e62f426c7ead7c0025d15860df97426db6509942 |
|
22-Aug-2012 |
Patrick McHardy <kaber@trash.net> |
Convert the NAT targets to use the kernel supplied nf_nat.h header Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/external/iptables/extensions/libipt_DNAT.c
|
3964023f8640b60456373825b326b91badd7a058 |
|
25-Nov-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libipt_SAME: set PROTO_RANDOM on all ranges Resolve the (justified) WTF remark to a clearer version of when/why PROTO_RANDOM needs to be set. Especially when --random is used before --to in SAME, it would have not been appleid.
/external/iptables/extensions/libipt_DNAT.c
|
f25b2355e889290879c8cecad3dd24ec0c384fb8 |
|
13-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libipt_[SD]NAT: avoid false error about multiple destinations specified iptables-restore v1.4.10: DNAT: Multiple --to-destination not supported xtables_option_parse sets cb->xflags already, so that it cannot be directly used to test whether an option is being used for the second time. Thus use a private option/flag (X_TO_DEST/SRC) that is not under the control of xtables_option_parse. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
e82d031af24c8155357c6f2d2b2e236bd6cf67e4 |
|
13-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libipt_[SD]NAT: flag up module name on error Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
59ce5bd1d05225911051a4c46ce5ccdd7c1ed078 |
|
12-May-2011 |
Patrick McHardy <kaber@trash.net> |
Merge branch 'floating/opts' of git://dev.medozas.de/iptables
|
f875e84427de17b34ecb69a56d87161571ffab76 |
|
08-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
libipt_DNAT: use guided option parser Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
58e9118dc61c9ff656c0140c429f0fa892c36ac5 |
|
09-May-2011 |
Jan Engelhardt <jengelh@medozas.de> |
doc: S/DNAT allows to omit IP addresses Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
4e5d4bff933d77158d9d32b4f87c5842decf670e |
|
19-Feb-2011 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: add missing checks for specific flags With "!flags", any option will be accepted. The extensions however want one very specific option to be used (or wrong help text). Commits: DNAT: v1.3.8~23, osf: v1.4.6~3 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
73866357e4a7a0fdc1b293bf8863fee2bd56da9e |
|
18-Dec-2010 |
Jan Engelhardt <jengelh@medozas.de> |
iptables: do not print trailing whitespaces Due to the use of printf("foobar "), iptables emits spaces at the end-of-line, which looks odd to some users because it causes the terminal to wrap even if there is seemingly nothing to print. It may also have other points of annoyance, such as mailers interpreting a trailing space as an indicator that the paragraph continues when format=flowed is also on. And git highlights trailing spaces in red, so let's avoid :) Preexisting inconsistencies in outputting spaces in the right spot are also addressed right away. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429579 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
d09b6d591ca7d7d7575cb6aa20384c9830f777ab |
|
08-Jan-2011 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: remove no longer necessary default: cases Match and target parse functions now only get option characters they have defined themselves. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
32b8e61e4e5bd405d9ad07bf9468498dfbb19f9e |
|
23-Jul-2010 |
Jan Engelhardt <jengelh@medozas.de> |
all: consistent syntax use in struct option Try to inhibit copypasting old stuff. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
596c69007acb569843391e4c98dc21d6f2336e7b |
|
06-Nov-2009 |
Patrick McHardy <kaber@trash.net> |
DNAT: fix incorrect check during parsing Specifying --random before --to-dest results in: Multiple --to-destination not supported Fix the flags check to only test the IPT_DNAT_OPT_DEST bit. Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libipt_DNAT.c
