Age | Commit message (Collapse) | Author | |
---|---|---|---|
2008-12-18 | configure: bump version to 0.9.9 | Pablo Neira Ayuso | |
This patch bumps the version of the conntrack-tools to 0.9.9. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
2008-12-11 | configure: conntrack-tools requires libnetfilter_conntrack 0.0.99 | Pablo Neira Ayuso | |
This patch updates the dependency between conntrack-tools and libnetfilter_conntrack. This is required because of commit 2473a408abdd79fb4b24c5c56f769791203c0cd8 in libnetfilter_conntrack. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
2008-11-02 | network: rework TLV-based protocol | Pablo Neira Ayuso | |
This patch reworks the TLV-based protocol to reduce the overhead in the message building. The idea is to group some attributes that must be present in a consistent configuration. Putting them together help us to save some cycles in the message building. Now, oprofile reports ~15% of samples in the build path instead of ~25%. CPU consumption for 3000 HTTP GET requests per second (1000 concurrent with apache benchmark tool) is ~45% in my testbed, that is ~19% more consumption than with no replication at all. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
2008-10-21 | conntrackd: bump version to 0.9.8conntrack-tools-0.9.8 | Pablo Neira Ayuso | |
This patch bumps the version to 0.9.8 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
2008-07-23 | add support for kernel-space filtering via BSF | Pablo Neira Ayuso | |
This patch adds support for kernel-space filtering via BSF by means of the libnetfilter_conntrack's BSF high-level API. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
2008-05-22 | add flex version warning (better with >= 2.5.33) | Pablo Neira Ayuso | |
2008-05-16 | - remove (misleading) counters and use information from the statistics mode | Pablo Neira Ayuso | |
- use generic nfct_copy() from libnetfilter_conntrack to update objects - use generic nfct_cmp() to compare objects | |||
2008-04-16 | o fix NAT filtering via --src-nat and --dst-nat (reported by K.Oledzki) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
o recover the ID support o show display counters to stderr o enable filtering by status and ID | |||
2008-04-13 | check for pkg-config before anything (fix bogus missing libraries failure) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2008-04-13 | This is a major improvement of the conntrack command line tool: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
o check for missing source/address IP/ports in creation and get operations o way more flexible conntrack updates and deletions o fix NAT filtering via --src-nat and --dst-nat (reported by K.Oledzki) o show display counters to stderr o minor cleanups | |||
2008-03-25 | Pablo Neira Ayuso <pablo@netfilter.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
o remove .svn directory from make distcheck tarballs (reported by B.Benjamini) + Krzysztof Oledzki <ole@ans.pl>: o fix minor compilation warning | |||
2008-02-09 | o add IPv6 information to synchronization messages | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
o add support for NAT sequence adjustment (requires Linux kernel >= 2.6.25) o remove TODO file from release tarballs | |||
2008-01-15 | minor constification fixes | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
update libnfnetlink dependencies | |||
2008-01-13 | add support for `conntrack -E -o xml,timestamp' | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2008-01-12 | o remove -lpthread during compilation | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
o update library function checking in configure.in | |||
2007-12-21 | = conntrack = | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
o fix missing `-g' and `-n' options in getopt_long control string o add support for secmark (requires Linux kernel >= 2.6.25) o add mark and secmark information to the manpage o cleanup error message = conntrackd = o add support for secmark (requires Linux kernel >= 2.6.25) o add conntrackd (8) manpage | |||
2007-09-12 | add syslog support and bump version | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-09-12 | bump libnetfilter_conntrack version dependency | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-08-06 | conntrack-tools compilation problem (K.Kovacs) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-07-09 | - conntrack-tools requires libnetfilter_conntrack >= 0.0.81 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
- add len field to nethdr - implement buffered send/recv to batch messages - stop using netlink format for network messages: use similar TLV-based format - reduce synchronization messages size up to 60% - introduce periodic alive messages for sync-nack protocol - timeslice alarm implementation: remove alarm pthread, remove locking - simplify debugging functions: use nfct_snprintf instead - remove major use of libnfnetlink functions: use libnetfilter_conntrack API - deprecate conntrackd -F, use conntrack -F instead - major rework of the network infrastructure: much simple, less messy | |||
2007-06-09 | remove dlopen infrastructure: simplification, it was too much for it | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-06-09 | add library dependency checking | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-06-04 | o remove useless backlog parameter in multicast sockets | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
