List of updates since Linux kernel 3.13
Jump to navigation Jump to search
Revision as of 19:52, 13 July 2016 by Pablo (Created page with "A listing of the development progress. == 3.13 == * nf_tables merged mainstream. == 3.14 == * set packet mark support. * nfqueue support (only for ip and ip6 families). *...")
A listing of the development progress.
- nf_tables merged mainstream.
- set packet mark support.
- nfqueue support (only for ip and ip6 families).
- rule tracing support.
- IPv6 and inet reject support.
- Comments per rule support.
- IPv4 reject support.
- connlabel support.
- log and nflog support for ip, ip6, arp and bridge families.
- masquerading support.
- meta cpu, devgroup matching.
- reject bridge support.
- destroy table and its content, ie. nft flush ruleset.
- redirect support.
- Mostly fixes.
Major updates in the generic set infrastructure:
- Timeout per set elements.
- Comments per set elements.
- Dynamic set instantiation.
- New 'netdev' family for filtering from ingress.
- Context to x_tables extensions to know if they run from nft_compat.
- Enhancements for the limit expression, support for ratelimit bytes/time unit.
- Dup expression (equivalent to the TEE target in iptables) for IPv4 and IPv6.
- VLAN header matching support when NIC support offloads.