|
bf97128c7262f17a02fec41cdae75b472ba77f88 |
|
03-Nov-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: hand argv to xtables_check_inverse In going to fix NF bug #611, "argv" is needed in xtables_check_inverse to set "optarg" to the right spot in case of an intrapositional negation. References: http://bugzilla.netfilter.org/show_bug.cgi?id=611 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
69f564e3890976461de0016cd81171ff8bfa8353 |
|
26-May-2009 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: add const qualifiers in print/save functions Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
467fa9fe70f08342a50b859ddd431c848a956679 |
|
17-Apr-2009 |
Patrick McHardy <kaber@trash.net> |
SNAT/DNAT: add support for persistent multi-range NAT mappings Add support for persistent mappings (2.6.29-rc2+) as replacement for the removed SAME target. Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libipt_DNAT.c
|
4e41854423b529d3107c23b85434d50a75d08057 |
|
21-Feb-2009 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: add missing limits.h include Thanks to Stephen Hemminger for noticing. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
978e27e8f8c2e49d0528c6c4ae3a56627fbe8492 |
|
21-Feb-2009 |
Jan Engelhardt <jengelh@medozas.de> |
include: resynchronize headers with 2.6.29-rc5 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
afe6b357db60c7d70379a27360c10a352bf55203 |
|
21-Feb-2009 |
Jan Engelhardt <jengelh@medozas.de> |
extensions: remove unwanted/add needed includes for IPv4 exts Most touched files do not use anything from ip_tables.h, so remove that #include. multiport instead, does need it (ipt_entry). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
1829ed482efbc8b390cc760d012b3a4450494e1a |
|
21-Feb-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix exit_error to xtables_error Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
0f16c725aadaac7e670d632ecbaea3661ff00827 |
|
30-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - move check_inverse to xtables.c This also adds a warning that intrapositional negation support is deprecated. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
1e01b0b82f70b0b11dcfbced485dbe7aeac4fb8c |
|
30-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - ascii to ipaddr/ipmask input Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
e44ea7faa17c10c68f14f5338a7cc6e3291a0ce7 |
|
30-Jan-2009 |
Jan Engelhardt <jengelh@medozas.de> |
libxtables: prefix/order - ipaddr/ipmask to ascii output Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
/external/iptables/extensions/libipt_DNAT.c
|
5d9678ad3eabc34ac40dfe055d7f6a8e44445a5a |
|
20-Nov-2008 |
Jan Engelhardt <jengelh@medozas.de> |
src: remove inclusion of iptables.h iptables.h and ip6tables.h only include declarations internal to iptables (specifically iptables.c and ip6tables.c), as most of the public API has been moved to xtables.h a few months ago. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libipt_DNAT.c
|
03d99486d8283552705b58dc55b6085dffc38792 |
|
18-Nov-2008 |
Jan Engelhardt <jengelh@medozas.de> |
src: use NFPROTO_ constants Resync netfilter.h from the latest kernel and make use of the new NFPROTO_ constants that have been introduced. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libipt_DNAT.c
|
5a942f9501f7ce287e1c37c553eb02a1e269e081 |
|
04-Nov-2008 |
Patrick McHardy <kaber@trash.net> |
Add SCTP/DCCP support to NAT targets Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libipt_DNAT.c
|
ddac6c5bc636003d664d25c08ea3fe176565096c |
|
01-Sep-2008 |
Jan Engelhardt <jengelh@medozas.de> |
src: Update comments A number of comments are redundant, some outdated and others outright wrong in their own way. Remove and fixup. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
