthreshold to use u16 | Pablo Neira Ayuso | 2013-08-17 | 1 | -2/+2 |
| | | | | | | | Required since (netfilter: nft_log: group and qthreshold are 2^16) kernel change. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | Fix use of reserved names in header sandwich | Patrick McHardy | 2009-03-18 | 1 | -3/+3 |
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> | ||||
* | Initial commitv0.01-alpha1 | Patrick McHardy | 2009-03-18 | 1 | -0/+140 |