Jan Engelhardt
e3ae438e2e
Merge branch 'master' of ssh://git.code.sf.net/u/jeffcarlson72/xtables-addons
2021-08-16 08:49:55 +02:00
Jeff Carlson
c90ecf4320
pknock: added UDP options to help and made whitespace consistent
2021-08-15 18:59:25 -07:00
Jeremy Sowden
1abcd731c0
libxt_ACCOUNT_cl: correct LDFLAGS variable name
...
The LT library name is libxt_ACCOUNT_cl.la, so the variable should be
`libxt_ACCOUNT_cl_la_LDFLAGS`.
Fixes: 81ab0b9586jeremy@azazel.net >
2021-08-15 13:29:15 +02:00
Jan Engelhardt
af10045c75
doc: add incompatibility notice with transmogrified kernels
2021-07-17 11:37:50 +02:00
Jan Engelhardt
6d74a85f70
extensions: remove unused code from compat_xtnu.h
2021-07-17 11:34:34 +02:00
Jan Engelhardt
b9893b9505
xt_ipp2p: use fixed-size integers for struct ipt_p2p_info
2021-07-17 11:33:20 +02:00
Jan Engelhardt
714998176a
extensions: syntactically compact struct definitions
2021-07-17 11:32:19 +02:00
Jan Engelhardt
81ab0b9586
libxt_ACCOUNT_cl: drop padding holes from struct ipt_ACCOUNT_context
2021-07-17 11:31:10 +02:00
Jan Engelhardt
1f308c7262
extensions: use simpler header guards
2021-07-17 11:24:47 +02:00
Jan Engelhardt
87189b0051
Xtables-addons 3.18
2021-03-11 17:13:17 +01:00
Jan Engelhardt
d3fb275c03
xt_pknock: fix build failure under platforms like ARM 32-bit
...
./arch/arm/include/asm/div64.h:24:45: note: expected "uint64_t *"
{aka "long long unsigned int *"} but argument is of type
"long unsigned int *"
24 | static inline uint32_t __div64_32(uint64_t *n, uint32_t base)
2021-03-11 17:11:47 +01:00
Jan Engelhardt
9faa3085bb
Xtables-addons 3.17
2021-02-28 17:54:20 +01:00
Jan Engelhardt
947a677ddb
xt_pknock: reduce indent in the two most-recently touched functions
2021-02-28 17:53:19 +01:00
Andrew S. Johnson
42a9b5c6c3
xt_pknock: cure NULL dereference
...
The original patch for long division on x86 didn't take into account
the use of short circuit logic for checking if peer is NULL before
testing it. Here is a revised patch to v3.16.
2021-02-28 17:50:36 +01:00
Jan Engelhardt
3233a0ed2c
Xtables-addons 3.16
2021-02-24 01:16:22 +01:00
Jan Engelhardt
97808473f9
xt_quota2: silence a compiler warning
...
libxt_quota2.c:73:3: warning: ‘strncpy’ specified bound 15 equals destination size [-Wstringop-truncation]
73 | strncpy(info->name, optarg, sizeof(info->name));
2021-02-24 01:12:28 +01:00
Andrew S. Johnson
3aa4ca3eaf
xt_pknock: use do_div for long division
2021-02-24 01:10:18 +01:00
Jan Engelhardt
5104269605
Xtables-addons 3.15
2021-02-05 21:56:26 +01:00
Jan Engelhardt
4ee209416f
xt_pknock: replace obsolete function get_seconds
...
get_seconds is removed in 5.11; its replacement ktime_get_real_seconds
is available since 3.19. The timestamps should not be affected by clock
resets, so will be switched to ktime_get_seconds.
2021-02-05 21:55:46 +01:00
Jan Engelhardt
43df040e05
xt_lscan: add --mirai option
2021-02-05 18:58:55 +01:00
Jan Engelhardt
f59a4eb9d9
xt_lscan: extend info struct to support more flags (without size change)
2021-01-20 02:50:01 +01:00
Jan Engelhardt
a238253509
xt_ECHO: support new function signature of security_skb_classify_flow
2021-01-20 02:44:25 +01:00
Jan Engelhardt
4547e4c5cc
Xtables-addons 3.14
2020-11-24 18:41:52 +01:00
Jeremy Sowden
5d94a36d22
geoip: use correct download URL for MaxMind DBs
...
The download URL for the GeoLite2 DBs has changed and includes a
licence key. Update the download script to read the key from file or
stdin and use the correct URL.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-11-24 18:39:00 +01:00
Jan Engelhardt
9d5b2e2e0e
extensions: reduce number of arguments to send_reset functions
2020-11-23 23:14:46 +01:00
Jan Engelhardt
f973577ec0
extensions: call send_reset with xtables state socket
...
