[ANNOUNCE] Release of iptables-1.2.6

Harald Welte coreteam@netfilter.org
Thu, 14 Mar 2002 17:27:31 +0100 

--C7PTD44AewjTsiSV
Content-Type: multipart/mixed; boundary="HkMjoL2LAeBLhbFV"
Content-Disposition: inline


--HkMjoL2LAeBLhbFV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

The netfilter coreteam proudly presents:

	iptables version 1.2.6

Changes include a couple of minor bugfixes to the iptables command line
utility, as well as some major updates/fixes to ip6tables.  A summary
ChangeLog is attached to this message.

We want give more users an up-to-date version of the various new features
present in the "patch-o-matic" subsystem.  patch-o-matic was split up in
several repositories, to help users distinguish between compatible and
incompatible sets of patches.

	http://www.netfilter.org/files/iptables-1.2.6.tar.bz2
	http://netfilter.samba.org/files/iptables-1.2.6.tar.bz2
	ftp://ftp.netfilter.org/pub/iptables/iptables-1.2.6.tar.bz2
=09
More information can be found at the netfilter/iptables project homepage,
available at:

	http://www.netfilter.org/
	http://www.iptables.org/

Happy firewalling,

--=20
Live long and prosper
- Harald Welte / laforge@gnumonks.org               http://www.gnumonks.org/
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M-=
=20
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)

--HkMjoL2LAeBLhbFV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="changes-iptables-1.2.6.txt"
Content-Transfer-Encoding: quoted-printable

iptables v1.2.6 Changelog
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This version requires kernel >=3D 2.4.4
This version recommends kernel >=3D 2.4.18

Bugs Fixed from 1.2.5:

- Fix iptables segfault problem when using `!' without argument
	[ Dionis Papavramidis, Harald Welte ]
- Fix PSD match for psd-delay-threshold > 100
	[ Steven Coenen, Dennis Koslowski ]
- ip6tables alignment fixes=20
	[ Andreas Herrmann ]
- patch-o-matic:
	- Fix NAT-related bug in TCP window tracking code
		[ Jozsef Kadlecsik ]
	- Fix support for DNAT of locally-originated connections (NAT in
	  LOCAL_OUT)=20
	  	[ Henrik Nordstrom, Harald Welte ]
	- Fix string match (is now SMP safe)
		[ Gianni Tedesco ]
	- Fix TFTP conntrack/nat helper (now also catches first packet)
		[ Magnus Boden ]

Changes from 1.2.5:

- Added global PREFIX makefile variable for all paths
	[ Harald Welte ]
- If compiled without any COPT_FLAGS, debugging is disabled.  To enable
  debugging, use -DIPTC_DEBUG
  	[ Harald Welte ]
- New ip6tables-restore and ip6tables-save manpage
	[ Andras Kis-Szabo ]=20
- Sync ip6tables-restore and ip6tables-save with iptables-restore
	[ Andras Kis-Szabo ]
- Sync ip6tables with iptables
	[ Andras Kis-Szabo ]
- mangle table attaches now to all five netfilter hooks
	[ Brad Chapman, Harald Welte ]
- iptables and ip6tables manpage updates
	[ Herve Eychenne ]
- patch-o-matic program now supports removal of already-applied patches
	[ Bob Hockney ]
- patch-o-matic program now supports patches to the userspace extensions
	[ Fabrice Marie ]
- patch-o-matic:
	- Extend recent match to support multiple recent lists
		[ Stephen Frost ]
	- New GRE and PPTP connection tracking and NAT helper
		[ Harald Welte ]
	- New CONNMARK target for marking all packets within one connection
		[ Henrik Nordstrom ]
	- New conntrack match, enables matching on more conntrack informatin
	  than state
	  	[ Marc Boucher ]
	- New DSCP match and target (DSCP header field obsoletes TOS)
		[ Harald Welte ]
	- New owner match extension: Match on process name
		[ Marc Boucher ]
	- Add support for bitwise AND / OR manipulation on nfmark
		[ Fabrice Marie ]
	- New experimental patch for disabling TCP connection tracking pickup
		[ Harald Welte ]
	- Add support for SACK in all NAT helpers
		[ Harald Welte ]
	- Make eggdrop botnet connection tracking support work with eggdrop
	  v1.6.x=20
	  	[ Magnus Sandin ]
	- Add support to REJECT for sending icmp-unreachable messages
	  from a fake source address
  		[ Fabrice Marie ]
	- Add support for ntalk2 to talk NAT helper
		[ Jozsef Kadlecsik ]
	- Big update to newnat patch
		[ Jozsef Kadlecsik, Paul P Komkoff ]


--HkMjoL2LAeBLhbFV--

--C7PTD44AewjTsiSV
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8kM9yNfqJzMqajVsRAtMKAJ0aPtvl7hca0/NUpMh+zb2Rw07kkACg0oZ3
ukZ6etRP4WGpFIAOm+Kk+xg=
=0Lte
-----END PGP SIGNATURE-----

--C7PTD44AewjTsiSV--