[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Y7/s83d8D0z1QYt1@orbyte.nwl.cc>
Date: Thu, 12 Jan 2023 12:20:19 +0100
From: Phil Sutter <phil@...filter.org>
To: netfilter <netfilter@...r.kernel.org>,
netfilter-devel <netfilter-devel@...r.kernel.org>
Cc: netdev@...r.kernel.org, netfilter-announce@...ts.netfilter.org,
lwn@....net
Subject: [ANNOUNCE] iptables 1.8.9 release
Hi!
The Netfilter project proudly presents:
iptables 1.8.9
This release contains new features:
* arptables-nft: Support --exact flag
* Add --enable-profiling configure option, preparing for gcov/gprof
* Support more chunk types in sctp extension
* Print '--' in ip6tables' 'opt' column for consistency with iptables
* More verbose error messages if iptables-nft-restore fails
* Support '-p Length' with ebtables-nft, needed for 802_3 extension
* Merge all NAT extensions into a single DSO
* Install ebtables-translate tool
... and fixes:
* Misc compiler warnings
* Duplicate ETH_ALEN definition when building against musl libc
* Failing out-of-tree build
* Avoid symbol pollution by limiting scope of some in xtables.h
* Increase testsuites' code-coverage
* Using --init-table would crash ebtables-restore, reject it properly
* Fix potential read from garbage in string extension
* Add missing nf_log.h kernel header to dist
* Fix listing format with overly long 'prot' column entries
* Print numeric protocol values with --numeric
* Broken ebtables' among match with MAC+IP address entries
* Occasional wrong line number reported by failing iptables-nft-restore
* Multiple rules using among match broke ebtables-restore
* Renaming a chain in legacy iptables could crash the program
* A second bitwise expression in a rule would mangle the first one
* More strictly reject rules with unexpected content
* Many xtables-translate fixes
* Misc memory leaks and garbage access, satisfy valgrind's leak checker
... and documentation updates:
* Iptables exits when setuid, mention this in man page
* Improve NFQUEUE queue-balance documentation
You can download the new release from:
https://netfilter.org/projects/iptables/downloads.html#iptables-1.8.9
In case of bugs, file them via:
* https://bugzilla.netfilter.org
Happy firewalling!
View attachment "changes-iptables-1.8.9.txt" of type "text/plain" (9085 bytes)
Powered by blists - more mailing lists