Cross Reference: /external/iptables/iptables/xtables-config-parser.y

History log of /external/iptables/iptables/xtables-config-parser.y
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
742baabd185c326cc2125e648e240894362eb31c	15-Sep-2015	Pablo Neira Ayuso <pablo@netfilter.org>	iptables-compat: use new symbols in libnftnl Adapt this code to use the new symbols in libnftnl. This patch contains quite some renaming to reserve the nft_ prefix for our high level library. Explicitly request libnftnl 1.0.5 at configure stage. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
cbe036db892c298c33e77dec2c5129dbb4dccc2c	30-Sep-2014	Pablo Neira Ayuso <pablo@netfilter.org>	iptables-compat: get rid of error reporting via perror The compat layer should report problems in the iptables way instead. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
a4e1098169a67716a81316c36ce22ddcb33df1c0	20-Jan-2014	Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>	nft: Use new libnftnl library name against former libnftables Adapt the current code to use the new library name libnftnl. Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
cea310bd1d078618e87b83410f8c6f75b34de450	30-Jul-2013	Giuseppe Longo <giuseppelng@gmail.com>	nft: load only the tables of the current family This changes nft_xtables_config_load() permit to load only the tables of the current family. [ This patch includes a fix for the configuration parser that I detected while testing this patch --pablo ] Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
f77e1aca9aa8851b469f79c2db80ddb6f49253b2	16-Jul-2013	Pablo Neira Ayuso <pablo@netfilter.org>	src: use nft__list_add_tail Adapt it to the semantic fix that has been applied to libnftable nft__list_add now inserts nodes, instead of appending them. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
5c3cff616084aac880a16a31688e306e915f853c	22-Apr-2013	Pablo Neira Ayuso <pablo@netfilter.org>	xtables-config-parser: fix compilation warning xtables-config-parser.y: In function ‘xtables_config_parse’: xtables-config-parser.y:216:4: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
275283f176152a84212a37bb043d610077c7435b	10-Mar-2013	Pablo Neira Ayuso <pablo@netfilter.org>	xtables-config: fix off by one in parsed strings from /etc/xtables.conf Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
32c579fa6fa1155f316c202a95d3e946111891bd	10-Mar-2013	Pablo Neira Ayuso <pablo@netfilter.org>	xtables: support family in /etc/xtables.conf file Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
c924c0cd07440aa9ce7465e2ba68fb266f07d7c3	10-Mar-2013	Pablo Neira Ayuso <pablo@netfilter.org>	xtables-config: priority has to be per-chain to support To support NAT table chain configuration appropriately. Modify example configuration file as well. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y
384958620abab397062b67fb2763e813b63f74f0	27-Sep-2012	Pablo Neira Ayuso <pablo@netfilter.org>	use nf_tables and nf_tables compatibility interface This patch adds the following utilities: * xtables * xtables-restore * xtables-save * xtables-config They all use Patrick's nf_tables infrastructure plus my compatibility layer. xtables, xtables-restore and xtables-save are syntax compatible with ip[6]tables, ip[6]tables-restore and ip[6]tables-save. Semantics aims to be similar, still the main exception is that there is no commit operation. Thus, we incrementally add/delete rules without entire table locking. The following options are also not yet implemented: -Z (this requires adding expr->ops->reset(...) so nft_counters can reset internal state of expressions while dumping it) -R and -E (this requires adding this feature to nf_tables) -f (can be implemented with expressions: payload 6 (2-bytes) + bitwise a&b^!b + cmp neq 0) -IPv6 support. But those are a matter of time to get them done. A new utility, xtables-config, is available to register tables and chains. By default there is a configuration file that adds backward compatible tables and chains under iptables/etc/xtables.conf. You have to call this utility first to register tables and chains. However, it would be possible to automagically register tables and chains while using xtables and xtables-restore to get similar operation than with iptables. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/iptables/xtables-config-parser.y