Hi!
The Netfilter project proudly presents:
conntrack-tools 1.2.0
This release is a major milestone that includes support for
expectation synchronization and the new nfct utility that, by now,
only supports the new cttimeout infrastructure.
See ChangeLog that comes attached to this email for more details.
You can download it from:
http://www.netfilter.org/projects/conntrack-tools/downloads.html
ftp://ftp.netfilter.org/pub/conntrack-tools/
Have fun!
-------------- next part --------------
Adrian Bridgett (1):
src: manpage and help display improvements
Florian Westphal (1):
conntrack: flush stdout for each expectation event, too
Pablo Neira Ayuso (34):
conntrackd: generalize caching infrastructure
conntrackd: generalize external handlers to prepare expectation support
conntrackd: generalize/cleanup network message building/parsing
conntrackd: generalize local handler actions
conntrackd: simplify cache_get_extra function
conntrackd: remove cache_data_get_object and replace by direct pointer
conntrackd: constify ct parameter of ct_filter_* functions
conntrackd: relax checkings in ct_filter_sanity_check
conntrackd: minor cleanup for commit
conntrackd: support for expectation synchronization
doc: update conntrack-tools manual to detail expectation support
conntrackd: fix expectation filtering if ExpectationSync On is used
conntrack: add expectation support for `-o' option
conntrackd: support `-i exp -x' and `-e exp -x' options
conntrack: fix setting fixed-timeout status flag
conntrackd: add support expectation class synchronization
conntrackd: add NAT expectation support
conntrackd: add support to synchronize helper name
conntrackd: support expectfn synchronization for expectations
conntrackd: fix parsing of expectation class, helper name and NAT
conntrack: allow to filter by mark from kernel-space
conntrackd: allow using lower/upper case in ExpectationSync
doc: add ras, q.931 and h.245 to examples configuration file
doc: fix example on how to filter events via iptables CT target
icmp[v6]: --icmp[v6]-[type|code] are optional for updates and deletes
src: integrate nfct into the conntrack-tools tree
tests: add nfct tests for cttimeout
build: bump version to 1.2.0
nfct: fix compilation warning in cttimeout support
build: update dependencies with libnetfilter_conntrack (>= 1.0.1)
move qa directory to tests/conntrack/
tests: conntrack: add run-test.sh script
add nfct(8) manpage
add README.nfct
Applied, thanks Jan. On Sat, May 26, 2012 at 09:02:35PM +0200, Jan Engelhardt wrote:> --- > .gitignore | 1 + > src/.gitignore | 1 + > 2 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/.gitignore b/.gitignore > index 928e44b..f7a5fc7 100644 > --- a/.gitignore > +++ b/.gitignore > @@ -1,5 +1,6 @@ > .deps/ > .libs/ > +.dirstamp > Makefile > Makefile.in > *.o > diff --git a/src/.gitignore b/src/.gitignore > index 6e6763d..55a0d27 100644 > --- a/src/.gitignore > +++ b/src/.gitignore > @@ -1,5 +1,6 @@ > /conntrack > /conntrackd > +/nfct > > /read_config_lex.c > /read_config_yy.c > -- > 1.7.7 >
Pablo Neira Ayuso
2012-May-26 20:21 UTC
[PATCH 1/2] nfct-extensions/timeout: adjust for changed nfct_timeout_snprintf API
On Sat, May 26, 2012 at 09:02:34PM +0200, Jan Engelhardt wrote:> Despite requiring libnetfilter_cttimeout >= 1.0.0, it did not > use the new API. > > nfct-extensions/timeout.c: In function 'nfct_timeout_cb': > nfct-extensions/timeout.c:99:2: error: too few arguments to function > 'nfct_timeout_snprintf' > In file included from nfct-extensions/timeout.c:26:0: > /usr/include/libnetfilter_cttimeout-1.0.0/libnetfilter_cttimeout/ > libnetfilter_cttimeout.h:114:5: note: declared here > > 114: int nfct_timeout_snprintf(char *buf, size_t size, > const struct nfct_timeout *, unsigned int type, unsigned int flags);We noticed at the same time. It's fixed now, and conntrack-tools 1.2.1 is out. Thanks!