Difference between revisions of "List of updates since Linux kernel 3.13"

From nftables wiki
Jump to navigation Jump to search
(add 4.10 with notrack support)
(add 5.6 reference)
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
A listing of the development progress.
A listing of the development progress.


== 3.13 ==
== 5.6 ==
 
* Support for ranges (intervals) in concatenations
 
== 4.16 ==
 
* flowtable support
 
== 4.15 ==
 
* Fetch single elements of a set (i.e, nft get element)
 
== 4.10 ==
 
* notrack support
 
== 4.3 ==
 
* Enhancements for the limit expression, support for ratelimit bytes/time unit.
* Dup expression (equivalent to the ''TEE'' target in iptables) for IPv4 and IPv6.
* VLAN header matching support when NIC support offloads.


* nf_tables merged mainstream.
== 4.2 ==


== 3.14 ==
* New 'netdev' family for filtering from ingress.
* Context to x_tables extensions to know if they run from nft_compat.


* set packet mark support.
== 4.1 ==
* nfqueue support (only for ip and ip6 families).
* rule tracing support.
* IPv6 and inet reject support.


== 3.15 ==
Major updates in the generic set infrastructure:


* Comments per rule support.
* Concatenations.
* IPv4 reject support.
* Timeout per set elements.
* Comments per set elements.
* Dynamic set instantiation.


== 3.16 ==
== 4.0 ==


* connlabel support.
* Mostly fixes.


== 3.17 ==
== 3.19 ==


* log and nflog support for ip, ip6, arp and bridge families.
* redirect support.


== 3.18 ==
== 3.18 ==
Line 32: Line 52:
* destroy table and its content, ie. ''nft flush ruleset''.
* destroy table and its content, ie. ''nft flush ruleset''.


== 3.19 ==
== 3.17 ==


* redirect support.
* log and nflog support for ip, ip6, arp and bridge families.


== 4.0 ==
== 3.16 ==


* Mostly fixes.
* connlabel support.


== 4.1 ==
== 3.15 ==


Major updates in the generic set infrastructure:
* Comments per rule support.
* IPv4 reject support.


* Concatenations.
== 3.14 ==
* Timeout per set elements.
* Comments per set elements.
* Dynamic set instantiation.


== 4.2 ==
* set packet mark support.
* nfqueue support (only for ip and ip6 families).
* rule tracing support.
* IPv6 and inet reject support.


* New 'netdev' family for filtering from ingress.
== 3.13 ==
* Context to x_tables extensions to know if they run from nft_compat.


== 4.3 ==
* nf_tables merged mainstream.
 
* Enhancements for the limit expression, support for ratelimit bytes/time unit.
* Dup expression (equivalent to the ''TEE'' target in iptables) for IPv4 and IPv6.
* VLAN header matching support when NIC support offloads.
 
== 4.10 ==
 
* notrack support

Revision as of 11:06, 3 September 2020

A listing of the development progress.

5.6

  • Support for ranges (intervals) in concatenations

4.16

  • flowtable support

4.15

  • Fetch single elements of a set (i.e, nft get element)

4.10

  • notrack support

4.3

  • Enhancements for the limit expression, support for ratelimit bytes/time unit.
  • Dup expression (equivalent to the TEE target in iptables) for IPv4 and IPv6.
  • VLAN header matching support when NIC support offloads.

4.2

  • New 'netdev' family for filtering from ingress.
  • Context to x_tables extensions to know if they run from nft_compat.

4.1

Major updates in the generic set infrastructure:

  • Concatenations.
  • Timeout per set elements.
  • Comments per set elements.
  • Dynamic set instantiation.

4.0

  • Mostly fixes.

3.19

  • redirect support.

3.18

  • masquerading support.
  • meta cpu, devgroup matching.
  • reject bridge support.
  • destroy table and its content, ie. nft flush ruleset.

3.17

  • log and nflog support for ip, ip6, arp and bridge families.

3.16

  • connlabel support.

3.15

  • Comments per rule support.
  • IPv4 reject support.

3.14

  • set packet mark support.
  • nfqueue support (only for ip and ip6 families).
  • rule tracing support.
  • IPv6 and inet reject support.

3.13

  • nf_tables merged mainstream.
Retrieved from "http://wiki.nftables.org/wiki-nftables/index.php?title=List_of_updates_since_Linux_kernel_3.13&oldid=536"