/external/iptables/extensions/libipt_DNAT.c
|
8b7c64d6ba156a99008fcd810cba874c73294333 |
|
15-Apr-2008 |
Jan Engelhardt <jengelh@medozas.de> |
Remove old functions, constants
/external/iptables/extensions/libipt_DNAT.c
|
9ee386a1b6d7704b259460152c959ab0e79e02aa |
|
29-Jan-2008 |
Max Kellermann <max@duempel.org> |
fix gcc warnings Max Kellermann <max@duempel.org>
/external/iptables/extensions/libipt_DNAT.c
|
bd9438420d92c41a5cf20a53b7a18d3ddea4216d |
|
20-Jan-2008 |
Jan Engelhardt <jengelh@medozas.de> |
rename overlapping function names Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
/external/iptables/extensions/libipt_DNAT.c
|
08b1616e068166e016b3ee7110db10ae5d853422 |
|
20-Jan-2008 |
Jan Engelhardt <jengelh@medozas.de> |
bunch o' renames Move a few functions from iptables.c/ip6tables.c to xtables.c so they are available for combined (both AF_INET and AF_INET6) libxt modules. Rename overlapping function names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
/external/iptables/extensions/libipt_DNAT.c
|
75b4b2081522ab2f680ca0edf2242bc6f28a0ef7 |
|
15-Nov-2007 |
Tom Eastep <teastep@shorewall.net> |
PATCH - Fix for --random option in DNAT and REDIRECT The --random option produces "Unknown arg `--random'" errors with both the DNAT and REDIRECT targets. Corrected by the attached patch. Tom Eastep <teastep@shorewall.net>
/external/iptables/extensions/libipt_DNAT.c
|
1d5b63d12984d12c8d87242179855e17657be16d |
|
04-Oct-2007 |
Jan Engelhardt <jengelh@medozas.de> |
Unique names 4/6 Give symbols of libxt targets unique names (2/3). Adds unique prefixes to all functions (most of them - especially the hook functions) so that debugging programs can unambiguously map a symbol to an address. Also unifies the names of the xtables_match/xtables_target structs, (based upon libxt_connmark.c/libip6t_*.c). Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
/external/iptables/extensions/libipt_DNAT.c
|
500f483fff529dcd88ec96b9d5054be6cd6363a0 |
|
08-Sep-2007 |
Patrick McHardy <kaber@trash.net> |
Fix sparse warnings: non-ANSI function declarations, 0 used as pointer
/external/iptables/extensions/libipt_DNAT.c
|
661f112072bc13a1625c4eb5983695e122ea97da |
|
30-Jul-2007 |
Jan Engelhardt <jengelh@medozas.de> |
Make the option structures const. Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
/external/iptables/extensions/libipt_DNAT.c
|
18992db3bfdb3b695cae12b53434f560cbf8e2ae |
|
30-Jul-2007 |
Jan Engelhardt <jengelh@medozas.de> |
Remove the .next=NULL field. This is automatically initialized to zero. I've kept .print=NULL and .save=NULL so it stands out (since iptables will do the print/save then). Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
/external/iptables/extensions/libipt_DNAT.c
|
ac8b2718daf8a79a59b181f6e62495f307ae86b9 |
|
24-Jul-2007 |
Yasuyuki KOZAKAI <yasuyuki@netfilter.org> |
Fixes warning on compilation, part 2 This changes the type of arguments as follows in multiport, DNAT, SNAT, MASQUERADE, and REDIRECT - ip[6]t_ip[6] * -> void * - ip[6]t_entry * -> void * and adds lines to cast these pointer with intended type.
/external/iptables/extensions/libipt_DNAT.c
|
193df8ee3507f0c02762c88a16916c4ea950bd99 |
|
24-Jul-2007 |
Yasuyuki KOZAKAI <yasuyuki@netfilter.org> |
Replaces ipt_entry_* with xt_entry_* in matches/targets
/external/iptables/extensions/libipt_DNAT.c
|
ef399a3033aa860ea1653b9c4306c0e78777e981 |
|
29-May-2007 |
Patrick McHardy <kaber@trash.net> |
Add --random option to DNAT and REDIRECT targets and fix the manpage mess this option left behind.
/external/iptables/extensions/libipt_DNAT.c
|
40d54756cd8a2705e22b36f7aef03bb2c472a10b |
|
18-Apr-2007 |
Patrick McHardy <kaber@trash.net> |
Use nf_conntrack headers instead of ip_conntrack ones and add sanitized versions.
