6944f2c8190f1c4319aeac748470c71b0ba45025 |
|
24-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: have xtopt_parse_mint interpret partially-spec'd ranges When ":n" or "n:" is specified, it will now be interpreted as "0:n" and "n:<max>", respecitvely. nvals will always reflect the number of (expanded) components. This restores the functionality of options that take such partially-unspecified ranges. This makes it possible to nuke the per-matchdata init functions of some extensions and simply the extensions postparsing to the point where it only needs to check for nvals==1 or ==2. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
9bfedca6347c2e079e569954197777813f4ef2fb |
|
13-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: resolve erroneous rev-2 port range message --ctorigdstport 13 ip6tables-restore v1.4.10: conntrack rev 2 does not support port ranges Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
fe9922cb4f1fb75072970dd09605fdc056b96195 |
|
13-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: fix assignment to wrong member Of course the range end ought to be set, not doing the start value twice. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
10dbcd0bfb5a62a71a706d11134f83b0539f4dd3 |
|
13-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: correct printed module name Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
73425492d4c57d34a616d948666ac75ecc612eed |
|
08-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: use guided option parser Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
73866357e4a7a0fdc1b293bf8863fee2bd56da9e |
|
18-Dec-2010 |
Jan Engelhardt <jengelh@medozas.de> |
iptables: do not print trailing whitespaces Due to the use of printf("foobar "), iptables emits spaces at the end-of-line, which looks odd to some users because it causes the terminal to wrap even if there is seemingly nothing to print. It may also have other points of annoyance, such as mailers interpreting a trailing space as an indicator that the paragraph continues when format=flowed is also on. And git highlights trailing spaces in red, so let's avoid :) Preexisting inconsistencies in outputting spaces in the right spot are also addressed right away. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429579 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
c8f28cc8b84133f20421470e9a61a5a0c78b9c4a |
|
20-Jan-2011 |
Patrick McHardy <kaber@trash.net> |
extensions: libxt_conntrack: add support for specifying port ranges Add support for revision 3 of the conntrack match, which allows to specify port ranges for origsrc/origdst/replsrc/repldst. Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
d09b6d591ca7d7d7575cb6aa20384c9830f777ab |
|
08-Jan-2011 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: remove no longer necessary default: cases Match and target parse functions now only get option characters they have defined themselves. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
7ac405297ec38449b30e3b05fd6bf2082fd3d803 |
|
07-Jan-2011 |
Jan Engelhardt <jengelh@medozas.de> |
src: use C99/POSIX types "u_int" was a non-standardized extension predating C99 on some platforms. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
2f09f1b39ced2ae7109382dcf066785bab4a966a |
|
17-Nov-2010 |
Florian Westphal <fwestphal@astaro.com> |
libxt_conntrack: fix --ctdir save/dump output format $ iptables-save | iptables-restore iptables-restore v1.4.6: conntrack: Bad value for "--ctdir" option: "ORIGINAL-j" Signed-off-by: Florian Westphal <fwestphal@astaro.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
32b8e61e4e5bd405d9ad07bf9468498dfbb19f9e |
|
23-Jul-2010 |
Jan Engelhardt <jengelh@medozas.de> |
all: consistent syntax use in struct option Try to inhibit copypasting old stuff. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
76f7a230e4182ab2b64a68c9d84437035d925f3b |
|
24-Jun-2010 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: do print netmask References: http://bugzilla.netfilter.org/show_bug.cgi?id=659 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
350661a6eb089f3e54e67e022db9e16ea280499f |
|
31-Jan-2010 |
Jan Engelhardt <jengelh@medozas.de> |
