945353a25bbb2dbf88128c27a9169851da6ebf05 |
|
20-Jun-2013 |
Phil Oester <kernel@linuxace.com> |
ip6tables: don't print out /128 Similar to how iptables does not print /32 on IPv4 addresses, ip6tables should not print out /128 on IPv6 addresses. Signed-off-by: Phil Oester <kernel@linuxace.com> Signed-off-by: Pablo Neira Ayuso <pablo@soleta.eu>
/external/iptables/libxtables/xtables.c
|
17fd36631d3ca17b581be9acb8ab054931b5a917 |
|
27-May-2013 |
Phil Oester <kernel@linuxace.com> |
xtables: improve get_modprobe handling In bug #455, Dmitry V. Levin proposed a more robust get_modprobe implementation. The patch below is a version of his patch, updated to apply to current git. This closes bug #455. Signed-off-by: Phil Oester <kernel@linuxace.com> Signed-off-by: Pablo Neira Ayuso <pablo@soleta.eu>
/external/iptables/libxtables/xtables.c
|
2f655ede64e07a861e3ec50150f572ed98755013 |
|
29-Oct-2012 |
Pablo Neira Ayuso <pablo@netfilter.org> |
libxtables: add xtables_print_num This function is used both by iptables and ip6tables, and refactorize to avoid longer than 80-chars per column lines of code. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/external/iptables/libxtables/xtables.c
|
d1e7922a587a239e16e0dbe654e63f76e1375e49 |
|
04-Jan-2013 |
Pablo Neira Ayuso <pablo@netfilter.org> |
libxtables: add xtables_rule_matches_free This function is shared by iptables and ip6tables. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/external/iptables/libxtables/xtables.c
|
dd43527cb6bdf3d469100850ca10dcd2fb761304 |
|
07-Oct-2012 |
Jan Engelhardt <jengelh@inai.de> |
iptables: restore NOTRACK functionality, target aliasing Commit v1.4.16-1-g2aaa7ec is testing for real_name (not) being NULL which was always false (true). real_name was never NULL, so cs->jumpto would always be used, which rendered -j NOTRACK unusable, since the chosen real name.revision is for example NOTRACK.1, which does not exist at the kernel side. # ./iptables/xtables-multi main4 -t raw -A foo -j NOTRACK dbg: Using NOTRACK.1 WARNING: The NOTRACK target is obsolete. Use CT instead. iptables: Protocol wrong type for socket. To reasonably support the extra-special verdict names, make it so that real_name remains NULL when an extension defined no alias, which we can then use to determine whether the user entered an alias name (which needs to be followed) or not. [ I have mangled this patch to remove a comment unnecessarily large. BTW, this patch gets this very close to the initial target aliasing proposal --pablo ] Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/external/iptables/libxtables/xtables.c
|
c436dad7cfdd80ca4a05ceed556c39babc266f55 |
|
27-Sep-2012 |
Jan Engelhardt <jengelh@inai.de> |
iptables: support for match aliases This patch allows for match names listed on the command line to be rewritten to new names and revisions, like we did for targets before. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
/external/iptables/libxtables/xtables.c
|
cd2f9bdbb7f9b737e5d640aafeb78bcd8e3a7adf |
|
04-Sep-2012 |
Jan Engelhardt <jengelh@inai.de> |
iptables: support for target aliases This patch allows for target names listed on the command line to be rewritten to new names and revisions. As before, we will pick a revision that is supported by the kernel - now including real_name in the search. This gives us the possibility to test for many action names. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
/external/iptables/libxtables/xtables.c
|
954b76c317f641b7faf33cc26931d45585cc0dea |
|
27-Sep-2012 |
Jan Engelhardt <jengelh@inai.de> |
libxtables: consolidate preference logic Alias support will require testing for more conditions, so move the revision comparison code into a separate function where it can be shared between matches and targets. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
/external/iptables/libxtables/xtables.c
|
a96166c24eaac1c91bed4815c09e91733409d888 |
|
14-Jul-2012 |
Pablo Neira Ayuso <pablo@netfilter.org> |
libxtables: add xtables_ip[6]mask_to_cidr This patch adds generic functions to return the mask in CIDR notation whenever is possible. This patch also simplifies xtables_ip[6]mask_to_numeric, that now use these new two functions. This patch also bumps libxtables_vcurrent and libxtables_vage since we added a couple new interfaces (thanks to Jan Engelhardt for his little reminder on this). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/external/iptables/libxtables/xtables.c
|
8816e91cddef785c78b3598c7c41a1f88be08f5a |
|
18-Sep-2011 |
Jan Engelhardt <jengelh@medozas.de> |
build: restore build order of modules iptables(exe) requires libext.a, but extensions/ require libxtables.la (in iptables/). This circular dependency does not work out, so separate libxtables into its own directory and put it in front. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/libxtables/xtables.c
|