similar to: [Bug 1377] New: set timeout > 23d

https://bugzilla.netfilter.org/show_bug.cgi?id=1249 Bug ID: 1249 Summary: set update with timeout 0s removes timeout Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: minor Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1402 Bug ID: 1402 Summary: Race errors with nft Product: nftables Version: unspecified Hardware: All OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1736 Bug ID: 1736 Summary: nftables - dynamic update for verdict map from the packet path Product: nftables Version: 1.0.x Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft

Hi! The Netfilter project proudly presents: nftables 0.5 This release contains bug fixes and new features contained up to the 4.2 kernel release. New features ============ * Concatenations: You can combine two or more selectors to build a tuple, then use it to look up for a matching in sets, eg. % nft add rule ip filter input ip saddr . tcp dport { \ 1.1.1.1 . 22 , \

https://bugzilla.netfilter.org/show_bug.cgi?id=1282 Bug ID: 1282 Summary: SIGSEGV on loading tables Product: nftables Version: unspecified Hardware: x86_64 OS: Ubuntu Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter:

Hi! The Netfilter project proudly presents: nftables 0.6 This release contains many accumulated bug fixes and new features availale up to the Linux 4.7-rc1 kernel release. New features ============ * Rule replacement: You can replace any rule from the unique 64-bits handle. You have to retrieve the handle from the ruleset listing. # nft list ruleset -a table ip filter { chain

Hi! The Netfilter project proudly presents: nftables 0.9.4 This release contains fixes and new features available up to the Linux kernel 5.6 release. * Support for ranges in concatenations (requires Linux kernel >= 5.6), e.g. table ip foo { set whitelist { type ipv4_addr . ipv4_addr . inet_service flags interval

Hi! The Netfilter project proudly presents: nftables 0.7 This release contains many accumulated bug fixes and new features available up to the (upcoming) Linux 4.10-rc1 kernel release. * Facilitate migration from iptables to nftables: At compilation time, you have to pass this option. # ./configure --with-xtables And libxtables needs to be installed in your system. This allows

https://bugzilla.netfilter.org/show_bug.cgi?id=994 Bug ID: 994 Summary: Named sets with type "ipv4_addr" do not allow adding CIDR elements Product: nftables Version: unspecified Hardware: x86_64 OS: other Status: NEW Severity: enhancement Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1477 Bug ID: 1477 Summary: Unable to use saved ruleset when using dynamic sets Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at

https://bugzilla.netfilter.org/show_bug.cgi?id=1327 Bug ID: 1327 Summary: Cannot use named set for matching IPv4 networks Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at

Hi! The Netfilter project proudly presents: nftables 0.8 This release contains new features available up to the (upcoming) Linux 4.14 kernel release: * Support for stateful objects, these objects are uniquely identified by a user-defined name, you can refer to them from rules, and there is a well established interface to operate with them, eg. # nft add counter filter test

https://bugzilla.netfilter.org/show_bug.cgi?id=1307 Bug ID: 1307 Summary: Implement interface for 'ipv4_addr' in arptables Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at

https://bugzilla.netfilter.org/show_bug.cgi?id=1096 Bug ID: 1096 Summary: Kernel oops when inserting an element into a map Product: nftables Version: unspecified Hardware: x86_64 OS: other Status: NEW Severity: critical Priority: P5 Component: kernel Assignee: pablo at

https://bugzilla.netfilter.org/show_bug.cgi?id=1411 Bug ID: 1411 Summary: add elements with counter to dynamic sets with Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at

Hi! The Netfilter project proudly presents: nftables 0.8.1 This release contains mostly incremental fixes and documentation updates, such as fixing up ./configure --with-mini-gmp for embedded setups that don't have libgmp. Deprecated syntax ================= This release deprecates the "flow table" syntax in favor of "meter" to address Netfilter's bugzilla

https://bugzilla.netfilter.org/show_bug.cgi?id=1330 Bug ID: 1330 Summary: Parse error for importing set with netmask Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1326 Bug ID: 1326 Summary: `nft list' is very slow when output contains meters that has lots of elements Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5

Hi! The Netfilter project proudly presents: nftables 0.9.7 This release contains fixes and new features available up to the Linux kernel 5.10-rc1 release. * Support for implicit chain, e.g. table inet x { chain y { type filter hook input priority 0; tcp dport 22 jump { ip saddr { 127.0.0.0/8, 172.23.0.0/16, 192.168.13.0/24 }

https://bugzilla.netfilter.org/show_bug.cgi?id=1455 Bug ID: 1455 Summary: Queue verdict cannot be used in vmap Product: nftables Version: unspecified Hardware: arm OS: Ubuntu Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org