Hi! The netfilter coreteam proudly presents: iptables version 1.3.2 The final 1.3.2 version contains accumulated bugfixes to the last 1.3.1 version. No new targets/matches have been added. The ChangeLog is attached to this mail. Version 1.3.2 can be obtained from: http://www.netfilter.org/files/iptables-1.3.2.tar.bz2 ftp://ftp.netfilter.org/pub/iptables/iptables-1.3.2.tar.bz2 Please also note: patch-o-matic-ng is Distributed as seperate package: ftp://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/ More information can be found at the netfilter/iptables project homepage, available at: http://www.netfilter.org/ http://www.iptables.org/ Happy firewalling, -- - Harald Welte <laforge@xxxxxxxxxxxxx> http://www.netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie
iptables v1.3.2 Changelog ====================================================================== This version requires kernel >= 2.4.0 This version recommends kernel >= 2.4.18 Bugs fixed from 1.3.1: - Fix TCPLAG version [ Torsten Luettgert ] - More error checking in SET target [ Michal Pokrywka ] - Fix optflags value for OPT_LINENUMBERS [ Jonas Berlin ] - Allow NULL init function in ip6tables plugins [ Jonas Berlin ] - Don't allow newlines in LOG prefix [ Phil Oester ] - Introduce ip_conntrack_old_tuple to userspace header copy [ Pablo Neira ] - Fix connbytes command line parsing bug [ Piotrek Kaczmarek ] - Ignore unknown arguments in libipt_ULOG [ Patrick McHardy ] - Correct error in multiport manpage wrt. "--ports" [ Rusty Russell ] - Fix CONNMARK save/restore [ Tom Eastep, Pawel Sikora ] - Make sure chain name doesn't start with '!' [ Yasuyuki Kozakai ] - Prevent user to specify negative ports in SNAT/DNAT [ Yasuyuki Kozakai ] - Fix deletion of targets where kernel size != userspace size [ Pablo Neira ] - Fix save/restore of '! --uid-owner squid' problem in ip6t_owner [ Harald Welte ] Changes from 1.3.1: - Add ``--log-uid'' option to ip6t_LOG target [ Patrick McHardy ] - Improve REDIRECT manpage [ Jonas Berlin ] - Add a number of missing manpage snippets [ Jonas Berlin ] - Include FIN bit in mask of "--syn" bits [ Harald Welte ] - Release previously merged options from merge_opts(), reduces memory-usage of ipt ables-restore dramatically [ Pablo Neira ] - OSF: changes to support connector notifications [ Evgeniy Polyakov ] - Reduce code replication of parse_interface() [ Yasuyuki Kozakai ] Please note: Since version 1.2.7a, patch-o-matic is now no longer part of iptables but rather distributed as a seperate package (ftp://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot)
Attachment:
pgpF5ITSQgyt4.pgp
Description: PGP signature
