User contributions
Jump to navigation
Jump to search
- 00:23, 16 February 2021 diff hist +78 Sets →Named sets: Edited for clarity, added example of negating set match.
- 23:53, 15 February 2021 diff hist −2 m Connection Tracking System removd spurious space
- 23:52, 15 February 2021 diff hist +499 Connection Tracking System Added link to Magnus Boye's paper, improved intro text.
- 22:15, 15 February 2021 diff hist +91 Further documentation Add netfilter man page
- 17:07, 15 February 2021 diff hist +174 Connection Tracking System Added brief conntrackd description
- 16:51, 15 February 2021 diff hist +60 m Performing Network Address Translation (NAT) link Wikipedia NAT page
- 16:45, 15 February 2021 diff hist +29 m Bridge filtering →Stateful filtering: link connection tracking system page current
- 16:29, 15 February 2021 diff hist −12 m Setting packet connection tracking metainformation →notrack: rename example table to remove 'raw' that might be confused with priority
- 16:28, 15 February 2021 diff hist +45 m Setting packet connection tracking metainformation →notrack: link netfilter hooks
- 14:52, 15 February 2021 diff hist +82 Setting packet connection tracking metainformation →notrack: Rewrote, combining examples and explaining choice of priority in detail.
- 14:21, 15 February 2021 diff hist −129 Matching connection tracking stateful metainformation →Matching the state information: Edited for clarity, removed link now included in Connection Tracking System page.
- 14:12, 15 February 2021 diff hist +351 Connection Tracking System Added Oskar Andreasson's detailed into to conntrack
- 14:03, 15 February 2021 diff hist +50 m Matching connection tracking stateful metainformation Reword intro, link Wikipedia stateful firewall article.
- 13:50, 15 February 2021 diff hist +49 Configuring chains →Base chain priority: Improved descriptions of NF_IP_PRI_CONNTRACK, NF_IP_PRI_CONNTRACK_CONFIRM
- 13:16, 15 February 2021 diff hist +46 m Configuring chains →Base chain priority: improved description of NF_IP_PRI_CONNTRACK_HELPER
- 13:09, 15 February 2021 diff hist +90 Configuring chains →Base chain priority: Added hook for NF_IP_PRI_CONNTRACK, link to conntrack refs
- 13:00, 15 February 2021 diff hist +274 Configuring chains →Base chain priority: Added NF_IP_PRI_CONNTRACK_CONFIRM
- 12:14, 15 February 2021 diff hist +32 m Setting packet connection tracking metainformation link Connection Tracking System; grammar
- 01:28, 15 February 2021 diff hist +29 m Matching connection tracking stateful metainformation link Connection Tracking System
- 01:25, 15 February 2021 diff hist +1,263 N Connection Tracking System Brief summary of using nftables and conntrack together, and short list of conntrack refs.
- 23:58, 14 February 2021 diff hist +798 Matching packet headers →Matching ICMP traffic: Added icmp code matching
- 23:41, 14 February 2021 diff hist +972 Matching packet headers →Matching ICMP traffic: Use nft describe to list available nft type keywords
- 19:20, 13 February 2021 diff hist +172 Configuring chains →Adding non-base chains: Add note about using vmaps to construct efficient branched rulesets
- 19:12, 13 February 2021 diff hist +100 Configuring chains →Adding non-base chains: Clarify non-base chain, compare with iptables user chain
- 18:58, 13 February 2021 diff hist +173 Configuring chains Rewrite intro section
- 17:46, 13 February 2021 diff hist +3 m Atomic rule replacement →Atomic Rule Replacement: rule-set -> ruleset current
- 17:41, 13 February 2021 diff hist −41 Simple rule management →Replacing rules: clarity, touched up nft list ruleset comparison
- 17:21, 13 February 2021 diff hist −21 Configuring tables →Deleting tables: clarity
- 17:03, 13 February 2021 diff hist +129 Configuring chains →Base chain priority: Noted ability to specify integral offset of priority keywords
- 15:21, 13 February 2021 diff hist −59 Configuring chains →Flushing chain: clarity
- 15:18, 13 February 2021 diff hist −21 m Configuring chains →Deleting chains: grammar
- 15:14, 13 February 2021 diff hist +235 Configuring chains →Adding non-base chains: Expanded a bit on using trees of chains; added goto action.
