Hi!
The Netfilter project proudly presents:
nftables 1.1.3
This release contains a few fixes:
- Incorrect bytecode for vlan pcp mangling from netdev family chains
such as ingress/egress:
... vlan pcp set 6 counter
- Bogus element in large concatenated set ranges, leading to:
16777216 . 00:11:22:33:44:55 . 10.1.2.3 comment "123456789012345678901234567890"
instead of:
"lo" . 00:11:22:33:44:55 . 10.1.2.3 comment "123456789012345678901234567890"
- Restore set auto-merge feature with timeouts, disabled in the
previous v1.1.2 release.
See changelog for more details (attached to this email).
You can download this new release from:
https://www.netfilter.org/projects/nftables/downloads.html
https://www.netfilter.org/pub/nftables/
[ NOTE: We have switched to .tar.xz files for releases. ]
To build the code, libnftnl >= 1.2.9 and libmnl >= 1.0.4 are required:
* https://netfilter.org/projects/libnftnl/index.html
* https://netfilter.org/projects/libmnl/index.html
Visit our wikipage for user documentation at:
* https://wiki.nftables.org
For the manpage reference, check man(8) nft.
In case of bugs and feature requests, file them via:
* https://bugzilla.netfilter.org
Happy firewalling.
Florian Westphal (1):
evalute: make vlan pcp updates work
Pablo Neira Ayuso (3):
Revert "intervals: do not merge intervals with different timeout"
netlink: bogus concatenated set ranges with netlink message overrun
build: Bump version to 1.1.3
