anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-06 04:35:12 +02:00
Code Issues Releases Wiki Activity
1,082 Commits 5 Branches 85 Tags
9d5b2e2e0e1599f167260d2ff8e63d2d784a05a9
Commit Graph

48 Commits

Author SHA1 Message Date
Jan Engelhardt
9d5b2e2e0e extensions: reduce number of arguments to send_reset functions 2020-11-23 23:14:46 +01:00
Jan Engelhardt
f973577ec0 extensions: call send_reset with xtables state socket 
Reported-by: Minqiang Chen <ptpt52@gmail.com>
 2020-11-23 23:06:25 +01:00
Jan Engelhardt
0ab3247900 build: adjust for changed signature of ip_route_me_harder 
(Cf. commit 46d6c5ae953cc0be38efd0e469284df7c4328cf8 in Linux.)
 2020-11-19 12:28:55 +01:00
Paolo Pisati
0cc51e6b35 build: add support for Linux 5.4 2019-11-20 22:45:18 +01:00
rantal
708f883635 add support for Linux 5.0 for DELUDE and TARPIT 2019-08-14 18:40:07 +00:00
Jan Engelhardt
9b1c7c1c04 build: remove support for Linux 4.9 2018-02-12 14:59:44 +01:00
Jan Engelhardt
7682cc8c34 build: remove support for Linux 4.3 2018-02-12 14:55:45 +01:00
Jan Engelhardt
10f951e61d build: remove support for Linux 4.0 2018-02-12 14:53:01 +01:00
Ralph Sennhauser
a8af97b8fa build: support for Linux 4.10 
Commit 613dbd95723aee7abd16860745691b6c7bda20dc (netfilter:
x_tables: move hook state into xt_action_param structure) changes the
struct xt_action_param, accommodate for it.

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
 2017-01-04 02:40:41 +01:00
Jan Engelhardt
01e7128a80 build: support for Linux 4.4 2015-11-20 23:17:39 +01:00
Alexander Petrenas
96ce5ec488 xt_TARPIT: support for Linux 4.1 2015-07-06 05:59:21 +02:00
Jan Engelhardt
f2e21e67a5 build: resolve compile error with Linux 3.13 
net_random has been removed in commit v3.14-rc1~94^2~191 and replaced
by its definition, prandom_u32.

prandom_u32 was only introduced in v3.8-rc1~74^2~22, so we will have
an extra ifdef for 3.7 support.
 2014-04-18 19:12:40 +02:00
Jan Engelhardt
991c0cf4cf compat_xtables: remove no longer needed target API redirection 
Function signature for targets stayed the same since 3.7.
 2014-01-09 10:24:32 +01:00
Jan Engelhardt
7cf7250e07 compat_xtables: remove unused xtnu_ip_route_me_harder 2014-01-09 10:16:02 +01:00
Jan Engelhardt
b5a2f9aa14 compat_xtables: dissolve unusued rt_dst 2013-06-08 15:27:34 +02:00
Jan Engelhardt
5494bc40f4 Merge branch 'maint' into newage 2012-11-12 19:01:31 +01:00
Jan Engelhardt
bcdb7ed4e9 Update my email address 
To ... none! Whatever is recent is in the git log.
 2012-11-12 19:01:14 +01:00
Jan Engelhardt
bcdd42f556 build: remove support for Linux 2.6.38 2012-11-12 18:30:42 +01:00
Jan Engelhardt
31aebc134e build: remove support for Linux 2.6.20 2012-10-16 02:36:10 +02:00
Jan Engelhardt
0dcc56bc62 build: remove support for Linux 2.6.17 2012-10-16 02:35:57 +02:00
Josh Hunt
4ff5a8fbf6 TARPIT: fix memory leak when tarpit_generic() fails 
Currently tarpit_generic() just returns on failure, but this does not
free nskb.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-08-02 17:48:05 +02:00
Jan Engelhardt
a2676585da build: avoid use of unexported functions 
Fixes: "WARNING 'ipv6_find_hdr' [xt_TARPIT.ko] not found" in
<= linux-2.6.37.
 2012-07-16 05:36:41 +02:00
Jan Engelhardt
5c615a3c73 build: do not attempt to build IPv6 parts if CONFIG_IP6_NF_IPTABLES=n 
Checking for IPV6 is not sufficient, use IP6_NF_IPTABLES instead.
 2012-07-14 23:19:16 +02:00
Jan Engelhardt
0c1375414d build: do not attempt to build IPv6 parts if CONFIG_IPV6=n 2012-07-14 22:55:39 +02:00
Josh Hunt
06b82c649d TARPIT: resolve build errors with newer kernels 
Adds fragment offset arg to ipv6_skip_exthdr() and also removes usage
of ipv6_addr_copy() in favor or direct assignment.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-09 18:55:12 +02:00
Josh Hunt
7cd01e0b14 TARPIT: add IPv6 support 
This adds IPv6 support for the tarpit target. It performs the same
functionality as the v4 version, but with IPv6 connections.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-08 21:22:22 +02:00
Josh Hunt
4eb97c7a01 TARPIT: make tarpit code generic 
Creates a generic function to perform the tcp header manipulation in.
Done in preparation for IPv6 support. This allows us to share code
between v4 and v6 processing.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-08 20:54:35 +02:00
Josh Hunt
48fbc6783e TARPIT: move XTTARPIT_RESET to its own function 
Moves XTTARPIT_RESET into its own function.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-08 20:51:46 +02:00
Josh Hunt
a9f383daf8 TARPIT: move XTTARPIT_HONEYPOT mode into its own function 
Moves XTTARPIT_HONEYPOT into its own function.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-08 20:51:05 +02:00
Josh Hunt
cbe58f55d0 TARPIT: move XTTARPIT_TARPIT mode processing to its own function 
Moves the XTTARPIT_TARPIT mode processing to its own function.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-08 20:51:00 +02:00
Jan Engelhardt
d11218815f TARPIT: mark oldtcphdr const 2012-07-08 20:51:00 +02:00
Jan Engelhardt
ec97cd6d89 build: add missing linux/version.h includes where needed 
Reported-by: Sergei Zhirikov <sfzhi@yahoo.com>
References: http://marc.info/?l=netfilter-devel&m=131404939007827&w=2
 2011-08-28 19:45:39 +02:00
Jan Engelhardt
cd18e2479c xt_TARPIT: fix kernel warning about RTAX_HOPLIMIT being used 2011-07-26 01:57:45 +02:00
Martin Barrowcliff
85d8f98dd7 xt_TARPIT: fix a kernel oops in --reset mode 
1. Moved misplaced code that was causing kernel oops in reset mode.

