[ANNOUNCE] Release of iptables-1.2.7a

Harald Welte coreteam@netfilter.org
Mon, 26 Aug 2002 16:47:42 +0200

Content-Type: multipart/mixed; boundary="+nG9yj4eE4W6Oba0"
Content-Disposition: inline

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


The netfilter coreteam proudly presents:

	iptables version 1.2.7a

Unfortunately iptables 1.2.7, released on the website three weeks ago,
introduced two new bugs.

The ChangeLog is attached to this mail.

Version 1.2.7a can be obtained from:


Please note that patch-o-matic is no longer part of iptables, but
distributed as a seperate package.  You can obtain the latest release and
daily CVS snapshots from:

More information can be found at the netfilter/iptables project homepage,
available at:


Happy firewalling,

Live long and prosper
- Harald Welte / laforge@gnumonks.org               http://www.gnumonks.org/
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M-=
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)

Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: attachment; filename="changes-iptables-1.2.7a.txt"
Content-Transfer-Encoding: quoted-printable

iptables v1.2.7a (=3D=3D fixed 1.2.7) Changelog
This version requires kernel >=3D 2.4.4
This version recommends kernel >=3D 2.4.18

Bugs Fixed from 1.2.6a:

- fix compiler warning in userspace support for ipv6 REJECT target
	[ Fabrice Marie ]
- check for invalid portranges in tcp+udp helper (e.g. 2000:100)
	[ Thomas Poehnitz ]
- fix save save/restore functions of ip6tables tcp/udp extension
	[ Harald Welte / Andras Kis-Szabo ]
- check for invalid (out of range) nfmark values in MARK target
	[ Alexey ??? ]
- fix save function of MASQUERADE userspace support
	[ A. van Schie ]
- compile fixes for userspace suppot of experimental POOL target
	[ ? ]
- fix save function of userspace support for ah and esp match
	[ ? ]
- fix static build (NO_SHARED_LIBS)
	[ Roberto Nibali ]
- fix save/restore function of userspace support for mport match
	[ Bob Hockney ]
- update manpages to reflect recent changes
	[ Herve Eychenne, Harald Welte ]
- remove all remnants of the 'check' option
	[ ? ]

Changes from 1.2.6a:

- patch-o-matic is now no longer part of iptables but rather distributed
  as a seperate package (ftp://ftp.netfilter.org/pub/patch-o-matic/)
  	[ Harald Welte ]
- userspace support for dscp match and target
	[ Harald Welte ]=20
- userspace supprot for ecn match and target
	[ Harald Welte ]
- userspace support for helper match
	[ Martin Josefsson ]
- userspace supprot for conntrack match
	[ Marc Boucher ]
- userspace support for pkttype match
	[ Martin Ludvig ]
- userspace support for experimental ROUTE target
	[ C=E9dric de Launois ]
- userspace support for experimental ipv6 ahesp match
	[ Andras Kis-Szabo ]
- userspace support for experimental ipv6 option header match
	[ Andras Kis-Szabo ]
- userspace support for experimental ipv6 routing header match
	[ Andras Kis-Szabo ]
- add matching of process name to userspace support of owner match
	[ Marc Boucher ]
- new version of userspace support for 'recent' match
	[ Stephen Frost ]


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org