[ANNOUNCE] iptables 1.6.2 release
Pablo Neira Ayuso
pablo at netfilter.org
Fri Feb 2 16:55:19 CET 2018
Hi!
The Netfilter project proudly presents:
iptables 1.6.2
iptables is the userspace command line program used to configure the
Linux 2.4.x and later packet filtering ruleset. It is targeted towards
system administrators.
This update contains accumulated bugfixes, a few new extensions and
lots of translations via iptables-translate to ease migration to
nftables.
See ChangeLog that comes attached to this email for more details.
You can download it from:
http://www.netfilter.org/projects/iptables/downloads.html
ftp://ftp.netfilter.org/pub/iptables/
Have fun!
-------------- next part --------------
Aastha Gupta (2):
iptables-translate: add test file for TCPMSS extension
iptables: iptables-compat translation for TCPMSS
Ahmed Abdelsalam (1):
extensions: add support for 'srh' match
Arushi Singhal (1):
iptables: extensions: Remove typedef in struct.
Baruch Siach (1):
utils: nfsynproxy: fix build with musl libc
Dan Williams (3):
libiptc: don't set_changed() when checking rules with module jumps
iptables-restore/ip6tables-restore: add --version/-V argument
iptables-restore.8: document -w/-W options
Elise Lennion (1):
extensions: libxt_hashlimit: Add translation to nft
Florian Westphal (2):
tests: xlate-test: no need to require superuser privileges
policy: add nft translation for simple policy none/strict use case
Gargi Sharma (2):
iptables: Constify option struct
extensions: libxt_TOS: Add translation to nft
Harsha Sharma (6):
iptables: Constify option struct
Update .gitignore
libxt_TOS: add tests for translation infrastructure
tests: xlate: print output in same way as nft-test.py
extensions: add tests for ipcomp protocol
extensions: libxt_hashlimit: Do not print default timeout and burst
James Cowgill (1):
extensions: libxt_hashlimit: fix 64-bit printf formats
Jan Engelhardt (2):
libxtables: remove unnecessary nesting from host_to_ip(6)addr
libxtables: abolish AI_CANONNAME
Juergen Borleis (1):
iptables: change large file support handling
Liping Zhang (2):
xshared: do not lock again and again if "-w" option is not specified
xshared: using the blocking file lock request when we wait indefinitely
Lorenzo Colitti (5):
iptables: set the path of the lock file via a configure option.
iptables: move XT_LOCK_NAME from CFLAGS to config.h.
iptables: remove duplicated argument parsing code
iptables-restore: support acquiring the lock.
iptables: insist that the lock is held.
Louis Sautier (1):
xtables-compat-restore: fix translation of mangle's OUTPUT
Mart Frauenlob (1):
iptables: extensions: Fix MARK target help
Max Laverse (1):
iptables: masquerade: add randomize-full support
Oliver Ford (4):
libxtables: Display weird character warning for wildcards
iptables: Fix crash on malformed iptables-restore
iptables: Add file output option to iptables-save
iptables-xml: Fix segfault on jump without a target
Pablo M. Bermudo Garay (8):
tests: add regression tests for xtables-translate
tests: xlate: remove python 3.5 dependency
tests: xlate: check if it is being run as root
tests: xlate: generalize owner
libip6t_icmp6: xlate: remove leftover space
xtables-translate: fix double space before comment
xtables-compat-restore: fix several memory leaks
xtables-compat: fix memory leak when listing
Pablo Neira Ayuso (7):
libxt_hashlimit: add new unit test to catch kernel bug
iptables-translate: print nft command for each expand rules via dns names
iptables-translate: print nft iff there are more expanded rules to print
iptables-compat: do not allow to delete populated user define chains
extensions: hashlimit: fix incorrect burst in translations
extensions: hashlimit: remove space before burst in translation to nft
iptables 1.6.2 release
Phil Sutter (8):
extensions: libxt_addrtype: Add translation to nft
xtables-translate: Avoid querying the kernel
utils: nfnl_osf: Fix synopsis in help text
utils: Add a man page for nfnl_osf
ip{,6}tables-restore: Don't ignore missing wait-interval value
ip{,6}tables-restore: Don't accept wait-interval without wait
extensions: libxt_tcpmss: Detect invalid ranges
libxt_recent: Remove ineffective checks for info->name
Rafael Buchbinder (1):
extensions: libxt_bpf: fix missing __NR_bpf declaration
Shyam Saini (2):
extensions: libxt_cluster: Add translation to nft
extensions: Add test for cluster nft translation
Thierry Du Tre (2):
extensions: ip6t_{S,D}NAT: multiple to-dst/to-src arguments not reported
extensions: ip6t_{S,D}NAT: add more tests
Varsha Rao (6):
iptables: Remove explicit static variables initalization.
iptables: Remove unnecessary braces.
iptables: xtables-eb: Remove const qualifier from struct option
extensions: libxt_tcpmss: Add test case for invalid ranges.
iptables: Remove const qualifier from struct option.
extensions: Add macro _DEFAULT_SOURCE.
Vincent Bernat (1):
iptables-restore/save: exit when given an unknown option
Vishwanath Pai (1):
netfilter: xt_hashlimit: add rate match mode
Xose Vazquez Perez (1):
iptables: update pf.os
Yogesh Prasad (1):
iptables: patch to correct linker flag sequence
huaibin Wang (1):
libxt_sctp: fix array out of range in print_chunk
shyam saini (1):
extensions: hashlimit: Rename 'flow table' keyword to meter
More information about the netfilter-announce
mailing list