Reported-by: Minqiang Chen <ptpt52@gmail.com >
2020-11-23 23:06:25 +01:00
Jan Engelhardt
a35feefa0f
build: cure overall build failure when CONFIG_NF_NAT=n
2020-11-22 17:45:37 +01:00
Jan Engelhardt
a1b3d81ccb
geoip: rename xt_geoip_fetch to xt_geoip_query
...
"fetch" sounds a bit like "download", but that is not what this
utility does. Calling it "query" seems more appropriate.
2020-11-22 17:44:51 +01:00
Jeremy Sowden
6504f251c6
geoip: add man pages for MaxMind scripts
...
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-11-22 17:27:51 +01:00
Jeremy Sowden
1c67775d10
doc: fix man page typos
...
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-11-22 17:27:40 +01:00
Jeremy Sowden
7327cd725b
geoip: remove superfluous xt_geoip_fetch_maxmind script
...
xt_geoip_fetch and xt_geoip_fetch_maxmind are identical. Remove the
latter.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-11-22 17:27:31 +01:00
Jan Engelhardt
5c8aecdd56
Xtables-addons 3.13
2020-11-20 13:13:52 +01:00
Jan Engelhardt
5ad9de75d4
compat_xtables: employ route_me_harder define for 4.19 and 5.4 too
...
The API change found its way into some more Linux stable series.
2020-11-20 13:11:38 +01:00
Jan Engelhardt
9e84e8f13d
Xtables-addons 3.12
2020-11-19 22:11:19 +01:00
Jan Engelhardt
50153ffdb9
compat_xtables: fix a spello near route_me_harder
2020-11-19 22:11:19 +01:00
Jan Engelhardt
9c4aeea422
xt_DNETMAP: compaction of variable declarations
2020-11-19 21:53:15 +01:00
Philip Prindeville
c09d0704af
geoip: re-add Maxmind scripts
2020-11-19 13:03:42 +01:00
Jan Engelhardt
0021003dc7
extensions: abolish NIPQUAD/NIP6
...
Support for Linux 2.6.28 is long gone.
2020-11-19 12:54:36 +01:00
Jan Engelhardt
0ab3247900
build: adjust for changed signature of ip_route_me_harder
...
(Cf. commit 46d6c5ae953cc0be38efd0e469284df7c4328cf8 in Linux.)
2020-11-19 12:28:55 +01:00
Jeremy Sowden
d3f7dc1f55
pknlusr: mention the group ID command-line paramater in the man page
...
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-26 11:08:20 +01:00
Jan Engelhardt
87d3aab175
pknock: trim some blank lines
2020-10-26 11:06:57 +01:00
Jan Engelhardt
bfb0516c79
extensions: split assignments and if-exprs
2020-10-25 15:41:24 +01:00
Jeremy Sowden
939d3ee0d3
xt_pknock: remove DEBUG definition and disable debug output
...
The DEBUG definition in xt_pknock.h causes a compiler warning if one
adds a DEBUG define to xt_pknock.c to enable pr_debug. Since it only
controls some debugging output in libxt_pknock.c, it would make sense to
move the definition there, but let's just disable the debugging instead.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:17:40 +01:00
Jeremy Sowden
5df71f8741
xt_pknock: use pr_err
...
Replace some instances of `printk(KERN_ERR PKNOCK ...)`. We define
`pr_fmt`, so `pr_err` is equivalent.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:14:31 +01:00
Jeremy Sowden
82379e8ec1
xt_pknock: use kzalloc
...
Replace some instances of kmalloc + memset.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:14:27 +01:00
Jeremy Sowden
b3a3f2e91b
xt_pknock: use IS_ENABLED
...
It is more succinct than checking whether CONFIG_BLAH or
CONFIG_BLAH_MODULE are defined.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:06:11 +01:00
Jeremy Sowden
63fb5d3490
pknlusr: fix hard-coded netlink multicast group ID
...
The group ID used by xt_pknock is configurable, but pknlusr hard-codes
it. Modify pknlusr to accept an optional ID from the command line.
Group IDs range from 1 to 32 and each ID appears in the group bitmask
at position `group_id - 1`.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:06:10 +01:00
Jeremy Sowden
05cacbe84c
pknlusr: always close socket
...
On some error paths, the socket was not being closed before exit.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:02:39 +01:00
Jeremy Sowden
3c120ef5f1
pknlusr: do not treat recv return value of zero as an error
...
A return-value of zero is not an error, so there is no point calling
perror, but since we have not requested and do not expect a zero-length
datagram, we treat it as EOF and exit.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:01:50 +01:00
Jeremy Sowden
b0a1aacd4b
pknlusr: use macro to define inet_ntop buffer size
...
POSIX provides a macro to define the minimum length required, so let's
use it.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net >
2020-10-25 15:01:18 +01:00
