iptables branch, master, updated. v1.4.10-280-g7908453
Patrick McHardy
netfilter-cvslog-bounces at lists.netfilter.org
Wed May 25 05:35:48 CEST 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "iptables".
The branch, master has been updated
via 790845385fb84ce8e79a96e91fc6c4f7df60713d (commit)
via db50b83bc3cd634beb71f38978ad7d035c88ff11 (commit)
via 1201871343223d9781253283a64686be4e63ad52 (commit)
via b1319cc083de658c0007da93f25d19874f75d55f (commit)
via d8784613a5be2821ff910cd4c2bfe889a9b306c5 (commit)
via 089585f14fda80508e26ea019703add07cb72f64 (commit)
via 6944f2c8190f1c4319aeac748470c71b0ba45025 (commit)
via 1b6c7632e5e35ecce91f87a4ae36eca3103cfee2 (commit)
via 57e2e37ebe5319cf84381bdb319ea94143b1bf97 (commit)
via 0b7a140944738d67b9c4e6f09992c8407eefb18a (commit)
via 5e35b7d435c5bc1b3641f76a6601a55d32d63ac8 (commit)
via 319046c3f96f810f81a5a2e6189ba87527e882f1 (commit)
via 5a66f40d2f64e8792e1360906d3d6a1c829ba2b7 (commit)
via c52f7aa866ee3cdc0e0dc67f3eae629055a126dc (commit)
via 9039600d2a50970274b5a13f6f616e38cc9c3e6d (commit)
via 4f0d5a7fd4cb1452493921446603c837316e0179 (commit)
via 10345ca36786592aa176036f11dd186b24ba1c76 (commit)
via 25ea60de20fb5f7981a0170eb05c0c9a61525763 (commit)
via 88cfbe258b0d30ef26fae8da5484b08e65292a09 (commit)
via 463628b03eec6e7456ca5121f9b81af7f4690e08 (commit)
via d61b02fbbbe7f6e643aad8649c8559c175c68c52 (commit)
via 2305d5fb42fc059f38fc1bdf53411dbeecdb310b (commit)
via 67db7615580f5c3490a39310f5adcb4e767ea6a8 (commit)
via ae06c6dc6d68d11ed15d4c6c47b7b7a709d3c9cb (commit)
via c02c92d1fcaa1223caf9a5eef32bedcb78f1e714 (commit)
from 17f7937f79af4d260c60cb800e56fc0df0a48b37 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 790845385fb84ce8e79a96e91fc6c4f7df60713d
Merge: 17f7937f79af4d260c60cb800e56fc0df0a48b37 db50b83bc3cd634beb71f38978ad7d035c88ff11
Author: Patrick McHardy <kaber at trash.net>
Date: Wed May 25 05:34:04 2011 +0200
Merge branch 'master' of git://dev.medozas.de/iptables
commit db50b83bc3cd634beb71f38978ad7d035c88ff11
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon May 23 18:38:09 2011 +0200
libxt_time: deprecate --localtz option, document kernel TZ caveats
Comparing against the kernel time zone has significant caveats. This
patch adds documentation about the issue, and makes --utc the default
setting for libxt_time.
Furthremore, throw a warning on using the "--localtz" option, to avoid
confusion with one's shell TZ environment variable, and rename it to
"--kerneltz" to be explicit about whose timezone will be used.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 1201871343223d9781253283a64686be4e63ad52
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon May 23 17:48:20 2011 +0200
libxt_time: --utc and --localtz are mutually exclusive
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit b1319cc083de658c0007da93f25d19874f75d55f
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon May 23 17:42:37 2011 +0200
libxt_time: always ignore libc timezone
Since xt_time is meant to work across many months, libc doing
automatic conversion from local time to UTC (during parse) is
unwanted, especially when --utc is specified. The same goes for
dumping.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit d8784613a5be2821ff910cd4c2bfe889a9b306c5
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Wed May 25 00:26:01 2011 +0200
libxt_NFQUEUE: add mutual exclusion between qnum and qbal
Only one is printed on save operation, which leads me to believe that
only one is meant to be used. The manpage seems to corroborate.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 089585f14fda80508e26ea019703add07cb72f64
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Wed May 25 00:11:48 2011 +0200
libxt_NFQUEUE: avoid double attempt at parsing
Fixes this error:
NFQUEUE: option "--queue-num" can only be used once.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 6944f2c8190f1c4319aeac748470c71b0ba45025
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 24 23:50:29 2011 +0200
libxtables: have xtopt_parse_mint interpret partially-spec'd ranges
When ":n" or "n:" is specified, it will now be interpreted as "0:n"
and "n:<max>", respecitvely. nvals will always reflect the number of
(expanded) components. This restores the functionality of options that
take such partially-unspecified ranges.
This makes it possible to nuke the per-matchdata init functions of
some extensions and simply the extensions postparsing to the point
where it only needs to check for nvals==1 or ==2.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 1b6c7632e5e35ecce91f87a4ae36eca3103cfee2
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 24 14:49:15 2011 +0200
libxtables: unclutter xtopt_parse_mint
..by moving type-based actions into their own function.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 57e2e37ebe5319cf84381bdb319ea94143b1bf97
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 24 02:45:50 2011 +0200
libxtables: make multiint parser have greater range
Since parse_mint can handle XTTYPE_UINT64RC, it must allow numbers
larger than UINT32_MAX.
Cc: JP Abgrall <jpa at google.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 0b7a140944738d67b9c4e6f09992c8407eefb18a
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 24 02:30:23 2011 +0200
libxtables: use uintmax for xtables_strtoul
Addendum to 2305d5fb42fc059f38fc1bdf53411dbeecdb310b.
I noticed that unsigned long long is not consistently used, for
example, min/max are still just unsigned long, and strtoul is being
called.
Instead of changing it to unsigned long long, just use uintmax
functions right away so this does not need size-related changing in
the future.
Cc: JP Abgrall <jpa at google.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 5e35b7d435c5bc1b3641f76a6601a55d32d63ac8
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 24 02:03:00 2011 +0200
libxtables: more detailed error message on multi-int parsing
Now shows where exactly the error is.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 319046c3f96f810f81a5a2e6189ba87527e882f1
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 24 00:45:08 2011 +0200
libip6t_rt: restore --rt-type storing
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 5a66f40d2f64e8792e1360906d3d6a1c829ba2b7
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 24 00:35:00 2011 +0200
libxt_u32: --u32 option is required
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit c52f7aa866ee3cdc0e0dc67f3eae629055a126dc
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon May 23 00:22:27 2011 +0200
libxt_ipvs: restore network-byte order
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 9039600d2a50970274b5a13f6f616e38cc9c3e6d
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon May 23 17:55:29 2011 +0200
doc: remove redundant .IP calls in libxt_time
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 4f0d5a7fd4cb1452493921446603c837316e0179
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon May 23 17:54:38 2011 +0200
doc: use .IP list for TCPMSS
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 10345ca36786592aa176036f11dd186b24ba1c76
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sat May 21 00:58:44 2011 +0200
doc: clarify that -p all is a special keyword only
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 25ea60de20fb5f7981a0170eb05c0c9a61525763
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Tue May 17 15:17:08 2011 +0200
doc: make usage of libxt_rateest more obvious
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 88cfbe258b0d30ef26fae8da5484b08e65292a09
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sat May 21 00:59:11 2011 +0200
doc: add some coded option examples to libxt_hashlimit
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 463628b03eec6e7456ca5121f9b81af7f4690e08
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Thu May 12 17:36:25 2011 +0200
libxt_rateest: streamline case display of units
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit d61b02fbbbe7f6e643aad8649c8559c175c68c52
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Fri May 20 16:26:04 2011 +0200
libxtables: check for negative numbers in xtables_strtou*
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 2305d5fb42fc059f38fc1bdf53411dbeecdb310b
Author: JP Abgrall <jpa at google.com>
Date: Wed May 18 20:26:14 2011 -0700
libxt_quota: make sure uint64 is not truncated
The xtables_strtoul() would cram a long long into a long.
The parse_int would try to cram a UINT64 into a long.
commit 67db7615580f5c3490a39310f5adcb4e767ea6a8
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Fri May 20 16:01:18 2011 +0200
libxt_quota: readd missing XTOPT_PUT request
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit ae06c6dc6d68d11ed15d4c6c47b7b7a709d3c9cb
Author: Lutz Jaenicke <ljaenicke at innominate.com>
Date: Wed May 18 15:11:47 2011 +0200
libipt_REDIRECT: "--to-ports" is not mandatory
The REDIRECT target can be called without the --to-ports option
being specified. From the manual page:
...without this, the destination port is never altered.
Signed-off-by: Lutz Jaenicke <ljaenicke at innominate.com>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit c02c92d1fcaa1223caf9a5eef32bedcb78f1e714
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Wed May 18 22:48:51 2011 +0200
libxtables: retract _NE types and use a flag instead
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
-----------------------------------------------------------------------
Summary of changes:
extensions/libip6t_ah.c | 10 +--
extensions/libip6t_frag.c | 12 +--
extensions/libip6t_rt.c | 14 +--
extensions/libipt_REDIRECT.c | 3 +-
extensions/libipt_ah.c | 10 +--
extensions/libxt_NFQUEUE.c | 12 +-
extensions/libxt_TCPMSS.man | 14 +--
extensions/libxt_TPROXY.c | 8 +-
extensions/libxt_conntrack.c | 73 ++------------
extensions/libxt_esp.c | 10 +--
extensions/libxt_hashlimit.man | 26 +++--
extensions/libxt_ipvs.c | 6 +-
extensions/libxt_length.c | 4 +-
extensions/libxt_quota.c | 3 +-
extensions/libxt_rateest.c | 6 +-
extensions/libxt_rateest.man | 71 ++++++++++---
extensions/libxt_time.c | 38 +++++--
extensions/libxt_time.man | 45 ++++++---
extensions/libxt_u32.c | 3 +-
include/xtables.h.in | 16 ++--
ip6tables.8.in | 5 +-
iptables.8.in | 5 +-
xtables.c | 20 +++--
xtoptions.c | 226 +++++++++++++++++++++++++---------------
24 files changed, 348 insertions(+), 292 deletions(-)
hooks/post-receive
--
iptables
More information about the netfilter-cvslog
mailing list