diff --git a/nftables-0.7.tar.bz2 b/nftables-0.7.tar.bz2 deleted file mode 100644 index 50f1247..0000000 --- a/nftables-0.7.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fe639239d801ce5890397f6f4391c58a934bfc27d8b7d5ef922692de5ec4ed43 -size 451728 diff --git a/nftables-0.7.tar.bz2.sig b/nftables-0.7.tar.bz2.sig deleted file mode 100644 index f1c7e34..0000000 Binary files a/nftables-0.7.tar.bz2.sig and /dev/null differ diff --git a/nftables-0.8.tar.bz2 b/nftables-0.8.tar.bz2 new file mode 100644 index 0000000..0684248 --- /dev/null +++ b/nftables-0.8.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3f5b88e7b163bb46aa39e89419686b98f9316606a05865c3856dc68e414f389a +size 552345 diff --git a/nftables-0.8.tar.bz2.sig b/nftables-0.8.tar.bz2.sig new file mode 100644 index 0000000..c044aa5 Binary files /dev/null and b/nftables-0.8.tar.bz2.sig differ diff --git a/nftables.changes b/nftables.changes index b3140a9..9569af8 100644 --- a/nftables.changes +++ b/nftables.changes @@ -1,3 +1,36 @@ +------------------------------------------------------------------- +Fri Oct 13 08:39:41 UTC 2017 - jengelh@inai.de + +- Update to new upstream release 0.8 + * This release contains new features available up to the + (upcoming) Linux 4.14 kernel release: + * Support for stateful objects, these objects are uniquely + identified by a user-defined name, you can refer to them from + rules, and there is a well established interface to operate + with them. + * Sort set elements when listing them, from lower to largest. + * TCP option matching and mangling support. This includes TCP + maximum segment size mangling. + * Add new "-s" option for listings without stateful information. + * Add new -c/--check option for nft, to tests if your ruleset + loads fine, into the kernel, this is a dry run mode. + * Connection tracking helper support. + * Add --echo option, to print the handle that the kernel + allocates to uniquely identify rules. + * Conntrack zone support + * Symmetric hash support + * Add support to include directories from nft natives scripts, + files are loaded in alphanumerical order. + * Allow to check if IPv6 extension header or TCP option exists + or is missing. + * Extend quota support to display used bytes. + * Add ct average matching, to match average bytes per packet a + connection has transferred so far, to map the existing + feature available in the iptables connbytes match. + * Allow to flush maps and flow tables. + * Allow to embed set definition into an existing set. + * Conntrack event filtering support via rule. + ------------------------------------------------------------------- Tue Dec 20 22:35:41 UTC 2016 - jengelh@inai.de diff --git a/nftables.spec b/nftables.spec index 4022578..037f2f0 100644 --- a/nftables.spec +++ b/nftables.spec @@ -1,7 +1,7 @@ # # spec file for package nftables # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,14 +17,14 @@ Name: nftables -Version: 0.7 +Version: 0.8 Release: 0 Summary: Userspace utility to access the nf_tables packet filter License: GPL-2.0 Group: Productivity/Networking/Security Url: http://netfilter.org/projects/nftables/ -#Git-Clone: git://git.netfilter.org/nftables +#Git-Clone: git://git.netfilter.org/nftables Source: http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2 Source2: http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2.sig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -37,7 +37,7 @@ BuildRequires: pkgconfig >= 0.21 BuildRequires: readline-devel BuildRequires: xsltproc BuildRequires: pkgconfig(libmnl) >= 1.0.3 -BuildRequires: pkgconfig(libnftnl) >= 1.0.7 +BuildRequires: pkgconfig(libnftnl) >= 1.0.8 BuildRequires: pkgconfig(xtables) >= 1.6.0 Obsoletes: nftables-plus < %version-%release Provides: nftables-plus = %version-%release