summaryrefslogtreecommitdiff
path: root/extensions
AgeCommit message (Collapse)Author
2008-10-04conntrack: fix filtering for unsupported protocolPablo Neira Ayuso
This patch fixes filtering for unsupported protocol. Thus, you can use -L -p 47 or -L -p gre to filter `gre' traffic. Based on an initial patch from Bryan Duff <bduff@astrocorp.com>. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2008-04-13fix conntrack -U -p tcp [...]/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-04-13relax parameter checking for UDP and TCP/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-04-12o simplify parameter-handling code/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o check for missing source/address IP/ports o minor cleanups
2008-03-25add missing libct_proto_icmpv6.c/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2008-03-25Krzysztof Oledzki <ole@ans.pl>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o add ICMPv6 (-p icmpv6) support o add possibility to distinguish between invalid (unknown) and empty proto
2008-01-17Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
import only required C headers and put local headers on top to check
2008-01-15Max Kellermann <max@duempel.org>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
Fix tons of gcc warnings
2007-07-18include protocol filter parameters in the manpage/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-18conntrackd:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst
2007-06-09remove dlopen infrastructure: simplification, it was too much for it/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-04add aliases --sport and --dport to make it more iptables-like/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-05-20- introduce cache_iterate/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- empty debug_ct function if DEBUG_CT is not set - revisit overrun handler: this is a hard battle, just try to do our best here, call Patrick :) - explicit warning message when netlink_buffer_max_growth is reached - fix silly bug in stats-mode when dumping in XML format - fix UDP handler for conntrack
2007-05-07o introduce '--output xml,extended,timestamp' option for '-L', '-G' and '-E'/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o several fixes for the output of usage messages
2007-05-06- add warning note to ctnl_test.c: old API is deprecated/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- split expect_api_test.c into small example files expect_*.c - introduce alias tags for original tuple attributes - introduce nfexp_sizeof and nfexp_maxsize - build expectation attributes iif they are set - fix l3num setting in expect/build.c
2007-04-16first step forward to merge conntrackd and conntrack into the same building ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
chain
2007-04-16initial import of the conntrack daemon to Netfilter SVN/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2006-03-19fix ICMP protocol extension parse callback/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2006-01-15o Added missing parameters to set the ports of an expectation tuple/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o Bumped version to 1.00beta2
2005-12-04o Restore include "conntrack.h" in ICMP handler/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o Add missing flags coversion in SCTP handler
2005-12-03o Add support to filter events. ie: -p tcp --orig-port-dst 80 in/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
conjuction with -E to get all the requests to HTTP servers o Update manpage o Missing static function declaration in the protocol handlers o Use protocol flags defined in libnetfilter_conntrack o Kill leftover #include "conntrack.h" in the ICMP helper o Bumped version to 0.991
2005-11-14use AM_CFLAGS, not CFLAGS/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
2005-11-14- get rid of KERNELDIR/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
- use Make_global.am
2005-11-11don't use library versioning for extensions/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
2005-11-10- rename plugisn to remove 'lib' prefix/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
- move them into 'pkglibdir'
2005-11-06See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-11-03See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-11-03See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-10-31See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-10-28See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-10-27See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-10-16See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-10-16See ChangeLog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-10-07See Changelog/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-09-24fix "dist-bzip2" for firt reelase/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
2005-09-24major update (See ChangeLog)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
2005-09-23make sure we build against KERELDIR!/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
2005-08-08Bumped version to 0.80/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-08-08Resync to 2.6.14 and libnfnetlink_conntrack/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-08-08Resync to current libnfnetlink_conntrack and 2.6.14 tree/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-08-02More re-sync to work fine with current ip_conntrack_netlink implementation/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
available in Harald's 2.6.14 tree.
2005-07-22major re-sync with current names/definitions in libctnetlink and kernel/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
2005-07-12o Use conntrack netlink attributes: Major change/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o Kill action setting: Mask based dumping
2005-06-24o Fixed syntax error (tab/space issue) in help message/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
o Fixed getopt handling on big endian machines o Fixed possible future read-over-end-of-array in TCP extension o Add manpage o Add missing space at output of libct_proto_icmp.c o Add status bits that were introduced in 2.6.11 o Add SCTP extension o Add support for expect creation o Bump version number to 0.63
2005-05-24Added missing libct_proto_icmp file/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-05-17o Added descriptive error messages./C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o Fix wrong flags check in [tcp|udp] proto helpers.
2005-05-15Completed some stuff related to protocol helpers:/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o final_check o help o ICMP support
2005-05-01o Created changelog file/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o Deleted libctnetlink.h and libnfnetlink.h from the include/ dir. o Added support for version (-V) and help (-h) o Added event mask based support o Added GPLv2 headers o Use fprintf instead of printf o Defined print_tuple and print_proto output interfaces o ctnl_[get|del]_conntrack handles return value from kernel via msgerr o Added support for conntrack table flushing o Added test case file (test.sh) o Improve dump output o Autoconf stuff for conntrack + some pablo's modifications. o Fixed packet counters formatting (use %llu instead of %lu)
2005-04-25Major resync/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-04-16add pablo's conntrack tool/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org