- 15:03, 13 February 2021 diff hist −23 Configuring chains →Base chain hooks: Clarity
- 14:50, 13 February 2021 diff hist +6 m Configuring chains →Base chain types: Grammar, clarity
- 14:43, 13 February 2021 diff hist −22 m Configuring chains →Adding base chains: Grammar
- 14:32, 13 February 2021 diff hist +158 m Configuring chains →Base chain priority: Added link to Pablo's connection tracking paper.
- 14:17, 13 February 2021 diff hist +42 Configuring chains →Base chain priority: Added hook locations for defrag, a few others (some still missing).
- 13:52, 13 February 2021 diff hist +2,752 Configuring chains →Base chain priority: Moved base chain priorities to table, emphasized that relative numerical order within a hook is what matters.
- 13:40, 12 February 2021 diff hist −3 What is nftables? clarify that xtables is legacy; some minor grammar changes
- 13:33, 12 February 2021 diff hist +1 m Legacy xtables tools →In Linux distributions: grammar current
- 12:56, 12 February 2021 diff hist +62 Moving from ipset to nftables dictionaries -> verdict maps
- 12:53, 12 February 2021 diff hist +32 Moving from iptables to nftables dictionaries -> verdict maps current
- 12:52, 12 February 2021 diff hist +28 Sets dictionaries -> verdict maps
- 12:50, 12 February 2021 diff hist +28 Intervals dictionaries -> verdict maps
- 12:49, 12 February 2021 diff hist +23 Main differences with iptables another dictionary -> vmap
- 12:47, 12 February 2021 diff hist +28 Main differences with iptables dictionaries -> verdict maps
- 12:45, 12 February 2021 diff hist +23 Main Page →Advanced data structures for performance packet classification: dictionaries -> verdict maps
- 12:43, 12 February 2021 diff hist −6 Portal:DeveloperDocs/nftables internals →expressions: dictionary -> vmap
- 12:42, 12 February 2021 diff hist −3 Setting packet connection tracking metainformation →helpers: dictionary -> map
- 12:37, 12 February 2021 diff hist −55 Concatenations dictionary -> verdict map
- 12:08, 12 February 2021 diff hist +38 m Verdict Maps (vmaps) →Valid vmap Verdicts: Link nft man page current
- 12:06, 12 February 2021 diff hist +306 Verdict Maps (vmaps) Added section to clarify that each vmap element must map to a simple verdict statement.
- 11:57, 12 February 2021 diff hist −157 Verdict Maps (vmaps) Changed refs dictionary -> vmap (while still noting synonym). Renamed sections anonymous & named vmaps. Modified nft describe example to correspond to immediately preceding example.
- 11:22, 12 February 2021 diff hist +34 N Dictionaries Fmyhr moved page Dictionaries to Verdict Maps (vmaps): clarity / preventing confusion: nft man page refers to these exclusively as vmaps; verdict statements are only valid action current
- 11:22, 12 February 2021 diff hist 0 m Verdict Maps (vmaps) Fmyhr moved page Dictionaries to Verdict Maps (vmaps): clarity / preventing confusion: nft man page refers to these exclusively as vmaps; verdict statements are only valid action
- 00:32, 12 February 2021 diff hist +311 Netfilter hooks Added reminder that nftables does not predefine any base chains.
- 00:19, 12 February 2021 diff hist +22 m Configuring chains →Base chain hooks: link Netfilter hooks page
- 01:34, 11 February 2021 diff hist −376 Netfilter hooks Tightened up description of network flow diagram, added some comments about using ingress hook.
- 21:48, 10 February 2021 diff hist +201 Data types →Data types used in Netfilter: Added note about endianness.
- 21:25, 10 February 2021 diff hist +984 Data types Added section on nft describe.
- 19:21, 7 February 2021 diff hist −47 Matching packet metainformation →Matching by time: specify data types more precisely
- 19:14, 7 February 2021 diff hist −290 Matching packet metainformation Combined mark & routing sections
- 19:09, 7 February 2021 diff hist 0 m Matching packet metainformation →Matching by interface: Fix types of iifkind, oifkind
- 18:56, 7 February 2021 diff hist +277 Matching packet metainformation →Matching by time: Add details of specifying time values, from man page.
