Cross Reference: /external/iptables/include/iptables.h

History log of /external/iptables/include/iptables.h
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
d7aeda5ed45ac7ca959f12180690caa371b5b14b	08-Jul-2013	Pablo Neira Ayuso <pablo@netfilter.org>	ip{6}tables-restore: fix breakage due to new locking approach Since (93587a0 ip[6]tables: Add locking to prevent concurrent instances), ip{6}tables-restore does not work anymore: iptables-restore < x Another app is currently holding the xtables lock. Perhaps you want to use the -w option? do_command{6}(...) is called from ip{6}tables-restore for every iptables command contained in the rule-set file. Thus, hitting the lock error after the second command. Fix it by bypassing the locking in the ip{6}tables-restore path. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/include/iptables.h
1639fe86579f86f5f6a954a9b0adde2e16ad1980	27-Aug-2011	Jan Engelhardt <jengelh@medozas.de>	libiptc: combine common types: _handle No real API/ABI change incurred, since the definition of the structs' types is not visible anyhow. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
7e5e866a36a76c153e5903b8251f90cfe07a1d34	27-Aug-2011	Jan Engelhardt <jengelh@medozas.de>	libiptc: replace ipt_chainlabel by xt_chainlabel Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
f56b8a8bf4b1041cb875fd8439778f35276bdb30	03-Sep-2011	Jan Engelhardt <jengelh@medozas.de>	iptables: move kernel version find routing into libxtables That way, the remaining unreferenced symbols that do appear in libipt_DNAT and libipt_SNAT as part of the new check can be resolved, and the ugly -rdynamic hack can finally be removed. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
c1e04bd1b057151afaf7e6138089f2fe2c1b7d1c	04-Apr-2011	Maciej Zenczykowski <maze@google.com>	v4: rename do_command() to do_command4() Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
bb9fe8059f40f0dde9c780498f5af42f5aa6a179	04-Apr-2011	Maciej Zenczykowski <maze@google.com>	v4: rename print_rule() to print_rule4() Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
e5c061afabf018634a507f00df5b1d0c4bd53a37	04-Apr-2011	Maciej Zenczykowski <maze@google.com>	v4: rename delete_chain() to delete_chain4() Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
cc38d058d14e84d3008a0c0035348e0ad5f0d5d2	04-Apr-2011	Maciej Zenczykowski <maze@google.com>	v4: rename flush_entries() to flush_entries4() Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
e70844a98d125679cfe0c62e48d0f19bf175280d	04-Apr-2011	Maciej Zenczykowski <maze@google.com>	v4: rename for_each_chain() to for_each_chain4() Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
617d3d140f4739558dce2ef8ed01aef251cf5487	11-Feb-2009	Jamal Hadi Salim <hadi@cyberus.ca>	libxtables: set names of programs Set proper name of application. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> /external/iptables/include/iptables.h
47a6fd9ec9891a8040eb8fd6db3c5012c1056061	10-Feb-2009	Jan Engelhardt <jengelh@medozas.de>	src: consolidate duplicate code in iptables/internal.h Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
c31870f9bebb3d4d082016fcfaf8c2177ae32eb2	10-Feb-2009	Jan Engelhardt <jengelh@medozas.de>	libxtables: move compat defines to xtables.c Addendum to commit v1.4.3-rc1-41-g77f48c2 where the macro users got moved. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
ea955480a8ae43aa956ac62e1aab3f9670529819	10-Feb-2009	Jan Engelhardt <jengelh@medozas.de>	src: remove unused ipt_tryload macro Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
395e441e20ea9ab7f37122bcfd76fec527fa447b	10-Feb-2009	Jan Engelhardt <jengelh@medozas.de>	src: remove iptables_rule_match indirection macro Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
