Permalink
Commits on Apr 6, 2013
  1. Preserve per-protocol family libxtables globals.

    Libxtables uses quite a few global variables, and unfortunately there are
    protocol-specific extensions using the same name for multiple protocols, e.g.
    REJECT exists both for IPv4 and for IPv6.  Since registering/looking up an
    extension is based on the name of the extension, this means the protocol whose
    extension is registered first will prevent any further extensions with the
    same name from registering.
    
    Solution: save our per-protocol libxtables global variables every time after
    we returned from a call into libxtables, and restore them before calling
    again. We're using singleton xtables instances for each protocol family, so we
    can manage that on a per-instance basis.
    
    However, extensions with AF_UNSPEC are only registered once, for the first
    protocol that uses them. Call their init function manually to force them to
    register to our protocol family as well, but record each loaded extension.
    This is necessary, since xtables will just exit() if it finds that an
    extension has already been registered.
    ldx committed with Mar 11, 2013
  2. Update test case.

    Update test to trigger issue #20.
    ldx committed with Mar 11, 2013
Commits on Apr 4, 2013
  1. Whitespace fixes.

    ldx committed Apr 4, 2013
  2. Make sure extension.flags is up to date.

    When we retrieve rules from iptables, reapply all parameters from the
    entry, so that the (match|target).(m|t)flags get updated. This commit
    fixes #22.
    ldx committed Apr 4, 2013
  3. Always set up entry pointer for extension.

    ldx committed Apr 4, 2013
  4. Fix extension callbacks invocations.

    Make sure that if we call an extension callback it is done via a
    wrapper to be able to catch problems.
    ldx committed Apr 4, 2013
Commits on Mar 10, 2013
  1. Use python attributes for x6_* checks.

    ldx committed Mar 10, 2013
Commits on Mar 7, 2013
Commits on Mar 6, 2013
  1. Simplify API check in xtables.py.

    ldx committed Mar 6, 2013
  2. Eliminate pylint & pyflakes warnings.

    ldx committed Mar 6, 2013
  3. Remove unnecessary struct _xtables_*_vall.

    ldx committed Mar 6, 2013
Commits on Mar 5, 2013
  1. Extend IPv6 rule iteration test.

    ldx committed Mar 5, 2013
  2. Flush test chain in tearDown().

    ldx committed Mar 5, 2013
Commits on Mar 4, 2013
  1. README -> README.md.

    ldx committed Mar 4, 2013
  2. Move code finding native libraries to util.py.

    Now we use util.find_library() to find both system libraries and our
    libxtwrapper.so.
    ldx committed Mar 4, 2013
Commits on Mar 3, 2013
  1. Update README.md.

    ldx committed Mar 3, 2013
  2. Make README use markdown.

    ldx committed Mar 3, 2013
  3. Fix target/match option check.

    ldx committed Mar 3, 2013
  4. Check counter zeroing multiple times.

    Since it may happen, that packets arrive between counter zeroing
    and checking, run this test multiple times.
    ldx committed Mar 3, 2013
  5. Test chain is flushed in tearDown().

    ldx committed Mar 3, 2013
  6. Test chain is flushed in tearDown().

    ldx committed Mar 3, 2013
  7. Flush test chain in tearDown().

    ldx committed Mar 3, 2013
  8. Use is_table_available() to check tables.

    In Table._get_tables() and Table6._get_tables() check whether a table
    is available.
    ldx committed Mar 3, 2013
  9. Only add available test suites.

    ldx committed Mar 3, 2013
  10. Only test tables that can be loaded.

    It may happen that kernel modules for certain tables are missing -
    thus we can't test them. Make sure we only run tests where the table
    is available.
    ldx committed Mar 3, 2013
  11. Extend Table test.

    ldx committed Mar 3, 2013
  12. Extend Table6 test.

    ldx committed Mar 3, 2013