J. Schulist
2001-Nov-09 20:48 UTC
[netfilter-announce] [RELEASE] netlink for netfilter version 1.0.0
Hello, I have just made available the first public release of netlink for netfilter and iptables2 tools. The software can be downloaded from ftp://ftp.linux-sna.org/pub/netfilter/iptables2-1.0.0.tar.gz Netfilter via Netlink aka Netfilter message support is a generic API for direct user space access to a collection of numerous Iptables components. Netlink provides a well defined and simple socket API to access kernel tables. Access to Add, Delete, Modify, Get and List tables is the default while event notification is usually included as an added benefit. Netfilter messages or technically known as nfnetlink is the generic interface to all Netfilter components via netlink. Connection tracking event notification and table modification is fully supported. These features were previously available in the ctnetlink software package. IPtables events notifcation and table modication is fully supported. This allows a user to receive an nfnetlink event when a rule has been added, deleted, or modified on a table or chain. The full command set available through the iptables command line tool is available through nfnetlink iptnetlink sockets (add, delete, insert, replace, check, etc). Previously implemented netlink layers for netfilter such as logging are not currently available under the nfnetlink software. The iptables2 software package contains a patch-o-matic version of the nfnetlink kernel patch. This *must* be applied in order for anything in the iptables2 package to work. Iptables2 is in the same order of the iproute2 package. The main command is called `nf` this is the high level entry point into the application. The `nf` command then has sub commands for `conntrack` and iptables `tables`. Iptables2 is not meant as a replacement for iptables. Iptables2 is a platform for testing and developing the nfnetlink APIs, the features available in iptables2 may someday be integrated into iptables but not right now. This is a first release so bugs are guaranteed, so have fun and please let me know of any comments, questions, feature requests, or problems you have using iptables2. J. Schulist