iptables branch, master, updated. v1.4.12-35-g4a56bcb
Jan Engelhardt
netfilter-cvslog-bounces at lists.netfilter.org
Thu Aug 25 11:03:37 CEST 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "iptables".
The branch, master has been updated
via 4a56bcbd49ef20a0203017c15ab1cec9bb140d1a (commit)
via 7e42bda9330afe717561c47a02a3f58c8ee1a246 (commit)
via 03deef5241330db418652c42af4d517527743f22 (commit)
via c2a47ead16fc488fbf7fd8aa12d306cedf4da441 (commit)
via c4e1c0992937bce3ac72987aa43f4f3c219cf3e3 (commit)
via c96e524e98de81b333d772aa9a4f9b93275525dd (commit)
via 0859fdf5d0ae24c88e64246164c4959ad3b0d098 (commit)
via 975aeec7d34419fece8710997b6ec88cc0abb580 (commit)
via de1f06dca906bfcb82d7c7c2d555fbf3229d12b6 (commit)
via 97dac48e7dfd3e2f35e33fdad72bda5b3dfc2241 (commit)
via 735f3d76ccd3a7deab13703d7c227c87c666a97b (commit)
via bca5b9afbe4b3823989f1e78f178203eb3bfa37d (commit)
via c148c4ad2e28b94125c0c9954a887f0a473d598b (commit)
via 83c342b36a7048ab86827e09a4916064837293d3 (commit)
via f17fd48448aafdc762a3b439864bcb1127b0da6c (commit)
via ca48066aaa8179025c0b4e17ed40a4bc12487190 (commit)
via f677e7b10c72bd3007c89d51eea13a0c2c3d262b (commit)
via 7e66a657d0fbb8a3f27fd78c7bb27859d44002aa (commit)
via d152d6acd6751884621e0b760fecc0d652aea479 (commit)
via 107dca41800f7aeb6600438ea3aaf0fd66019417 (commit)
via 79e1f97a966e82155ebc00b30e3b60c48d060448 (commit)
from 3716dfd7eac3afa7fb3098952550e510c8df0220 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4a56bcbd49ef20a0203017c15ab1cec9bb140d1a
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 13:04:38 2011 +0200
libxt_hashlimit: observe new default gc-expire time when saving
Since a while, --htable-gc-expire defaults to the chosen time quantum
instead of 10 fixed seconds, which leads the expiry value to be always
printed, which is redundant.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 7e42bda9330afe717561c47a02a3f58c8ee1a246
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 12:46:08 2011 +0200
tests: add negation tests for libxt_statistic
Note: it is valid to check cb->invert before calling
xtables_option_parse.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 03deef5241330db418652c42af4d517527743f22
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 12:39:04 2011 +0200
libxt_policy: remove superfluous inversion
--dir cannot be inverted.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit c2a47ead16fc488fbf7fd8aa12d306cedf4da441
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 12:27:06 2011 +0200
libxt_physdev: restore inversion support
Bug origin is in commit v1.4.11~26^2~4.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit c4e1c0992937bce3ac72987aa43f4f3c219cf3e3
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 12:25:06 2011 +0200
libxt_owner: restore inversion support
Bug origin is in commit v1.4.11~16^2~7.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit c96e524e98de81b333d772aa9a4f9b93275525dd
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 12:11:15 2011 +0200
libipt_ttl: document that negation is available
Glitch since commit v1.2.1~75.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 0859fdf5d0ae24c88e64246164c4959ad3b0d098
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 11:59:58 2011 +0200
libip6t_dst: restore setting IP6T_OPTS_LEN flag
Bug origin is in commit v1.4.11~26^2~18.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 975aeec7d34419fece8710997b6ec88cc0abb580
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 11:54:01 2011 +0200
libip6t_hbh: restore setting IP6T_OPTS_LEN flag
Bug origin is in commit v1.4.11~26^2~17.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit de1f06dca906bfcb82d7c7c2d555fbf3229d12b6
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 11:49:21 2011 +0200
libxt_hashlimit: remove inversion from hashlimit rev 0
Revision 0 indeed did not have inversion support, nor presence of
--hashlimit-above. This glitch was added in v1.4.11~16^2~10.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 97dac48e7dfd3e2f35e33fdad72bda5b3dfc2241
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 11:41:13 2011 +0200
libip6t_frag: restore inversion support
--fraglen also was not printed since v1.4.11~26^2~22.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 735f3d76ccd3a7deab13703d7c227c87c666a97b
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 10:14:28 2011 +0200
xtoptions: flag use of XTOPT_POINTER without XTOPT_PUT
When XTOPT_POINTER is used (and yields a non-zero offsetof), we can
flag the absence of XTOPT_PUT.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit bca5b9afbe4b3823989f1e78f178203eb3bfa37d
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 10:06:18 2011 +0200
libxt_conntrack: fix --ctproto 0 output
First, we are missing XTOPT_PUT when trying to use XTOPT_POINTER.
