iptables branch, master, updated. v1.4.10-280-g7908453

Patrick McHardy netfilter-cvslog-bounces at lists.netfilter.org
Wed May 25 05:35:48 CEST 2011 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "iptables".

The branch, master has been updated
       via  790845385fb84ce8e79a96e91fc6c4f7df60713d (commit)
       via  db50b83bc3cd634beb71f38978ad7d035c88ff11 (commit)
       via  1201871343223d9781253283a64686be4e63ad52 (commit)
       via  b1319cc083de658c0007da93f25d19874f75d55f (commit)
       via  d8784613a5be2821ff910cd4c2bfe889a9b306c5 (commit)
       via  089585f14fda80508e26ea019703add07cb72f64 (commit)
       via  6944f2c8190f1c4319aeac748470c71b0ba45025 (commit)
       via  1b6c7632e5e35ecce91f87a4ae36eca3103cfee2 (commit)
       via  57e2e37ebe5319cf84381bdb319ea94143b1bf97 (commit)
       via  0b7a140944738d67b9c4e6f09992c8407eefb18a (commit)
       via  5e35b7d435c5bc1b3641f76a6601a55d32d63ac8 (commit)
       via  319046c3f96f810f81a5a2e6189ba87527e882f1 (commit)
       via  5a66f40d2f64e8792e1360906d3d6a1c829ba2b7 (commit)
       via  c52f7aa866ee3cdc0e0dc67f3eae629055a126dc (commit)
       via  9039600d2a50970274b5a13f6f616e38cc9c3e6d (commit)
       via  4f0d5a7fd4cb1452493921446603c837316e0179 (commit)
       via  10345ca36786592aa176036f11dd186b24ba1c76 (commit)
       via  25ea60de20fb5f7981a0170eb05c0c9a61525763 (commit)
       via  88cfbe258b0d30ef26fae8da5484b08e65292a09 (commit)
       via  463628b03eec6e7456ca5121f9b81af7f4690e08 (commit)
       via  d61b02fbbbe7f6e643aad8649c8559c175c68c52 (commit)
       via  2305d5fb42fc059f38fc1bdf53411dbeecdb310b (commit)
       via  67db7615580f5c3490a39310f5adcb4e767ea6a8 (commit)
       via  ae06c6dc6d68d11ed15d4c6c47b7b7a709d3c9cb (commit)
       via  c02c92d1fcaa1223caf9a5eef32bedcb78f1e714 (commit)
      from  17f7937f79af4d260c60cb800e56fc0df0a48b37 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 790845385fb84ce8e79a96e91fc6c4f7df60713d
Merge: 17f7937f79af4d260c60cb800e56fc0df0a48b37 db50b83bc3cd634beb71f38978ad7d035c88ff11
Author: Patrick McHardy <kaber at trash.net>
Date:   Wed May 25 05:34:04 2011 +0200

    Merge branch 'master' of git://dev.medozas.de/iptables

commit db50b83bc3cd634beb71f38978ad7d035c88ff11
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon May 23 18:38:09 2011 +0200

    libxt_time: deprecate --localtz option, document kernel TZ caveats
    
    Comparing against the kernel time zone has significant caveats. This
    patch adds documentation about the issue, and makes --utc the default
    setting for libxt_time.
    
    Furthremore, throw a warning on using the "--localtz" option, to avoid
    confusion with one's shell TZ environment variable, and rename it to
    "--kerneltz" to be explicit about whose timezone will be used.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 1201871343223d9781253283a64686be4e63ad52
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon May 23 17:48:20 2011 +0200

    libxt_time: --utc and --localtz are mutually exclusive
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit b1319cc083de658c0007da93f25d19874f75d55f
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon May 23 17:42:37 2011 +0200

    libxt_time: always ignore libc timezone
    
    Since xt_time is meant to work across many months, libc doing
    automatic conversion from local time to UTC (during parse) is
    unwanted, especially when --utc is specified. The same goes for
    dumping.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit d8784613a5be2821ff910cd4c2bfe889a9b306c5
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Wed May 25 00:26:01 2011 +0200

    libxt_NFQUEUE: add mutual exclusion between qnum and qbal
    
    Only one is printed on save operation, which leads me to believe that
    only one is meant to be used. The manpage seems to corroborate.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 089585f14fda80508e26ea019703add07cb72f64
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Wed May 25 00:11:48 2011 +0200

    libxt_NFQUEUE: avoid double attempt at parsing
    
    Fixes this error:
    
    NFQUEUE: option "--queue-num" can only be used once.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 6944f2c8190f1c4319aeac748470c71b0ba45025
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 24 23:50:29 2011 +0200

    libxtables: have xtopt_parse_mint interpret partially-spec'd ranges
    
    When ":n" or "n:" is specified, it will now be interpreted as "0:n"
    and "n:<max>", respecitvely. nvals will always reflect the number of
    (expanded) components. This restores the functionality of options that
    take such partially-unspecified ranges.
    
    This makes it possible to nuke the per-matchdata init functions of
    some extensions and simply the extensions postparsing to the point
    where it only needs to check for nvals==1 or ==2.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 1b6c7632e5e35ecce91f87a4ae36eca3103cfee2
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 24 14:49:15 2011 +0200

    libxtables: unclutter xtopt_parse_mint
    
    ..by moving type-based actions into their own function.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 57e2e37ebe5319cf84381bdb319ea94143b1bf97
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 24 02:45:50 2011 +0200

    libxtables: make multiint parser have greater range
    
    Since parse_mint can handle XTTYPE_UINT64RC, it must allow numbers
    larger than UINT32_MAX.
    
