Skip to content

bbkgh/xtables-addons

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

755 Commits

doc

doc

 
 

extensions

extensions

 
 

geoip

geoip

 
 

include

include

 
 

m4

m4

 
 

.gitignore

.gitignore

 
 

INSTALL

INSTALL

 
 

LICENSE

LICENSE

 
 

Makefile.am

Makefile.am

 
 

Makefile.extra

Makefile.extra

 
 

Makefile.iptrules.in

Makefile.iptrules.in

 
 

Makefile.mans.in

Makefile.mans.in

 
 

README

README

 
 

autogen.sh

autogen.sh

 
 

configure.ac

configure.ac

 
 

mconfig

mconfig

 
 

sources

sources

 
 

xa-download-more

xa-download-more

 
 

xtables-addons.8.in

xtables-addons.8.in

 
 

Repository files navigation

Sitfilter
=========

This repo includes 'sitfilter' to Xtables-addons, this is the
only change from the original one. The 'sitfilter' allows to
match IPv6 packets inside IPv4 packets. Example:

	iptables -A INPUT -p ipv6 -i eth0 -m sitfilter \
                --v4-start 0 --v6-start 96 --bit-len 32 -j ACCEPT
	iptables -A INPUT -p ipv6 -i eth0 -j DROP

This work was based on: 
        http://jengelh.medozas.de/documents/Netfilter_Modules.pdf

Special thanks to:
        Denis Lubineau (IUT)
        Dominique Fournier (CRIC)
        Laurent Neiger (CRIC)
        Yannis Rossetto (CRIC)

Xtables-addons
==============

Xtables-addons is the proclaimed successor to patch-o-matic(-ng). It
contains extensions that were not accepted in the main Xtables
package.

Xtables-addons is different from patch-o-matic in that you do not
have to patch or recompile either kernel or Xtables(iptables). But
please see the INSTALL file for the minimum requirements of this
package.

All code imported from patch-o-matic has been reviewed and all
apparent bugs like binary stability across multiarches, missing
sanity checks and incorrect endianess handling have been fixed,
simplified, and sped up.


Included in this package
========================
- ipset 6.10-genl
- xt_ACCOUNT 1.16, libxt_ACCOUNT 1.3


Inclusion into a kernel tree
============================




External extensions
===================

The program "xa-download-more" can be used to download more
extensions from 3rd parties into the source tree. The URLs are listed
in the "sources" file. If the "sources" file contains an entry like

	http://foobar.org/xa/

xa-download-more will inspect http://foobar.org/xa/xa-index.txt for
files to download. That file may contain

	foobar.tar.bz2

and xa-download-more will then retrieve and unpack
http://foobar.org/xa/foobar.tar.bz2.

Files that should be contained in the tarball are an mconfig and
Kbuild files to control building the extension, libxt_foobar.c for
the userspace extension and xt_foobar.c for the kernel extension.

	mconfig.foobar
	extensions/Kbuild.foobar
	extensions/Mbuild.foobar
	extensions/libxt_foobar.c
	extensions/libxt_foobar.man
	extensions/xt_foobar.c
	extensions/xt_foobar.h

About

6in4 iptables filter. This filter allow users to match certain bits of an IPv6 address inside an IPv4 packet.

Resources

Readme

License

GPL-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 91.1%
  • Roff 6.7%
  • Other 2.2%