[ANNOUNCE] nftables 1.1.5 release

[Pablo Neira Ayuso <pablo@netfilter.org>]

[-- Attachment #1: Type: text/plain, Size: 1474 bytes --]

Hi!

The Netfilter project proudly presents:

        nftables 1.1.5

This release contains fixes:

- Fix regressions in JSON ruleset listing, restore set flags to display
  single item with array:

    -                    "flags": "interval"
    +                    "flags": ["interval"]

  ... and use "oif" result type instead of the new check for simple
  matching on fib:

    -                    "result": "check"
    +                    "result": "oif"

  to restore third party JSON parsers.

- Add new --with-unitdir=PATH option for ./configure to install the
  nftables systemd unit file. If PATH is not specified, then auto-detect
  systemd unit path. Check man(8) nftables.service for more information.

- Fix misleading "No buffer space available" error when kernel reports
  too many errors back to userspace.

... and a handful more of small fixes.

See changelog for more details (attached to this email).

You can download this new release from:

https://www.netfilter.org/projects/nftables/downloads.html
https://www.netfilter.org/pub/nftables/

To build the code, libnftnl >= 1.3.0 and libmnl >= 1.0.4 are required:

* https://netfilter.org/projects/libnftnl/index.html
* https://netfilter.org/projects/libmnl/index.html

Visit our wikipage for user documentation at:

* https://wiki.nftables.org

For the manpage reference, check man(8) nft.

In case of bugs and feature requests, file them via:

* https://bugzilla.netfilter.org

Happy firewalling.

[-- Attachment #2: changes-nftables-1.1.5.txt --]
[-- Type: text/plain, Size: 2045 bytes --]

Florian Westphal (6):
      tests: py: revert dccp python tests
      tests: shell: update comment to name the right commit.
      evaluate: check XOR RHS operand is a constant value
      tests: shell: add parser and packetpath test
      src: fix memory leak in anon chain error handling
      mnl: silence compiler warning

Jan Engelhardt (1):
      tools: add a systemd unit for static rulesets

Pablo Neira Ayuso (8):
      segtree: incorrect type when aggregating concatenated set ranges
      src: ensure chain policy evaluation when specified
      fib: restore JSON output for relational expressions
      tests: shell: cover sets as set elems evaluation
      tests: shell: coverage for simple verdict map merger
      mnl: continue on ENOBUFS errors when processing batch
      build: disable --with-unitdir by default
      build: Bump version to 1.1.5

Phil Sutter (19):
      tests: shell: Fix packetpath/rate_limit for old socat
      src: netlink: netlink_delinearize_table() may return NULL
      tests: py: Drop duplicate test in any/meta.t
      tests: py: Drop stale entries since redundant test case removal
      tests: py: Drop stale payload from any/rawpayload.t.payload
      tests: py: Drop duplicate test from inet/geneve.t
      tests: py: Drop duplicate test from inet/gre.t
      tests: py: Drop duplicate test from inet/gretap.t
      tests: py: Drop stale entry from inet/tcp.t.json
      tests: py: Drop duplicate test from inet/vxlan.t
      tests: py: Drop redundant payloads for ip/ip.t
      tests: py: Drop stale entry from ip/snat.t.json
      tests: py: Drop stale entries from ip6/{ct,meta}.t.json
      tests: py: Drop stale entry from ip/snat.t.payload
      tests: py: Fix tests added for 'icmpv6 taddr' support
      json: Do not reduce single-item arrays on output
      tests: monitor: Fix for flag arrays in JSON output
      trace: Fix for memleak in trace_alloc_list() error path
      Makefile: Fix for 'make distcheck'

Łukasz Stelmach (1):
      doc: Add a note about route_localnet sysctl