c02e80878979d2205f3d89d05548397871e598e9	10-Feb-2009	Jan Engelhardt <jengelh@medozas.de>	libxtables: decouple non-xtables parts from header Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/include/iptables.h
1c9015b2cb483678f153121255e10ec0bbfde3e6	10-Nov-2008	Jan Engelhardt <jengelh@medozas.de>	libiptc: remove indirections Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
fd1873110f8e57be578df17fc9d03536b10f4f73	10-Nov-2008	Jan Engelhardt <jengelh@medozas.de>	libiptc: remove typedef indirection Don't you hate it when iptc_handle_t x actually is a double-indirection struct iptc_handle ? This also shows the broken constness model, since "const iptc_handle_t x" = "iptc_handle_t const x" = "struct iptc_handle const x", which is like no const at all. Lots of things to do then. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
ef18e8147903885708d1c264904129af4fb636d6	04-Aug-2008	Jan Engelhardt <jengelh@medozas.de>	src: remove dependency on libiptc headers xtables.h does not need really need libxtc.h, and we can drop it from the install as it is internal-only. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/include/iptables.h
96296cfb7e01298234c7fa9403619f50391620d1	13-May-2008	Henrik Nordstrom <henrik@henriknordstrom.net>	iptables --list-rules command Adds iptables --list-rules (-S) command, acting as a combination of iptables --list and iptables-save. The primary motivation behind this patch is to get iptables-save like output capabilities in iptables-restore, allowing "iptables-restore -n" to be used as a consistent API to iptables for all kind of operations, not only blind updates.. As a bonus iptables also gets the capability of printing the rules as-is. This completely replaces the earlier patch which added the --rules option. Henrik Nordstrom <henrik@henriknordstrom.net> /external/iptables/include/iptables.h
8b7c64d6ba156a99008fcd810cba874c73294333	15-Apr-2008	Jan Engelhardt <jengelh@medozas.de>	Remove old functions, constants /external/iptables/include/iptables.h
21b41eea4724c57d2b6e5998cf38255046e43ad3	11-Feb-2008	Jan Engelhardt <jengelh@medozas.de>	Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR /external/iptables/include/iptables.h
33690a1aec0b6309ff90066ca56285b6e43013f2	11-Feb-2008	Jan Engelhardt <jengelh@medozas.de>	Fix all remaining warnings (missing declarations, missing prototypes) /external/iptables/include/iptables.h
bd9438420d92c41a5cf20a53b7a18d3ddea4216d	20-Jan-2008	Jan Engelhardt <jengelh@medozas.de>	rename overlapping function names Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> /external/iptables/include/iptables.h
08b1616e068166e016b3ee7110db10ae5d853422	20-Jan-2008	Jan Engelhardt <jengelh@medozas.de>	bunch o' renames Move a few functions from iptables.c/ip6tables.c to xtables.c so they are available for combined (both AF_INET and AF_INET6) libxt modules. Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> /external/iptables/include/iptables.h
a3732db1280f790b8e26b41bdcbe8b5f92b7f51b	24-Jul-2007	Yasuyuki KOZAKAI <yasuyuki@netfilter.org>	Moves all declarations in iptables_common.h to xtables.h. /external/iptables/include/iptables.h
5cd1ff53a500256997519ec1d871750773c44803	24-Jul-2007	Yasuyuki KOZAKAI <yasuyuki@netfilter.org>	Moves IPPROTO_* and IP[6]T_LIB_DIR definitions to xtables.h /external/iptables/include/iptables.h
04f8c54dc52e19096d31d94593bd1040716afe4d	24-Jul-2007	Yasuyuki KOZAKAI <yasuyuki@netfilter.org>	Moves some duplicated functions in ip[6]tables.c to xtables.c string_to_number_ll, string_to_number_l, string_to_number, service_to_port, parse_port, parse_interface, are moved. /external/iptables/include/iptables.h
