similar to: [ANNOUNCE] nftables 0.6 release

Hi! The Netfilter project proudly presents: nftables 0.8 This release contains new features available up to the (upcoming) Linux 4.14 kernel release: * Support for stateful objects, these objects are uniquely identified by a user-defined name, you can refer to them from rules, and there is a well established interface to operate with them, eg. # nft add counter filter test

Hi! The Netfilter project proudly presents: nftables 1.1.0 ... after a release cycles of 8 months. This release contains mostly fixes, listed in no particular order: - Restore compatibility set element dump with <= 0.9.8 add element t s { 23 counter packets 10 bytes 20 timeout 10s } add element t s { 42 timeout 10s counter packets 10 bytes 20 } - Disallow ifname less than

Hi! The Netfilter project proudly presents: nftables 0.7 This release contains many accumulated bug fixes and new features available up to the (upcoming) Linux 4.10-rc1 kernel release. * Facilitate migration from iptables to nftables: At compilation time, you have to pass this option. # ./configure --with-xtables And libxtables needs to be installed in your system. This allows

Hi! The Netfilter project proudly presents: nftables 0.9.4 This release contains fixes and new features available up to the Linux kernel 5.6 release. * Support for ranges in concatenations (requires Linux kernel >= 5.6), e.g. table ip foo { set whitelist { type ipv4_addr . ipv4_addr . inet_service flags interval

Hi! The Netfilter project proudly presents: nftables 0.5 This release contains bug fixes and new features contained up to the 4.2 kernel release. New features ============ * Concatenations: You can combine two or more selectors to build a tuple, then use it to look up for a matching in sets, eg. % nft add rule ip filter input ip saddr . tcp dport { \ 1.1.1.1 . 22 , \

The netfilter project presents: nftables 0.2 This release contains a rather large number of bug fixes, syntax cleanups, new features, support for all new features contained in the recent 3.14 kernel release as well as *drumroll* documentation. Syntax changes ============== * More consistency in data type names Data type names are used in set declarations. All address related types now

Hi! The Netfilter project proudly presents: nftables 0.9.7 This release contains fixes and new features available up to the Linux kernel 5.10-rc1 release. * Support for implicit chain, e.g. table inet x { chain y { type filter hook input priority 0; tcp dport 22 jump { ip saddr { 127.0.0.0/8, 172.23.0.0/16, 192.168.13.0/24 }

Hi! The Netfilter project proudly presents: nftables 0.8.1 This release contains mostly incremental fixes and documentation updates, such as fixing up ./configure --with-mini-gmp for embedded setups that don't have libgmp. Deprecated syntax ================= This release deprecates the "flow table" syntax in favor of "meter" to address Netfilter's bugzilla

Hi! The Netfilter project proudly presents: nftables 0.9.5 This release contains fixes and new features available up to the Linux kernel 5.7 release. * Support for set counters: table ip x { set y { typeof ip saddr counter elements = { 192.168.10.35, 192.168.10.101, 192.168.10.135 } }

Hi! The Netfilter project proudly presents: nftables 0.4 This release contains a lot of bug fixes and new features contained up to the recent 3.18 kernel release (and some features coming up in the yet unreleased 3.19-rc). New features ============ * Add support for global ruleset operations (available since 3.18). Get rid of all tables, chains, and rules in one go: # nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1261 Bug ID: 1261 Summary: nft trace crash with msg "BUG: invalid verdict value 2" Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1418 Bug ID: 1418 Summary: segfaults when running nft --file foo.nft --echo Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at

https://bugzilla.netfilter.org/show_bug.cgi?id=1399 Bug ID: 1399 Summary: tables/chains priority doesn't work Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: enhancement Priority: P5 Component: kernel Assignee: pablo at

https://bugzilla.netfilter.org/show_bug.cgi?id=1469 Bug ID: 1469 Summary: Bison reported unused tokens in `nft` Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: trivial Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1330 Bug ID: 1330 Summary: Parse error for importing set with netmask Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1671 Bug ID: 1671 Summary: Implicit chains and nesting result in parser_bison.y aborting Product: nftables Version: 0.9.x Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: nft

https://bugzilla.netfilter.org/show_bug.cgi?id=1228 Bug ID: 1228 Summary: [REGRESSION] nft cannot load big set anymore Product: nftables Version: unspecified Hardware: x86_64 OS: other Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=915 Summary: segfault in error case : expr_evaluate_payload not checking payload->payload.desc being null Product: nftables Version: unspecified Platform: x86_64 OS/Version: All Status: NEW Severity: normal Priority: P5 Component: nft

Hi! The Netfilter project proudly presents: libnftnl 1.0.2 libnftnl is a userspace library providing a low-level netlink programming interface (API) to the in-kernel nf_tables subsystem. The library libnftnl has been previously known as libnftables. This library is currently used by the nft command line tool. This release comes with new features available in 3.15, the event monitoring

https://bugzilla.netfilter.org/show_bug.cgi?id=1736 Bug ID: 1736 Summary: nftables - dynamic update for verdict map from the packet path Product: nftables Version: 1.0.x Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft