conntrack-tools.git - conntrack-tools i.e. conntrack and conntrackd (mirror of https://github.com/vyos/conntrack-tools.git)

Age	Commit message (Collapse)	Author
2012-03-27	icmp[v6]: --icmp[v6]-[type\|code] are optional for updates and deletes	Pablo Neira Ayuso
	Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2011-02-22	conntrack: support SYN_SENT2 TCP state as --state parameter	Pablo Neira Ayuso
	Since Linux kernel 2.6.31, the LISTEN state is SYN_SENT2. With this patch, we allow to use -p tcp --state SYN_SENT2 which was not possible so far. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-12-23	conntrack: fix manually created TCP entries with window tracking enabled	Pablo Neira Ayuso
	With this patch, we allow to manually create TCP entries in the table. Basically, we disable TCP window tracking for this entry to avoid problems. Reported-by: Roman Fiedler <roman.fiedler@ait.ac.at> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-04-24	conntrack: add DCCP role parameter for conntrack creation	Pablo Neira Ayuso
	This patch adds `--role' parameter for DCCP which is required to create entries. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-04-18	conntrack: add GRE support	Pablo Neira Ayuso
	This patch adds GRE support for the command line tool conntrack. With this patch, we support all protocols available in the kernel. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.
2009-04-11	conntrack: add DCCP support	Pablo Neira Ayuso
	This patch adds DCCP support for the command line tool conntrack. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-04-11	conntrack: add SCTP support	Pablo Neira Ayuso
	This patch adds SCTP support to the command line tool conntrack. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-04-11	conntrack: add UDPlite support	Pablo Neira Ayuso
	This patch adds UDPlite support for the command line tool conntrack. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-04-11	conntrack: fix coupled-options sanity checkings	Pablo Neira Ayuso
	This patch extends the generic_opt_check() function to add extra information on the possible option combinations. Under some specific situations, like the creation and getting of a conntrack, you may specify the original or the reply tuple but at least one MUST be present. This handling has been always tricky, it still remains but we're more user friendly at least. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-04-11	conntrack: save one indent in the TCP support	Pablo Neira Ayuso
	This patch saves one extra indent in the switch(). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-04-11	conntrack: cleanup error output with `-p tcp --state'	Pablo Neira Ayuso
	This patch also removes a new line that is not required in the error message. # conntrack -L -p tcp --state CLOS conntrack v0.9.12 (conntrack-tools): Unknown TCP state CLOS > empty line < Try `conntrack -h' or 'conntrack --help' for more information.
2009-04-10	conntrack: remove hardcoded iteration in TCP support	Pablo Neira Ayuso
	This patch is a cleanup, it removes a hardcoded iteration in the TCP support. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-03-06	extensions: remove use of old libnetfilter API flags	Pablo Neira Ayuso
	This patch removes the use of the obsolete old libnetfilter protocol flags. This patch also improves error reporting in TCP and UDP. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2009-02-08	conntrack: allow use of --state with -D	Pablo Neira Ayuso
	With this patch, you can use -p tcp --state to delete based on the protocol state. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2008-11-18	conntrack: cleanup command line tool protocol extensions	Pablo Neira Ayuso
	This patch cleans up the protocol extensions. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2008-10-04	conntrack: fix filtering for unsupported protocol	Pablo Neira Ayuso
	This patch fixes filtering for unsupported protocol. Thus, you can use -L -p 47 or -L -p gre to filter `gre' traffic. Based on an initial patch from Bryan Duff <bduff@astrocorp.com>. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2008-04-13	fix conntrack -U -p tcp [...]	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org

2008-04-13	relax parameter checking for UDP and TCP	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org

2008-04-12	o simplify parameter-handling code	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	o check for missing source/address IP/ports o minor cleanups
2008-03-25	add missing libct_proto_icmpv6.c	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org

2008-03-25	Krzysztof Oledzki <ole@ans.pl>:	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	o add ICMPv6 (-p icmpv6) support o add possibility to distinguish between invalid (unknown) and empty proto
2008-01-17	Max Kellermann <max@duempel.org>:	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	import only required C headers and put local headers on top to check
2008-01-15	Max Kellermann <max@duempel.org>:	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	Fix tons of gcc warnings
2007-07-18	include protocol filter parameters in the manpage	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org

2007-07-18	conntrackd:	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	- use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L\|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst
2007-06-09	remove dlopen infrastructure: simplification, it was too much for it	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org

2007-06-04	add aliases --sport and --dport to make it more iptables-like	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org

2007-05-20	- introduce cache_iterate	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	- empty debug_ct function if DEBUG_CT is not set - revisit overrun handler: this is a hard battle, just try to do our best here, call Patrick :) - explicit warning message when netlink_buffer_max_growth is reached - fix silly bug in stats-mode when dumping in XML format - fix UDP handler for conntrack
2007-05-07	o introduce '--output xml,extended,timestamp' option for '-L', '-G' and '-E'	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	o several fixes for the output of usage messages
2007-05-06	- add warning note to ctnl_test.c: old API is deprecated	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	- split expect_api_test.c into small example files expect_*.c - introduce alias tags for original tuple attributes - introduce nfexp_sizeof and nfexp_maxsize - build expectation attributes iif they are set - fix l3num setting in expect/build.c
2007-04-16	first step forward to merge conntrackd and conntrack into the same building ↵	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
	chain
2007-04-16	initial import of the conntrack daemon to Netfilter SVN	/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org

2006-03-19	fix ICMP protocol extension parse callback	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2006-01-15	o Added missing parameters to set the ports of an expectation tuple	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
	o Bumped version to 1.00beta2
2005-12-04	o Restore include "conntrack.h" in ICMP handler	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
	o Add missing flags coversion in SCTP handler
2005-12-03	o Add support to filter events. ie: -p tcp --orig-port-dst 80 in	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
	conjuction with -E to get all the requests to HTTP servers o Update manpage o Missing static function declaration in the protocol handlers o Use protocol flags defined in libnetfilter_conntrack o Kill leftover #include "conntrack.h" in the ICMP helper o Bumped version to 0.991
2005-11-14	use AM_CFLAGS, not CFLAGS	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org

2005-11-14	- get rid of KERNELDIR	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
	- use Make_global.am
2005-11-11	don't use library versioning for extensions	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org

2005-11-10	- rename plugisn to remove 'lib' prefix	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
	- move them into 'pkglibdir'
2005-11-06	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-11-03	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-11-03	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-10-31	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-10-28	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-10-27	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-10-16	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-10-16	See ChangeLog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-10-07	See Changelog	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org

2005-09-24	fix "dist-bzip2" for firt reelase	/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org