List of updates since Linux kernel 3.13
Jump to navigation
Jump to search
A listing of the development progress.
3.13
- nf_tables merged mainstream.
3.14
- set packet mark support.
- nfqueue support (only for ip and ip6 families).
- rule tracing support.
- IPv6 and inet reject support.
3.15
- Comments per rule support.
- IPv4 reject support.
3.16
- connlabel support.
3.17
- log and nflog support for ip, ip6, arp and bridge families.
3.18
- masquerading support.
- meta cpu, devgroup matching.
- reject bridge support.
- destroy table and its content, ie. nft flush ruleset.
3.19
- redirect support.
4.0
- Mostly fixes.
4.1
Major updates in the generic set infrastructure:
- Concatenations.
- Timeout per set elements.
- Comments per set elements.
- Dynamic set instantiation.
4.2
- New 'netdev' family for filtering from ingress.
- Context to x_tables extensions to know if they run from nft_compat.
4.3
- Enhancements for the limit expression, support for ratelimit bytes/time unit.
- Dup expression (equivalent to the TEE target in iptables) for IPv4 and IPv6.
- VLAN header matching support when NIC support offloads.