libnetfilter_queue branch, master, updated. libnetfilter_queue-1.0.0-30-g4b3d0a4
Pablo Neira Ayuso
netfilter-cvslog-bounces at lists.netfilter.org
Tue Sep 6 13:50:22 CEST 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "libnetfilter_queue".
The branch, master has been updated
via 4b3d0a4763b440ef748d537d86f0869d09544ab2 (commit)
via 1154021c599257edf2c3dcb4d29f6b4dcb67643a (commit)
from ebdfa9a7631534071c6997b8210b8964db5e6957 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4b3d0a4763b440ef748d537d86f0869d09544ab2
Author: Florian Westphal <fw at strlen.de>
Date: Tue Sep 6 13:48:25 2011 +0200
src: add notes on NF_STOLEN and NF_REPEAT to documentation
The verdict NF_STOLEN must not be used.
When using NF_REPEAT, one way to prevent re-queueing of the
same packet is to also set an nfmark using nfq_set_verdict2,
and set up the nefilter rules to only queue a packet when the
mark is not (yet) set.
Signed-off-by: Florian Westphal <fw at strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo at gnumonks.org>
commit 1154021c599257edf2c3dcb4d29f6b4dcb67643a
Author: Florian Westphal <fw at strlen.de>
Date: Tue Sep 6 13:47:43 2011 +0200
src: add NFQNL_MSG_VERDICT_BATCH support
add nfq_set_verdict_batch() and nfq_set_verdict_batch2 (to also
set the nfmark of all packets).
verdicts sent by the _batch variant will affect all queued skbs
whose id is smaller or equal to the given id.
This facility is available from Linux 3.1 onwards.
Signed-off-by: Florian Westphal <fw at strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo at gnumonks.org>
-----------------------------------------------------------------------
Summary of changes:
include/libnetfilter_queue/libnetfilter_queue.h | 9 +++
include/libnetfilter_queue/linux_nfnetlink_queue.h | 1 +
src/libnetfilter_queue.c | 57 +++++++++++++++++---
3 files changed, 60 insertions(+), 7 deletions(-)
hooks/post-receive
--
libnetfilter_queue
More information about the netfilter-cvslog
mailing list