anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-07 05:05:12 +02:00
Code Issues Releases Wiki Activity
1,082 Commits 5 Branches 85 Tags
9d5b2e2e0e1599f167260d2ff8e63d2d784a05a9
Commit Graph

1082 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jan Engelhardt
9d5b2e2e0e extensions: reduce number of arguments to send_reset functions 2020-11-23 23:14:46 +01:00
Jan Engelhardt
f973577ec0 extensions: call send_reset with xtables state socket 
Reported-by: Minqiang Chen <ptpt52@gmail.com>
 2020-11-23 23:06:25 +01:00
Jan Engelhardt
a35feefa0f build: cure overall build failure when CONFIG_NF_NAT=n 2020-11-22 17:45:37 +01:00
Jan Engelhardt
a1b3d81ccb geoip: rename xt_geoip_fetch to xt_geoip_query 
"fetch" sounds a bit like "download", but that is not what this
utility does. Calling it "query" seems more appropriate.
 2020-11-22 17:44:51 +01:00
Jeremy Sowden
6504f251c6 geoip: add man pages for MaxMind scripts 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-11-22 17:27:51 +01:00
Jeremy Sowden
1c67775d10 doc: fix man page typos 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-11-22 17:27:40 +01:00
Jeremy Sowden
7327cd725b geoip: remove superfluous xt_geoip_fetch_maxmind script 
xt_geoip_fetch and xt_geoip_fetch_maxmind are identical. Remove the
latter.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-11-22 17:27:31 +01:00
Jan Engelhardt
5c8aecdd56 Xtables-addons 3.13 v3.13 2020-11-20 13:13:52 +01:00
Jan Engelhardt
5ad9de75d4 compat_xtables: employ route_me_harder define for 4.19 and 5.4 too 
The API change found its way into some more Linux stable series.
 2020-11-20 13:11:38 +01:00
Jan Engelhardt
9e84e8f13d Xtables-addons 3.12 v3.12 2020-11-19 22:11:19 +01:00
Jan Engelhardt
50153ffdb9 compat_xtables: fix a spello near route_me_harder 2020-11-19 22:11:19 +01:00
Jan Engelhardt
9c4aeea422 xt_DNETMAP: compaction of variable declarations 2020-11-19 21:53:15 +01:00
Philip Prindeville
c09d0704af geoip: re-add Maxmind scripts 2020-11-19 13:03:42 +01:00
Jan Engelhardt
0021003dc7 extensions: abolish NIPQUAD/NIP6 
Support for Linux 2.6.28 is long gone.
 2020-11-19 12:54:36 +01:00
Jan Engelhardt
0ab3247900 build: adjust for changed signature of ip_route_me_harder 
(Cf. commit 46d6c5ae953cc0be38efd0e469284df7c4328cf8 in Linux.)
 2020-11-19 12:28:55 +01:00
Jeremy Sowden
d3f7dc1f55 pknlusr: mention the group ID command-line paramater in the man page 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-26 11:08:20 +01:00
Jan Engelhardt
87d3aab175 pknock: trim some blank lines 2020-10-26 11:06:57 +01:00
Jan Engelhardt
bfb0516c79 extensions: split assignments and if-exprs 2020-10-25 15:41:24 +01:00
Jeremy Sowden
939d3ee0d3 xt_pknock: remove DEBUG definition and disable debug output 
The DEBUG definition in xt_pknock.h causes a compiler warning if one
adds a DEBUG define to xt_pknock.c to enable pr_debug. Since it only
controls some debugging output in libxt_pknock.c, it would make sense to
move the definition there, but let's just disable the debugging instead.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:17:40 +01:00
Jeremy Sowden
5df71f8741 xt_pknock: use pr_err 
Replace some instances of `printk(KERN_ERR PKNOCK ...)`. We define
`pr_fmt`, so `pr_err` is equivalent.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:14:31 +01:00
Jeremy Sowden
82379e8ec1 xt_pknock: use kzalloc 
Replace some instances of kmalloc + memset.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:14:27 +01:00
Jeremy Sowden
b3a3f2e91b xt_pknock: use IS_ENABLED 
It is more succinct than checking whether CONFIG_BLAH or
CONFIG_BLAH_MODULE are defined.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:06:11 +01:00
Jeremy Sowden
63fb5d3490 pknlusr: fix hard-coded netlink multicast group ID 
The group ID used by xt_pknock is configurable, but pknlusr hard-codes
it. Modify pknlusr to accept an optional ID from the command line.
Group IDs range from 1 to 32 and each ID appears in the group bitmask
at position `group_id - 1`.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:06:10 +01:00
Jeremy Sowden
05cacbe84c pknlusr: always close socket 
On some error paths, the socket was not being closed before exit.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:02:39 +01:00
Jeremy Sowden
3c120ef5f1 pknlusr: do not treat recv return value of zero as an error 
A return-value of zero is not an error, so there is no point calling
perror, but since we have not requested and do not expect a zero-length
datagram, we treat it as EOF and exit.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:01:50 +01:00
Jeremy Sowden
b0a1aacd4b pknlusr: use macro to define inet_ntop buffer size 
POSIX provides a macro to define the minimum length required, so let's
use it.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:01:18 +01:00
Jeremy Sowden
c3bd1c61d1 pknlusr: use NLMSG macros and proper types, rather than arithmetic on char pointers 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:00:45 +01:00
Jeremy Sowden
9cd0b44c81 pknlusr: tidy up initialization of local address 
Use struct initialization and drop memset. We do not need to set the port
ID, since the kernel will do it for us.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:54:40 +01:00
Jeremy Sowden
b4faa4de65 pknock: pknlusr: tighten up variable scopes 
Make global variables local, and move variables local to while-loop into
the loop.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:54:10 +01:00
Jeremy Sowden
b05ea5644c pknock: pknlusr: remove dest_addr and rename src_addr 
We only need to specify the address at our end, and given that we are
receiving messages, not sending them, calling it `src_addr` is
misleading.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:53:34 +01:00
Jeremy Sowden
b052ec0f7d pknock: pknlusr: ensure man-page is included by make dist 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:50:17 +01:00
Jeremy Sowden
249df831b0 pknlusr: add man page 
Since pknlusr is now being installed, let's give it a man page.
 2020-10-23 11:22:41 +02:00
Jeremy Sowden
86112194da pknlusr: fix formatting of a line 2020-10-22 19:59:06 +02:00
Jan Engelhardt
20e1b669fc Xtables-addons 3.11 v3.11 2020-09-06 16:35:13 +02:00
Jeremy Sowden
e4784832ed build: bump supported kernel version to 5.9 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-31 15:04:54 +02:00
Jeremy Sowden
48e30a0990 xt_ACCOUNT: update prototype of nf_sockopt_ops::set callback 
In 5.9, the `void __user` parameter has been replaced by a `sockptr`.
Update `ipt_acc_set_ctl` appropriately.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-31 15:04:43 +02:00
Helmut Grohne
ea588d0b9c build: do not hard-code pkg-config 
Use $PKG_CONFIG in configure.ac in order to allow it to be overridden.
Fixes cross-compilation.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-31 13:03:48 +02:00
Jeremy Sowden
96460646e9 build: clean some extra build artifacts. 
Makefile.mans creates .manpages.lst, but does not remove it. Add
it to the `clean` target.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-08-30 13:39:53 +02:00
Jan Engelhardt
2cb4b2bec6 build: do build & install userspace programs for xt_ACCOUNT and xt_pknock 2020-08-30 13:36:10 +02:00
Jan Engelhardt
37f19c6b96 Xtables-addons 3.10 v3.10 2020-07-28 10:02:34 +02:00
Jeremy Sowden
73b96e25e4 doc: fix quoted string in libxt_DNETMAP manpage 
In roff, lines beginning with a single quote are control lines.  In the
libxt_DNETMAP man-page there is a single-quoted string at the beginning
of a line, which troff tries and fails to interpret as a macro:

