SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for nftables-1.0.9-87.19.i586.rpm :

* Thu Jan 04 2024 Dirk Müller - buildrequire setuptools explicitly as pip drops the dependency
* Wed Jan 03 2024 Ben Greiner - Fix the python bindings subpackages
* The PEP517 python build requires setuptools
* Actually use the rpm subpackage definition
* The version is actually python3dist(nftables) = 0.1
* is noarch and requires libnftables1 through dlopen, tell rpmlint
* remove unused shebang
* Thu Oct 19 2023 Jan Engelhardt - Update to release 1.0.9
* Custom conntrack timeouts can use time specification with units other than seconds.
* Allow combination of dnat with numgen.
* Allow for using constants as key in dynamic sets.
* Support for matching on the target address of a IPv6 neighbour solicitation/advertisement.
* Restore bitwise operations in combination with maps, e.g. jump to chain depending on bitwise operation on packet mark.
* Fix crash with log prefix longer that 127 bytes.- Drop merged 0001-Revert-py-replace-distutils-with-setuptools.patch
* Fri Jul 14 2023 Jan Engelhardt - Update to release 1.0.8
* Support for setting meta and ct mark from other fields in rules, e.g. set meta mark to ip dscp header field.
* Enhacements for -o/--optimize to deal with NAT statements, to compact masquerade statements.
* Support for stateful statements in anonymous maps, such as counters.
* Support for resetting stateful expressions in sets, maps and elements, e.g. counters.
* broute support to short-circuit bridge logic from the bridge prerouting hook and pass up packets to the local IP stack.
* JSON support for table and chain comments.- Added 0001-Revert-py-replace-distutils-with-setuptools.patch
* Mon Mar 13 2023 Jan Engelhardt - Update to release 1.0.7
* Support for vxlan/geneve/gre/gretap matching
* auto-merge support for partial set element deletion
* Allow for NAT mapping with concatenation and ranges
* Support for quota in sets
* Wed Dec 21 2022 Jan Engelhardt - Update to release 1.0.6
* Fix bytecode generation for concatenation of intervals where selectors use different byteorder datatypes, e.g. IPv4 (network byte order).
* Fix match of uncommon protocol matches with raw expressions
* Unbreak insertion of rules with intervals (\"sport { 3478-3497, 16384-16387 }\")
* Wed Aug 17 2022 Dirk Müller - update to 1.0.5:
* Fixes for the -o/--optimize, run this --optimize option to automagically compact your ruleset using sets, maps and concatenations
* Fix ethernet and vlan concatenations, eg. define a dynamic set which is populated from the packet path
* Fix ruleset listing with interface wildcard map
* Fix several regressions in the input lexer which broke valid rulesets.
* Fix slowdown with large lists of singleton interval elements.
* Fix set automerge feature for large lists of singleton interval elements.
* Fix bogus error reporting for exact overlaps.
* Fix segfault when adding elements to invalid set.
* fix device parsing in netdev family in json.
* Tue Jun 07 2022 Jan Engelhardt - Update to release 1.0.4
* Fixed a segfault in -o/--optimize with unsupported statements.
* Bogus datatype mismatch error report in sets was fixed.
* Tue May 31 2022 Jan Engelhardt - Update to release 1.0.3
* Support for wildcard interface name matching with sets
* Support for runtime auto-merge of set elements.
* Enhancements for the ruleset optimization -o/--optimize option which allows to coalesce several NAT rules into map.
* Support for raw expressions in concatenations.
* Support for integer type protocol header fields in concatenations.
* Allow to reset TCP options (requires Linux kernel >= 5.18)- Drop 0001-build-add-missing-AM_CPPFLAGS-to-examples.patch
* Tue Feb 22 2022 Jan Engelhardt - Update to release 1.0.2
* New ruleset optimization -o/--optimize option.
* Support for IP and TCP options and SCTP chunks in sets.
* Support for tcp fastopen, md5sig and mptcp options.
* MP-TCP subtype matching support.
* JSON support for flowtables.- Add 0001-build-add-missing-AM_CPPFLAGS-to-examples.patch
* Thu Nov 18 2021 Jan Engelhardt - Update to release 1.0.1
* Reduce memory footprint when loading large sets/maps.
* Speed up reload of large sets/maps.
* Speed up listing of specific tables in large ruleset, e.g. large ruleset with ~100k lines.
* Speed up --terse option when listing a ruleset large sets/maps.
* Print raw payload expression in hexadecimal, e.g. \"AATTll,0,8 & 0x80 == 0x80\"
* egress hook support (available since 5.16-rc1).
* Allow matching and update bytes at inner header/payload offset (available since 5.16-rc1).
* Thu Aug 19 2021 Jan Engelhardt - Update to release 1.0.0
* Catch-all set element support.
* The command-line option --define is now recognized.
* Stateful expressions in maps.
* Allow combination of jhash, symhash and numgen expressions with the queue statement.
* Allow combination of verdict maps with interval concatenations.
* Tue May 25 2021 Jan Engelhardt - Update to release 0.9.9
* Flowtable hardware offload support
* Support for the table owner flag.
* 802.1ad (QinQ) support
* cgroupsv2 support.
* match on SCTP packet chunks (dependent on Linux 5.14)
* Allow to use verdict in set/map typeof definitions
* Fri Jan 15 2021 Jan Engelhardt - Update to release 0.9.8
* Complete support for matching ICMP header content fields.
* Added raw tcp option match support.
* Added ability to check for the presence of any tcp option.
* Support for rejecting traffic from the ingress chain.
  
ICM