|Index||index by Group||index by Distribution||index by Vendor||index by creation date||index by Name||Mirrors||Help||Search|
|Name: nftables||Distribution: openSUSE Tumbleweed|
|Version: 1.0.0||Vendor: openSUSE|
|Release: 1.1||Build date: Tue Aug 24 15:37:31 2021|
|Group: Productivity/Networking/Security||Build host: obs-arm-11|
|Size: 119423||Source RPM: nftables-1.0.0-1.1.src.rpm|
|Summary: Userspace utility to access the nf_tables packet filter|
nf_tables is a firewalling mechanism in the Linux kernel, running independently of and parallel to ip_tables, ip6_tables, arp_tables and ebtables. nftables is the corresponsing userspace frontend. The nftables frontend features support for sets and dictionaries of arbitrary types, meta data types, atomic incremental and full ruleset updates, and, similar to iptables, support for different protocols, access to connection tracking and NAT and logging.
* Thu Aug 19 2021 Jan Engelhardt <firstname.lastname@example.org> - Update to release 1.0.0 * Catch-all set element support. * The command-line option --define is now recognized. * Stateful expressions in maps. * Allow combination of jhash, symhash and numgen expressions with the queue statement. * Allow combination of verdict maps with interval concatenations. * Tue May 25 2021 Jan Engelhardt <email@example.com> - Update to release 0.9.9 * Flowtable hardware offload support * Support for the table owner flag. * 802.1ad (QinQ) support * cgroupsv2 support. * match on SCTP packet chunks (dependent on Linux 5.14) * Allow to use verdict in set/map typeof definitions * Fri Jan 15 2021 Jan Engelhardt <firstname.lastname@example.org> - Update to release 0.9.8 * Complete support for matching ICMP header content fields. * Added raw tcp option match support. * Added ability to check for the presence of any tcp option. * Support for rejecting traffic from the ingress chain. * Tue Oct 27 2020 Jan Engelhardt <email@example.com> - Update to release 0.9.7 * Support for implicit chains * Support for ingress inet chains * Support for reject from prerouting chain * Support for --terse option in json * Support for the reset command with json * Tue Jun 16 2020 Jan Engelhardt <firstname.lastname@example.org> - Update to release 0.9.6 * Fix two ASAN runtime errors * Sat Jun 06 2020 Jan Engelhardt <email@example.com> - Update to release 0.9.5 * Support for set counters. * Support for restoring set element counters via nft -f. * Counter support for flowtables. * typeof concatenations support for sets. * Support for concatenated ranges in anonymous sets. * Allow to reject packets with 802.1q from the bridge family. * Support for matching on the conntrack ID. - Drop anonset-crashfix.patch (upstream solved differently) * Thu May 07 2020 Jan Engelhardt <firstname.lastname@example.org> - Add anonset-crashfix.patch [boo#1171321] * Wed Apr 01 2020 Jan Engelhardt <email@example.com> - Update to release 0.9.4 * Add a helper for concat expression handling. * Add "typeof" build/parse/print support. * Mon Dec 09 2019 Jan Engelhardt <firstname.lastname@example.org> - Add json, python [boo#1158723] * Tue Dec 03 2019 Jan Engelhardt <email@example.com> - Update to release 0.9.3 * meta: Introduce new conditions "time", "day" and "hour". * src: add ability to set/get secmarks to/from connection. * flowtable: add support for named flowtable listing. * flowtable: add support for delete command by handle. * json: add support for element deletion. * Add `-T` as the short option for `--numeric-time`. * meta: add ibrpvid and ibrvproto support * Mon Aug 19 2019 Jan Engelhardt <firstname.lastname@example.org> - Update to new upstream release 0.9.2 * Transport header port matching, e.g. "th dport 53" * Support for matching on IPv4 options * Support for synproxy * Sat Jan 19 2019 Stefan Brüns <email@example.com> - Remove unused dblatex BuildRequires, only needed for the optional and disabled PDF generation (same contents as shipped manpage). * Sat Jun 09 2018 firstname.lastname@example.org - Update to new upstream release 0.9.0 * Support to check if packet matches an existing socket. * Support to limit number of active connections by arbitrary criteria, such as ip addresses, networks, conntrack zones or any combination thereof. * Added support for "audit" logging. * Fri May 11 2018 email@example.com - Update to new upstream release 0.8.5 * support to add/insert a rule at a given index position * meter statement now supports a configureable upper max size * timeouts for sets can now be specified in milliseconds * re-add iptables-like empty skeleton rulesets * Wed May 02 2018 firstname.lastname@example.org - Update to new upstream release 0.8.4 * Support to match IPv6 segment routing headers. * New "meta ibrname" and "meta obrname" arguments to match the name of the logical bridge a packet is passing through. These new names replace the old (misnamed) "ibriport"/"obriport". * `nft -a` will now show handle identifier for all objects, including tables and chains. * nft can now delete objects by their handle number. * Support to update maps from the ruleset (packet path). * the "--echo" option now prints handle id for tables and object too. * `nft -f -` will now read from standard input * Support for flow tables, cf. man page or https://lwn.net/Articles/738214/ . * Sat Mar 03 2018 email@example.com - Update to new upstream release 0.8.3 * raw payload support to match headers that do not yet have received a mnemonic. * Sat Feb 03 2018 firstname.lastname@example.org - Update to new upstream release 0.8.2 * add secpath support * Tue Jan 16 2018 email@example.com - Update to new upstream release 0.8.1 * This release deprecates the "flow table" syntax in favor of "meter".
/etc/nftables /etc/nftables/osf /etc/nftables/osf/pf.os /usr/sbin/nft /usr/share/doc/packages/nftables /usr/share/doc/packages/nftables/examples /usr/share/doc/packages/nftables/examples/all-in-one.nft /usr/share/doc/packages/nftables/examples/arp-filter.nft /usr/share/doc/packages/nftables/examples/bridge-filter.nft /usr/share/doc/packages/nftables/examples/ct_helpers.nft /usr/share/doc/packages/nftables/examples/inet-filter.nft /usr/share/doc/packages/nftables/examples/inet-nat.nft /usr/share/doc/packages/nftables/examples/ipv4-filter.nft /usr/share/doc/packages/nftables/examples/ipv4-mangle.nft /usr/share/doc/packages/nftables/examples/ipv4-nat.nft /usr/share/doc/packages/nftables/examples/ipv4-raw.nft /usr/share/doc/packages/nftables/examples/ipv6-filter.nft /usr/share/doc/packages/nftables/examples/ipv6-mangle.nft /usr/share/doc/packages/nftables/examples/ipv6-nat.nft /usr/share/doc/packages/nftables/examples/ipv6-raw.nft /usr/share/doc/packages/nftables/examples/load_balancing.nft /usr/share/doc/packages/nftables/examples/netdev-ingress.nft /usr/share/doc/packages/nftables/examples/secmark.nft /usr/share/doc/packages/nftables/examples/sets_and_maps.nft /usr/share/licenses/nftables /usr/share/licenses/nftables/COPYING /usr/share/man/man5/libnftables-json.5.gz /usr/share/man/man8/nft.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 30 23:41:30 2021