Displaying 20 results from an estimated 100 matches similar to: "[ANNOUNCE] nftables 0.8.2 release"
2018 Nov 06
1
[Bug 1290] New: ptables: nftables layer breaks ipsec/policy keyword
https://bugzilla.netfilter.org/show_bug.cgi?id=1290
Bug ID: 1290
Summary: ptables: nftables layer breaks ipsec/policy keyword
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: iptables over nftable
2017 Oct 12
0
[ANNOUNCE] nftables 0.8 release
Hi!
The Netfilter project proudly presents:
nftables 0.8
This release contains new features available up to the (upcoming)
Linux 4.14 kernel release:
* Support for stateful objects, these objects are uniquely identified by
a user-defined name, you can refer to them from rules, and there is a
well established interface to operate with them, eg.
# nft add counter filter test
2018 Jan 16
0
[ANNOUNCE] nftables 0.8.1 release
Hi!
The Netfilter project proudly presents:
nftables 0.8.1
This release contains mostly incremental fixes and documentation
updates, such as fixing up ./configure --with-mini-gmp for embedded
setups that don't have libgmp.
Deprecated syntax
=================
This release deprecates the "flow table" syntax in favor of "meter" to
address Netfilter's bugzilla
2010 Apr 19
1
[PATCH matahari] Replaces the existing HAL code for ProcessorAgent with udev.
Stripped out the HAL support code and replaced with calls to udev. The
remainder of the code to extract CPU details parses through the
/proc/cpuinfo file since udev/sysfs will not return such information.
Signed-off-by: Darryl L. Pierce <dpierce at redhat.com>
---
configure.ac | 3 +-
src/Makefile.am | 4 +-
src/processors.cpp | 94
2010 May 27
1
[PATCH matahari] Introduces a multiplexer for taking requests and mapping them to APIs.
The Multiplexer lets Matahari register APIs and then call them by that
registered name. APIs are function pointers in the form of:
const char* function(const char *);
where the API takes as input a descriptor containing any arguments, and
returns an array containing the response or result.
Also adds a testing directory and unit tests to validate the
Multiplexer.
The new directory, src/tests,
2016 Jun 02
0
[ANNOUNCE] nftables 0.6 release
Hi!
The Netfilter project proudly presents:
nftables 0.6
This release contains many accumulated bug fixes and new features
availale up to the Linux 4.7-rc1 kernel release.
New features
============
* Rule replacement: You can replace any rule from the unique 64-bits
handle. You have to retrieve the handle from the ruleset listing.
# nft list ruleset -a
table ip filter {
chain
2020 Jun 15
0
[ANNOUNCE] nftables 0.9.6 release
Hi!
The Netfilter project proudly presents:
nftables 0.9.6
This release fixes vmap support which broke in 0.9.5.
You can download this new release from:
https://www.netfilter.org/projects/nftables/downloads.html#nftables-0.9.6
https://www.netfilter.org/pub/nftables/
To build the code, libnftnl 1.1.7 and libmnl >= 1.0.4 are required:
*
2014 May 13
1
[Bug 936] New: frag: "more-fragments" and "reserved" are not identified by nftables
https://bugzilla.netfilter.org/show_bug.cgi?id=936
Summary: frag: "more-fragments" and "reserved" are not
identified by nftables
Product: nftables
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component:
2016 Apr 02
1
[Bug 1061] New: net-firewall/nftables-0.5-r2: limit rate: burst parameter doesn't work
https://bugzilla.netfilter.org/show_bug.cgi?id=1061
Bug ID: 1061
Summary: net-firewall/nftables-0.5-r2: limit rate: burst
parameter doesn't work
Product: nftables
Version: unspecified
Hardware: x86_64
URL: http://wiki.nftables.org/wiki-nftables/index.php/Rate_
limiting_matchings
2016 Apr 15
0
[Bug 1032] nftables-0.5 fails to import ip6 tables when loopback address provided as both src and dst addr
https://bugzilla.netfilter.org/show_bug.cgi?id=1032
Arturo Borrero Gonzalez <arturo.borrero.glez at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |arturo.borrero.glez at gmail.c
| |om
---
2016 Apr 15
0
[Bug 1032] nftables-0.5 fails to import ip6 tables when loopback address provided as both src and dst addr
https://bugzilla.netfilter.org/show_bug.cgi?id=1032
Florian Westphal <fw at strlen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fw at strlen.de
Assignee|pablo at netfilter.org |fw at strlen.de
--- Comment #2 from Florian
2016 Apr 19
0
[Bug 1032] nftables-0.5 fails to import ip6 tables when loopback address provided as both src and dst addr
https://bugzilla.netfilter.org/show_bug.cgi?id=1032
Florian Westphal <fw at strlen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--
You are receiving this mail because:
You are
2016 Nov 22
1
[Bug 1099] New: Minor typo in wiki.nftables.org
https://bugzilla.netfilter.org/show_bug.cgi?id=1099
Bug ID: 1099
Summary: Minor typo in wiki.nftables.org
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: trivial
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2016 Dec 31
1
[Bug 1108] New: Need a new release to build nftables --with-xtables
https://bugzilla.netfilter.org/show_bug.cgi?id=1108
Bug ID: 1108
Summary: Need a new release to build nftables --with-xtables
Product: iptables
Version: CVS (please indicate timestamp)
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: iptables
2017 Feb 13
0
[Bug 1041] nftables in a container affects the host
https://bugzilla.netfilter.org/show_bug.cgi?id=1041
Phil Sutter <phil at nwl.cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |phil at nwl.cc
Resolution|---
2017 Feb 13
0
[Bug 1041] nftables in a container affects the host
https://bugzilla.netfilter.org/show_bug.cgi?id=1041
--- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> ---
For just the record:
4.1 needs this workaround though, we have to request inclusion into -stable.
commit fdab6a4cbd8933092155449ca7253eba973ada14
Author: Eric W. Biederman <ebiederm at xmission.com>
Date: Fri Jun 19 10:41:21 2015 -0500
netfilter: nftables: Do
2018 Jan 30
0
[Bug 1219] New: nftables prints the routing header type rules incorrectly
https://bugzilla.netfilter.org/show_bug.cgi?id=1219
Bug ID: 1219
Summary: nftables prints the routing header type rules
incorrectly
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
2019 Oct 11
4
[Bug 1372] New: Example for simple blacklist from nftables man page
https://bugzilla.netfilter.org/show_bug.cgi?id=1372
Bug ID: 1372
Summary: Example for simple blacklist from nftables man page
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at
2018 Oct 17
2
KVM + libvirt + nftables without iptables?
Hi everyone,
I use Debian 9.5 Stretch and NFTABLES as a firewall.
Using NFTABLES together with IPTABLES is not recommended,
but libvirt depends on IPTABLES.
Is it safe to run libvirt + kvm + virsh without IPTABLES?
By the doc https://libvirt.org/firewall.html,
IPTABLES are used for settingup filtering which I do not need.
Thanks,
Roman
2018 Oct 18
0
Re: KVM + libvirt + nftables without iptables?
On Wed, Oct 17, 2018 at 05:57:11PM +0200, Roman Vesely wrote:
> Hi everyone,
>
> I use Debian 9.5 Stretch and NFTABLES as a firewall.
> Using NFTABLES together with IPTABLES is not recommended,
> but libvirt depends on IPTABLES.
>
> Is it safe to run libvirt + kvm + virsh without IPTABLES?
>
> By the doc https://libvirt.org/firewall.html,
> IPTABLES are used for