o remove reminiscents of delay destroy message and relax transitions o remove confusing StripNAT parameter: NAT support enabled by default o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o lots of cleanups | |||
2007-05-31 | fix error message in configure.in (Eric Leblond) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-04-25 | fix MODULE_DIR enviroment variable | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-04-17 | - remove overkill recursive Makefile.am definition in examples/ (use EXTRA_DIST) | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2007-04-17 | - bump version to 0.9.3 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
- show 'conntrack-tools' string when 'conntrack -V' is issued - include missing headers to include/Makefile.am | |||
2007-04-16 | first step forward to merge conntrackd and conntrack into the same building ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
chain | |||
2007-04-16 | initial import of the conntrack daemon to Netfilter SVN | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
2006-08-03 | [PATCH 5/6] conntrack pkt-config changes (KOVACS Krisztian <hidden@balabit.hu>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | |
2006-01-15 | o Added missing parameters to set the ports of an expectation tuple | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
o Bumped version to 1.00beta2 | |||
2006-01-07 | use '1.00' instead of '1.0' as version number | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
2005-12-26 | <pablo@netfilter.org> | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
o add IPv6 support: main change o removed dead code: iptables_insmod and get_modprobe o compact the commands vs. options table o move working vars from the stack to the BSS section o update manpage o Bumped version to 1.0beta1 <yasuyuki.kozakai@toshiba.co.jp> o check address family mismatch o fix incomplete copying IPv6 addresses | |||
2005-12-03 | o Add support to filter events. ie: -p tcp --orig-port-dst 80 in | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
conjuction with -E to get all the requests to HTTP servers o Update manpage o Missing static function declaration in the protocol handlers o Use protocol flags defined in libnetfilter_conntrack o Kill leftover #include "conntrack.h" in the ICMP helper o Bumped version to 0.991 | |||
2005-11-14 | update revision to 0.99 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
2005-11-11 | - don't install the header files when 'make install' is run. they're private | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
- don't check for kernel header files, since we don't include any. | |||
2005-11-11 | we don't use libnfnetlink directly, so there is no need for having configure ↵ | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
script checking for it | |||
2005-11-10 | - rename plugisn to remove 'lib' prefix | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
- move them into 'pkglibdir' | |||
2005-11-09 | See ChangeLog | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
2005-11-06 | See ChangeLog | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
2005-10-16 | See ChangeLog | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
2005-09-24 | fix "dist-bzip2" for firt reelase | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
2005-09-24 | major update (See ChangeLog) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
2005-09-23 | make sure we build against KERELDIR! | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
2005-08-08 | Bumped version to 0.80 | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
2005-08-08 | Resync to 2.6.14 and libnfnetlink_conntrack | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
2005-08-08 | Resync to current libnfnetlink_conntrack and 2.6.14 tree | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
2005-06-24 | o Fixed syntax error (tab/space issue) in help message | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
o Fixed getopt handling on big endian machines o Fixed possible future read-over-end-of-array in TCP extension o Add manpage o Add missing space at output of libct_proto_icmp.c o Add status bits that were introduced in 2.6.11 o Add SCTP extension o Add support for expect creation o Bump version number to 0.63 | |||
2005-05-03 | Kill hardcoded CONNTRACK_LIB_DIR=/usr/local/lib, now it uses $prefix value | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
passed by autoshit. | |||
2005-05-01 | o Created changelog file | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
o Deleted libctnetlink.h and libnfnetlink.h from the include/ dir. o Added support for version (-V) and help (-h) o Added event mask based support o Added GPLv2 headers o Use fprintf instead of printf o Defined print_tuple and print_proto output interfaces o ctnl_[get|del]_conntrack handles return value from kernel via msgerr o Added support for conntrack table flushing o Added test case file (test.sh) o Improve dump output o Autoconf stuff for conntrack + some pablo's modifications. o Fixed packet counters formatting (use %llu instead of %lu) |