------------------------------------------------------------------- Tue Dec 20 22:35:41 UTC 2016 - jengelh@inai.de - Update to new upstream release 0.7 * Add new fib expression, which can be used to obtain the output interface from the route table based on either source or destination address of a packet. * Support hashing of any arbitrary key combination, eg. * Add number generation support. Useful for round-robin packet mark setting. * Add quota support, eg. * Introduce routing expression, for routing related data with support for nexthop * Notrack support, to explicitly skip connection tracking for matching packets. * Support to set non-byte bound packet header fields, including checksum adjustment. * Add 'create set' and 'create element' commands. * Allow to use variable reference for set element definitions. * Allow to use variable definitions from element commands. * Add support to flush set. You can use this new command to remove all existing elements in a set. * Inverted set lookups. * Honor absolute and relative paths via include file, where: * Support log flags, to enable logging TCP sequence and options. * tc classid parser support, eg. * Allow numeric connlabels, so if connlabel still works with undefined labels. ------------------------------------------------------------------- Thu Jun 2 18:31:23 UTC 2016 - jengelh@inai.de - Update to new upstream release 0.6 * Rules may be replaced now * Flow table support (requires Linux >= 4.3) * Support for tracing * Ratelimiting now supports units like bytes/second. * Matchinv VLAN IDs, DSCP/ECN, ICMP RtAdv & RtSol ------------------------------------------------------------------- Thu Sep 17 21:16:31 UTC 2015 - jengelh@inai.de - Update to new upstream release 0.5 * Support combinations of two or more selectors to build a tuple * Timeout support for sets * Dormant flag for tables * Default chain policy specifiable on creation ------------------------------------------------------------------- Sat May 23 23:06:12 UTC 2015 - mrueckert@suse.de - set the url to the project page - pass --disable-silent-rules to configure to allow gcc post build check to work ------------------------------------------------------------------- Tue Dec 16 01:25:00 UTC 2014 - jengelh@inai.de - Update to new upstream release 0.4 * Since Linux 3.18: support for global ruleset operations * Since 3.17: full logging support for all the families, including nfnetlink_log * 3.16: automatic selection of the optimal set implementation * 3.14: reject support for ip, ip6 and inet * 3.18: reject support for bridge, and reject icmpx abstraction * 3.18: masquerade support * 3.19: redirect support * Extend meta to support pkttype, cpu and devgroup matching. ------------------------------------------------------------------- Fri Jun 27 17:08:46 UTC 2014 - jengelh@inai.de - Update to new upstream release 0.3 * More compact syntax for the queue action * Match input and output bridge interface name through "meta ibriport" and "meta obriport" * netlink event monitor, to monitor ruleset events, set changes, etc. * New transaction infrastructure - fully atomic updates for all object available in the upcoming 3.16. ------------------------------------------------------------------- Mon Jan 13 09:05:35 UTC 2014 - jengelh@inai.de - Initial package for build.opensuse.org