anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-21 20:14:56 +02:00
Code Issues Releases Wiki Activity
1,073 Commits 5 Branches 85 Tags
v3.12
Commit Graph

79 Commits

Author SHA1 Message Date
Jan Engelhardt
0021003dc7 extensions: abolish NIPQUAD/NIP6 
Support for Linux 2.6.28 is long gone.
 2020-11-19 12:54:36 +01:00
Jeremy Sowden
d3f7dc1f55 pknlusr: mention the group ID command-line paramater in the man page 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-26 11:08:20 +01:00
Jan Engelhardt
87d3aab175 pknock: trim some blank lines 2020-10-26 11:06:57 +01:00
Jan Engelhardt
bfb0516c79 extensions: split assignments and if-exprs 2020-10-25 15:41:24 +01:00
Jeremy Sowden
939d3ee0d3 xt_pknock: remove DEBUG definition and disable debug output 
The DEBUG definition in xt_pknock.h causes a compiler warning if one
adds a DEBUG define to xt_pknock.c to enable pr_debug. Since it only
controls some debugging output in libxt_pknock.c, it would make sense to
move the definition there, but let's just disable the debugging instead.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:17:40 +01:00
Jeremy Sowden
5df71f8741 xt_pknock: use pr_err 
Replace some instances of `printk(KERN_ERR PKNOCK ...)`. We define
`pr_fmt`, so `pr_err` is equivalent.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:14:31 +01:00
Jeremy Sowden
82379e8ec1 xt_pknock: use kzalloc 
Replace some instances of kmalloc + memset.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:14:27 +01:00
Jeremy Sowden
b3a3f2e91b xt_pknock: use IS_ENABLED 
It is more succinct than checking whether CONFIG_BLAH or
CONFIG_BLAH_MODULE are defined.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:06:11 +01:00
Jeremy Sowden
63fb5d3490 pknlusr: fix hard-coded netlink multicast group ID 
The group ID used by xt_pknock is configurable, but pknlusr hard-codes
it. Modify pknlusr to accept an optional ID from the command line.
Group IDs range from 1 to 32 and each ID appears in the group bitmask
at position `group_id - 1`.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:06:10 +01:00
Jeremy Sowden
05cacbe84c pknlusr: always close socket 
On some error paths, the socket was not being closed before exit.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:02:39 +01:00
Jeremy Sowden
3c120ef5f1 pknlusr: do not treat recv return value of zero as an error 
A return-value of zero is not an error, so there is no point calling
perror, but since we have not requested and do not expect a zero-length
datagram, we treat it as EOF and exit.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:01:50 +01:00
Jeremy Sowden
b0a1aacd4b pknlusr: use macro to define inet_ntop buffer size 
POSIX provides a macro to define the minimum length required, so let's
use it.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:01:18 +01:00
Jeremy Sowden
c3bd1c61d1 pknlusr: use NLMSG macros and proper types, rather than arithmetic on char pointers 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 15:00:45 +01:00
Jeremy Sowden
9cd0b44c81 pknlusr: tidy up initialization of local address 
Use struct initialization and drop memset. We do not need to set the port
ID, since the kernel will do it for us.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:54:40 +01:00
Jeremy Sowden
b4faa4de65 pknock: pknlusr: tighten up variable scopes 
Make global variables local, and move variables local to while-loop into
the loop.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:54:10 +01:00
Jeremy Sowden
b05ea5644c pknock: pknlusr: remove dest_addr and rename src_addr 
We only need to specify the address at our end, and given that we are
receiving messages, not sending them, calling it `src_addr` is
misleading.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:53:34 +01:00
Jeremy Sowden
b052ec0f7d pknock: pknlusr: ensure man-page is included by make dist 
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2020-10-25 14:50:17 +01:00
Jeremy Sowden
249df831b0 pknlusr: add man page 
Since pknlusr is now being installed, let's give it a man page.
 2020-10-23 11:22:41 +02:00
Jeremy Sowden
86112194da pknlusr: fix formatting of a line 2020-10-22 19:59:06 +02:00
Jan Engelhardt
2cb4b2bec6 build: do build & install userspace programs for xt_ACCOUNT and xt_pknock 2020-08-30 13:36:10 +02:00
Jan Engelhardt
d31067b32e Support for Linux 5.6 procfs API 2020-02-25 07:28:23 +01:00
Jeremy Sowden
d4c2aac5f8 xt_pknock, xt_SYSRQ: do not set shash_desc::flags. 
shash_desc::flags was removed from the kernel in 5.1.

That assignment was actually superfluous anyway, because crypto.desc
is zero-initialized when crypto is initialized (xt_pknock.c, ll.
110ff.).

