nftables-0.8

OBS-URL: https://build.opensuse.org/package/show/security:netfilter/nftables?expand=0&rev=22

nftables-0.7.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fe639239d801ce5890397f6f4391c58a934bfc27d8b7d5ef922692de5ec4ed43
-size 451728

nftables-0.8.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3f5b88e7b163bb46aa39e89419686b98f9316606a05865c3856dc68e414f389a
+size 552345

nftables.changes

@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Fri Oct 13 08:39:41 UTC 2017 - jengelh@inai.de
+
+- Update to new upstream release 0.8
+  * This release contains new features available up to the
+    (upcoming) Linux 4.14 kernel release:
+  * Support for stateful objects, these objects are uniquely
+    identified by a user-defined name, you can refer to them from
+    rules, and there is a well established interface to operate
+    with them.
+  * Sort set elements when listing them, from lower to largest.
+  * TCP option matching and mangling support. This includes TCP
+    maximum segment size mangling.
+  * Add new "-s" option for listings without stateful information.
+  * Add new -c/--check option for nft, to tests if your ruleset
+    loads fine, into the kernel, this is a dry run mode.
+  * Connection tracking helper support.
+  * Add --echo option, to print the handle that the kernel
+    allocates to uniquely identify rules.
+  * Conntrack zone support
+  * Symmetric hash support
+  * Add support to include directories from nft natives scripts,
+    files are loaded in alphanumerical order.
+  * Allow to check if IPv6 extension header or TCP option exists
+    or is missing.
+  * Extend quota support to display used bytes.
+  * Add ct average matching, to match average bytes per packet a
+    connection has transferred so far, to map the existing
+    feature available in the iptables connbytes match.
+  * Allow to flush maps and flow tables.
+  * Allow to embed set definition into an existing set.
+  * Conntrack event filtering support via rule.
+
 -------------------------------------------------------------------
 Tue Dec 20 22:35:41 UTC 2016 - jengelh@inai.de
 

nftables.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package nftables
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,14 +17,14 @@
 
 
 Name:           nftables
-Version:        0.7
+Version:        0.8
 Release:        0
 Summary:        Userspace utility to access the nf_tables packet filter
 License:        GPL-2.0
 Group:          Productivity/Networking/Security
 Url:            http://netfilter.org/projects/nftables/
-#Git-Clone:	git://git.netfilter.org/nftables
 
+#Git-Clone:	git://git.netfilter.org/nftables
 Source:         http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2
 Source2:        http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2.sig
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build