Changelog for
iptables-1.8.10-176.1.x86_64.rpm :
* Fri May 24 2024 Jan Engelhardt
- Edit iptables-batch-lock.patch, cure use of implicit function, fix it to make gcc14 happy.
* Sat Oct 21 2023 Jan Engelhardt - The presence of nftables does not mandate that iptables use backend-nft [bsc#1206383].
* Tue Oct 10 2023 Jan Engelhardt - Update to release 1.8.10
* xtables-translate: support rule insert with index
* broute table support in ebtables-nft
* nft-variants\' debug output (pass multiple ``-v`` flags) now contains sets if present
* Add mld-listener type names to icmp6 match
* Mon Feb 13 2023 Danilo Spinella - Use nftables backend by default when nftables is installed, bsc#1206383
* Thu Jan 12 2023 Jan Engelhardt - Update to release 1.8.9
* arptables-nft: Support --exact flag
* Support more chunk types in the \"sctp\" extension
* Print `--` in ip6tables\' \"opt\" column for consistency with iptables
* More verbose error messages if iptables-nft-restore fails
* Support `-p Length` with ebtables-nft, needed for 802_3 extension.
* Thu Jul 21 2022 Ludwig Nussel - add baselibs.conf for libip4tc2, will be needed by libsystemd-shared-251.so
* Fri May 13 2022 Jan Engelhardt - Update to release 1.8.8
* Add iptables-translate support for: sctp match\'s - -chunk-types option, connlimit match, multiport match\'s - -ports option, and the tcpmss match.
* Reject setuid executables in libxtables for safety reasons
* Extended arptables-nft with -C, -I, -R, -S cmomands and the \"-c N,M\" counter syntax.
* Debug output in iptables-restore (all variants), iptables-nft and ebtables-nft when specifying -v multiple times
* Improved performance of iptables-save and -restore
* Thu Dec 30 2021 Danilo Spinella - Only use nftables backend when iptables-backend-nft is installed when using libalternatives
* Fri Nov 19 2021 Danilo Spinella - Fix libalternatives configuration for ebtables and arptables by keeping argv0, fixes bsc#1192799.
* Wed Oct 20 2021 Stefan Schubert - Added alts requirements for iptables-backend-nft package.
* Thu Sep 16 2021 Stefan Schubert - Removed update-alternatives dependency in libalternatives mode.
* Tue Aug 03 2021 Stefan Schubert - Use libalternatives instead of update-alternatives.
* Fri Jan 15 2021 Jan Engelhardt - Update to release 1.8.7
* iptables-nft:
* Improved performance when matching on IP/MAC address prefixes if the prefix is byte-aligned. In ideal cases, this doubles packet processing performance.
* Dump user-defined chains in lexical order. This way ruleset dumps become stable and easily comparable.
* Avoid pointless table/chain creation. For instance, `iptables-nft -L` no longer creates missing base-chains.