anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-06 04:35:12 +02:00
Code Issues Releases Wiki Activity
1,091 Commits 5 Branches 85 Tags
97808473f953b0ed5caa88356386fe7b71db8cea
Commit Graph

1091 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jan Engelhardt
97808473f9 xt_quota2: silence a compiler warning 
libxt_quota2.c:73:3: warning: ‘strncpy’ specified bound 15 equals destination size [-Wstringop-truncation]
   73 |   strncpy(info->name, optarg, sizeof(info->name));
 2021-02-24 01:12:28 +01:00
Andrew S. Johnson
3aa4ca3eaf xt_pknock: use do_div for long division 2021-02-24 01:10:18 +01:00
Jan Engelhardt
5104269605 Xtables-addons 3.15 v3.15 2021-02-05 21:56:26 +01:00
Jan Engelhardt
4ee209416f xt_pknock: replace obsolete function get_seconds 
get_seconds is removed in 5.11; its replacement ktime_get_real_seconds
is available since 3.19. The timestamps should not be affected by clock
resets, so will be switched to ktime_get_seconds.
 2021-02-05 21:55:46 +01:00
Jan Engelhardt
43df040e05 xt_lscan: add --mirai option 2021-02-05 18:58:55 +01:00
Jan Engelhardt
f59a4eb9d9 xt_lscan: extend info struct to support more flags (without size change) 2021-01-20 02:50:01 +01:00
Jan Engelhardt
a238253509 xt_ECHO: support new function signature of security_skb_classify_flow 2021-01-20 02:44:25 +01:00
Jan Engelhardt
4547e4c5cc Xtables-addons 3.14 v3.14 2020-11-24 18:41:52 +01:00
Jeremy Sowden
5d94a36d22 geoip: use correct download URL for MaxMind DBs 
The download URL for the GeoLite2 DBs has changed and includes a
licence key. Update the download script to read the key from file or
stdin and use the correct URL.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-11-24 18:39:00 +01:00
Jan Engelhardt
9d5b2e2e0e extensions: reduce number of arguments to send_reset functions 2020-11-23 23:14:46 +01:00
Jan Engelhardt
f973577ec0 extensions: call send_reset with xtables state socket 
Reported-by: Minqiang Chen <ptpt52@gmail.com>
 2020-11-23 23:06:25 +01:00
Jan Engelhardt
a35feefa0f build: cure overall build failure when CONFIG_NF_NAT=n 2020-11-22 17:45:37 +01:00
Jan Engelhardt
a1b3d81ccb geoip: rename xt_geoip_fetch to xt_geoip_query 
"fetch" sounds a bit like "download", but that is not what this
utility does. Calling it "query" seems more appropriate.
 2020-11-22 17:44:51 +01:00
Jeremy Sowden
6504f251c6 geoip: add man pages for MaxMind scripts 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-11-22 17:27:51 +01:00
Jeremy Sowden
1c67775d10 doc: fix man page typos 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-11-22 17:27:40 +01:00
Jeremy Sowden
7327cd725b geoip: remove superfluous xt_geoip_fetch_maxmind script 
xt_geoip_fetch and xt_geoip_fetch_maxmind are identical. Remove the
latter.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-11-22 17:27:31 +01:00
Jan Engelhardt
5c8aecdd56 Xtables-addons 3.13 v3.13 2020-11-20 13:13:52 +01:00
Jan Engelhardt
5ad9de75d4 compat_xtables: employ route_me_harder define for 4.19 and 5.4 too 
The API change found its way into some more Linux stable series.
 2020-11-20 13:11:38 +01:00
Jan Engelhardt
9e84e8f13d Xtables-addons 3.12 v3.12 2020-11-19 22:11:19 +01:00
Jan Engelhardt
50153ffdb9 compat_xtables: fix a spello near route_me_harder 2020-11-19 22:11:19 +01:00
Jan Engelhardt
9c4aeea422 xt_DNETMAP: compaction of variable declarations 2020-11-19 21:53:15 +01:00
Philip Prindeville
c09d0704af geoip: re-add Maxmind scripts 2020-11-19 13:03:42 +01:00
Jan Engelhardt
0021003dc7 extensions: abolish NIPQUAD/NIP6 
Support for Linux 2.6.28 is long gone.
 2020-11-19 12:54:36 +01:00
Jan Engelhardt
0ab3247900 build: adjust for changed signature of ip_route_me_harder 
(Cf. commit 46d6c5ae953cc0be38efd0e469284df7c4328cf8 in Linux.)
 2020-11-19 12:28:55 +01:00
Jeremy Sowden
d3f7dc1f55 pknlusr: mention the group ID command-line paramater in the man page 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-26 11:08:20 +01:00
Jan Engelhardt
87d3aab175 pknock: trim some blank lines 2020-10-26 11:06:57 +01:00
Jan Engelhardt
bfb0516c79 extensions: split assignments and if-exprs 2020-10-25 15:41:24 +01:00
Jeremy Sowden
939d3ee0d3 xt_pknock: remove DEBUG definition and disable debug output 
The DEBUG definition in xt_pknock.h causes a compiler warning if one
adds a DEBUG define to xt_pknock.c to enable pr_debug. Since it only
controls some debugging output in libxt_pknock.c, it would make sense to
move the definition there, but let's just disable the debugging instead.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:17:40 +01:00
Jeremy Sowden
5df71f8741 xt_pknock: use pr_err 
Replace some instances of `printk(KERN_ERR PKNOCK ...)`. We define