/external/iptables/extensions/libipt_DNAT.c
|
8cf65913bb6353bf0e92eab0669d1c4c53b43623 |
|
19-Sep-2005 |
Phil Oester <kernel@linuxace.com> |
Kernels higher than 2.6.10 don't support multiple --to arguments in DNAT and SNAT targets. At present, the error is somewhat vague: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables: Invalid argument But if we want current iptables to work with kernels <= 2.6.10, we cannot simply disallow this in all cases. So the below patch adds kernel version checking to iptables, and utilizes it in [DS]NAT. Now, users will see a more informative error: # iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5 iptables v1.3.3: Multiple --to-source not supported This generic infrastructure (shamelessly lifted from procps btw) may come in handy in the future for other changes. This fixes bugzilla #367. (Phil Oester)
/external/iptables/extensions/libipt_DNAT.c
|
36d870c76621b94d51816d09eb8fd05e0fb0a0ab |
|
22-Jul-2005 |
Patrick McHardy <kaber@trash.net> |
Fix NAT of ICMP ID ranges (Patrick McHardy)
/external/iptables/extensions/libipt_DNAT.c
|
a3a9c0d3e3d9df70c5ea2e64ef792e194dbfbde7 |
|
22-Jun-2005 |
Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp> |
This patch prevents user to set negative port value of SNAT/DNAT. (Yasuyuki Kozakai)
/external/iptables/extensions/libipt_DNAT.c
|
8115e5425721cd610b6390c3d4c24540773b0520 |
|
14-Feb-2005 |
Pablo Neira <pablo@eurodev.net> |
Kill NFC_* stuff in iptables (Pablo Neira <pablo@eurodev.net>) Fixes build with conntrack event patch for 2.6
/external/iptables/extensions/libipt_DNAT.c
|
3fb61f3d4a194ba989fe8470f16064f20e59e3bc |
|
01-Feb-2005 |
Phil Oester <kernel@linuxace.com> |
John McCann points out via bugzilla that iptables happily accepts this syntax on DNAT/SNAT: --to x.x.x.x:y:z but doesn't actually make use of the second port. Clear up the confusion by only accepting a dash between the ports. This closes bugzilla #265. Signed-off-by: Phil Oester <kernel@linuxace.com>
/external/iptables/extensions/libipt_DNAT.c
|
8caee8b9e34fed4562fcff553197c161fc9d9979 |
|
28-Dec-2004 |
Pablo Neira <pablo@eurodev.net> |
Pablo Neira: extensions conversion to C99 structure initialization (I removed the revision stuff for the moment, but this needs to go in before the code moves too much --RR)
/external/iptables/extensions/libipt_DNAT.c
|
80fe35d6339b53a12ddaec41885613e4e37ed031 |
|
29-May-2002 |
Harald Welte <laforge@gnumonks.org> |
globally replace NETFILTER_VERSION with IPTABLES_VERSION to have consistent naming
/external/iptables/extensions/libipt_DNAT.c
|
b77f1dafb9f35752bb9685323bcacb32a0e6ddc5 |
|
14-Mar-2002 |
Harald Welte <laforge@gnumonks.org> |
Fix 'iptables -p !' bug (segfault when `!' used without argument)
/external/iptables/extensions/libipt_DNAT.c
|
3efb6ead2e51fe1eca55bcb2b06afb4dc4b8cb7c |
|
06-Aug-2001 |
Harald Welte <laforge@gnumonks.org> |
- added patch to support statically linking of iptables - iptables-save/-restore is no longer experimental
/external/iptables/extensions/libipt_DNAT.c
|
73f72f541ac4dab538d4d418b9bbf1707b31342b |
|
03-Jul-2000 |
Rusty Russell <rusty@linuxcare.com.au> |
Aligning matchsize and targetsize now responsibility of extension writers (PPC fix).
/external/iptables/extensions/libipt_DNAT.c
|
228e98dd6303af11925235af4cf3c3ec450f3f41 |
|
27-Apr-2000 |
Rusty Russell <rusty@linuxcare.com.au> |
Alignment fixes (requires kernel patch).
/external/iptables/extensions/libipt_DNAT.c
|
edf14cf4b5edb148d7473f067d95e7bd1316900b |
|
19-Apr-2000 |
Rusty Russell <rusty@linuxcare.com.au> |
Changes to allow matching (for delete) on part of a rule, for rules which change in the kernel (eg. ipt_limit).
/external/iptables/extensions/libipt_DNAT.c
|
e6869a8f59d779ff4d5a0984c86d80db70784962 |
|
20-Mar-2000 |
Marc Boucher <marc@mbsi.ca> |
reorganized tree after kernel merge
/external/iptables/extensions/libipt_DNAT.c
|