0bb8765cc28cf1ddde70f3f5bfed96a067b1ead3 - platform/external/iptables

commit	0bb8765cc28cf1ddde70f3f5bfed96a067b1ead3	[log] [tgz]
author	fan.du <fan.du@windriver.com>	Wed Dec 18 11:27:22 2013 +0800
committer	Pablo Neira Ayuso <pablo@netfilter.org>	Tue Dec 24 12:46:20 2013 +0100
tree	5526af0109f6c4552ce46b20cc5587d66b54cd96
parent	99b85b7837707bd6c6d578c9328e1321fceb8082 [diff]

iptables: Add IPv4/6 IPcomp match support

This patch enables user to set iptables ACTIONs for IPcomp
flow specified by its SPI value.

For example:
iptables  -A OUTPUT -p 108 -m ipcomp --ipcompspi 0x12 -j DROP
ip6tables -A OUTPUT -p 108 -m ipcomp --ipcompspi 0x12 -j DROP

IPcomp packet with spi as 0x12 will be dropped.

Signed-off-by: Fan Du <fan.du@windriver.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

extensions/libxt_ipcomp.c[Added - diff]
extensions/libxt_ipcomp.c.man[Added - diff]
include/linux/netfilter/xt_ipcomp.h[Added - diff]

3 files changed

tree: 5526af0109f6c4552ce46b20cc5587d66b54cd96

extensions/
include/
iptables/
libipq/
libiptc/
libxtables/
m4/
tests/
utils/
.gitignore
autogen.sh
COMMIT_NOTES
configure.ac
COPYING
INCOMPATIBILITIES
INSTALL
Makefile.am
release.sh