includes: header updates Update the shipped Linux kernel headers from 2.6.33-rc6, as iptables's ipt_ECN.h for example references ipt_DSCP.h, which no longer exists. Since a number of old code pieces have been removed in the kernel in that fashion, the structs for older versions are moved into the .c file, to keep header updating simple. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
f294f843473718f8d32745600b9a97c0b799e7c5 |
|
20-Nov-2009 |
Patrick McHardy <kaber@trash.net> |
conntrack: fix --expires parsing Using ranges in --ctexpire results in a parsing error: conntrack: Bad value for "--expires" option: "1:1000" The first value is parsed twice, after which the end pointer doesn't point to the expected '\0' but to the colon. Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
bbe83862a5e1baf15f7c923352d4afdf59bc70e2 |
|
24-Oct-2009 |
Jan Engelhardt <jengelh@medozas.de> |
iptables/extensions: make bundled options work again When using a bundled option like "-ptcp", 'argv[optind-1]' would logically point to "-ptcp", but this is obviously not right. 'optarg' is needed instead, which if properly offset to "tcp". Not all places change optind-based access to optarg; where look-ahead is needed, such as for tcp's --tcp-flags option for example, optind is ok. References: http://bugzilla.netfilter.org/show_bug.cgi?id=611 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
bf97128c7262f17a02fec41cdae75b472ba77f88 |
|
03-Nov-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: hand argv to xtables_check_inverse In going to fix NF bug #611, "argv" is needed in xtables_check_inverse to set "optarg" to the right spot in case of an intrapositional negation. References: http://bugzilla.netfilter.org/show_bug.cgi?id=611 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
8e4dacaed17701cb1891b962bb856e0e8cfbb5c8 |
|
05-Aug-2009 |
Jan Engelhardt <jengelh@medozas.de> |
Merge branch 'stable' Conflicts: extensions/libxt_conntrack.c Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
f2a77520693f0a6dd1df1f87be4b81913961c1f5 |
|
25-Jun-2009 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: collapse data variables to use multi-reg calls Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
b97b42147ea65d7d24d70a2ffe925dbf091f26bc |
|
25-Jun-2009 |
Jan Engelhardt <jengelh@medozas.de> |
xt_conntrack: revision 2 for enlarged state_mask member This complements the xt_conntrack revision 2 code added to the kenrel. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
69f564e3890976461de0016cd81171ff8bfa8353 |
|
26-May-2009 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: add const qualifiers in print/save functions Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
093d5fc9d1826b8f0ccfbb3160c98a3c844d0273 |
|
05-Apr-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: properly output negation symbol Because the wrong flag was checked, the "!" was either wrongly printed, or not printed at all. This was broken since v1.4.0-29-ga8ad34c. Reported-by: Steven Jan Springl <steven@springl.ukfsn.org> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
1829ed482efbc8b390cc760d012b3a4450494e1a |
|
21-Feb-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix exit_error to xtables_error Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
1de7edffc9085c0f41c261dca995e28ae4126c29 |
|
30-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - move parse_protocol to xtables.c Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
0f16c725aadaac7e670d632ecbaea3661ff00827 |
|
30-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - move check_inverse to xtables.c This also adds a warning that intrapositional negation support is deprecated. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
a0baae85f8159f03d52535934aa9b3a375e0f1f3 |
|
30-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix - parse and escaped output func Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
e44ea7faa17c10c68f14f5338a7cc6e3291a0ce7 |
|
30-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - ipaddr/ipmask to ascii output Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
a41545ca7cde43e0ba53260ba74bd9bf74025a68 |
|
27-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - param_act Changes: exittype -> xtables_exittype P_* -> XTF_* flags Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
5f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507 |
|
27-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - strtoui This commit also throws out the redundant string_to_number_*. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
