anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-07 21:25:12 +02:00
Code Issues Releases Wiki Activity
781 Commits 5 Branches 85 Tags
a9f383daf8a06d6249e11f311428debe9a961eea
Commit Graph

781 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Hunt
a9f383daf8 TARPIT: move XTTARPIT_HONEYPOT mode into its own function 
Moves XTTARPIT_HONEYPOT into its own function.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-08 20:51:05 +02:00
Josh Hunt
cbe58f55d0 TARPIT: move XTTARPIT_TARPIT mode processing to its own function 
Moves the XTTARPIT_TARPIT mode processing to its own function.

Signed-off-by: Josh Hunt <johunt@akamai.com>
 2012-07-08 20:51:00 +02:00
Jan Engelhardt
d11218815f TARPIT: mark oldtcphdr const 2012-07-08 20:51:00 +02:00
Kevin Locke
911d3d146a build: include <net/ip6_checksum.h> for csum_ipv6_magic 
xt_ECHO fails to build on PPC because csum_ipv6_magic is declared in
<net/ip6_checksum.h>, which is not implicitly included from other
headers on PPC causing build failures due to this function being
undefined. So, include this header explicitly.

Note:  Same cause as <http://bugzilla.netfilter.org/show_bug.cgi?id=307>.
 2012-07-03 22:53:57 +02:00
Jan Engelhardt
e2ecff2071 Xtables-addons 1.43 v1.43 2012-06-30 19:46:21 +02:00
Jan Engelhardt
b2bcedd1ef build: support for Linux 3.5 2012-06-30 18:38:49 +02:00
Jan Engelhardt
36c349054e build: do not fail if AM_PROG_AR is not known 2012-06-30 15:44:44 +02:00
Jan Engelhardt
95da880d39 build: remove empty warning message 2012-06-21 19:13:13 +02:00
Jan Engelhardt
3be26a731b build: add missing include for xt_DNETMAP 
xt_DNETMAP.c: In function 'dnetmap_tg_proc_write':
xt_DNETMAP.c:703:3: error: implicit declaration of function 'in4_pton'
[-Werror=implicit-function-declaration]
 2012-06-15 15:48:42 +02:00
Jan Engelhardt
38db58adc1 build: automake 1.12 wants me to use AM_PROG_AR 2012-06-15 15:24:29 +02:00
Jan Engelhardt
0f302b7b2f Merge branch 'psd_cleanups' of git://git.breakpoint.cc/fw/xtables-addons 2012-06-15 15:18:57 +02:00
Florian Westphal
d66d07d01d psd: move defines to user/kernelspace part where possible 
Some of these defines have no meaning in userspace, so there
is no need to make those available.
 2012-06-15 15:17:30 +02:00
Florian Westphal
3736a265d8 psd: reduce size of struct host 
We can use u16, saving 8 bytes total (weight cannot exceed
PSD_MAX_RATE, 10000). Also re-format comments & struct initializers.

No functional changes.
 2012-06-15 15:17:21 +02:00
Jan Engelhardt
5b2649b1a2 psd: re-format comments 2012-06-15 15:16:31 +02:00
Florian Westphal
f6b8767228 psd: add basic validation of userspace matchinfo data 
psd multiplies weight_thresh by HZ, so it could overflow.

Userspace libxt_psd refuses values exceeding PSD_MAX_RATE, so check
that on kernel side, too.

Also, setting 0 weight for both privileged and highports will cause
psd to never match at all.

Reject 0 weight threshold, too because it makes no sense (triggers
match for every initial packet).
 2012-06-15 15:11:32 +02:00
Florian Westphal
ac58f2e94b psd: rip out scanlogd leftovers 
scanlogd remembers tcp flags and uses the *_CHANGING values in its
logger function to determine the best log format to use (e.g. TTL is
not logged if HF_TTL_CHANGING was set, as TTL values were different).

As psd does not log at all, we do not need track this.

Also get rid of bogus/misleading comments.
 2012-06-15 15:09:26 +02:00
Jan Engelhardt
7cc774641a all: remove trailing squatspaces 2012-06-10 22:31:10 +02:00
Marek Kierdelewicz
492236f931 DNETMAP version 2 
- new type: static binding
- new persistent flag option for prefix
- add extra information in /proc/net/xt_DNETMAP/prefix_stat that
  includes the count of static bindings and persistent flag
- add proc interface write support (add/del/flush binding)
- updated manual
 2012-06-10 22:27:28 +02:00
Jan Engelhardt
1e8da7c31c build: update installation requirements 
Versions prior to 2.6.32 are not tested anymore due to make 3.82 being
troubled with an old ambiguous Makefile syntax.
 2012-04-21 02:45:10 +02:00
Jan Engelhardt
3f1202c211 build: limit xt_ECHO to kernel 3.x 
(Would also work on 2.6.39, but eh.)
 2012-04-21 02:44:51 +02:00
Florian Westphal
759546f8d0 xt_psd: avoid crash due to curr->next corruption 
curr->ports[] is of size SCAN_MAX_COUNT - 1, so under certain
conditions we wrote past end of array, corrupting ->next pointer
of the adjacent host entry.

