In case only modules that are built in subdirectories of extensions
are enabled (and thus nothing is build in extensions directory itself)
installation fails with the error (only build_ACCOUNT=y in mconfig):
install -pm0755
"/vt/portage/tmp/portage/net-firewall/xtables-addons-1.21/image/
//usr/local/libexec/xtables";
install: missing destination file operand after
"/vt/portage/tmp/portage/net-firewall/xtables-addons-1.21/image/
//usr/local/libexec/xtables"
Try `install --help' for more information.
make[3]: *** [install] Error 1
This commit adds an option to xt_quota2 called "no-change". The
effect of this option, when used, is that it will skip incrementing
or decrementing the quota counter, effectively providing a quota test
only.
The reason for implementing this is so that I could have a rule check
if quota is available for a rule in the PREROUTING tables, without
actually decrementing the amount of available quota. I only wanted to
decrement the amount of available quota in the FORWARD rule.
Otherwise, the first packet of every connection would be counted
twice.
Not sure if this was overlooked, or if it is not in a suitable state
for general use, but lets give it a shot and see how it works.
Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
[j.eng: it was overlooked]
xt_pknock.c: In function "update_peer":
xt_pknock.c:890:3: warning: implicit declaration of function "pass_security"
xt_pknock.c: In function "pknock_mt":
xt_pknock.c:1030:5: warning: implicit declaration of function "is_close_knock"
IP refers to Internet Protocol; adding "address" is therefore beneficial.
The CIDR size is better known as "prefix length".
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Consistently apply markup so that only replaceable items are italic,
and only items to be typed verbatim are bold. Also apply the command
syntax "BNF" (where and when to use [], {}) that is used in the
iptables manpages to ipset.8.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
The --without-build option is useful when your distro has multiple
kernels and/or you want to build a common package for userspace stuff
only. Support this option properly.
There is another mistake in the code. I have checked the Gnutella
protocol specification -- looks like the line separation is 0x0d-0x0a
and not 0x0a-0x0d (it seemed obvious but I was not sure and thought
they cannot have possibly got that wrong...). It would certainly
explain why I have never seen a match on any of my systems.
