From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-announce@lists.netfilter.org,
netfilter <netfilter@lists.netfilter.org>,
Netfilter Development Mailinglist
<netfilter-devel@lists.netfilter.org>,
Netfilter-failover list <netfilter-failover@lists.netfilter.org>,
lwn@lwn.net
Subject: [ANNOUNCE] Release conntrack-tools 0.9.5
Date: Sun, 29 Jul 2007 16:14:13 +0200 [thread overview]
Message-ID: <46ACA0B5.7030608@netfilter.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 958 bytes --]
Hi!
The netfilter project proudly presents another development release of
the conntrack-tools. The conntrack-tools are:
- The userspace daemon so-called conntrackd that covers the specific
aspects of stateful Linux firewalls to enable high availability
solutions. It can be used as statistics collector of the firewall use as
well. The daemon is highly configurable and easily extensible.
- The command line interface (CLI) conntrack that provides an interface
to add, delete and update flow entries, list current active flows in
plain text/XML, current IPv4 NAT'ed flows, reset counters, and flush the
complete connection tracking table among many other.
You can download it from:
http://www.netfilter.org/projects/conntrack-tools/downloads.html
Changelog is attached.
Pablo (on behalf of the Netfilter Project)
--
"Será preciso viajar a través de los ojos de los idiotas" -- Poeta en
Nueva York -- Federico García Lorca.
[-- Attachment #2: ChangeLog --]
[-- Type: text/plain, Size: 1201 bytes --]
version 0.9.5 (2007/07/29)
------------------------------
= conntrackd =
o conntrack-tools requires libnetfilter_conntrack >= 0.0.81
o add len field to nethdr
o implement buffered send/recv to batch messages
o use buffer of MTU size
o stop using netlink format for network messages: use similar TLV-based format
o reduce synchronization messages size up to 60%
o introduce periodic alive messages for sync-nack protocol
o timeslice alarm implementation: remove alarm pthread, remove locking
o simplify debugging functions: use nfct_snprintf instead
o remove major use of libnfnetlink functions: use libnetfilter_conntrack API
o deprecate conntrackd -F, use conntrack -F instead
o major rework of the network infrastructure: much simple, less messy
o simplify cache_flush function: use cache_del()
o remove current script_fault.sh when we reach fault state
o conntrackd requires the connection tracking event API: insist more in INSTALL
= conntrack =
o better protocol argument checkings
o fix per-protocol filtering, eg. conntrack -L -p tcp
o show per-protocol help, ie. conntrack -h -p tcp
o add alias --src for --orig-src and alias --dst for --orig-dst
o include protocol filters in the manpage
reply other threads:[~2007-07-29 14:14 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46ACA0B5.7030608@netfilter.org \
--to=pablo@netfilter.org \
--cc=lwn@lwn.net \
--cc=netfilter-announce@lists.netfilter.org \
--cc=netfilter-devel@lists.netfilter.org \
--cc=netfilter-failover@lists.netfilter.org \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.