0d502bcdbc97ed359e84f6a21dfa0049b3b60a6c	24-Jul-2007	Yasuyuki KOZAKAI <yasuyuki@netfilter.org>	Introduces xtables match/target registration - moves lib_dir to xtables.c - introduces struct pfinfo which has protocol family dependent infomations. - unifies load_ip[6]tables_ko() and moves them as load_xtables_ko() - introduces xt_{match,match_rule,target,tryload} and replaces ip[6]t_* with them - unifies following functions and move them to xtables.c - find_{match,find_target} - compatible_revision, compatible_{match,target}_revision - introduces xtables_register_{match,target} and make register_{match,target}[6] call them. xtables_register_* register ONLY matches/targets matched protocol family Some concepts: - source compatibility for libip[6]t_xxx.c with warning on compilation not binary compatibility. - binary compatibility between 2.4/2.6 kernel and iptables/ip6tables, of cause. - xtables is enough to support only one address family at runtime. Then xtables keeps infomations of only the focused address famiy in struct afinfo. /external/iptables/include/iptables.h
9561606bd938ed4b2614716a08a2856d4ef5e995	11-Jan-2007	Patrick McHardy <kaber@trash.net>	Add UDPLITE multiport support /external/iptables/include/iptables.h
267a57007e69d8f316dea80f79ce2560459e0c30	29-Nov-2006	Pablo Neira Ayuso <pablo@netfilter.org>	Fix /etc/network usage (Pablo Neira) http://bugs.debian.org/398082 iptables 1.3.5 and 1.3.6 appear to read /etc/networks, but the information is lost somewhere with 1.3.6. # cat /etc/networks foonet 10.0.0.0 # strace -s 255 -o /tmp/foo iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.5 [1] ACCEPT all opt -- in * out * 10.0.0.0/8 -> 0.0.0.0/0 # strace -s 255 -o /tmp/bar iptables -v -A INPUT -s foonet/8 -j ACCEPT #1.3.6 [2] iptables v1.3.6: host/network `foonet.0.0.0' not found Try `iptables -h' or 'iptables --help' for more information. 1. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.5.txt 2. http://people.debian.org/~ljlane/stuff/strace-iptables-1.3.6.txt /external/iptables/include/iptables.h
c1eae41e1957db56aaf7afcafa2f097042fa4217	25-Jul-2006	Patrick McHardyJesper Brouer <kaber@trash.nethawk@diku.dk>	Revert "proto_to_name duplication" patch, as noticed by Yasuyuki it can cause invalid arguments to get accepted. /external/iptables/include/iptables.h
a6c1d926f6c3c00e0c1875d80b9579c95bde2cfa	22-Jul-2006	Phil Oester <kernel@linuxace.com>	proto_to_name duplication (Phil Oester <kernel@linuxace.com>) Update multiport match to use the iptables version of proto_to_name instead of reinventing the wheel. /external/iptables/include/iptables.h
dbac8ad71c3c418fd8a62c08211885a38177b725	20-Jul-2006	Phil Oester <kernel@linuxace.com>	reduce parse__port duplication (Phil Oester <kernel@linuxace.com>) The below patch (dependent upon my 'reduce service_to_port duplication' patch) centralizes the parse__port functions into parse_port. /external/iptables/include/iptables.h
58179b1d0d1722ea16028aa2ea9d74afc86dd5dc	20-Jul-2006	Phil Oester <kernel@linuxace.com>	reduce service_to_port duplication (Phil Oester <kernel@linuxace.com>) The service_to_port function is used in a number of places, and could benefit from some centralization instead of being duplicated everywhere. /external/iptables/include/iptables.h
2452bafd9810e8560717f10af8e26f8a3ac4f4cf	28-Apr-2006	Patrick McHardy <kaber@trash.net>	Add DCCP/SCTP support to multiport. Patch for kernel will go in 2.6.18. /external/iptables/include/iptables.h
a258ad7002ae4b4f366800f512db938fb78d0661	03-Mar-2006	Joszef Kadlecsik <kadlec@blackhole.kfki.hu>	Multiple matches of the same type can be specified on the commandline. If two or more matches of the same type are detected then the options are assumed to be grouped in order to tell which option belongs to which match: ... -m foo ... <options0> ... -m foo ... <options1> ... Otherwise the commandline parsing is unmodified. /external/iptables/include/iptables.h
