Hi! I'm honored to present nftlb 0.3 nftlb stands for nftables load balancer, a user space tool that builds a complete load balancer and traffic distributor using the nft infrastructure. nftlb is a nftables rules manager that creates virtual services for load balancing at layer 2, layer 3 and layer 4, minimizing the number of rules and using structures to match efficiently the packets. It comes with an easy JSON API service to control, to monitor and to automate the configuration. Most important changes in this version are: * Stateless NAT support from ingress * Automated DSR configuration from layer 3 * Flow mark per service and per backend * Logging support per virtual service * L7 helpers support * Support of custom source IP instead of masquerading * Kubernetes integration as kube-nftlb For further details, please refer to the official repository: https://github.com/zevenet/nftlb You can download this tool from: https://github.com/zevenet/nftlb/releases/tag/v0.3 Or deploy the kubernetes integration from: https://github.com/zevenet/kube-nftlb Happy load balancing! PD. Special huge thanks to: Víctor Manuel Oliver Acosta and Pablo Neira Ayuso -- Detailed changelog: New features - network: generalize netlink request to ask for routing data - farms: new mode stateless dnat - farms: add l7 helpers support - farms: add input logging support - farms: support of farm renaming with the 'newname' attribute - farms: add mark flow support per virtual service - nft: add flow mark per backend and farm using masks - src: add custom source ip address configuration instead of masquerading Improvements - events: generalize event loop - farms: include new attributes for interface and mac address management - network: add support to interoperate with some network discovery functions - src: refactorization and api simplification - events: generalize netlink event for dsr - farms: make dsr counter global - backends: include a new backend state config_error - src: silent fallthrough warning - backends: ensure the backends list is empty when configuring the output interface - farms: validate and rulerize per farm - config: avoid to print auto-generated information of a farm - farms: validate and check the farm status before rulerize - server: expand the server buffer data - readme: add new examples - tests: improve diff output format - nft: improve modularization of nft rules generation - server: set SO_REUSEADDR socket flag - main: initial signal handler skeleton - server: add struct nftlb_client - server: add struct nftlb_http_state - server: add nftlb_http_send_response() - server: add body response field to struct nftlb_http_state - src: do no use EXIT_{SUCCESS,FAILURE} - server: statify objects that are only used from server.c - server: remove unnecessary definitions Bugfixes - config: dump configuration with indented JSON - nft: fix dsr rules to set the mac address instead of matching - backend: fix update backend status when switching from down to up - nft: avoid add rules if no backends are available - objects: set right initial state for farms and backends - farms: fix start-stop actions - backends: input validation for net_get_neigh_ether() - nft: fix stateless nat backend to client rule - nft: fix udp ipv6 services name - server: fix some web server memory leaks - tests: fix some tests cases