* Release of iptables-1.3.5
@ 2006-02-01 13:09 Netfilter Core Team
0 siblings, 0 replies; only message in thread
From: Netfilter Core Team @ 2006-02-01 13:09 UTC (permalink / raw)
To: Netfilter Announcement List, Netfilter Mailinglist,
Netfilter Development Mailinglist
Cc: lwn
[-- Attachment #1.1: Type: text/plain, Size: 1182 bytes --]
Hi!
The netfilter coreteam proudly presents:
iptables version 1.3.5
The 1.3.5 version contains accumulated bugfixes to the last 1.3.4
version. It also fixes some compilation problems with old kernel
headers. The most noteworthy new features are:
- support for full netfilter/ipsec interoperability via
policy match
- support for ipv6 stateful packet filtering using
nf_conntrack and the ip6tables 'state' and 'conntrack'
match.
The ChangeLog is attached to this mail.
Version 1.3.5 can be obtained from:
http://www.netfilter.org/files/iptables-1.3.5.tar.bz2
ftp://ftp.netfilter.org/pub/iptables/iptables-1.3.5.tar.bz2
More information can be found at the netfilter/iptables project homepage,
available at:
http://www.netfilter.org/
Happy firewalling,
--
- Harald Welte <laforge@netfilter.org> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
[-- Attachment #1.2: changes-iptables-1.3.5.txt --]
[-- Type: text/plain, Size: 1775 bytes --]
iptables v1.3.5 Changelog
======================================================================
This version requires kernel >= 2.4.0
This version recommends kernel >= 2.4.18
Bugs fixed from 1.3.4:
- Fix conntrack --ctproto option in iptables-save
[ Phil Oester ]
- Fix string match '--from' option in iptables-save
[ Michael Rash ]
- Fix option parser of ttl match
[ Patrick McHardy ]
- Get rid of gcc-4 warnings
[ Patrick McHardy ]
- Fix spelling of 'address' in DNAT/SNAT manpage section
[ MJ Anthony ]
- Fix 'tcp-rst' parsing in REJECT target
[ Torsten Hilbrich ]
- Fix probing for supported revisions
[ Jones Desougi ]
- Fix compilation of iptables on [old] systems that don't have IPT_F_GOTO
[ Harald Welte ]
- Only set revisions on real targets, not on jumps
[ Pablo Neira ]
- Fix memory leak in TC_COMMIT() of libiptc
[ Markus Sundberg ]
- Correctly propagate errors of setsockopt to calling function
[ Harald Welte ]
- Fix connbytes match iptables-save
[ Unknown ]
- Fix sctp match compilation against recent kernel headers
[ Harald Welte ]
- Fix conntrack match compilation against 2.4.0 kernel headers
[ Harald Welte ]
Changes from 1.3.4:
- Add support for ip6tables connmark match and target
[ Harald Welte ]
- Add support for ip6tables state match
[ Harald Welte ]
- Add support for new policy ip[6]tables match
[ Patrick McHardy ]
- Major manpage update
[ Yasuyuki Kozakai ]
- Remove ippool support, it has been deprecated by ipset long time ago
[ Harald Welte ]
Please note: Since version 1.2.7a, patch-o-matic is now no longer part of
iptables but rather distributed as a seperate package
(ftp://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot)
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-02-01 13:09 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-02-01 13:09 Release of iptables-1.3.5 Netfilter Core Team
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.