SHA256
1
0
forked from pool/nftables

Accepting request 533989 from security:netfilter

- Update to new upstream release 0.8

OBS-URL: https://build.opensuse.org/request/show/533989
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nftables?expand=0&rev=8
This commit is contained in:
Dominique Leuenberger 2017-10-24 20:22:19 +00:00 committed by Git OBS Bridge
commit ec36a15a21
6 changed files with 40 additions and 7 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fe639239d801ce5890397f6f4391c58a934bfc27d8b7d5ef922692de5ec4ed43
size 451728

Binary file not shown.

3
nftables-0.8.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3f5b88e7b163bb46aa39e89419686b98f9316606a05865c3856dc68e414f389a
size 552345

BIN
nftables-0.8.tar.bz2.sig Normal file

Binary file not shown.

View File

@ -1,3 +1,36 @@
-------------------------------------------------------------------
Fri Oct 13 08:39:41 UTC 2017 - jengelh@inai.de
- Update to new upstream release 0.8
* This release contains new features available up to the
(upcoming) Linux 4.14 kernel release:
* Support for stateful objects, these objects are uniquely
identified by a user-defined name, you can refer to them from
rules, and there is a well established interface to operate
with them.
* Sort set elements when listing them, from lower to largest.
* TCP option matching and mangling support. This includes TCP
maximum segment size mangling.
* Add new "-s" option for listings without stateful information.
* Add new -c/--check option for nft, to tests if your ruleset
loads fine, into the kernel, this is a dry run mode.
* Connection tracking helper support.
* Add --echo option, to print the handle that the kernel
allocates to uniquely identify rules.
* Conntrack zone support
* Symmetric hash support
* Add support to include directories from nft natives scripts,
files are loaded in alphanumerical order.
* Allow to check if IPv6 extension header or TCP option exists
or is missing.
* Extend quota support to display used bytes.
* Add ct average matching, to match average bytes per packet a
connection has transferred so far, to map the existing
feature available in the iptables connbytes match.
* Allow to flush maps and flow tables.
* Allow to embed set definition into an existing set.
* Conntrack event filtering support via rule.
-------------------------------------------------------------------
Tue Dec 20 22:35:41 UTC 2016 - jengelh@inai.de

View File

@ -1,7 +1,7 @@
#
# spec file for package nftables
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,14 +17,14 @@
Name: nftables
Version: 0.7
Version: 0.8
Release: 0
Summary: Userspace utility to access the nf_tables packet filter
License: GPL-2.0
Group: Productivity/Networking/Security
Url: http://netfilter.org/projects/nftables/
#Git-Clone: git://git.netfilter.org/nftables
#Git-Clone: git://git.netfilter.org/nftables
Source: http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2
Source2: http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2.sig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -37,7 +37,7 @@ BuildRequires: pkgconfig >= 0.21
BuildRequires: readline-devel
BuildRequires: xsltproc
BuildRequires: pkgconfig(libmnl) >= 1.0.3
BuildRequires: pkgconfig(libnftnl) >= 1.0.7
BuildRequires: pkgconfig(libnftnl) >= 1.0.8
BuildRequires: pkgconfig(xtables) >= 1.6.0
Obsoletes: nftables-plus < %version-%release
Provides: nftables-plus = %version-%release