Cross Reference: /external/iptables/extensions/libip6t

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
7a0992da44cfb6cab0ccd1beadcf326df8773552	24-Jul-2016	Pablo Neira Ayuso <pablo@netfilter.org>	src: introduce struct xt_xlate_{mt,tg}_params This structure is an extensible containers of parameters, so we don't need to propagate interface updates in every extension file in case we need to add new parameters in the future. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/extensions/libip6t_hbh.c
f035be35c749d5c5cbb7ffdbcd1c548b91bd3033	09-Jul-2016	Pablo M. Bermudo Garay <pablombg@gmail.com>	xtables-translate: fix multiple spaces issue This patch fixes a multiple spaces issue. The problem arises when a rule set loaded through iptables-compat-restore is listed in nft. Before this commit, two spaces were printed after every match translation: $ sudo iptables-save *filter :INPUT ACCEPT [0:0] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m multiport --dports 80:85 -m ttl --ttl-gt 5 -j ACCEPT COMMIT $ sudo iptables-compat-restore iptables-save $ sudo nft list ruleset table ip filter { chain INPUT { type filter hook input priority 0; policy accept; ct state related,established counter packets 0 bytes 0 accept ^^ ip protocol tcp tcp dport 80-85 ip ttl gt 5 counter packets 0 bytes 0 accept ^^ ^^ } } Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/extensions/libip6t_hbh.c
46c5245244f517341786145048b9276600f10e4b	02-Jun-2016	Laura Garcia Liebana <nevola@gmail.com>	extensions: libip6t_hbh: Add translation to nft Add translation for Hop-By-Hop header to nftables. Hbh options are not supported yet in nft. $ sudo ip6tables-translate -t filter -A INPUT -m hbh --hbh-len 22 nft add rule ip6 filter INPUT hbh hdrlength 22 counter $ sudo ip6tables-translate -t filter -A INPUT -m hbh ! --hbh-len 22 nft add rule ip6 filter INPUT hbh hdrlength != 22 counter Signed-off-by: Laura Garcia Liebana <nevola@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> /external/iptables/extensions/libip6t_hbh.c
975aeec7d34419fece8710997b6ec88cc0abb580	21-Aug-2011	Jan Engelhardt <jengelh@medozas.de>	libip6t_hbh: restore setting IP6T_OPTS_LEN flag Bug origin is in commit v1.4.11~26^2~17. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
7a969bb06cef93b6b0dadbb784c30d33856445d1	03-Mar-2011	Jan Engelhardt <jengelh@medozas.de>	libip6t_hbh: use guided option parser Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
b9210cfd9da3d57610be4e86ef45c48dd1b65edf	19-Feb-2011	Jan Engelhardt <jengelh@medozas.de>	libip6t_hbh: remove unimplemented --hbh-not-strict Same as with ip6t_dst. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
e88a7c2c7175742b58b6aa03f2b5aba2d80330a1	18-Feb-2011	Jan Engelhardt <jengelh@medozas.de>	extensions: remove redundant init functions The main program already zeroes the per-extension data block. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
73866357e4a7a0fdc1b293bf8863fee2bd56da9e	18-Dec-2010	Jan Engelhardt <jengelh@medozas.de>	iptables: do not print trailing whitespaces Due to the use of printf("foobar "), iptables emits spaces at the end-of-line, which looks odd to some users because it causes the terminal to wrap even if there is seemingly nothing to print. It may also have other points of annoyance, such as mailers interpreting a trailing space as an indicator that the paragraph continues when format=flowed is also on. And git highlights trailing spaces in red, so let's avoid :) Preexisting inconsistencies in outputting spaces in the right spot are also addressed right away. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429579 Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
