From: Patrick McHardy <kaber@trash.net>
To: Netfilter Development Mailinglist <netfilter-devel@vger.kernel.org>
Cc: Linux Netdev List <netdev@vger.kernel.org>,
netfilter <netfilter@lists.netfilter.org>,
netfilter-announce@lists.netfilter.org
Subject: [ANNOUNCE]: Release of iptables-1.4.3
Date: Mon, 23 Mar 2009 15:28:32 +0100 [thread overview]
Message-ID: <49C79C90.80804@trash.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 1405 bytes --]
The netfilter coreteam presents:
iptables version 1.4.3
the iptables release for the 2.6.29 kernel. It has been some time
since the last release and we've had a lot of changes all over the
place. Besides the usual fixes and cleanups, we have:
- numerous documentation updates from Jan Engelhardt and others
- a set of changes to move some of the iptables functionality to
a shared library for tc and m_ipt from Jan and Jamal Hadi Salim
- another patch to make libiptc available as shared library. Some
distributions have been carrying patches for this despite being
explicitly unsupported. The library does not guarantee a stable
API, but it should make life for distributors a bit easier.
- IPv6 support for the recent match from Jan
- TPROXY support by Krisztian Kovacs
- SCTP/DCCP NAT support by myself
And lots of smallish changes, almost 90% of which are from Jan.
Check out the Changelog for more details.
This release starts enforcing the deprecation of NAT filtering that
was added in 1.4.2-rc1, filtering rules in the NAT tables will cause
an error instead of a warning from now on. Please make sure your
rulesets are update appropriately.
Version 1.4.3 can be obtained from:
http://www.netfilter.org/projects/iptables/downloads.html
ftp://ftp.netfilter.org/pub/iptables/
git://git.netfilter.org/iptables.git
On behalf of the Netfilter Core Team.
Happy firewalling!
[-- Attachment #2: changes-iptables-1.4.3.txt --]
[-- Type: text/plain, Size: 6594 bytes --]
Bart De Schuymer (1):
man: fix physdev manpage
Christian Perle (1):
libxt_policy: cannot set spi/reqid numbers higher than 0x7fffffff
Christoph Paasch (1):
libiptc: avoid compile warnings for iptc_insert_chain
Daniel Drake (1):
libxt_owner: add more spaces to output
Eric Leblond (1):
xt_NFLOG: Set default NFLOG qthreshold to 0
Jamal Hadi Salim (12):
libxtables: Introduce global params structuring
libxtables: define xtables_free_opts()
libxtables: Add exit_error cb to xtables_globals
libxtables: Make ip6tables, iptables and iptables-xml use xtables_globals
libxtables: Replace direct exit_error() calls inside libxtables
libxtables: simple aliasing macro for exit_error
libxtables: set names of programs
libxtables: add xtables_set_revision
libxtables: make iptables and ip6tables use xtables_free_opts
libxtables: consolidate merge_options into xtables_merge_options
libxtables: consolidate init calls into one function
libxtables: general follow-up cleanup
Jan Engelhardt (84):
Move libipt_recent to libxt_recent
libxt_recent: add IPv6 support
manpage: use separate paragraphs for command syntax
manpage: explain what rule-specification is
libiptc: remove typedef indirection
libiptc: remove indirections
libiptc: remove unused iptc_get_raw_socket and iptc_check_packet
libiptc: use hex output for hookmask
libxt_conntrack: respect -n option during ruledump
libiptc: make sockfd a per-handle thing
libxt_conntrack: dump ctdir
src: reuse the global modprobe_program variable
src: use NFPROTO_ constants
src: remove inclusion of iptables.h
doc: fix a typo in libip6t_REJECT.man
libiptc: guard chain index allocation for different malloc implementations
src: remove unused include files
iptables-save: output ! in position according to manpage
rateest: guard against segfault
env: augment deprecation notice
build: resolve autotools suggestions
doc: put iptables version into manpage
doc: resynchronize markup in iptables,ip6tables.8.in
doc: escape minus sign in manpages
build: use regular = assignments in Makefile
build: remove non-portable rule
doc: escape minus sign in manpage (2)
doc: augment ICMP manpage by type/code syntax
src: remove redundant returns at end of void-returning functions
src: remove redundant casts
libxt_owner: use correct UID/GID boundaries
extensions: use UINT_MAX constants over open-coded bits (1/2)
extensions: use UINT_MAX constants over open-coded numbers (2/2)
libxtables: prefix/order - fw_xalloc
libxtables: prefix/order - modprobe and xtables.ko loading
libxtables: prefix/order - match/target loading
libxtables: prefix/order - libdir
libxtables: prefix/order - strtoui
libxtables: prefix/order - program_name
libxtables: prefix/order - param_act
libxtables: prefix/order - ipaddr/ipmask to ascii output
libxtables: prefix/order - ascii to ipaddr/ipmask input
libxtables: prefix - misc functions
libxtables: prefix - parse and escaped output func
libxtables: prefix/order - move check_inverse to xtables.c
libxtables: prefix/order - move parse_protocol to xtables.c
libbxtables: prefix names and order it #1
libxtables: prefix names and order it #2
libxtables: prefix names and order #3
libxtables: move afinfo around
Merge branch 'origin/master'
libxtables: recognize IP6TABLES_LIB_DIR old-style environment variable
build: move -ldl to proper LDADD
libxtables: remove unused XT_LIB_DIR macro
libxtables: decouple non-xtables parts from header
src: remove iptables_rule_match indirection macro
src: remove unused ipt_tryload macro
libxtables: move compat defines to xtables.c
src: consolidate duplicate code in iptables/internal.h
libxtables: use const for vars holding literals
libxt_string: fix undefined behavior/incorrect patlen calculation
libxtables: flush before fork
libipq: add missing doc for NF_ values
build: restructure Makefile for include/ directory
libipq: fix compile error
build: remove unneeded -ldl from iptables_xml_LDADD
libiptc: make library available as a shared library
build: trigger reconfigure when extensions/GNUmakefile.in changes
doc: do not put IPv4 doc into ip6tables.8
doc: resynchronize manpage with in-code help
libxtables: inline and remove unused OPTION_OFFSET macro
libxtables: prefix exit_error to xtables_error
extensions: remove unwanted/add needed includes for IPv6 exts
extensions: remove unwanted/add needed includes for IPv4 exts
libxt_policy: use bounded strtoui
include: resynchronize headers with 2.6.29-rc5
extensions: add missing limits.h include
iptables: turn deprecation warning into enforcing mode
Merge commit 'nf/master'
libxt_connbytes: minor manpage adustments
libxt_connbytes: document nf_ct_acct behavior
libxtables: add -I/-L flags to pkgconfig files
libxt_comment: output quotes must be escaped in
iptables-save: module loading corrections
Jesper Dangaard Brouer (3):
libiptc: fix chain rename bug in libiptc
libiptc: fix whitespaces and typos
libiptc: give credits to my self
Jirí Moravec (1):
libxt_TOS: fix compilation error
KOVACS Krisztian (2):
Add iptables support for the TPROXY target
Add iptables support for the socket match
Marc Fournier (1):
doc: fix option typo in libxt_multiport
Pablo Neira Ayuso (5):
iptables: fix error reporting with wrong/missing arguments
state: report spaces in the state list parsing
iptables: refer to dmesg when we hit error
string: fix wrong pattern length calculation
iptables: fix broken options-merging during libxtables rework
Patrick McHardy (5):
Add SCTP/DCCP support to NAT targets
Bump version to 1.4.3-rc1
Merge branch 'master' of git://dev.medozas.de/iptables
Merge branch 'master' of git://dev.medozas.de/iptables
Bump version to 1.4.3
Shaul Karl (1):
doc: fix one layout issue in iptables-restore.8
Stephen Hemminger (1):
iptables: Add limits.h to get INT_MIN, INT_MAX, ...
Thomas Jarosch (2):
Fix compile error in libxt_iprange.c using gcc 4.3.2
Fix compile warnings using gcc 4.3.2
next reply other threads:[~2009-03-23 14:28 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-23 14:28 Patrick McHardy [this message]
2009-03-23 16:38 ` [ANNOUNCE]: Release of iptables-1.4.3 Robby Workman
2009-03-23 16:45 ` Jan Engelhardt
2009-03-23 18:19 ` Jan Engelhardt
2009-03-23 19:19 ` Patrick McHardy
2009-03-23 19:27 ` Jan Engelhardt
2009-03-23 19:29 ` Patrick McHardy
2009-03-23 20:22 ` Pablo Neira Ayuso
2009-03-24 8:09 ` Some iptables-1.4.3 issues (was: Release of iptables-1.4.3) Peter Volkov
2009-03-24 8:54 ` Jan Engelhardt
2009-03-24 11:17 ` Some iptables-1.4.3 issues Pablo Neira Ayuso
2009-03-24 11:20 ` Jan Engelhardt
2009-03-24 11:38 ` Pablo Neira Ayuso
2009-03-24 11:46 ` Pablo Neira Ayuso
2009-03-24 11:48 ` Jan Engelhardt
2009-03-24 11:57 ` Jan Engelhardt
2009-03-24 11:49 ` Jan Engelhardt
2009-03-24 11:56 ` Pablo Neira Ayuso
2009-03-24 12:47 ` Patrick McHardy
2009-03-24 12:50 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49C79C90.80804@trash.net \
--to=kaber@trash.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-announce@lists.netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.