9:06 a.m.
From: Daniel Wagner <daniel.wagner(a)bmw-carit.de>
Thanks Dragos for testing and feedback. I tested NAT so far which
works nicely for me.
changes v4:
- fixed nat rule (routing)
- rebased on current HEAD
changes v3:
- fixed error handling when cleaning up (this time for real)
- dropped chain handlers (not used)
- tell kernel to load modules if needed via NLM_F_CREATE
- mask saddr address with netmask for NAT rule (bug fix)
changes v2:
- rebased to current master
- fixed some error handling path (memory leak)
- fixed typo and error handling reported by dtatulea
- compiler complains
- issue no warning if table cleaning up was successful
Daniel Wagner (6):
session: Install SNAT rules only once per device
firewall: Initialize iptables directly from firewall.c
firewall: Add explicit feature API
firewall: Rename firewall.c to firewall-iptables.c
firewall: Add nftables build infrastructure
firewall-nftables: Add nftable support for firewall
Makefile.am | 48 +-
configure.ac | 31 +-
src/connman.h | 22 +-
src/firewall-iptables.c | 622 +++++++++++++++++++++++++
src/firewall-nftables.c | 1153 +++++++++++++++++++++++++++++++++++++++++++++++
src/firewall.c | 542 ----------------------
src/main.c | 2 -
src/nat.c | 21 +-
src/session.c | 187 ++++----
tools/iptables-unit.c | 112 -----
10 files changed, 1940 insertions(+), 800 deletions(-)
create mode 100644 src/firewall-iptables.c
create mode 100644 src/firewall-nftables.c
delete mode 100644 src/firewall.c
--
2.7.4