iptables branch, master, updated. v1.4.10-89-gd59b9db

Patrick McHardy netfilter-cvslog-bounces at lists.netfilter.org
Wed Mar 9 13:57:33 CET 2011 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "iptables".

The branch, master has been updated
       via  d59b9db031abee37a9aa9776662dd15370faabf4 (commit)
       via  9cc4f24e72f87ca191c2e723e7cd293f6477481c (commit)
      from  f96cb8094ceffb9ffe8e94b4ee6800aa581dd021 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d59b9db031abee37a9aa9776662dd15370faabf4
Author: Stefan Tomanek <stefan.tomanek at wertarbyte.de>
Date:   Tue Mar 8 22:42:51 2011 +0100

    iptables: add -C to check for existing rules
    
    It is often useful to check whether a specific rule is already present
    in a chain without actually modifying the iptables config.
    
    Services like fail2ban usually employ techniques like grepping through
    the output of "iptables -L" which is quite error prone.
    
    This patch adds a new operation -C to the iptables command which
    mostly works like -D; it can detect and indicate the existence of the
    specified rule by modifying the exit code. The new operation
    TC_CHECK_ENTRY uses the same code as the -D operation, whose functions
    got a dry-run parameter appended.
    
    Signed-off-by: Stefan Tomanek <stefan.tomanek at wertarbyte.de>
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 9cc4f24e72f87ca191c2e723e7cd293f6477481c
Author: Stefan Tomanek <stefan.tomanek at wertarbyte.de>
Date:   Mon Mar 7 18:30:27 2011 +0100

    ip(6)tables-multi: unify subcommand handling
    
    I found the subcommand handling and naming done by iptables-multi and
    ip6tables-multi very confusing and complicated; this patch
    reorganizes the subcommands in a single table, allowing both variants
    of them to be used (iptables/main) and also prints a list of the
    allowed commands if an unknown command is entered by the user.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

-----------------------------------------------------------------------

Summary of changes:
 include/libiptc/libip6tc.h |    6 ++++
 include/libiptc/libiptc.h  |    6 ++++
 ip6tables-multi.c          |   46 +++++++++-------------------------
 ip6tables.8.in             |   10 ++++++-
 ip6tables.c                |   60 +++++++++++++++++++++++++++++++++++++++----
 iptables-multi.c           |   52 ++++++++++---------------------------
 iptables.8.in              |    9 ++++++-
 iptables.c                 |   60 +++++++++++++++++++++++++++++++++++++++----
 libiptc/libip4tc.c         |    1 +
 libiptc/libip6tc.c         |    1 +
 libiptc/libiptc.c          |   30 +++++++++++++++++----
 xshared.c                  |   36 ++++++++++++++++++++++++++
 xshared.h                  |   11 ++++++++
 13 files changed, 235 insertions(+), 93 deletions(-)


hooks/post-receive
-- 
iptables

More information about the netfilter-cvslog mailing list