summaryrefslogtreecommitdiff
path: root/ChangeLog
AgeCommit message (Collapse)Author
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
add missing function prototypes
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use the comma operator instead of curly braces
2008-01-15constify queue_iterate()/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
set the return type of the parse functions to "void"
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
fix wrong invocations after prototype cleanup
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
fix shadow warnings by renaming variables or making them local
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
yacc generates a function with a return value, and the conntrackd code uses "return;" to ignore a value. this is not legal. convert all of these to "break;" which might be what the author intended to do.
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
remove prefetch from slist.h since it confuses gcc
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
use const when possible
2008-01-15Max Kellermann <max@duempel.org>/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
Use list_for_each_entry() instead of list_for_each()
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
enable gcc warnings, including -Werror
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
the global variable "alarm" conflicts with the alarm() function from unistd.h. resolve that conflict by giving those two global variables a better name.
2008-01-14improve alarm framework based on suggestions from Max Duempel/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-13add support for `conntrack -E -o xml,timestamp'/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-12o remove -lpthread during compilation/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o update library function checking in configure.in
2008-01-11add support for tagged vlan interfaces in the config file, e.g. eth0.1/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-09wake up the daemon iff there are real events to handle instead of polling ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
(Based on comments from Max Kellerman)
2008-01-05fix logfiles permissions, do not default to umask/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05implement buffered connection logging to improve performance/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05rename class `buffer' to `queue' which is what it really implements/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05daemonize conntrackd after initialization/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05obsolete `-S' option: Use information provided by the config file/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-01-05Ben Lentz <BLentz@channing-bete.com>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
Detach daemon from its terminal
2008-01-03o add support for connection logging to the statistics mode via Logfile/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o minor irrelevant fixes for uncommon error paths and fix several typos o use LOG_INFO for connection logging, use LOG_NOTICE for other information o minor error handling updates
2007-12-31- hash lookup speedups based on comments from netdev's discussions/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- minor fix for hash6 in cache.c (however, ipv6 support is still broken - several updates in the TODO file
2007-12-24show error and warning messages to stderr/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-12-23o add support for related conntracks (requires Linux kernel >= 2.6.22)Ayuso/emailAddress=pablo@netfilter.org
o update leftover references to `persistent' and `nack' modes
2007-12-23rename `examples' directory to `doc'Ayuso/emailAddress=pablo@netfilter.org
2007-12-21o Use more appropriate names for the existing synchronization modes:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm
2007-12-21raise ignorepoll limit from 1024 to INT_MAX/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-12-21= conntrack =/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o fix missing `-g' and `-n' options in getopt_long control string o add support for secmark (requires Linux kernel >= 2.6.25) o add mark and secmark information to the manpage o cleanup error message = conntrackd = o add support for secmark (requires Linux kernel >= 2.6.25) o add conntrackd (8) manpage
2007-11-25Add CacheWriteThrough clause: external cache write through policy. This ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
feature is particularly useful for active-active setup without connection persistency, ie. you cannot know which firewall would filter a packet that belongs to a connection.
2007-09-12add syslog support and bump version/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-09-12Remove window tracking disabling limitation (requires Linux kernel >= 2.6.22)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-08-08improve INSTALL file/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-08-06conntrack-tools compilation problem (K.Kovacs)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-29conntrackd requires the connection tracking event API: insist more in INSTALL/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-28remove script_fault.sh script/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-28prepare 0.9.5 release/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-19- simplify cache_flush function: use cache_del()/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-18include protocol filter parameters in the manpage/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-18conntrackd:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst
2007-07-09- conntrack-tools requires libnetfilter_conntrack >= 0.0.81 /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- add len field to nethdr - implement buffered send/recv to batch messages - stop using netlink format for network messages: use similar TLV-based format - reduce synchronization messages size up to 60% - introduce periodic alive messages for sync-nack protocol - timeslice alarm implementation: remove alarm pthread, remove locking - simplify debugging functions: use nfct_snprintf instead - remove major use of libnfnetlink functions: use libnetfilter_conntrack API - deprecate conntrackd -F, use conntrack -F instead - major rework of the network infrastructure: much simple, less messy
2007-07-02fix dyslexia bug in Changelog (Pablo... we live in 2007, not in 2006) andsvn_t_conntrack-tools-0.9.4/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
update release date of conntrack-tools 0.9.4
2007-06-25fork when internal/external dump and commit requests are received/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-19- more cleanups and code refactorization/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- remove several debug calls - create a child to dispatch dump requests: this will help to simplify the current locking schema. Later.
2007-06-13- local requests return EXIT_FAILURE if it can't connect to the daemon/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- several cleanups
2007-06-09remove dlopen infrastructure: simplification, it was too much for it/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-09add library dependency checking/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-09- add support for `-L --src-nat' and `-L --dst-nat' to show natted connections/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- update conntrack(8) manpage
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-22 23:23:54 +0000