2. Added payload size calc to honeypot mode, so ack sequence may ACK
the length of client's sent payload packets correctly.

3. Modified TTL for honeypot mode so we look more like a Windows
machine.
 2011-06-24 22:09:34 +02:00
Jan Engelhardt
6f730f3ab2 xt_TARPIT: unlock for use with all tables 2011-06-01 01:37:05 +02:00
Martin Barrow Cliff
fa1348455d xt_TARPIT: honeypot and reset modes 
Honeypot mode attempts to maintain a normal connection for the purpose
of capturing payload packets.

Reset mode provides the ability to send a reset packet in lieu of
using the DROP or REJECT targets.
 2011-05-31 22:41:51 +02:00
Jan Engelhardt
03ec8a7696 TEE: resolve compile error with Linux 2.6.36-rc 
xt_TEE.c:54:19: error: request for member "dst" in something not a
structure or union
xt_TEE.c:55:20: error: "struct rtable" has no member named "u"

Linux kernel commit v2.6.36-rc1~571^2~616 changed this.
 2010-09-22 23:37:19 +02:00
Jan Engelhardt
5b472be9bb compat_xtables: move to 2.6.35 xt_action_param (1/3) 2010-05-13 19:28:37 +02:00
Jan Engelhardt
fdf42a3a50 build: support for Linux 2.6.31-rc1 2009-07-02 01:51:40 +02:00
Jan Engelhardt
538d74b5d8 Update my email address 2009-03-25 22:10:42 +01:00
Jan Engelhardt
ee7e4f5a42 Update for Linux 2.6.28 2008-11-18 12:51:25 +01:00
Jan Engelhardt
be6fbee56a src: use NFPROTO_ constants 2008-11-18 11:57:14 +01:00
Jan Engelhardt
f3f0741469 Support for Linux 2.6.17 2008-09-22 13:40:25 -04:00
Jan Engelhardt
ab27472eb4 src: move to a pskb-based API 
It occurred that skb reallocation does happen on older kernels, and
those kernels should really be supported, since the patch is really
minimal.
 2008-09-01 15:27:43 -04:00
Jan Engelhardt
74880dd6ca Update license texts 2008-08-02 13:08:48 -04:00
Jan Engelhardt
5fd97e9973 compat update: allow building from 2.6.18 onwards 2008-03-12 04:28:40 +01:00
Jan Engelhardt
47b700b0f5 Add a compat wrapper to make modules work with older Linux. 
The extension modules use the API of a fairly recent kernel, if not
even the networking git tree. To make it work with older Linux
kernels, an API wrapper is added. Should compile against
running-kernels Linux 2.6.19..current (tested: 2.6.22..current).

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
 2008-01-29 15:40:57 +01:00
Jan Engelhardt
7a981b17b5 Initial commit. 
Populate the iptables-addons repository with two modules, xt_TARPIT
and xt_TEE, as a starting point.

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
 2008-01-29 03:57:08 +01:00