	troff: <standard input>:49: warning: macro 'S'' not defined

This means that the line is not output.

Replace the single quotes with the appropriate escape-sequences.

Fixes: v2.3~9 ("doc: spelling and grammar corrections to DNETMAP")
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-07-28 10:02:26 +02:00
Philip Prindeville
ca84ee8e15 geoip: add quiet flag to xt_geoip_build 
Conceivably someone might want to run a refresh of the geoip database
from within a script, particularly an unattended script such as a cron
job. Do not generate output in that case.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
 2020-05-26 14:58:04 +02:00
Jan Engelhardt
c9ba3507fc geoip: add -s option to xt_geoip_build 2020-05-12 22:49:37 +02:00
Jan Engelhardt
b87366bb83 geoip: replace xt_geoip_build's -S option by new option -i 
The Maxmind DB came with potentially multiple files, but DBIP is
currently just one. Drop the -S argument and instead introduce -i.
 2020-05-12 22:47:00 +02:00
Jan Engelhardt
8bbb0cb3eb geoip: set +x again on xt_geoip_build 2020-05-12 22:38:32 +02:00
Jan Engelhardt
b4629f46c6 build: do install xt_geoip_fetch.1 2020-05-01 23:07:16 +02:00
Philip Prindeville
f7f18f0c4f geoip: install and document xt_geoip_fetch 
Add a man page for xt_geoip_fetch.1 and include it as part of
the installed scripts.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
 2020-05-01 23:04:55 +02:00
Jan Engelhardt
9193adc835 geoip: pipe wget right into gzip 
Skip over creating temporary files.
 2020-04-21 12:01:52 +02:00
Philip Prindeville
74fcd4a2ae geoip: simplify unpacking start/end tuples from database 
Use unpack() to separate start/end instead of substr().

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
 2020-04-21 12:00:54 +02:00
Philip Prindeville
4b43df69f5 geoip: update download script for DBIP database 
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
 2020-04-21 12:00:50 +02:00