[ANNOUNCE] conntrack-tools 1.0.0 released

Pablo Neira Ayuso pablo at netfilter.org
Sun Feb 27 03:28:11 CET 2011


The Netfilter project presents the first stable release of the
conntrack-tools, that is composed of:

- The userspace daemon so-called conntrackd that covers the specific
aspects of stateful Linux firewalls to enable high availability
solutions. It can be used as statistics collector of the firewall use as
well, although ulogd2 is the prefered option for logging. The daemon is
highly configurable and extensible.

- The command line interface (CLI) conntrack that provides an interface
to add, delete and update flow entries, list current active flows in
plain text/XML, current IPv4 NAT'ed flows, reset counters, and flush the
complete connection tracking table among many other.

This summary of changes with regards to previous is the following:

- improvements for the autotools/build infrastructure from Jan Engelhardt.
- lots of documentation updates.
- SYN_SENT2 support for the command line tool conntrack (which was added
in Linux kernel >= 2.6.31).
- allow to listen to update and destroy expectation events (it requires
a Linux kernel >= 2.6.37).
- conntrack timestamping support with -o ktimestamp (this support
requires the upcoming Linux 2.6.38).
- one fix for conntrackd: two very consecutive commit invocations with
option -c may result in the hang of the second commit invocation if the
first commit did not finish yet. As a result the second commit
invocation required a manual SIGTERM.

See changelog attached for more details.

You can download it from:

More information at:

Official documentation at:

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: changes-conntrack-tools-1.0.0.txt
URL: <http://lists.netfilter.org/pipermail/netfilter-announce/attachments/20110227/f8833ce7/attachment.txt>

More information about the netfilter-announce mailing list