| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2008-01-18 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| Simplify logging infrastructure | |||
| 2008-01-17 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| import only required C headers and put local headers on top to check | |||
| 2008-01-17 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| use size_t for buffer sizes | |||
| 2008-01-17 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| add buffer_destroy() to buffer.c | |||
| 2008-01-17 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| use C99 integers (uint32_t instead of u_int32_t) | |||
| 2008-01-15 | remove unix socket file on exit | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | minor constification fixes | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| update libnfnetlink dependencies | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| Fix tons of gcc warnings | |||
| 2008-01-15 | merge several *_alarm() functions into init_alarm() | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | add traffic_stats.h and netlink.h to include/Makefile.am | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | Add include/netlink.h and include/traffic_stats.h | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| add missing function prototypes | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| use the comma operator instead of curly braces | |||
| 2008-01-15 | constify queue_iterate() | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| remove prefetch from slist.h since it confuses gcc | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| use const when possible | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| the global variable "alarm" conflicts with the alarm() function from unistd.h. resolve that conflict by giving those two global variables a better name. | |||
| 2008-01-14 | improve alarm framework based on suggestions from Max Duempel | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-09 | wake up the daemon iff there are real events to handle instead of polling ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| (Based on comments from Max Kellerman) | |||
| 2008-01-07 | fix make distcheck | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-05 | implement buffered connection logging to improve performance | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-05 | rename class `buffer' to `queue' which is what it really implements | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-05 | obsolete `-S' option: Use information provided by the config file | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-03 | o add support for connection logging to the statistics mode via Logfile | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| o minor irrelevant fixes for uncommon error paths and fix several typos o use LOG_INFO for connection logging, use LOG_NOTICE for other information o minor error handling updates | |||
| 2007-12-21 | o Use more appropriate names for the existing synchronization modes: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm | |||
| 2007-12-21 | = conntrack = | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| o fix missing `-g' and `-n' options in getopt_long control string o add support for secmark (requires Linux kernel >= 2.6.25) o add mark and secmark information to the manpage o cleanup error message = conntrackd = o add support for secmark (requires Linux kernel >= 2.6.25) o add conntrackd (8) manpage | |||
| 2007-11-25 | Add CacheWriteThrough clause: external cache write through policy. This ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| feature is particularly useful for active-active setup without connection persistency, ie. you cannot know which firewall would filter a packet that belongs to a connection. | |||
| 2007-09-12 | add syslog support and bump version | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2007-07-18 | conntrackd: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst | |||
| 2007-07-09 | - conntrack-tools requires libnetfilter_conntrack >= 0.0.81 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - add len field to nethdr - implement buffered send/recv to batch messages - stop using netlink format for network messages: use similar TLV-based format - reduce synchronization messages size up to 60% - introduce periodic alive messages for sync-nack protocol - timeslice alarm implementation: remove alarm pthread, remove locking - simplify debugging functions: use nfct_snprintf instead - remove major use of libnfnetlink functions: use libnetfilter_conntrack API - deprecate conntrackd -F, use conntrack -F instead - major rework of the network infrastructure: much simple, less messy | |||
| 2007-06-19 | - more cleanups and code refactorization | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - remove several debug calls - create a child to dispatch dump requests: this will help to simplify the current locking schema. Later. | |||
| 2007-06-13 | - local requests return EXIT_FAILURE if it can't connect to the daemon | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - several cleanups | |||
| 2007-06-09 | remove dlopen infrastructure: simplification, it was too much for it | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2007-06-04 | o remove useless backlog parameter in multicast sockets | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| o remove reminiscents of delay destroy message and relax transitions o remove confusing StripNAT parameter: NAT support enabled by default o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o lots of cleanups | |||
| 2007-05-24 | simplify checksum code: use UDP/multicast checksum facilities | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2007-05-20 | - introduce cache_iterate | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - empty debug_ct function if DEBUG_CT is not set - revisit overrun handler: this is a hard battle, just try to do our best here, call Patrick :) - explicit warning message when netlink_buffer_max_growth is reached - fix silly bug in stats-mode when dumping in XML format - fix UDP handler for conntrack | |||
| 2007-05-18 | - remove dead code sync-mode.c | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - flush nack queue in the conntrackd -f path - do not increase add_fail counter for EEXIST errors - cleanup sync-nack code - improve mcast_recv_netmsg: sanity check before checksumming! | |||
| 2007-05-07 | o introduce '--output xml,extended,timestamp' option for '-L', '-G' and '-E' | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| o several fixes for the output of usage messages | |||
| 2007-05-06 | - add warning note to ctnl_test.c: old API is deprecated | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - split expect_api_test.c into small example files expect_*.c - introduce alias tags for original tuple attributes - introduce nfexp_sizeof and nfexp_maxsize - build expectation attributes iif they are set - fix l3num setting in expect/build.c | |||
| 2007-04-17 | - bump version to 0.9.3 | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| - show 'conntrack-tools' string when 'conntrack -V' is issued - include missing headers to include/Makefile.am | |||
| 2007-04-16 | first step forward to merge conntrackd and conntrack into the same building ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| chain | |||
| 2007-04-16 | initial import of the conntrack daemon to Netfilter SVN | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2006-06-19 | [PATCH] fix conntrack compilation (Eric Leblond <eric@inl.fr>) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org | |
| 2006-01-15 | o Added missing parameters to set the ports of an expectation tuple | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
| o Bumped version to 1.00beta2 | |||
| 2005-12-26 | <pablo@netfilter.org> | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
| o add IPv6 support: main change o removed dead code: iptables_insmod and get_modprobe o compact the commands vs. options table o move working vars from the stack to the BSS section o update manpage o Bumped version to 1.0beta1 <yasuyuki.kozakai@toshiba.co.jp> o check address family mismatch o fix incomplete copying IPv6 addresses | |||
| 2005-11-22 | Fixed oversized number of options (Marcus Sundberg) | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
| 2005-11-14 | some libc's don't have IPPROTO_SCTP yet | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
| 2005-11-11 | - don't install the header files when 'make install' is run. they're private | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
| - don't check for kernel header files, since we don't include any. | |||
| 2005-11-10 | - rename plugisn to remove 'lib' prefix | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org | |
| - move them into 'pkglibdir' | |||
| 2005-11-06 | See ChangeLog | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org | |
 |
index : conntrack-tools.git | |
| conntrack-tools i.e. conntrack and conntrackd (mirror of https://github.com/vyos/conntrack-tools.git) |
| summaryrefslogtreecommitdiff |