mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-19 23:43:00 +02:00
c75d942a4d
- Update from version 1.8.9 to 1.8.10
- Update of rootfile not required
- Changelog
1.8.10
build: use pkg-config for libpcap
iptables-test.py: make explicit use of python3
xtables-eb: fix crash when opts isn't reallocated
iptables-nft: make builtin tables static
iptables-nft: remove unused function argument
include: update nf_tables uapi header
ebtables-nft: add broute table emulation
nft-ruleparse: parse meta mark set as MARK target
iptables: Fix setting of ipv6 counters
iptables: Fix handling of non-existent chains
xshared: dissolve should_load_proto
nft: move processing logic out of asserts
man: string: document BM false negatives
ip6tables: Fix checking existence of rule
nft: check for source and destination address in first place
nft: use payload matching for layer 4 protocol
nft-bridge: pass context structure to ops->add() to improve anonymous set support
configure: Bump version for 1.8.10 release
extensions: NAT: Fix for -Werror=format-security
etc: Drop xtables.conf
Proper fix for "unknown argument" error message
ebtables: Refuse unselected targets' options
ebtables-translate: Drop exec_style
ebtables-translate: Use OPT_* from xshared.h
ebtables-translate: Ignore '-j CONTINUE'
ebtables-translate: Print flush command after parsing is finished
tests: xlate: Support testing multiple individual files
tests: CLUSTERIP: Drop test file
nft-shared: Lookup matches in iptables_command_state
nft-shared: Use nft_create_match() in one more spot
nft-shared: Simplify using nft_create_match()
tests: xlate: Properly split input in replay mode
tests: xlate: Print file names even if specified
extensions: libebt_redirect: Fix target translation
extensions: libebt_redirect: Fix for wrong syntax in translation
extensions: libebt_ip: Do not use 'ip dscp' for translation
extensions: libebt_ip: Translation has to match on ether type
ebtables: ip and ip6 matches depend on protocol match
xtables-translate: Support insert with index
include: Add missing linux/netfilter/xt_LOG.h
nft-restore: Fix for deletion of new, referenced rule
tests: shell: Test for false-positive rule check
utils: nfbpf_compile: Replace pcap_compile_nopcap()
nft-shared: Drop unused include
arptables: Fix parsing of inverted 'arp operation' match
arptables: Don't omit standard matches if inverted
xshared: Fix parsing of option arguments in same word
nft: Introduce nft-ruleparse.{c,h}
nft: Extract rule parsing callbacks from nft_family_ops
nft: ruleparse: Create family-specific source files
tests: shell: Sanitize nft-only/0009-needless-bitwise_0
nft: Special casing for among match in compare_matches()
nft: More verbose extension comparison debugging
nft: Do not pass nft_rule_ctx to add_nft_among()
nft: Include sets in debug output
*tables-restore: Enforce correct counters syntax if present
*tables: Reject invalid chain names when renaming
ebtables: Improve invalid chain name detection
tests: shell: Fix and extend chain rename test
iptables-restore: Drop dead code
iptables-apply: Eliminate shellcheck warnings
extensions: libipt_icmp: Fix confusion between 255/255 and any
tests: libipt_icmp.t: Enable tests with numeric output
man: iptables.8: Extend exit code description
man: iptables.8: Trivial spelling fixes
man: iptables.8: Fix intra page reference
man: iptables.8: Clarify --goto description
man: Use HTTPS for links to netfilter.org
man: iptables.8: Trivial font fixes
man: iptables-restore.8: Fix --modprobe description
man: iptables-restore.8: Consistently document -w option
man: iptables-restore.8: Drop -W option from synopsis
man: iptables-restore.8: Put 'file' in italics in synopsis
man: iptables-restore.8: Start paragraphs in upper-case
man: Trivial: Missing space after comma
man: iptables-save.8: Clarify 'available tables'
man: iptables-save.8: Fix --modprobe description
man: iptables-save.8: Start paragraphs in upper-case
extensions: libip6t_icmp: Add names for mld-listener types
nft-ruleparse: Introduce nft_create_target()
tests: iptables-test: Fix command segfault reports
nft: Create builtin chains with counters enabled
Revert "libiptc: fix wrong maptype of base chain counters on restore"
tests: shell: Test chain policy counter behaviour
Use SOCK_CLOEXEC/O_CLOEXEC where available
nft: Pass nft_handle to add_{target,action}()
nft: Introduce and use bool nft_handle::compat
Add --compat option to *tables-nft and *-nft-restore commands
tests: Test compat mode
Revert --compat option related commits
tests: shell: Fix for ineffective 0007-mid-restore-flush_0
nft: Fix for useless meta expressions in rule
include: linux: Update kernel.h
build: Bump dependency on libnftnl
extensions: Fix checking of conntrack --ctproto 0
doc: fix example of xt_cpu
xt_sctp: add the missing chunk types in sctp_help
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
IPFire 2.x - The Open Source Firewall
What is IPFire?
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Its ease of use, high performance in any scenario and extensibility make it usable for everyone. For a full list of features have a look here.
This repository contains the source code of IPFire 2.x which is used to build the whole distribution from scratch, since IPFire is not based on any other distribution.
Where can I get IPFire?
Just head over to https://www.ipfire.org/download
How do I use this software?
We have a long and detailed wiki located here which should answers most of your questions.
But I have some questions left. Where can I get support?
You can ask your question at our community located here. A complete list of our support channels can be found here.
How can I contribute?
We have another document for this. Please look here.