    Cc: JP Abgrall <jpa at google.com>
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 0b7a140944738d67b9c4e6f09992c8407eefb18a
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 24 02:30:23 2011 +0200

    libxtables: use uintmax for xtables_strtoul
    
    Addendum to 2305d5fb42fc059f38fc1bdf53411dbeecdb310b.
    
    I noticed that unsigned long long is not consistently used, for
    example, min/max are still just unsigned long, and strtoul is being
    called.
    
    Instead of changing it to unsigned long long, just use uintmax
    functions right away so this does not need size-related changing in
    the future.
    
    Cc: JP Abgrall <jpa at google.com>
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 5e35b7d435c5bc1b3641f76a6601a55d32d63ac8
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 24 02:03:00 2011 +0200

    libxtables: more detailed error message on multi-int parsing
    
    Now shows where exactly the error is.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 319046c3f96f810f81a5a2e6189ba87527e882f1
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 24 00:45:08 2011 +0200

    libip6t_rt: restore --rt-type storing
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 5a66f40d2f64e8792e1360906d3d6a1c829ba2b7
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 24 00:35:00 2011 +0200

    libxt_u32: --u32 option is required
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit c52f7aa866ee3cdc0e0dc67f3eae629055a126dc
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon May 23 00:22:27 2011 +0200

    libxt_ipvs: restore network-byte order
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 9039600d2a50970274b5a13f6f616e38cc9c3e6d
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon May 23 17:55:29 2011 +0200

    doc: remove redundant .IP calls in libxt_time
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 4f0d5a7fd4cb1452493921446603c837316e0179
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon May 23 17:54:38 2011 +0200

    doc: use .IP list for TCPMSS
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 10345ca36786592aa176036f11dd186b24ba1c76
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Sat May 21 00:58:44 2011 +0200

    doc: clarify that -p all is a special keyword only
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 25ea60de20fb5f7981a0170eb05c0c9a61525763
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Tue May 17 15:17:08 2011 +0200

    doc: make usage of libxt_rateest more obvious
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 88cfbe258b0d30ef26fae8da5484b08e65292a09
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Sat May 21 00:59:11 2011 +0200

    doc: add some coded option examples to libxt_hashlimit
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 463628b03eec6e7456ca5121f9b81af7f4690e08
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Thu May 12 17:36:25 2011 +0200

    libxt_rateest: streamline case display of units
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit d61b02fbbbe7f6e643aad8649c8559c175c68c52
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Fri May 20 16:26:04 2011 +0200

    libxtables: check for negative numbers in xtables_strtou*
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 2305d5fb42fc059f38fc1bdf53411dbeecdb310b
Author: JP Abgrall <jpa at google.com>
Date:   Wed May 18 20:26:14 2011 -0700

    libxt_quota: make sure uint64 is not truncated
    
    The xtables_strtoul() would cram a long long into a long.
    The parse_int would try to cram a UINT64 into a long.

commit 67db7615580f5c3490a39310f5adcb4e767ea6a8
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Fri May 20 16:01:18 2011 +0200

    libxt_quota: readd missing XTOPT_PUT request
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit ae06c6dc6d68d11ed15d4c6c47b7b7a709d3c9cb
Author: Lutz Jaenicke <ljaenicke at innominate.com>
Date:   Wed May 18 15:11:47 2011 +0200

    libipt_REDIRECT: "--to-ports" is not mandatory
    
    The REDIRECT target can be called without the --to-ports option
    being specified. From the manual page:
      ...without this, the destination port is never altered.
    
    Signed-off-by: Lutz Jaenicke <ljaenicke at innominate.com>
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit c02c92d1fcaa1223caf9a5eef32bedcb78f1e714
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Wed May 18 22:48:51 2011 +0200

    libxtables: retract _NE types and use a flag instead
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

-----------------------------------------------------------------------

Summary of changes:
 extensions/libip6t_ah.c        |   10 +--
 extensions/libip6t_frag.c      |   12 +--
 extensions/libip6t_rt.c        |   14 +--
 extensions/libipt_REDIRECT.c   |    3 +-
 extensions/libipt_ah.c         |   10 +--
 extensions/libxt_NFQUEUE.c     |   12 +-
 extensions/libxt_TCPMSS.man    |   14 +--
 extensions/libxt_TPROXY.c      |    8 +-
 extensions/libxt_conntrack.c   |   73 ++------------
 extensions/libxt_esp.c         |   10 +--
 extensions/libxt_hashlimit.man |   26 +++--
 extensions/libxt_ipvs.c        |    6 +-
 extensions/libxt_length.c      |    4 +-
 extensions/libxt_quota.c       |    3 +-
 extensions/libxt_rateest.c     |    6 +-
 extensions/libxt_rateest.man   |   71 ++++++++++---
 extensions/libxt_time.c        |   38 +++++--
 extensions/libxt_time.man      |   45 ++++++---
 extensions/libxt_u32.c         |    3 +-
 include/xtables.h.in           |   16 ++--
 ip6tables.8.in                 |    5 +-
 iptables.8.in                  |    5 +-
 xtables.c                      |   20 +++--
 xtoptions.c                    |  226 +++++++++++++++++++++++++---------------
 24 files changed, 348 insertions(+), 292 deletions(-)


hooks/post-receive
-- 
iptables

More information about the netfilter-cvslog mailing list