f5b86e698be2f1f96c974a4af176269f5c677596	22-Dec-2005	Jones Desougi <jones@ingate.com>	Fix probing for supported revisions (Jones Desougi <jones@ingate.com>) Bugzilla #413 /external/iptables/include/iptables.h
8cf65913bb6353bf0e92eab0669d1c4c53b43623	19-Sep-2005	Phil Oester <kernel@linuxace.com>	Kernels higher than 2.6.10 don't support multiple --to arguments in DNAT and SNAT targets. At present, the error is somewhat vague: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables: Invalid argument But if we want current iptables to work with kernels <= 2.6.10, we cannot simply disallow this in all cases. So the below patch adds kernel version checking to iptables, and utilizes it in [DS]NAT. Now, users will see a more informative error: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables v1.3.3: Multiple --to-source not supported This generic infrastructure (shamelessly lifted from procps btw) may come in handy in the future for other changes. This fixes bugzilla #367. (Phil Oester) /external/iptables/include/iptables.h
9867e814492275cabfbccd6b30375b0e23eb10cb	22-Jun-2005	Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>	reduce code replication of parse_interface() (Yasuyuki Kozakai) /external/iptables/include/iptables.h
3aef54dce4f9bbe0b466478fd33a1d3131efbbb8	03-Jan-2005	Rusty Russell <rusty@rustcorp.com.au>	Extension revision number support (if kernel supports the getsockopts). Enhance MARK match with second revision. Committed in anticipation of the kernel patch being applied. /external/iptables/include/iptables.h
357d59dcfcbd125e2aa8c07b30cea9635efec2a7	27-Dec-2004	Martin Josefsson <gandalf@wlug.westbo.se>	Fix setting lib_dir in ip*tables-{save,restore} /external/iptables/include/iptables.h
db0422f80d353e7040f18344ca3e74bb0ba10e31	04-Mar-2004	Harald Welte <laforge@gnumonks.org>	add definition for IPPROTO_SCTP for systems with old header files /external/iptables/include/iptables.h
78cafdaf474a333fa39efab4aa4c9aed88ab9518	02-Feb-2004	Martin Josefsson <gandalf@wlug.westbo.se>	Make sure to use matches in the order they are given when calling do_command() multiple times. /external/iptables/include/iptables.h
63e9063a660809385fd17edb94da044c7c884e02	03-Mar-2003	Illes Marci <marci@balabit.hu>	make iptables-restore print the line number in case of an error (Illes Marci <marci@balabit.hu>) /external/iptables/include/iptables.h
b93c79862b47f227ac908430a2c9f16b4ecc0631	06-Dec-2001	Marc Boucher <marc@mbsi.ca>	Export addr_to_anyname(), mask_to_dotted(), parse_hostnetworkmask() and parse_protocol() as they are needed by the upcoming ipt_conntrack match module. /external/iptables/include/iptables.h
3efb6ead2e51fe1eca55bcb2b06afb4dc4b8cb7c	06-Aug-2001	Harald Welte <laforge@gnumonks.org>	- added patch to support statically linking of iptables - iptables-save/-restore is no longer experimental /external/iptables/include/iptables.h
a114e9e8be802ab744d442449b3ec7de03c58621	01-Dec-2000	Harald Welte <laforge@gnumonks.org>	make iptables-restore and iptables-save work again /external/iptables/include/iptables.h
b6db33196870d3ec401a7ca87234dd2bc379c413	27-Aug-2000	Jan Echternach <echter@informatik.uni-rostock.de>	Jan Echternach's const tweak. /external/iptables/include/iptables.h
79dee0702b18c8ea1d1f7a2b1f6b29349466986b	02-May-2000	Rusty Russell <rusty@linuxcare.com.au>	IPv6 enhancements. /external/iptables/include/iptables.h
edf14cf4b5edb148d7473f067d95e7bd1316900b	19-Apr-2000	Rusty Russell <rusty@linuxcare.com.au>	Changes to allow matching (for delete) on part of a rule, for rules which change in the kernel (eg. ipt_limit). /external/iptables/include/iptables.h
e6869a8f59d779ff4d5a0984c86d80db70784962	20-Mar-2000	Marc Boucher <marc@mbsi.ca>	reorganized tree after kernel merge /external/iptables/include/iptables.h