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
 2019-09-06 10:34:36 +02:00
Jan Engelhardt
bf63a25a64 build: remove support for Linux 4.14 2018-02-12 15:09:52 +01:00
Jan Engelhardt
29d10e11fa build: remove support for Linux 3.14 2018-02-12 14:46:50 +01:00
Jan Engelhardt
56e5970c64 xt_pknock: don't split function heads 2018-01-05 01:36:12 +01:00
Marcelo Henrique Cerri
2b76b68c65 build: support for Linux 4.15 
Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
 2018-01-05 01:35:12 +01:00
Jan Engelhardt
0a836e9677 pknock: fix PVSStudio static analyzer reports 
V595 The 'peer' pointer was utilized before it was verified against
nullptr.
 2017-07-23 19:55:06 +02:00
Your Name
7af1b9737c xt_pknock: use shash crypto API 
The old hash API is dropped as of Linux 4.6.
Only build tested.
 2016-05-20 04:46:31 -04:00
Jan Engelhardt
f5e95f35a7 xt_pknock: replace nemesis by socat 
Use a utility much more widely available.
 2016-04-22 22:51:24 +02:00
Jan Engelhardt
80bed0655f xt_pknock: import digest generation utility 2016-04-22 22:48:56 +02:00
Jan Engelhardt
bc6aaf74d8 xt_pknock: remove reference to non-existing documentation 
Even in the old pknock-0.5.tar.gz tarball, there is no doc/pknock/
directory.
 2016-04-22 22:43:17 +02:00
Adam Butcher
c08835d65c xt_pknock: fix pknock in UDP SPA mode 
When the PK_CRYPTO pre-processor flag got removed in
v1.47.1-2-g66f213e, one of the removal cases was misapplied; the body
of an "#ifndef PK_CRYPTO" was left in rather than the whole section
being removed.
 2014-09-04 18:45:42 +02:00
Jan Engelhardt
87adf3461f build: resolve compile error with Linux 3.15 
Commit v3.15-rc1~141^2~97 changed the signature for cn_netlink_send.
 2014-04-18 19:12:51 +02:00
Jan Engelhardt
3bf7ebc48c xt_pknock: support for Linux 3.10 2013-06-18 08:09:18 +02:00
Dmitry Smirnov
fe7a30c746 doc: lint man pages (hyphens and spelling) 
* hyphen-used-as-minus-sign
* spelling-error-in-manpage
 2013-06-02 16:49:12 +02:00
Jan Engelhardt
04d8ebe31c build: remove support for Linux 2.6.23 2012-10-16 04:16:56 +02:00
Jan Engelhardt
66f213e324 build: remove support for Linux 2.6.18 2012-10-16 02:36:02 +02:00
Jan Engelhardt
f830dbd34e Remove unused Kconfig files 2012-03-14 01:32:33 +01:00
Frank Reppin
6ef91897b2 build: fix compilation after missing libxtables_CFLAGS in submodules 2011-08-21 13:56:42 +02:00
Jan Engelhardt
04aed87cb6 xt_pknock: support UDPLITE 2011-08-12 15:42:44 +02:00
Jan Engelhardt
32871bad39 xt_pknock: avoid inversion of rule lookup that led to warnings 
Commit v1.18-48-g58839b9 had this screwed up.
 2011-02-25 01:22:16 +01:00
Jan Engelhardt
0ba44bd461 xt_pknock: avoid crash when hash TFM could not be allocated 2011-02-25 01:22:16 +01:00
Jan Engelhardt
d4e6e3d155 xt_pknock: indent 2011-02-25 01:20:12 +01:00
Jan Engelhardt
1edc9b943b build: do not forget including path for compat_user.h 2011-02-02 05:15:09 +01:00
Jan Engelhardt
ebfa77795a build: preliminary support for iptables 1.4.11 2011-02-02 05:09:58 +01:00
Jan Engelhardt
ebb61aa3c9 pknock: resolve warnings about unused variables 2011-01-22 17:32:38 +01:00
Jan Engelhardt
bd2e6108f3 pknock: use build flags in pknock Makefile 2011-01-22 17:31:53 +01:00
Jan Engelhardt
2d36632d4a build: add workaround for beoken linux-glibc-devel (2) 2010-09-29 02:51:26 +02:00
Jan Engelhardt
43921c5834 compat_xtables: move to 2.6.35 xt_action_param (3/3) 
Since the last merge of the "api35" branch, further changes were
included into nf-next. This set of three commits updates the
xtables-addons API to match that.
 2010-05-13 19:45:56 +02:00
Jan Engelhardt
9a18a05d02 compat_xtables: move to 2.6.35 xt_action_param (2/3) 2010-05-13 19:45:52 +02:00