d09b6d591ca7d7d7575cb6aa20384c9830f777ab	08-Jan-2011	Jan Engelhardt <jengelh@medozas.de>	extensions: remove no longer necessary default: cases Match and target parse functions now only get option characters they have defined themselves. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
7ac405297ec38449b30e3b05fd6bf2082fd3d803	07-Jan-2011	Jan Engelhardt <jengelh@medozas.de>	src: use C99/POSIX types "u_int" was a non-standardized extension predating C99 on some platforms. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
32b8e61e4e5bd405d9ad07bf9468498dfbb19f9e	23-Jul-2010	Jan Engelhardt <jengelh@medozas.de>	all: consistent syntax use in struct option Try to inhibit copypasting old stuff. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
bbe83862a5e1baf15f7c923352d4afdf59bc70e2	24-Oct-2009	Jan Engelhardt <jengelh@medozas.de>	iptables/extensions: make bundled options work again When using a bundled option like "-ptcp", 'argv[optind-1]' would logically point to "-ptcp", but this is obviously not right. 'optarg' is needed instead, which if properly offset to "tcp". Not all places change optind-based access to optarg; where look-ahead is needed, such as for tcp's --tcp-flags option for example, optind is ok. References: http://bugzilla.netfilter.org/show_bug.cgi?id=611 Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
bf97128c7262f17a02fec41cdae75b472ba77f88	03-Nov-2009	Jan Engelhardt <jengelh@medozas.de>	libxtables: hand argv to xtables_check_inverse In going to fix NF bug #611, "argv" is needed in xtables_check_inverse to set "optarg" to the right spot in case of an intrapositional negation. References: http://bugzilla.netfilter.org/show_bug.cgi?id=611 Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
1829ed482efbc8b390cc760d012b3a4450494e1a	21-Feb-2009	Jan Engelhardt <jengelh@medozas.de>	libxtables: prefix exit_error to xtables_error Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
0f16c725aadaac7e670d632ecbaea3661ff00827	30-Jan-2009	Jan Engelhardt <jengelh@medozas.de>	libxtables: prefix/order - move check_inverse to xtables.c This also adds a warning that intrapositional negation support is deprecated. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
213e185afbb298e6708881e4c2adffdc47a8b6da	27-Jan-2009	Jan Engelhardt <jengelh@medozas.de>	src: remove redundant casts All of them are implicitly convertable without any wanted side effects. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> /external/iptables/extensions/libip6t_hbh.c
cea9f71f5618250a38acb21c31fbbf93a752f7d4	09-Dec-2008	Jan Engelhardt <jengelh@medozas.de>	iptables-save: output ! in position according to manpage Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/extensions/libip6t_hbh.c
5d9678ad3eabc34ac40dfe055d7f6a8e44445a5a	20-Nov-2008	Jan Engelhardt <jengelh@medozas.de>	src: remove inclusion of iptables.h iptables.h and ip6tables.h only include declarations internal to iptables (specifically iptables.c and ip6tables.c), as most of the public API has been moved to xtables.h a few months ago. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/extensions/libip6t_hbh.c
03d99486d8283552705b58dc55b6085dffc38792	18-Nov-2008	Jan Engelhardt <jengelh@medozas.de>	src: use NFPROTO_ constants Resync netfilter.h from the latest kernel and make use of the new NFPROTO_ constants that have been introduced. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/extensions/libip6t_hbh.c
ddac6c5bc636003d664d25c08ea3fe176565096c	01-Sep-2008	Jan Engelhardt <jengelh@medozas.de>	src: Update comments A number of comments are redundant, some outdated and others outright wrong in their own way. Remove and fixup. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/extensions/libip6t_hbh.c
