xtables-addons

mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2026-01-08 16:23:52 +01:00

Author	SHA1	Message	Date
Jeremy Sowden	b3a3f2e91b	xt_pknock: use IS_ENABLED It is more succinct than checking whether CONFIG_BLAH or CONFIG_BLAH_MODULE are defined. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 15:06:11 +01:00
Jeremy Sowden	63fb5d3490	pknlusr: fix hard-coded netlink multicast group ID The group ID used by xt_pknock is configurable, but pknlusr hard-codes it. Modify pknlusr to accept an optional ID from the command line. Group IDs range from 1 to 32 and each ID appears in the group bitmask at position `group_id - 1`. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 15:06:10 +01:00
Jeremy Sowden	05cacbe84c	pknlusr: always close socket On some error paths, the socket was not being closed before exit. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 15:02:39 +01:00
Jeremy Sowden	3c120ef5f1	pknlusr: do not treat recv return value of zero as an error A return-value of zero is not an error, so there is no point calling perror, but since we have not requested and do not expect a zero-length datagram, we treat it as EOF and exit. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 15:01:50 +01:00
Jeremy Sowden	b0a1aacd4b	pknlusr: use macro to define inet_ntop buffer size POSIX provides a macro to define the minimum length required, so let's use it. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 15:01:18 +01:00
Jeremy Sowden	c3bd1c61d1	pknlusr: use NLMSG macros and proper types, rather than arithmetic on char pointers Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 15:00:45 +01:00
Jeremy Sowden	9cd0b44c81	pknlusr: tidy up initialization of local address Use struct initialization and drop memset. We do not need to set the port ID, since the kernel will do it for us. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 14:54:40 +01:00
Jeremy Sowden	b4faa4de65	pknock: pknlusr: tighten up variable scopes Make global variables local, and move variables local to while-loop into the loop. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 14:54:10 +01:00
Jeremy Sowden	b05ea5644c	pknock: pknlusr: remove dest_addr and rename src_addr We only need to specify the address at our end, and given that we are receiving messages, not sending them, calling it `src_addr` is misleading. Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 14:53:34 +01:00
Jeremy Sowden	b052ec0f7d	pknock: pknlusr: ensure man-page is included by `make dist` Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2020-10-25 14:50:17 +01:00
Jeremy Sowden	249df831b0	pknlusr: add man page Since pknlusr is now being installed, let's give it a man page.	2020-10-23 11:22:41 +02:00
Jeremy Sowden	86112194da	pknlusr: fix formatting of a line	2020-10-22 19:59:06 +02:00
Jan Engelhardt	2cb4b2bec6	build: do build & install userspace programs for xt_ACCOUNT and xt_pknock	2020-08-30 13:36:10 +02:00
Jan Engelhardt	d31067b32e	Support for Linux 5.6 procfs API	2020-02-25 07:28:23 +01:00
Jeremy Sowden	d4c2aac5f8	xt_pknock, xt_SYSRQ: do not set shash_desc::flags. shash_desc::flags was removed from the kernel in 5.1. That assignment was actually superfluous anyway, because crypto.desc is zero-initialized when crypto is initialized (xt_pknock.c, ll. 110ff.). Signed-off-by: Jeremy Sowden <jeremy@azazel.net>	2019-09-06 10:34:36 +02:00
Jan Engelhardt	bf63a25a64	build: remove support for Linux 4.14	2018-02-12 15:09:52 +01:00
Jan Engelhardt	29d10e11fa	build: remove support for Linux 3.14	2018-02-12 14:46:50 +01:00
Jan Engelhardt	56e5970c64	xt_pknock: don't split function heads	2018-01-05 01:36:12 +01:00
Marcelo Henrique Cerri	2b76b68c65	build: support for Linux 4.15 Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>	2018-01-05 01:35:12 +01:00
Jan Engelhardt	0a836e9677	pknock: fix PVSStudio static analyzer reports V595 The 'peer' pointer was utilized before it was verified against nullptr.	2017-07-23 19:55:06 +02:00
Your Name	7af1b9737c	xt_pknock: use shash crypto API The old hash API is dropped as of Linux 4.6. Only build tested.	2016-05-20 04:46:31 -04:00
Jan Engelhardt	f5e95f35a7	xt_pknock: replace nemesis by socat Use a utility much more widely available.	2016-04-22 22:51:24 +02:00
Jan Engelhardt	80bed0655f	xt_pknock: import digest generation utility	2016-04-22 22:48:56 +02:00
Jan Engelhardt	bc6aaf74d8	xt_pknock: remove reference to non-existing documentation Even in the old pknock-0.5.tar.gz tarball, there is no doc/pknock/ directory.	2016-04-22 22:43:17 +02:00
Adam Butcher	c08835d65c	xt_pknock: fix pknock in UDP SPA mode When the PK_CRYPTO pre-processor flag got removed in v1.47.1-2-g66f213e, one of the removal cases was misapplied; the body of an "#ifndef PK_CRYPTO" was left in rather than the whole section being removed.	2014-09-04 18:45:42 +02:00
Jan Engelhardt	87adf3461f	build: resolve compile error with Linux 3.15 Commit v3.15-rc1~141^2~97 changed the signature for cn_netlink_send.	2014-04-18 19:12:51 +02:00
Jan Engelhardt	3bf7ebc48c	xt_pknock: support for Linux 3.10	2013-06-18 08:09:18 +02:00
Dmitry Smirnov	fe7a30c746	doc: lint man pages (hyphens and spelling) * hyphen-used-as-minus-sign * spelling-error-in-manpage	2013-06-02 16:49:12 +02:00
Jan Engelhardt	04d8ebe31c	build: remove support for Linux 2.6.23	2012-10-16 04:16:56 +02:00
Jan Engelhardt	66f213e324	build: remove support for Linux 2.6.18	2012-10-16 02:36:02 +02:00
Jan Engelhardt	f830dbd34e	Remove unused Kconfig files	2012-03-14 01:32:33 +01:00
Frank Reppin	6ef91897b2	build: fix compilation after missing libxtables_CFLAGS in submodules	2011-08-21 13:56:42 +02:00
Jan Engelhardt	04aed87cb6	xt_pknock: support UDPLITE	2011-08-12 15:42:44 +02:00
Jan Engelhardt	32871bad39	xt_pknock: avoid inversion of rule lookup that led to warnings Commit v1.18-48-g58839b9 had this screwed up.	2011-02-25 01:22:16 +01:00
Jan Engelhardt	0ba44bd461	xt_pknock: avoid crash when hash TFM could not be allocated	2011-02-25 01:22:16 +01:00
Jan Engelhardt	d4e6e3d155	xt_pknock: indent	2011-02-25 01:20:12 +01:00
Jan Engelhardt	1edc9b943b	build: do not forget including path for compat_user.h	2011-02-02 05:15:09 +01:00
Jan Engelhardt	ebfa77795a	build: preliminary support for iptables 1.4.11	2011-02-02 05:09:58 +01:00
Jan Engelhardt	ebb61aa3c9	pknock: resolve warnings about unused variables	2011-01-22 17:32:38 +01:00
Jan Engelhardt	bd2e6108f3	pknock: use build flags in pknock Makefile	2011-01-22 17:31:53 +01:00
Jan Engelhardt	2d36632d4a	build: add workaround for beoken linux-glibc-devel (2)	2010-09-29 02:51:26 +02:00
Jan Engelhardt	43921c5834	compat_xtables: move to 2.6.35 xt_action_param (3/3) Since the last merge of the "api35" branch, further changes were included into nf-next. This set of three commits updates the xtables-addons API to match that.	2010-05-13 19:45:56 +02:00
Jan Engelhardt	9a18a05d02	compat_xtables: move to 2.6.35 xt_action_param (2/3)	2010-05-13 19:45:52 +02:00
Jan Engelhardt	5b472be9bb	compat_xtables: move to 2.6.35 xt_action_param (1/3)	2010-05-13 19:28:37 +02:00
Jan Engelhardt	beb3358297	compat_xtables: move to 2.6.35 API for matches	2010-04-05 00:43:47 +02:00
Jan Engelhardt	414e95ffb1	extensions: replace AF/PF with NFPROTO Needs one update of netfilter.h to something recent, too.	2010-03-17 02:20:39 +01:00
Jan Engelhardt	16e4968343	pknock: avoid compiler warnings for !PK_CRYPTO case xt_pknock.c: In function "update_peer": xt_pknock.c:890:3: warning: implicit declaration of function "pass_security" xt_pknock.c: In function "pknock_mt": xt_pknock.c:1030:5: warning: implicit declaration of function "is_close_knock"	2009-11-19 12:13:29 +01:00
Jan Engelhardt	8c910aa82b	pknock: reverse control flow for next patch	2009-11-19 12:11:46 +01:00
Jan Engelhardt	d9cd40e9fa	pknock: switch allocations to GFP_KERNEL All allocations currently using GFP_ATOMIC happen in user context, so GFP_KERNEL is sufficient.	2009-10-30 18:40:52 +01:00
Jan Engelhardt	aad0cafd19	pknock: move manpage into pknock's subdirectory	2009-10-14 21:18:08 +02:00

1 2

72 Commits