Reported-and-tested-by: Serge Leschinsky <serge.leschinsky@gmail.com>
 2012-04-18 14:30:22 +02:00
Jan Engelhardt
72b1421783 Xtables-addons 1.42 v1.42 2012-04-05 06:58:46 +02:00
Jan Engelhardt
0b3d1bc4f0 src: remove ipset6-genl 
As scheduled, perform the removal of ipset from the tree.
 2012-04-05 06:58:46 +02:00
Jan Engelhardt
3679e0efa6 build: support for Linux 3.4 2012-04-05 06:58:46 +02:00
Jan Engelhardt
517b8c66b5 build: enable xt_ECHO by default 2012-04-05 06:58:46 +02:00
Jan Engelhardt
7ee9feb20e build: support for Linux 3.3 2012-04-05 06:58:43 +02:00
Jan Engelhardt
f830dbd34e Remove unused Kconfig files 2012-03-14 01:32:33 +01:00
Jan Engelhardt
916013cd89 xt_SYSRQ: fix compile error when crypto is turned off 2012-01-20 21:19:13 +01:00
Jan Engelhardt
a6b06502ca compat_xtables: fixed mistranslation of checkentry return values 2012-01-12 09:21:39 +01:00
Jan Engelhardt
aee5aedc63 Xtables-addons 1.41 v1.41 2012-01-04 21:45:45 +01:00
Jan Engelhardt
54d784ffdf build: stash away build tools and update .gitignore 2012-01-04 21:45:45 +01:00
Jan Engelhardt
076610e3af build: additional compilation fixes for Linux 3.2/3.3 2012-01-04 21:45:43 +01:00
Jan Engelhardt
7a1ad32d1a doc: document --without-kbuild 
References: http://comments.gmane.org/gmane.comp.security.firewalls.netfilter.general/42337
 2011-12-31 03:06:58 +01:00
Jan Engelhardt
40094379dd doc: update README/INSTALL with recent changes 2011-12-31 03:05:25 +01:00
Jan Engelhardt
ce37dd6984 build: deactivate build of ipset-genl by default 2011-12-31 02:17:30 +01:00
Jan Engelhardt
31fdd86247 build: support for Linux 3.2 2011-12-31 02:15:45 +01:00
Jan Engelhardt
36df60c940 Xtables-addons 1.40 v1.40 2011-11-30 11:41:04 +01:00
Jan Engelhardt
2b671829d8 xt_quota2: license clarification 
GPL3 did not exist back when Sam's xt_quota was written, therefore it
should be assumed that MODULE_LICENSE("GPL") intended to mean just
GPL2.
 2011-11-30 11:41:04 +01:00
Jan Engelhardt
9ab6a0ee0d ipset: update to 6.10-genl 2011-11-30 11:14:29 +01:00
Jan Engelhardt
365d5edfb3 build: notify of unsupported Linux kernel versions 
make 3.82 does not like mixing normal rules with implicit rules,
which rejects Makefiles of Linux kernels before 2.6.32 series.
 2011-11-26 00:20:36 +01:00
Eivind Naess
75cd1d7d6a xt_ipv4options: fix an infinite loop 2011-11-05 15:31:00 +01:00
Jan Engelhardt
b0dc0e6f4c Merge remote branch 'origin/master' 2011-11-04 20:08:04 +01:00
Jan Engelhardt
bc1c37618a src: use xtables_register_targets throughout 2011-11-02 00:26:23 +01:00
Jan Engelhardt
d7aeb7da4b build: iptables >= 1.4.5 is in fact required 2011-11-02 00:17:54 +01:00
Jan Engelhardt
487da26146 xt_ECHO: IPv6 support 2011-09-25 14:57:48 +02:00
Jan Engelhardt
434dea2b53 xt_ECHO: calculate UDP checksum 2011-09-25 14:39:43 +02:00
Jan Engelhardt
30d227135b xt_ECHO: fix kernel warning about RTAX_HOPLIMIT being used 2011-09-25 14:39:43 +02:00
Jan Engelhardt
a508ec048c xt_ECHO: misc backports from ipt_REJECT and cosmetics 2011-09-25 14:39:10 +02:00
Jan Engelhardt
3069c9a3a2 Xtables-addons 1.39 v1.39 2011-09-21 19:59:41 +02:00
Jan Engelhardt
5245220246 ipset: update to 6.9.1-genl 2011-09-21 19:58:05 +02:00