a80975497968e69b23f56bf15d346c65bec381f2 |
|
27-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: use UINT_MAX constants over open-coded bits (1/2) ~0 depends on the sizeof(int), so it is better to use UINT32_MAX. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libxt_conntrack.c
|
5d9678ad3eabc34ac40dfe055d7f6a8e44445a5a |
|
20-Nov-2008 |
Jan Engelhardt <jengelh@medozas.de> |
src: remove inclusion of iptables.h iptables.h and ip6tables.h only include declarations internal to iptables (specifically iptables.c and ip6tables.c), as most of the public API has been moved to xtables.h a few months ago. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
0ec8c0f00b591681076af2db34df0f230b08fa2c |
|
19-Nov-2008 |
Pablo Neira Ayuso <pablo@netfilter.org> |
state: report spaces in the state list parsing This patch adds better error reporting when the user inserts a space between two states with the --state option. iptables -I INPUT -m state ESTABLISHED, RELATED ^ mind the space results in: iptables v1.4.2-rc1: Bad state `' Try `iptables -h' or 'iptables --help' for more information. Now this returns: iptables v1.4.2-rc1: `--state' requires a list of states with no spaces, e.g. ESTABLISHED,RELATED This patch also applies to libxt_conntrack which has a copy of the function. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/external/iptables/extensions/libxt_conntrack.c
|
03d99486d8283552705b58dc55b6085dffc38792 |
|
18-Nov-2008 |
Jan Engelhardt <jengelh@medozas.de> |
src: use NFPROTO_ constants Resync netfilter.h from the latest kernel and make use of the new NFPROTO_ constants that have been introduced. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
c7fc1dae1e8f8a5fe2ad4eac4bdd1f3c59d8c975 |
|
12-Nov-2008 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: dump ctdir Sent in as part of a larger private mail by G�sp�r Lajos <swifty@freemail.hu>; I cherry-picked the ctdir part. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
6b6c096ca56975125edf2aadfd195f23d34df38f |
|
10-Nov-2008 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack: respect -n option during ruledump Reference: http://bugs.debian.org/502548 Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
ddac6c5bc636003d664d25c08ea3fe176565096c |
|
01-Sep-2008 |
Jan Engelhardt <jengelh@medozas.de> |
src: Update comments A number of comments are redundant, some outdated and others outright wrong in their own way. Remove and fixup. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libxt_conntrack.c
|
8b7c64d6ba156a99008fcd810cba874c73294333 |
|
15-Apr-2008 |
Jan Engelhardt <jengelh@medozas.de> |
Remove old functions, constants
/external/iptables/extensions/libxt_conntrack.c
|
dbb77543ad6afe29e9a1881b2d4fc212de621a55 |
|
11-Feb-2008 |
Jan Engelhardt <jengelh@medozas.de> |
Fix -Wshadow warnings and clean up xt_sctp.h Note: xt_sctp.h is still not merged upstream in the kernel as of this commit. But a refactoring was really needed.
/external/iptables/extensions/libxt_conntrack.c
|
9ee386a1b6d7704b259460152c959ab0e79e02aa |
|
29-Jan-2008 |
Max Kellermann <max@duempel.org> |
fix gcc warnings Max Kellermann <max@duempel.org>
/external/iptables/extensions/libxt_conntrack.c
|
a8ad34cf11540d147b8aded6826a1452841d2aa7 |
|
29-Jan-2008 |
Jan Engelhardt <jengelh@medozas.de> |
[IPTABLES]: libxt_conntrack revision 1 Add support for xt_conntrack match revision 1. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
/external/iptables/extensions/libxt_conntrack.c
|
bd9438420d92c41a5cf20a53b7a18d3ddea4216d |
|
20-Jan-2008 |
Jan Engelhardt <jengelh@medozas.de> |
rename overlapping function names Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
/external/iptables/extensions/libxt_conntrack.c
|
08b1616e068166e016b3ee7110db10ae5d853422 |
|
20-Jan-2008 |
Jan Engelhardt <jengelh@medozas.de> |
bunch o' renames Move a few functions from iptables.c/ip6tables.c to xtables.c so they are available for combined (both AF_INET and AF_INET6) libxt modules. Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
/external/iptables/extensions/libxt_conntrack.c
|
a80b6046fa216c26dbc18d587f6255afa8444885 |
|
20-Jan-2008 |
Jan Engelhardt <jengelh@medozas.de> |
libxt_conntrack r0 Move libipt_conntrack to libxt_conntrack. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
/external/iptables/extensions/libxt_conntrack.c
|