summaryrefslogtreecommitdiff
path: root/ChangeLog
AgeCommit message (Collapse)Author
2008-01-17Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use size_t for buffer sizes
2008-01-17Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
check for malloc() failure in merge_opts
2008-01-17Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
fix memory leaks in several error output paths
2008-01-17Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
add buffer_destroy() to buffer.c
2008-01-17Max Kellerman <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o always close stdin - even in non-daemon mode, it is of no use o chdir("/") to release the cwd inode o ignore setsid() failure, because there is only one possible and o fix harmless error condition
2008-01-17Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use C99 integers (uint32_t instead of u_int32_t)
2008-01-17enable C99 mode/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-17Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
remove "-g" from Makefile.am, this should be specified by the user
2008-01-15use umask() to set up file permissions/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-15remove unix socket file on exit/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
don't call INIT_LIST_HEAD on list item when unneeded
2008-01-15use list_del_init() and list_empty() to check if a node is in the list/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
Fix tons of gcc warnings
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
add missing printf arguments
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
import tcp_state_helper only once
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use add_alarm() in mod_alarm()
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use timeradd() since manipulating tv_sec directly
2008-01-15merge several *_alarm() functions into init_alarm()/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
add missing function prototypes
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use the comma operator instead of curly braces
2008-01-15constify queue_iterate()/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
set the return type of the parse functions to "void"
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
fix wrong invocations after prototype cleanup
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
fix shadow warnings by renaming variables or making them local
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
yacc generates a function with a return value, and the conntrackd code uses "return;" to ignore a value. this is not legal. convert all of these to "break;" which might be what the author intended to do.
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
remove prefetch from slist.h since it confuses gcc
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use const when possible
2008-01-15Max Kellermann <max@duempel.org>/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
Use list_for_each_entry() instead of list_for_each()
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
enable gcc warnings, including -Werror
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
the global variable "alarm" conflicts with the alarm() function from unistd.h. resolve that conflict by giving those two global variables a better name.
2008-01-14improve alarm framework based on suggestions from Max Duempel/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-13add support for `conntrack -E -o xml,timestamp'/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-12o remove -lpthread during compilation/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o update library function checking in configure.in
2008-01-11add support for tagged vlan interfaces in the config file, e.g. eth0.1/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-09wake up the daemon iff there are real events to handle instead of polling ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
(Based on comments from Max Kellerman)
2008-01-05fix logfiles permissions, do not default to umask/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05implement buffered connection logging to improve performance/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05rename class `buffer' to `queue' which is what it really implements/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05daemonize conntrackd after initialization/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05obsolete `-S' option: Use information provided by the config file/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05Ben Lentz <BLentz@channing-bete.com>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
Detach daemon from its terminal
2008-01-03o add support for connection logging to the statistics mode via Logfile/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o minor irrelevant fixes for uncommon error paths and fix several typos o use LOG_INFO for connection logging, use LOG_NOTICE for other information o minor error handling updates
2007-12-31- hash lookup speedups based on comments from netdev's discussions/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- minor fix for hash6 in cache.c (however, ipv6 support is still broken - several updates in the TODO file
2007-12-24show error and warning messages to stderr/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-12-23o add support for related conntracks (requires Linux kernel >= 2.6.22)Ayuso/emailAddress=pablo@netfilter.org
o update leftover references to `persistent' and `nack' modes
2007-12-23rename `examples' directory to `doc'Ayuso/emailAddress=pablo@netfilter.org
2007-12-21o Use more appropriate names for the existing synchronization modes:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm
2007-12-21raise ignorepoll limit from 1024 to INT_MAX/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-12-21= conntrack =/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o fix missing `-g' and `-n' options in getopt_long control string o add support for secmark (requires Linux kernel >= 2.6.25) o add mark and secmark information to the manpage o cleanup error message = conntrackd = o add support for secmark (requires Linux kernel >= 2.6.25) o add conntrackd (8) manpage
2007-11-25Add CacheWriteThrough clause: external cache write through policy. This ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
feature is particularly useful for active-active setup without connection persistency, ie. you cannot know which firewall would filter a packet that belongs to a connection.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-25 18:37:51 +0000