This fixes an iptables link error when kernel config include
CONFIG_NETFILTER_XT_MATCH_STATISTIC=y
related to the missing -lm argument on the linker command line. Error is caused
by
the odd looking linker argument ${$*_LIBADD} which get expanded to an empty
string.
Signed-off-by: Alin Nastac
From: Alin Nastac <alin.nas...@gmail.com>
Reproduction scenario:
- use 3 interfaces with 3 different zones - lan, wan and guest
- configure firewall to allow forwarding from lan to wan
- add DROP rule to prevent forwarding from lan to guest
- although packets are forwarded from lan
generated by zone_guest_dest_DROP chain
Signed-off-by: Alin Nastac <alin.nas...@gmail.com>
---
zones.c | 74 ++---
1 file changed, 62 insertions(+), 12 deletions(-)
diff --git a/zones.c b/zones.c
index e00d527..1f55aa6 100644
---
When -1 is written in /proc/sys/net/ipv4/neigh//locktime,
kernel disables ARP trashing protection. A value of 0 does not completely
disable this protection, a second ARP update being discarded if it
is processed during the same jiffie as the first update.
Signed-off-by: Alin Nastac <alin.
s obtained, sysntpd would be stopped
Because sysntpd service is deleted when last instance is freed, its triggers
will also be released. Without these triggers in place, sysntpd will not be
reloaded when a new DHCP lease containing option 42 will be received.
Signed-off-by: Alin Nastac <alin.nas
Signed-off-by: Alin Nastac <alin.nas...@gmail.com>
---
service/service.c | 5 -
service/service.h | 1 +
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/service/service.c b/service/service.c
index 0584ee0..9675ba2 100644
--- a/service/service.c
+++ b/service/service.c
@@
SIGKILL is sent if instance process is still running after
seconds after SIGTERM has been sent. To prevent
another daemon process being launched before old process dies,
the instance is kept until SIGCHLD confirms that service has
been stopped.
Signed-off-by: Alin Nastac <alin.nas...@gmail.
in the NA packet.
Signed-off-by: Alin Nastac <alin.nas...@gmail.com>
---
device.c | 10 ++
device.h | 3 +++
system-linux.c | 20
3 files changed, 33 insertions(+)
diff --git a/device.c b/device.c
index 43881e5..306496c 100644
--- a/device.c
+++ b/de
This patch was copied from
http://www.spinics.net/lists/netfilter/msg56704.html .
---
.../patches/100-udp_checksum_computation.patch | 95 ++
1 file changed, 95 insertions(+)
create mode 100644
package/libs/libnetfilter-queue/patches/100-udp_checksum_computation.patch
The UCI parameter neighgcstaletime allows to control how much time will
STALE entries be kept in the neighbour table for both IPv4 and IPv6.
Signed-off-by: Alin Nastac <alin.nas...@gmail.com>
---
device.c | 14 ++
device.h | 4
system-linux.
10 matches
Mail list logo