[ANNOUNCE] ipset 6.14 released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm happy to announce ipset 6.14, which includes two important bugfixes
and a few new features. 

If you use hash:*net* types, then consider upgrading: when the number of 
different sized networks are greater than the smallest CIDR value of the 
networks in such sets, the broken internal cidr book-keeping could lead 
invalid matching.

If you want to use the new feature of matching elements marked with 
"nomatch" in hash:*net* sets, then you need the corresponding new
revision of the "set" match in iptables 1.4.16 - which is unreleased yet - 
or use the iptables git tree :-).

Userspace changes:
 - Support to match elements marked with "nomatch" in hash:*net* sets
 - Coding style fixes
 - The set type revision number is added to the header part of listing
 - Help prints list type revision and terse description
 - Add /0 network support to hash:net,iface type
 - Fix errors when compiling in debug mode (Krunal Patel)
 - Make sure IPPROTO_UDPLITE is defined
 - build: restore -version-info (Jan Engelhardt)

Kernel part changes:
 - Support to match elements marked with "nomatch" in hash:*net* sets
 - Coding style fixes
 - Include supported revisions in module description
 - Add /0 network support to hash:net,iface type
 - Fix cidr book keeping for hash:*net* types
 - Check and reject crazy /0 input parameters
 - Backport ether_addr_equal
 - Coding style fix, backport from kernel
 - net: cleanup unsigned to unsigned int (Eric Dumazet)

You can download the source code of ipset from:
        http://ipset.netfilter.org
        ftp://ftp.netfilter.org/pub/ipset/
        git://git.netfilter.org/ipset.git

Best regards,
Jozsef
-
E-mail  : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
          H-1525 Budapest 114, POB. 49, Hungary
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux