From: Patrick McHardy <kaber@trash.net>
To: Netfilter Development Mailinglist <netfilter-devel@vger.kernel.org>
Cc: Linux Netdev List <netdev@vger.kernel.org>,
netfilter <netfilter@lists.netfilter.org>,
netfilter-announce@lists.netfilter.org
Subject: [ANNOUNCE]: Release of iptables-1.4.3
Date: Mon, 23 Mar 2009 15:28:32 +0100 [thread overview]
Message-ID: <49C79C90.80804@trash.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 1405 bytes --]
The netfilter coreteam presents:
iptables version 1.4.3
the iptables release for the 2.6.29 kernel. It has been some time
since the last release and we've had a lot of changes all over the
place. Besides the usual fixes and cleanups, we have:
- numerous documentation updates from Jan Engelhardt and others
- a set of changes to move some of the iptables functionality to
a shared library for tc and m_ipt from Jan and Jamal Hadi Salim
- another patch to make libiptc available as shared library. Some
distributions have been carrying patches for this despite being
explicitly unsupported. The library does not guarantee a stable
API, but it should make life for distributors a bit easier.
- IPv6 support for the recent match from Jan
- TPROXY support by Krisztian Kovacs
- SCTP/DCCP NAT support by myself
And lots of smallish changes, almost 90% of which are from Jan.
Check out the Changelog for more details.
This release starts enforcing the deprecation of NAT filtering that
was added in 1.4.2-rc1, filtering rules in the NAT tables will cause
an error instead of a warning from now on. Please make sure your
rulesets are update appropriately.
Version 1.4.3 can be obtained from:
http://www.netfilter.org/projects/iptables/downloads.html
ftp://ftp.netfilter.org/pub/iptables/
git://git.netfilter.org/iptables.git
On behalf of the Netfilter Core Team.
Happy firewalling!
[-- Attachment #2: changes-iptables-1.4.3.txt --]
[-- Type: text/plain, Size: 6594 bytes --]
Bart De Schuymer (1):
man: fix physdev manpage
Christian Perle (1):
libxt_policy: cannot set spi/reqid numbers higher than 0x7fffffff
Christoph Paasch (1):
libiptc: avoid compile warnings for iptc_insert_chain
Daniel Drake (1):
libxt_owner: add more spaces to output
Eric Leblond (1):
xt_NFLOG: Set default NFLOG qthreshold to 0
Jamal Hadi Salim (12):
libxtables: Introduce global params structuring
libxtables: define xtables_free_opts()
libxtables: Add exit_error cb to xtables_globals
libxtables: Make ip6tables, iptables and iptables-xml use xtables_globals
libxtables: Replace direct exit_error() calls inside libxtables
libxtables: simple aliasing macro for exit_error
libxtables: set names of programs
libxtables: add xtables_set_revision
libxtables: make iptables and ip6tables use xtables_free_opts
libxtables: consolidate merge_options into xtables_merge_options
libxtables: consolidate init calls into one function
libxtables: general follow-up cleanup
Jan Engelhardt (84):
Move libipt_recent to libxt_recent
libxt_recent: add IPv6 support
manpage: use separate paragraphs for command syntax
manpage: explain what rule-specification is
libiptc: remove typedef indirection
libiptc: remove indirections
libiptc: remove unused iptc_get_raw_socket and iptc_check_packet
libiptc: use hex output for hookmask
libxt_conntrack: respect -n option during ruledump
libiptc: make sockfd a per-handle thing
libxt_conntrack: dump ctdir
src: reuse the global modprobe_program variable
src: use NFPROTO_ constants
src: remove inclusion of iptables.h
doc: fix a typo in libip6t_REJECT.man
libiptc: guard chain index allocation for different malloc implementations
src: remove unused include files
iptables-save: output ! in position according to manpage
rateest: guard against segfault
env: augment deprecation notice
build: resolve autotools suggestions
doc: put iptables version into manpage
doc: resynchronize markup in iptables,ip6tables.8.in
doc: escape minus sign in manpages
build: use regular = assignments in Makefile
build: remove non-portable rule
doc: escape minus sign in manpage (2)
doc: augment ICMP manpage by type/code syntax
src: remove redundant returns at end of void-returning functions
src: remove redundant casts
libxt_owner: use correct UID/GID boundaries
extensions: use UINT_MAX constants over open-coded bits (1/2)
extensions: use UINT_MAX constants over open-coded numbers (2/2)
libxtables: prefix/order - fw_xalloc
libxtables: prefix/order - modprobe and xtables.ko loading
libxtables: prefix/order - match/target loading
libxtables: prefix/order - libdir
libxtables: prefix/order - strtoui
libxtables: prefix/order - program_name
libxtables: prefix/order - param_act
libxtables: prefix/order - ipaddr/ipmask to ascii output
libxtables: prefix/order - ascii to ipaddr/ipmask input
libxtables: prefix - misc functions
libxtables: prefix - parse and escaped output func
libxtables: prefix/order - move check_inverse to xtables.c
libxtables: prefix/order - move parse_protocol to xtables.c
libbxtables: prefix names and order it #1
libxtables: prefix names and order it #2
libxtables: prefix names and order #3
libxtables: move afinfo around
Merge branch 'origin/master'
libxtables: recognize IP6TABLES_LIB_DIR old-style environment variable
build: move -ldl to proper LDADD
libxtables: remove unused XT_LIB_DIR macro
libxtables: decouple non-xtables parts from header
src: remove iptables_rule_match indirection macro
src: remove unused ipt_tryload macro
libxtables: move compat defines to xtables.c
src: consolidate duplicate code in iptables/internal.h
libxtables: use const for vars holding literals
libxt_string: fix undefined behavior/incorrect patlen calculation
libxtables: flush before fork
libipq: add missing doc for NF_ values
build: restructure Makefile for include/ directory
libipq: fix compile error
build: remove unneeded -ldl from iptables_xml_LDADD
libiptc: make library available as a shared library
build: trigger reconfigure when extensions/GNUmakefile.in changes
doc: do not put IPv4 doc into ip6tables.8
doc: resynchronize manpage with in-code help
libxtables: inline and remove unused OPTION_OFFSET macro
libxtables: prefix exit_error to xtables_error
extensions: remove unwanted/add needed includes for IPv6 exts
extensions: remove unwanted/add needed includes for IPv4 exts
libxt_policy: use bounded strtoui
include: resynchronize headers with 2.6.29-rc5
extensions: add missing limits.h include
iptables: turn deprecation warning into enforcing mode
Merge commit 'nf/master'
libxt_connbytes: minor manpage adustments
libxt_connbytes: document nf_ct_acct behavior
libxtables: add -I/-L flags to pkgconfig files
libxt_comment: output quotes must be escaped in
iptables-save: module loading corrections
Jesper Dangaard Brouer (3):
libiptc: fix chain rename bug in libiptc
libiptc: fix whitespaces and typos
libiptc: give credits to my self
Jirí Moravec (1):
libxt_TOS: fix compilation error
KOVACS Krisztian (2):
Add iptables support for the TPROXY target
Add iptables support for the socket match
Marc Fournier (1):
doc: fix option typo in libxt_multiport
Pablo Neira Ayuso (5):
iptables: fix error reporting with wrong/missing arguments
state: report spaces in the state list parsing
iptables: refer to dmesg when we hit error
string: fix wrong pattern length calculation
iptables: fix broken options-merging during libxtables rework
Patrick McHardy (5):
Add SCTP/DCCP support to NAT targets
Bump version to 1.4.3-rc1
Merge branch 'master' of git://dev.medozas.de/iptables
Merge branch 'master' of git://dev.medozas.de/iptables
Bump version to 1.4.3
Shaul Karl (1):
doc: fix one layout issue in iptables-restore.8
Stephen Hemminger (1):
iptables: Add limits.h to get INT_MIN, INT_MAX, ...
Thomas Jarosch (2):
Fix compile error in libxt_iprange.c using gcc 4.3.2
Fix compile warnings using gcc 4.3.2
next reply other threads:[~2009-03-23 14:28 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-23 14:28 Patrick McHardy [this message]
2009-03-23 18:19 ` [ANNOUNCE]: Release of iptables-1.4.3 Jan Engelhardt
2009-03-23 19:19 ` Patrick McHardy
2009-03-23 19:27 ` Jan Engelhardt
2009-03-23 19:29 ` Patrick McHardy
2009-03-23 20:22 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49C79C90.80804@trash.net \
--to=kaber@trash.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-announce@lists.netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).