967279231a9ecfa99f26694a954afc535c63db1d	13-Aug-2008	Jan Engelhardt <jengelh@medozas.de>	Synchronize invert flag order with manpages Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> /external/iptables/extensions/libip6t_hbh.c
8b7c64d6ba156a99008fcd810cba874c73294333	15-Apr-2008	Jan Engelhardt <jengelh@medozas.de>	Remove old functions, constants /external/iptables/extensions/libip6t_hbh.c
7a236f4cc685a420c1a782a5db614a93baf37ccf	03-Mar-2008	Jan Engelhardt <jengelh@medozas.de>	Drop -W from CFLAGS and some tiny code cleanups - change "unsigned" to explicit "unsigned int" - remove some casts /external/iptables/extensions/libip6t_hbh.c
9ee386a1b6d7704b259460152c959ab0e79e02aa	29-Jan-2008	Max Kellermann <max@duempel.org>	fix gcc warnings Max Kellermann <max@duempel.org> /external/iptables/extensions/libip6t_hbh.c
e2f588ab7481760f069cd30d3146569f074721aa	04-Oct-2007	Jan Engelhardt <jengelh@medozas.de>	Remove redundant dst/hbh lines Remove hbh stuff from libip6t_dst, remove dst stuff from libip6t_hbh. Signed-off-by: Jan Engelhardt <jengelh@gmx.de> /external/iptables/extensions/libip6t_hbh.c
997045f536026c0d643bf884da5ff5de2605197f	04-Oct-2007	Jan Engelhardt <jengelh@medozas.de>	Unique names 5/6 Give symbols of libxt matches unique names (3/3). Adds unique prefixes to all functions (most of them - especially the hook functions) so that debugging programs can unambiguously map a symbol to an address. Also unifies the names of the xtables_match/xtables_target structs, (based upon libxt_connmark.c/libip6t_*.c). Signed-off-by: Jan Engelhardt <jengelh@gmx.de> /external/iptables/extensions/libip6t_hbh.c
830132ac9c0d270bf9dcfe85c2464e3fe8c73fb9	04-Oct-2007	Jan Engelhardt <jengelh@medozas.de>	Delete empty ->final_check() functions Deletes empty ->final_check() functions, and makes ip[6]tables checks for NULL on these. Signed-off-by: Jan Engelhardt <jengelh@gmx.de> /external/iptables/extensions/libip6t_hbh.c
500f483fff529dcd88ec96b9d5054be6cd6363a0	08-Sep-2007	Patrick McHardy <kaber@trash.net>	Fix sparse warnings: non-ANSI function declarations, 0 used as pointer /external/iptables/extensions/libip6t_hbh.c
ea146a982e26c42f9954f140276f8deeb2edbe98	02-Sep-2007	Peter Riley <Peter.Riley@hotpop.com>	Remove last vestiges of NFC (Peter Riley <Peter.Riley@hotpop.com>) /external/iptables/extensions/libip6t_hbh.c
661f112072bc13a1625c4eb5983695e122ea97da	30-Jul-2007	Jan Engelhardt <jengelh@medozas.de>	Make the option structures const. Signed-off-by: Jan Engelhardt <jengelh@gmx.de> /external/iptables/extensions/libip6t_hbh.c
a620c61d441b931bc4a52ec07f1b906318ee4069	24-Jul-2007	Yasuyuki KOZAKAI <yasuyuki@netfilter.org>	Fixes warning on compilation of ip6tables matches/targets This changes the type of arguments as follows - ip6t_ip6 * -> void * - ip6t_entry * -> void * /external/iptables/extensions/libip6t_hbh.c
b85256b07a2939d712a2547bc151653eae511909	24-Jul-2007	Yasuyuki KOZAKAI <yasuyuki@netfilter.org>	Replaces ip6t_entry_* with xt_entry_* in matches/targets /external/iptables/extensions/libip6t_hbh.c
02aa73312d6078b6de26757d5a558e0085ec20b5	01-Feb-2005	Harald Welte <laforge@gnumonks.org>	make structure initializers use C99 standard (Harald Welte) /external/iptables/extensions/libip6t_hbh.c
ae31bb6bac68f800a1e4b30cf2548dacaaf76102	14-Jun-2002	Fabrice MARIE <fabrice@celestix.com>	fix all compile warnings within iptables extensions (fabrice) /external/iptables/extensions/libip6t_hbh.c
80fe35d6339b53a12ddaec41885613e4e37ed031	29-May-2002	Harald Welte <laforge@gnumonks.org>	globally replace NETFILTER_VERSION with IPTABLES_VERSION to have consistent naming /external/iptables/extensions/libip6t_hbh.c
2ea56498b07506c00a511ddee39cb1c4bd85457d	29-Apr-2002	András Kis-Szabó <kisza@securityaudit.hu>	new HBH and DSTopts match for IPv6 by kisza /external/iptables/extensions/libip6t_hbh.c