ca894d6687
compat_xtables: improve memory usage in struct xtnu_{match,target}
2010-05-13 15:51:54 +02:00
db717ec479
xt_quota2: reduce printf complexity
2010-05-13 15:39:29 +02:00
a46ca95078
Xtables-addons 1.26
2010-04-30 22:54:06 +02:00
8b2a266db0
compat_xtables: fix 2.6.34 compile error due to a typo
2010-04-30 22:50:52 +02:00
03e10ff544
Xtables-addons 1.25
2010-04-26 14:14:02 +02:00
37986fd785
Merge branch 'tee'
2010-04-26 14:12:03 +02:00
8ff64f4ef4
xt_TEE: move skb cleanup outwards
2010-04-15 23:47:07 +02:00
93f6c1a312
xt_TEE: remove debug printks
2010-04-15 22:54:05 +02:00
b535abce2e
xt_TEE: use nf_conntrack_untracked
...
No reason having to use our own nf_conntrack bucket.
2010-04-15 21:29:37 +02:00
5db988626f
Merge branch 'condition'
2010-04-15 21:10:36 +02:00
c6f8f72bf1
xt_condition: use non-interruptible check routine
...
Patrick McHardy let's it be known: "No need for interruptible locking,
the section is very short and usually there's only a single iptables
process running at a time."
2010-04-09 12:38:48 +02:00
47cbb07162
xt_condition: remove unnecessary RCU protection
...
The module does not use the RCU mechanism, so calling
list_add_rcu/list_del_rcu does not make much sense either.
2010-04-09 12:28:12 +02:00
79c55ab325
Merge branch 'api35'
2010-04-09 12:24:21 +02:00
11ab4d0acc
compat_xtables: correct compile errors
2010-04-09 12:24:19 +02:00
8ae9ac5433
xt_TEE: use less expensive pskb_copy
2010-04-07 01:31:18 +02:00
2060a58912
build: do not print enter/exit during banner
2010-04-05 02:22:49 +02:00
e1eed2b05e
Merge branch 'tee'
2010-04-05 02:15:26 +02:00
7b077c7459
Merge branch 'api35'
2010-04-05 02:15:24 +02:00
ad146dbeef
compat_xtables: move to 2.6.35 API for targets
2010-04-05 02:15:20 +02:00
fb4c49d794
xt_TEE: new loop detection logic
2010-04-05 00:47:08 +02:00
a17203e036
xt_TEE: remove old loop detection
...
The loop detection does not work if the kernel is built without
conntrack. In fact, since cloned packets are sent directly and do not
pass through Xtables, there are no loops happening.
2010-04-05 00:47:08 +02:00
987402dc61
xt_TEE: do not retain iif and mark on cloned packet
...
Patrick McHardy explains in [1] that locally-generated packets (such
as the clones xt_TEE will create) usually start with no iif and no
mark value, and even if cloned packets are a little more special than
locally-generated ones, let's do it that way.
[1] http://marc.info/?l=netfilter-devel&m=127012289008156&w=2
2010-04-05 00:47:08 +02:00
295b6b6d73
xt_TEE: do not limit use to mangle table
2010-04-05 00:47:08 +02:00
7338a2a400
xt_TEE: free skb when route lookup failed
2010-04-05 00:47:08 +02:00
ba35636718
xt_TEE: set dont-fragment on cloned packets
2010-04-05 00:47:08 +02:00
fd19a40dbe
xt_TEE: avoid making original packet writable
...
There is not any real need to make the original packet writable, as it
is not going to be modified anyway.
2010-04-05 00:47:08 +02:00
937571bb9d
xt_TEE: decrease TTL on cloned packet
2010-04-05 00:47:03 +02:00
346fc1a376
xt_TEE: do rechecksumming in PREROUTING too
2010-04-05 00:46:12 +02:00
56535551b3
xt_TEE: use ip_send_check instead of open-coded logic
2010-04-05 00:46:12 +02:00
dd8fdd09c8
xt_SYSRQ: do not print error messages on ENOMEM
...
Memory allocation failures are usually already reported by SLAB and
the ENOMEM error code itself.
2010-04-05 00:45:28 +02:00
beb3358297
compat_xtables: move to 2.6.35 API for matches
2010-04-05 00:43:47 +02:00
02d8bdc3d9
build: add a version banner on make modules
...
Because the build error logs of module-assistant are totally useless,
as the tarball filename has been stripped of the version, and
configure is not run either.
2010-04-05 00:43:32 +02:00
42b77a386a
doc: put --with-xtlibdir in the spotlight
...
Too many people forget to specify the proper location...
2010-04-03 22:08:42 +02:00
6340363394
Xtables-addons 1.24
2010-03-17 02:50:23 +01:00
c9b4e9c518
xt_SYSRQ: drop unprocessed packets
2010-03-17 02:50:23 +01:00
8dd316ed56
Revert "xt_TEE: cosmetic replace a version check"
...
This reverts commit ab13e58f96
2010-03-17 02:38:22 +01:00
48327605c6
modules: replace AF/PF with NFPROTO
2010-03-17 02:25:40 +01:00
414e95ffb1
extensions: replace AF/PF with NFPROTO
...
Needs one update of netfilter.h to something recent, too.
2010-03-17 02:20:39 +01:00
749e0b788a
build: fix build of userspace modules against old headers from linux-glibc-devel
2010-03-17 02:10:56 +01:00
7512101bca
modules: replace AF/PF with NFPROTO
2010-03-16 23:37:05 +01:00
1a17ed6a45
modules: strip unneeded XT_ALIGN from matchsize/targetsize
...
The x_tables kernel part already does calculate it.
2010-03-16 23:34:25 +01:00
1aeaadd740
modules: remove XT_ALIGN(0) lines
2010-03-16 23:26:05 +01:00
0acbe528ac
xt_condition: remove some blank lines
2010-03-16 23:22:18 +01:00
f5fe2dc801
xt_condition: switch semaphore to a mutex
2010-03-16 23:16:07 +01:00
524201adcc
xt_SYSRQ: allow processing of UDP-Lite
2010-03-16 17:27:59 +01:00
7cfd3b1dbb
xt_SYSRQ: fix wrong define for crypto inclusion
2010-03-16 17:20:57 +01:00
ab13e58f96
xt_TEE: cosmetic replace a version check
2010-03-16 17:01:02 +01:00
548922388c
SYSRQ: let module load when crypto is unavailable
2010-03-01 11:20:59 +01:00
43864ac6f1
ipp2p: bittorrent commands
...
After testing I decide to write my patch to bittorrent GET commands
from xt_ipp2p.c because old procedure is useless for modified and/or
private trackers.
BTW: info_hash may be 3rd argument, passkey (private trackers) may be
1st argument (or not) etc. so we need to search.
2010-02-28 17:25:49 +01:00
2ef714cc93
compat_xtables: add a memmem function
...
This will be needed by xt_ipp2p right away.
2010-02-28 17:24:27 +01:00
Jan Engelhardt