All of lore.kernel.org
 help / color / mirror / Atom feed
* [ANNOUNCE] libnftnl 1.0.7 release
@ 2016-12-19 22:57 Pablo Neira Ayuso
  0 siblings, 0 replies; only message in thread
From: Pablo Neira Ayuso @ 2016-12-19 22:57 UTC (permalink / raw)
  To: netfilter-devel; +Cc: netfilter, netfilter-announce, lwn

[-- Attachment #1: Type: text/plain, Size: 1151 bytes --]

Hi!

The Netfilter project proudly presents:

        libnftnl 1.0.7

libnftnl is a userspace library providing a low-level netlink
programming interface (API) to the in-kernel nf_tables subsystem. The
library libnftnl has been previously known as libnftables. This library
is currently used by the nft command line tool.

This release includes the following list of updates:

* New nftnl_rule_cmp() interface to compare rules.

* Support for new kernel expressions:
 - Number Generator (a.k.a. numgen).
 - Routing (a.k.a. rt).
 - Range.
 - Inverted set lookups.
 - Inverted dynamic set updates (ie. rule mismatch on full sets).
 - Packet quota.
 - Hash.
 - Forward Information Base lookups (a.k.a. fib).
 - Reference to stateful objects (requires kernel 4.10-rc).
 - Notrack.

* Allow to add userdata to sets.

* Support for stateful objects, including quota and counter (requires
  kernel 4.10-rc).

* Support for layer 4 pseudoheader fields checksum updates (requires
  kernel 4.10-rc).

  ... and fixes.

You can download this library from:

http://www.netfilter.org/projects/libnftnl/downloads.html
ftp://ftp.netfilter.org/pub/libnftnl/

Thanks!

[-- Attachment #2: changes-libnftnl-1.0.7.txt --]
[-- Type: text/plain, Size: 4893 bytes --]

Anders K. Pedersen (1):
      src: introduce rt expression

Arturo Borrero (2):
      expr: lookup: give support for inverted matching
      src: remove libmxml support

Arturo Borrero Gonzalez (1):
      src: update Arturo Borrero Gonzalez email

Carlos Falgueras García (19):
      src: Fix leak in nftnl_*_unset()
      chain: Check correct attribute
      src: fix missing error checking in parser functions
      set: Add new attribute into 'set' to store user data
      tests: Check set user data
      src: Fix missing nul-termination in nftnl_*_set_str()
      src: Fix nftnl_*_get_data() to return the real attribute length
      src: Constify iterators
      rule: Implement internal iterator for expressions
      tests: Add missing tests to test-script.sh
      expr: Fix lookup builder
      tests: Fix tests for immediate and lookup expressions
      tests: masq: Fix wrong expression creation
      utils: Fix out of bound access in nftnl_family2str
      expr: cmp: Use cmp2str() instead of directly access to array
      src: Implement rule comparison
      rule: Fix comparison between rules if number of expressions differ
      expr: data_reg: Fix DATA_CHAIN comparison
      expr: immediate: Fix verdict comparison

Florian Westphal (1):
      expr: add fib expression

Josue Alvarez (1):
      examples: nft-rule-get: selective rule dumping

Laura Garcia Liebana (5):
      expr: add hash expression
      expr: add number generation expression
      expr: numgen: Rename until attribute by modulus
      expr: hash: Add offset to hash value
      expr: numgen: add number generation offset

Liping Zhang (7):
      trace: use get_u32 to parse NFPROTO and POLICY attribute
      expr: queue: remove redundant NFTNL_EXPR_QUEUE_NUM set in json parse
      tests: queue: add missing NFTNL_EXPR_QUEUE_FLAGS compare test
      expr: queue: add NFTA_QUEUE_SREG_QNUM attr support
      expr: log: fix typo in nftnl_expr_log_export
      expr: log: do not print prefix if it is not set
      expr: log: complete log flags support

Pablo Neira Ayuso (43):
      examples: nft-table-upd: don't use deprecated aliases
      expr: payload: don't use deprecated definition NFT_EXPR_PAYLOAD_SREG
      src: assert when setting unknown attributes
      src: return value on setters that internally allocate memory
      src: check for strdup() errors from setters and parsers
      expr: data_reg: get rid of leftover perror() calls
      src: simplify unsetters
      src: check for flags before releasing attributes
      tests: shuffle values that are injected
      chain: dynamically allocate name
      tests: stricter string attribute validation
      set_elem: fix return in several error paths of nftnl_set_elems_parse2()
      expr: lookup: print flags only if they are available
      src: don't set data_len to zero when returning pointers
      Revert "common: Avoid integer overflow in nftnl_batch_is_supported()"
      expr: add quota expression
      expr: numgen: use switch to handle numgen types from snprintf
      expr: numgen: add missing trailing whitespace
      expr: hash: missing trailing space and modulus in hexadecimal in snprintf
      expr: numgen: add missing nftnl_expr_ng_cmp()
      set: fix incorrect maximum set description attribute
      include: resync nf_tables.h cache copy
      src: display offset only if present in hash and numgen expressions
      src: add range expression
      set_elem: don't add NFTA_SET_ELEM_LIST_ELEMENTS attribute if set is empty
      src: add notrack expression
      expr: missing offset handling for snprintf() in hash and numgen
      include: refresh nf_tables.h cache copy
      expr: call expr->ops->snprintf only if defined
      examples: add nft-map-add
      examples: nft-set-add: update it to add a set that stores port numbers
      examples: nft-set-elem-add: add missing batch logic
      expr: payload: add NFTNL_EXPR_PAYLOAD_FLAGS
      set_elem: nftnl_set_elems_nlmsg_build_payload_iter()
      include: fetch stateful object updates for nf_tables.h cache copy
      src: support for stateful objects
      expr: add stateful object reference expression
      set: add NFTNL_SET_OBJ_TYPE attribute
      set_elem: add NFTNL_SET_ELEM_OBJREF attribute
      expr: objref: add support for stateful object maps
      quota: support for consumed bytes
      build: update LIBVERSION to prepare a new release
      include: Missing nf_log.h in Makefile

Phil Sutter (7):
      set: prevent memleak in nftnl_jansson_parse_set_info()
      expr/ct: prevent array index overrun in ctkey2str()
      expr/limit: Drop unreachable code in limit_to_type()
      common: Avoid integer overflow in nftnl_batch_is_supported()
      src: Avoid returning uninitialized data
      ruleset: Initialize ctx.flags before calling nftnl_ruleset_ctx_set()
      utils: Don't return directly from SNPRINTF_BUFFER_SIZE


^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2016-12-19 22:57 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-12-19 22:57 [ANNOUNCE] libnftnl 1.0.7 release Pablo Neira Ayuso

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.