Hi!
The Netfilter project proudly presents:
conntrack-tooks 1.4.5
This release includes several fixes since last release and also several
enhancements for the conntrackd daemon:
* new synproxy support
* manpages updates
* improved logging support (both stdout/stderr and log files)
* new mdns ct helper
* some more messages on what the daemon is doing
* deprecate unix backlog configuration
* drop old/obsolete/deprecated conntrackd.conf config options
* improved support for UPnP in the ssdp ct helper
* improvements to the relationship with libsystemd
* add stronger TCP flags support, some weirdness are fixed by this
This release includes the new `StartupResync <on/off>` config option, which
instructs conntrackd to request a complete conntrack table resync
against the other
node at startup. This is useful to get in sync with another node which has
been running while we were down.
If you are updating your conntrackd deployment to this release from a very old
one, mind the deprecated config options. You may be required to refresh your
conntrackd.conf config file.
In the case of the conntrack CLI tool:
* new support for IPv6 NAT
In the case of the nfct CLI tool:
* some improvements to the build (-z lazy)
Please note you need libnetfilter-conntrack version >= 1.0.7 to build
conntrack-tools version 1.4.5.
See changelog that comes attached to this email for more details.
You can download it from:
* https://netfilter.org/projects/conntrack-tools/downloads.html
* ftp://ftp.netfilter.org/pub/conntrack-tools/
In case of bugs and feature request, file them via:
* https://bugzilla.netfilter.org
Happy firewalling!
Arturo Borrero (4):
src/main: refresh help message
conntrackd.8: refresh file
conntrackd.8: add reference to systemd
doc/manual: include some bits about init systems
Arturo Borrero Gonzalez (23):
sync-mode: print errno message on failure
log: print messages to stdout/sderr if running in console mode
log: introduce a mechanism to know if log was initialized
conntrackd: replace error reporting in the config parser with dlog()
conntrackd: replace fprintf calls with dlog()
conntrack-tools: update Arturo Borrero Gonzalez email address
src: add log message when resync is requested by other node
systemd: fix missing log.h include
config: drop old/obsolete/deprecated conntrackd.conf config options
conntrackd: factorice tx_queue functions
conntrackd: factorize resync operations
conntrackd: consolidate more code to use resync_send()
conntrackd: request resync at startup
conntrackd: evaluate configuration earlier
conntrackd: cleanup if failed forking
conntrackd: deprecate unix backlog configuration
conntrackd: make the daemon run in RT mode by default
conntrackd: remove warning for -S
conntrack.8: refresh manpage
conntrackd.conf.5: fix sentence about systemd
tests: reallocate cli testing script
systemd: default to use libsystemd if build with support for it
conntrack-tools 1.4.5 release
Chieh-Min Wang (1):
conntrack: Show multiple CPUs stats from proc
Kevin Cernekee (7):
conntrackd: cthelper: ftp: Set match offset/len for PORT mangling
conntrackd: cthelper: ftp: Fix debug print
conntrackd: cthelper: Add new mdns helper
Link nfct and helper modules with `-z lazy`
conntrackd: cthelper: Don't leak nat_tuple
conntrackd: cthelper: Free pktb after use
conntrackd: cthelper: ssdp: Track UPnP eventing
Neil Wilson (1):
conntrack: Support IPv6 NAT
Nicolas Dichtel (1):
conntrackd: remove use of HAVE_INET_PTON_IPV6
Pablo Neira Ayuso (8):
helper: remove copy and paste from uapi kernel header
conntrack: send mark filter to kernel iff set
conntrackd: config: Do not strdup() tokens
conntrackd: Remove obsolete rule to catch ambiguous Checksum option
conntrackd: CommitTimeout breaks DisableExternalCache set On
src: add ARRAY_SIZE definition
conntrackd: add TCP flags support
src: synproxy support
Steve Langasek (1):
tests: don't fail on modprobe since the driver might be built-in
Stijn Tintel (1):
conntrackd: cthelper: ssdp: fix build with musl
