From 9a8893e097de457aef301397b1d339173357c74ccc2bcad68a1381d3f278d041 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 1 Apr 2020 19:13:07 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/security:netfilter/nftlb?expand=0&rev=2 --- nftlb.spec | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/nftlb.spec b/nftlb.spec index 0365581..aa04158 100644 --- a/nftlb.spec +++ b/nftlb.spec @@ -37,9 +37,26 @@ BuildRequires: pkgconfig(libnftables) >= 0.9 nftlb a user-space tool that builds a complete load balancer and traffic distributor using nftables. -nftlb is provided with a JSON API, and can be used with a preferred -service health checker to enable/disable backends or virtual services -and automate processes with it. +* Topologies supported: Destination NAT, Source NAT, Direct Server + Return and Stateless DNAT. This enables the use of the load + balancer in one-armed and two-armed network architectures. +* Support for both IPv4 and IPv6 families. +* Multilayer load balancer: DSR in layer 2, IP based load balancing + with protocol agnostic at layer 3, and support of load balancing of + UDP, TCP and SCTP at layer 4. +* Multiport support for ranges and lists of ports. +* Multiple virtual services (or farms) support. +* Schedulers available: weight, round robin, configurable hash (per + IP, port, MAC or combination of them) and symmetric hash. +* Support of configurable persistence or client-backend affinity with + a timeout (per IP, port, MAC or combination of them). +* Support of security policies per service: white and blacklists + (from ingress), queuing to user space filter, filtering of bogus + TCP frames, maximum number of established connections, limit TCP + RST per second, limit new connections per second and more. +* Priority support per backend. +* Live management of virtual services and backends programmatically + through a JSON API. %prep %autosetup -p1