(Next commit will flag this.) Furthermore, l4proto is of type
uint16_t, while XTTYPE_PROTOCOL wants a uint8_t so the idea would not
work => revert v1.4.12~1^2.
Bug goes back to v1.4.12~1^2.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit c148c4ad2e28b94125c0c9954a887f0a473d598b
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 09:46:12 2011 +0200
libxt_hashlimit: default htable-expire must be in milliseconds
Bug goes back to v1.4.12~3^2~11.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 83c342b36a7048ab86827e09a4916064837293d3
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 08:52:56 2011 +0200
libxt_dscp: restore inversion support
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit f17fd48448aafdc762a3b439864bcb1127b0da6c
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 09:39:21 2011 +0200
libxt_dccp: fix random output of ! on --dccp-option
dccp-option tests info->typemask, but it really should look at
info->invflags instead.
This bug goes back to commit v1.3.4~11.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit ca48066aaa8179025c0b4e17ed40a4bc12487190
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 09:15:20 2011 +0200
libxt_dccp: provide man pages options in short help too
This omission goes back to commit v1.3.4~11.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit f677e7b10c72bd3007c89d51eea13a0c2c3d262b
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 09:12:27 2011 +0200
libxt_dccp: spell out option name on save
This glitch goes back to commit v1.3.4~11.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 7e66a657d0fbb8a3f27fd78c7bb27859d44002aa
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 09:08:04 2011 +0200
libxt_dccp: fix deprecated intrapositional ordering of !
This bug goes back to v1.4.3~63.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit d152d6acd6751884621e0b760fecc0d652aea479
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 09:05:31 2011 +0200
libxt_dccp: restore missing XTOPT_INVERT tags for options
This regression goes back to v1.4.11~19^2.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw at mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 107dca41800f7aeb6600438ea3aaf0fd66019417
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 08:46:49 2011 +0200
libxt_conntrack: remove one misleading comment
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 79e1f97a966e82155ebc00b30e3b60c48d060448
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun Aug 21 08:43:15 2011 +0200
doc: clarify libxt_connlimit defaults
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
-----------------------------------------------------------------------
Summary of changes:
extensions/libip6t_dst.c | 3 ++
extensions/libip6t_frag.c | 16 ++++++++++++
extensions/libip6t_hbh.c | 1 +
extensions/libipt_ttl.c | 2 +-
extensions/libipt_ttl.man | 2 +-
extensions/libxt_connlimit.man | 3 +-
extensions/libxt_conntrack.c | 13 +++++----
extensions/libxt_dccp.c | 19 +++++++++-----
extensions/libxt_dccp.man | 2 +-
extensions/libxt_dscp.c | 5 ++-
extensions/libxt_hashlimit.c | 50 +++++++++++++++++++--------------------
extensions/libxt_owner.c | 3 +-
extensions/libxt_physdev.c | 7 +++--
extensions/libxt_policy.c | 3 +-
iptables/xtoptions.c | 8 +++++-
tests/options-most.rules | 19 +++++++++++++-
16 files changed, 102 insertions(+), 54 deletions(-)
hooks/post-receive
--
iptables
More information about the netfilter-cvslog
mailing list