conntrack-tools branch, master, updated. conntrack-tools-1.0.1-14-g451dafe
Pablo Neira Ayuso
netfilter-cvslog-bounces at lists.netfilter.org
Sun Jan 22 22:03:28 CET 2012
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "conntrack-tools".
The branch, master has been updated
via 451dafe6f5e1add75793597ba9bd0e3fddf2d7f9 (commit)
via b5ca4272d185171971872a9a2ee677cd66c8386b (commit)
from 4cd4e306286b4b255b7a5fb310a5250bb9d099e0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 451dafe6f5e1add75793597ba9bd0e3fddf2d7f9
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sun Jan 22 22:00:54 2012 +0100
conntrackd: support `-i exp -x' and `-e exp -x' options
This patch allows you to dump the internal and external expectation
cache in XML.
% conntrackd -i exp -x
<flow><layer3 protonum="2" protoname="ipv4"><expected><src>192.168.1.135</src><dst>130.89.148.12</dst></expected><mask><src>255.255.255.255</src><dst>255.255.255.255</dst></mask><master><src>192.168.1.135</src><dst>130.89.148.12</dst></master></layer3><layer4 protonum="6" protoname="tcp"><expected><sport>0</sport><dport>9082</dport></expected><mask><sport>0</sport><dport>65535</dport></mask><master><sport>50518</sport><dport>21</dport></master></layer4><meta><helper-name>ftp</helper-name></meta></flow>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit b5ca4272d185171971872a9a2ee677cd66c8386b
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sun Jan 22 21:21:02 2012 +0100
conntrack: add expectation support for `-o' option
Now you can dump expectations in XML format and display the timestamp.
conntrack -L exp -o xml,timestamp
<?xml version="1.0" encoding="utf-8"?>
<expect>
<flow><layer3 protonum="2" protoname="ipv4"><expected><src>192.168.1.135</src><dst>130.89.148.12</dst></expected><mask><src>255.255.255.255</src><dst>255.255.255.255</dst></mask><master><src>192.168.1.135</src><dst>130.89.148.12</dst></master></layer3><layer4 protonum="6" protoname="tcp"><expected><sport>0</sport><dport>32877</dport></expected><mask><sport>0</sport><dport>65535</dport></mask><master><sport>49881</sport><dport>21</dport></master></layer4><meta><helper-name>ftp</helper-name><timeout>294</timeout><when><hour>21</hour><min>22</min><sec>09</sec><wday>1</wday><day>22</day><month>1</month><year>2012</year></when></meta></flow>
</expect>
You have to upgrade libnetfilter_conntrack to access this feature.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
-----------------------------------------------------------------------
Summary of changes:
include/conntrackd.h | 2 +
src/conntrack.c | 71 +++++++++++++++++++++++++++++++++++++++++++++-----
src/main.c | 4 +++
src/sync-mode.c | 12 ++++++++
4 files changed, 82 insertions(+), 7 deletions(-)
hooks/post-receive
--
conntrack-tools
More information about the netfilter-cvslog
mailing list