Difference between revisions of "List of updates since Linux kernel 3.13"

From nftables wiki
Jump to navigation Jump to search
(Created page with "A listing of the development progress. == 3.13 == * nf_tables merged mainstream. == 3.14 == * set packet mark support. * nfqueue support (only for ip and ip6 families). *...")
 
(add 4.16 reference)
(2 intermediate revisions by the same user not shown)
Line 59: Line 59:
* Dup expression (equivalent to the ''TEE'' target in iptables) for IPv4 and IPv6.
* Dup expression (equivalent to the ''TEE'' target in iptables) for IPv4 and IPv6.
* VLAN header matching support when NIC support offloads.
* VLAN header matching support when NIC support offloads.
== 4.10 ==
* notrack support
== 4.15 ==
* Fetch single elements of a set (i.e, nft get element)
== 4.16 ==
* flowtable support

Revision as of 13:15, 7 March 2018

A listing of the development progress.

3.13

  • nf_tables merged mainstream.

3.14

  • set packet mark support.
  • nfqueue support (only for ip and ip6 families).
  • rule tracing support.
  • IPv6 and inet reject support.

3.15

  • Comments per rule support.
  • IPv4 reject support.

3.16

  • connlabel support.

3.17

  • log and nflog support for ip, ip6, arp and bridge families.

3.18

  • masquerading support.
  • meta cpu, devgroup matching.
  • reject bridge support.
  • destroy table and its content, ie. nft flush ruleset.

3.19

  • redirect support.

4.0

  • Mostly fixes.

4.1

Major updates in the generic set infrastructure:

  • Concatenations.
  • Timeout per set elements.
  • Comments per set elements.
  • Dynamic set instantiation.

4.2

  • New 'netdev' family for filtering from ingress.
  • Context to x_tables extensions to know if they run from nft_compat.

4.3

  • Enhancements for the limit expression, support for ratelimit bytes/time unit.
  • Dup expression (equivalent to the TEE target in iptables) for IPv4 and IPv6.
  • VLAN header matching support when NIC support offloads.

4.10

  • notrack support

4.15

  • Fetch single elements of a set (i.e, nft get element)

4.16

  • flowtable support