`pr_fmt`, so `pr_err` is equivalent.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:14:31 +01:00
Jeremy Sowden
82379e8ec1 xt_pknock: use kzalloc 
Replace some instances of kmalloc + memset.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:14:27 +01:00
Jeremy Sowden
b3a3f2e91b xt_pknock: use IS_ENABLED 
It is more succinct than checking whether CONFIG_BLAH or
CONFIG_BLAH_MODULE are defined.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:06:11 +01:00
Jeremy Sowden
63fb5d3490 pknlusr: fix hard-coded netlink multicast group ID 
The group ID used by xt_pknock is configurable, but pknlusr hard-codes
it. Modify pknlusr to accept an optional ID from the command line.
Group IDs range from 1 to 32 and each ID appears in the group bitmask
at position `group_id - 1`.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:06:10 +01:00
Jeremy Sowden
05cacbe84c pknlusr: always close socket 
On some error paths, the socket was not being closed before exit.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:02:39 +01:00
Jeremy Sowden
3c120ef5f1 pknlusr: do not treat recv return value of zero as an error 
A return-value of zero is not an error, so there is no point calling
perror, but since we have not requested and do not expect a zero-length
datagram, we treat it as EOF and exit.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:01:50 +01:00
Jeremy Sowden
b0a1aacd4b pknlusr: use macro to define inet_ntop buffer size 
POSIX provides a macro to define the minimum length required, so let's
use it.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:01:18 +01:00
Jeremy Sowden
c3bd1c61d1 pknlusr: use NLMSG macros and proper types, rather than arithmetic on char pointers 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:00:45 +01:00
Jeremy Sowden
9cd0b44c81 pknlusr: tidy up initialization of local address 
Use struct initialization and drop memset. We do not need to set the port
ID, since the kernel will do it for us.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:54:40 +01:00
Jeremy Sowden
b4faa4de65 pknock: pknlusr: tighten up variable scopes 
Make global variables local, and move variables local to while-loop into
the loop.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:54:10 +01:00
Jeremy Sowden
b05ea5644c pknock: pknlusr: remove dest_addr and rename src_addr 
We only need to specify the address at our end, and given that we are
receiving messages, not sending them, calling it `src_addr` is
misleading.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:53:34 +01:00
Jeremy Sowden
b052ec0f7d pknock: pknlusr: ensure man-page is included by make dist 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:50:17 +01:00
Jeremy Sowden
249df831b0 pknlusr: add man page 
Since pknlusr is now being installed, let's give it a man page.
 2020-10-23 11:22:41 +02:00
Jeremy Sowden
86112194da pknlusr: fix formatting of a line 2020-10-22 19:59:06 +02:00
Jan Engelhardt
20e1b669fc Xtables-addons 3.11 v3.11 2020-09-06 16:35:13 +02:00
Jeremy Sowden
e4784832ed build: bump supported kernel version to 5.9 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-31 15:04:54 +02:00
Jeremy Sowden
48e30a0990 xt_ACCOUNT: update prototype of nf_sockopt_ops::set callback 
In 5.9, the `void __user` parameter has been replaced by a `sockptr`.
Update `ipt_acc_set_ctl` appropriately.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-31 15:04:43 +02:00
Helmut Grohne
ea588d0b9c build: do not hard-code pkg-config 
Use $PKG_CONFIG in configure.ac in order to allow it to be overridden.
Fixes cross-compilation.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-31 13:03:48 +02:00
Jeremy Sowden
96460646e9 build: clean some extra build artifacts. 
Makefile.mans creates .manpages.lst, but does not remove it. Add
it to the `clean` target.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-30 13:39:53 +02:00
Jan Engelhardt
2cb4b2bec6 build: do build & install userspace programs for xt_ACCOUNT and xt_pknock 2020-08-30 13:36:10 +02:00
Jan Engelhardt
37f19c6b96 Xtables-addons 3.10 v3.10 2020-07-28 10:02:34 +02:00
Jeremy Sowden
73b96e25e4 doc: fix quoted string in libxt_DNETMAP manpage 
In roff, lines beginning with a single quote are control lines.  In the
libxt_DNETMAP man-page there is a single-quoted string at the beginning
of a line, which troff tries and fails to interpret as a macro:

	troff: <standard input>:49: warning: macro 'S'' not defined

This means that the line is not output.

Replace the single quotes with the appropriate escape-sequences.

Fixes: v2.3~9 ("doc: spelling and grammar corrections to DNETMAP")
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-07-28 10:02:26 +02:00