[netfilter-announce] [RELEASE] netlink for netfilter version 1.0.0

J. Schulist jschlst@samba.org
Fri, 9 Nov 2001 14:48:50 -0600 (CST) 

Hello,
I have just made available the first public release of netlink for
netfilter and iptables2 tools. The software can be downloaded from
ftp://ftp.linux-sna.org/pub/netfilter/iptables2-1.0.0.tar.gz

Netfilter via Netlink aka Netfilter message support is a generic API for
direct user space access to a collection of numerous Iptables components.

Netlink provides a well defined and simple socket API to access kernel
tables. Access to Add, Delete, Modify, Get and List tables is the default
while event notification is usually included as an added benefit.

Netfilter messages or technically known as nfnetlink is the generic
interface to all Netfilter components via netlink.

Connection tracking event notification and table modification is fully
supported. These features were previously available in the ctnetlink
software package.

IPtables events notifcation and table modication is fully supported. This
allows a user to receive an nfnetlink event when a rule has been added,
deleted, or modified on a table or chain. The full command set available
through the iptables command line tool is available through nfnetlink
iptnetlink sockets (add, delete, insert, replace, check, etc).

Previously implemented netlink layers for netfilter such as logging are
not currently available under the nfnetlink software.

The iptables2 software package contains a patch-o-matic version of the
nfnetlink kernel patch. This *must* be applied in order for anything in
the iptables2 package to work.

Iptables2 is in the same order of the iproute2 package. The main command
is called `nf` this is the high level entry point into the
application. The `nf` command then has sub commands for `conntrack` and
iptables `tables`.

Iptables2 is not meant as a replacement for iptables. Iptables2 is a
platform for testing and developing the nfnetlink APIs, the features
available in iptables2 may someday be integrated into iptables but not
right now.

This is a first release so bugs are guaranteed, so have fun and please
let me know of any comments, questions, feature requests,  or problems you
have using iptables2. 

J. Schulist