From: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
To: netfilter-devel@vger.kernel.org
Cc: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Subject: [iptables-nftables - RFC v2 PATCH 00/17] Xtables extensions: full support (pure nft or compat layer)
Date: Thu, 25 Jul 2013 20:16:20 +0300 [thread overview]
Message-ID: <1374772597-20548-1-git-send-email-tomasz.bursztyka@linux.intel.com> (raw)
Hi,
Ok I won't repeat the long text about this RFC here again.
For more information, look at mail thread: "[iptables-nftables - RFC PATCH 00/15] Xtables extensions: full support (pure nft or compat layer)"
I applied the basic changes I told.
Note: this version still requires to be built with --enable-static. See patch 9.
Thanks,
Tomasz Bursztyka (17):
nft: Remove useless function
xtables: Add support for injecting xtables target into nft rule
xtables: add support for injecting xtables matches into nft rule
nft: Add nft expressions translation engine as a library
nft: Integrate nft translator engine in current core
nft: Manage xtables target parsing through translation tree
nft: Manage xtables matches through nft translation tree
nft: Add support for xtables extensions callback to change cs
xtables: Add support for registering nft translation function for
target
xtables: Add support for registering nft translation function for
match
nft: Register all relevant xtables extensions into translation tree
nft: Refactor firewall printing so it reuses already parsed cs struct
nft: Refactor rule deletion so it compares both cs structure
xtables: nft: Complete refactoring on how rules are saved
xtables: Support pure nft expressions for DNAT extension
nft: Add a function to reset the counters of an existing rule
xtables: Support -Z options for a given rule number
Makefile.am | 3 +
configure.ac | 8 +
extensions/GNUmakefile.in | 1 +
extensions/libipt_DNAT.c | 221 +++++++++
include/nft-translator.h | 81 ++++
include/xtables.h | 13 +
iptables/Makefile.am | 3 +-
iptables/nft-ipv4.c | 125 ++---
iptables/nft-ipv6.c | 81 ++--
iptables/nft-shared.c | 72 ++-
iptables/nft-shared.h | 23 +-
iptables/nft-xt-ext.c | 178 ++++++++
iptables/nft-xt-ext.h | 14 +
iptables/nft.c | 934 +++++++++++++-------------------------
iptables/nft.h | 9 +-
iptables/xtables-events.c | 21 +-
iptables/xtables.c | 15 +-
libnfttrans/.nft-translator.c.swp | Bin 0 -> 28672 bytes
libnfttrans/Makefile.am | 28 ++
libnfttrans/libnfttrans.pc | 11 +
libnfttrans/libnfttrans.pc.in | 11 +
libnfttrans/nft-translator.c | 571 +++++++++++++++++++++++
22 files changed, 1637 insertions(+), 786 deletions(-)
create mode 100644 include/nft-translator.h
create mode 100644 iptables/nft-xt-ext.c
create mode 100644 iptables/nft-xt-ext.h
create mode 100644 libnfttrans/.nft-translator.c.swp
create mode 100644 libnfttrans/Makefile.am
create mode 100644 libnfttrans/libnfttrans.pc
create mode 100644 libnfttrans/libnfttrans.pc.in
create mode 100644 libnfttrans/nft-translator.c
--
1.8.3.2
next reply other threads:[~2013-07-25 17:16 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-25 17:16 Tomasz Bursztyka [this message]
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 01/17] nft: Remove useless function Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 02/17] xtables: Add support for injecting xtables target into nft rule Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 03/17] xtables: add support for injecting xtables matches " Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 04/17] nft: Add nft expressions translation engine as a library Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 05/17] nft: Integrate nft translator engine in current core Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 06/17] nft: Manage xtables target parsing through translation tree Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 07/17] nft: Manage xtables matches through nft " Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 08/17] nft: Add support for xtables extensions callback to change cs Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 09/17] xtables: Add support for registering nft translation function for target Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 10/17] xtables: Add support for registering nft translation function for match Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 11/17] nft: Register all relevant xtables extensions into translation tree Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 12/17] nft: Refactor firewall printing so it reuses already parsed cs struct Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 13/17] nft: Refactor rule deletion so it compares both cs structure Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 14/17] xtables: nft: Complete refactoring on how rules are saved Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 15/17] xtables: Support pure nft expressions for DNAT extension Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 16/17] nft: Add a function to reset the counters of an existing rule Tomasz Bursztyka
2013-07-25 17:16 ` [iptables-nftables - RFC v2 PATCH 17/17] xtables: Support -Z options for a given rule number Tomasz Bursztyka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1374772597-20548-1-git-send-email-tomasz.bursztyka@linux.intel.com \
--to=tomasz.bursztyka@linux.intel.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).