Displaying 20 results from an estimated 6000 matches similar to: "[ANNOUNCE]: Release of nftables 0.2"
2016 Dec 20
0
[ANNOUNCE] nftables 0.7 release
Hi!
The Netfilter project proudly presents:
nftables 0.7
This release contains many accumulated bug fixes and new features
available up to the (upcoming) Linux 4.10-rc1 kernel release.
* Facilitate migration from iptables to nftables:
At compilation time, you have to pass this option.
# ./configure --with-xtables
And libxtables needs to be installed in your system. This allows
2014 Dec 16
0
[ANNOUNCE] nftables 0.4 release
Hi!
The Netfilter project proudly presents:
nftables 0.4
This release contains a lot of bug fixes and new features contained up
to the recent 3.18 kernel release (and some features coming up in the
yet unreleased 3.19-rc).
New features
============
* Add support for global ruleset operations (available since 3.18).
Get rid of all tables, chains, and rules in one go:
# nft
2015 Sep 17
0
[ANNOUNCE] nftables 0.5 release
Hi!
The Netfilter project proudly presents:
nftables 0.5
This release contains bug fixes and new features contained up to the
4.2 kernel release.
New features
============
* Concatenations: You can combine two or more selectors to build a
tuple, then use it to look up for a matching in sets, eg.
% nft add rule ip filter input ip saddr . tcp dport { \
1.1.1.1 . 22 , \
2017 Dec 25
2
[Bug 1206] New: segfault when snat map rule has been added
https://bugzilla.netfilter.org/show_bug.cgi?id=1206
Bug ID: 1206
Summary: segfault when snat map rule has been added
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2017 Oct 12
0
[ANNOUNCE] nftables 0.8 release
Hi!
The Netfilter project proudly presents:
nftables 0.8
This release contains new features available up to the (upcoming)
Linux 4.14 kernel release:
* Support for stateful objects, these objects are uniquely identified by
a user-defined name, you can refer to them from rules, and there is a
well established interface to operate with them, eg.
# nft add counter filter test
2020 Apr 01
0
[ANNOUNCE] nftables 0.9.4 release
Hi!
The Netfilter project proudly presents:
nftables 0.9.4
This release contains fixes and new features available up to the Linux
kernel 5.6 release.
* Support for ranges in concatenations (requires Linux kernel >= 5.6),
e.g.
table ip foo {
set whitelist {
type ipv4_addr . ipv4_addr . inet_service
flags interval
2018 Jan 04
9
[Bug 1210] New: nftables gets confused by user namespaces when meta skuid is used
https://bugzilla.netfilter.org/show_bug.cgi?id=1210
Bug ID: 1210
Summary: nftables gets confused by user namespaces when meta
skuid is used
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: nft
2020 Apr 18
0
CentO 8 and nftables default policy
Il 17/04/20 11:01, Alessandro Baggi ha scritto:
> Hi list,
>
> I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled
> firewalld. I noticed that a default policy is created with tables and
> chains probably for firewalld.
>
> So I created a .nft script where I stored my rules with a flush for
> previous ruleset, then saved on
2016 Jun 02
0
[ANNOUNCE] nftables 0.6 release
Hi!
The Netfilter project proudly presents:
nftables 0.6
This release contains many accumulated bug fixes and new features
availale up to the Linux 4.7-rc1 kernel release.
New features
============
* Rule replacement: You can replace any rule from the unique 64-bits
handle. You have to retrieve the handle from the ruleset listing.
# nft list ruleset -a
table ip filter {
chain
2020 Apr 17
2
CentO 8 and nftables default policy
Hi list,
I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled
firewalld. I noticed that a default policy is created with tables and
chains probably for firewalld.
So I created a .nft script where I stored my rules with a flush for
previous ruleset, then saved on /etc/sysconfig/nftables.conf and the
enabled nftables service.
Running the script with nft -f script.nft all
2024 Jul 16
0
[ANNOUNCE] nftables 1.1.0 release
Hi!
The Netfilter project proudly presents:
nftables 1.1.0
... after a release cycles of 8 months.
This release contains mostly fixes, listed in no particular order:
- Restore compatibility set element dump with <= 0.9.8
add element t s { 23 counter packets 10 bytes 20 timeout 10s }
add element t s { 42 timeout 10s counter packets 10 bytes 20 }
- Disallow ifname less than
2018 Jan 30
0
[Bug 1219] New: nftables prints the routing header type rules incorrectly
https://bugzilla.netfilter.org/show_bug.cgi?id=1219
Bug ID: 1219
Summary: nftables prints the routing header type rules
incorrectly
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
2020 Apr 18
1
CentO 8 and nftables default policy
I had the same problem.
If you are not using virtual machines then
# systemctl disable libvirtd
works and is easily reversible.
Alan
On 18/04/2020 23:03, Alessandro Baggi wrote:
> Il 17/04/20 11:01, Alessandro Baggi ha scritto:
>> Hi list,
>>
>> I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled
>> firewalld. I noticed that a default
2020 Jul 19
3
[Bug 1444] New: nftables-0.9.6 crashes on some set notations:
https://bugzilla.netfilter.org/show_bug.cgi?id=1444
Bug ID: 1444
Summary: nftables-0.9.6 crashes on some set notations:
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2018 Jan 16
0
[ANNOUNCE] nftables 0.8.1 release
Hi!
The Netfilter project proudly presents:
nftables 0.8.1
This release contains mostly incremental fixes and documentation
updates, such as fixing up ./configure --with-mini-gmp for embedded
setups that don't have libgmp.
Deprecated syntax
=================
This release deprecates the "flow table" syntax in favor of "meter" to
address Netfilter's bugzilla
2019 Nov 12
6
[Bug 1382] New: nftables.py cmd leaking memory when ruleset contain mapping ip length to range with high limit 65535
https://bugzilla.netfilter.org/show_bug.cgi?id=1382
Bug ID: 1382
Summary: nftables.py cmd leaking memory when ruleset contain
mapping ip length to range with high limit 65535
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Gentoo
Status: NEW
Severity: major
2020 Jun 06
0
[ANNOUNCE] nftables 0.9.5 release
Hi!
The Netfilter project proudly presents:
nftables 0.9.5
This release contains fixes and new features available up to the Linux
kernel 5.7 release.
* Support for set counters:
table ip x {
set y {
typeof ip saddr
counter
elements = { 192.168.10.35, 192.168.10.101, 192.168.10.135 }
}
2014 Jun 25
0
[ANNOUNCE] nftables 0.3 release
Hi!
The Netfilter project presents:
nftables 0.3
This release contains bug fixes, syntax cleanups, new features, support
for all new features contained in the recent 3.15 kernel release.
Syntax changes
==============
* More compact syntax for the queue action, eg.
nft add rule test input queue num 1
You can also express the multiqueue as a range, followed by options.
nft add rule
2020 Jun 09
1
firewalld / iptables / nftables
Once upon a time, Jonathan Billings <billings at negate.org> said:
> 'iptables' and 'nftables' are competing technologies. In CentOS 8,
> firewalld's backend was switched from iptables to nftables. So it
> would be expected that the iptables command wouldn't have any rules
> defined, it isn't being used by firewalld.
That is partially incorrect.
2020 Oct 27
0
[ANNOUNCE] nftables 0.9.7 release
Hi!
The Netfilter project proudly presents:
nftables 0.9.7
This release contains fixes and new features available up to the Linux
kernel 5.10-rc1 release.
* Support for implicit chain, e.g.
table inet x {
chain y {
type filter hook input priority 0;
tcp dport 22 jump {
ip saddr { 127.0.0.0/8, 172.23.0.0/16, 192.168.13.0/24 }