- 18:42, 7 February 2021 diff hist +33 m Matching packet metainformation →Matching by interface
- 15:23, 7 February 2021 diff hist +17 m Matching packet metainformation →Matching by security selectors
- 15:22, 7 February 2021 diff hist +15 m Matching packet metainformation →Matching by miscellaneous selectors
- 15:20, 7 February 2021 diff hist +7 m Matching packet metainformation →Matching by security selectors
- 15:17, 7 February 2021 diff hist +181 Matching packet metainformation →Matching by interface: Added sdif, sdifname
- 15:13, 7 February 2021 diff hist +43 Matching packet metainformation →Matching by security selectors: note obsolete secpath match
- 15:11, 7 February 2021 diff hist −39 Matching packet metainformation →Matching by interface: Mark ibriport and obriport as obsolete
- 15:02, 7 February 2021 diff hist +175 Matching packet metainformation →Matching by interface: Added iifkind, oifkind
- 13:50, 5 February 2021 diff hist +48 m Further documentation Add kernel.org link
- 13:46, 5 February 2021 diff hist +122 Further documentation Added Arch links
- 13:39, 5 February 2021 diff hist +51 How to obtain help/support Added link to further documentation wiki page
- 13:36, 5 February 2021 diff hist +465 N Further documentation Initial stub
- 13:18, 5 February 2021 diff hist +69 m Matching packet metainformation →Matching by routing class & realm: Link nexthop and fib selectors
- 13:03, 5 February 2021 diff hist +67 m Matching packet metainformation →Matching by routing class & realm: Linked meta priority example
- 12:43, 5 February 2021 diff hist +200 Data types →Data types used in Netfilter: Added routing realm refs
- 12:41, 5 February 2021 diff hist +200 Matching packet metainformation →Matching by routing class & realm: Add routing realm refs
- 12:36, 5 February 2021 diff hist +414 Matching packet metainformation Move remaining bridge selectors to interface section
- 12:25, 5 February 2021 diff hist +324 Matching packet metainformation Security selectors section
- 12:19, 5 February 2021 diff hist +297 Matching packet metainformation Move routing selectors to own section.
- 12:07, 5 February 2021 diff hist +290 Matching packet metainformation Move mark match to own section
- 12:03, 5 February 2021 diff hist +306 Matching packet metainformation Move time matching to own section
- 12:00, 5 February 2021 diff hist +295 Matching packet metainformation Move UID / GID from miscellaneous to own section.
- 11:56, 5 February 2021 diff hist +21 Matching packet metainformation Move miscellaneous selectors to end, bridge name to Interface section.
- 04:15, 5 February 2021 diff hist +318 Matching packet metainformation Began moving meta selectors to related groups in subsections.
- 03:50, 5 February 2021 diff hist −8 Matching packet metainformation →Matching packets by packet mark
- 03:50, 5 February 2021 diff hist −1 m Matching packet metainformation →Matching packet priority
- 03:49, 5 February 2021 diff hist −9 m Matching packet metainformation →Matching packets the socket UID
- 03:49, 5 February 2021 diff hist −8 Matching packet metainformation →Matching packets by interface
- 03:46, 5 February 2021 diff hist −5 m Matching packet metainformation →Matching packets by interface name
- 03:45, 5 February 2021 diff hist +109 m Matching packet metainformation Deleted redundant text.
- 03:30, 5 February 2021 diff hist +294 Data types Add ether_type
- 02:50, 5 February 2021 diff hist +3 m Data types →Data types used in Netfilter: alphabetized
- 01:45, 5 February 2021 diff hist +20 Matching packet metainformation →The meta selectors: Link data types
- 01:43, 5 February 2021 diff hist +3,125 N Data types Initial incomplete list, mostly copied from man page.
- 01:03, 5 February 2021 diff hist +599 Matching packet metainformation →The meta selectors
- 15:19, 4 February 2021 diff hist +1,446 Matching packet metainformation →The meta selectors: Put meta selectors into a table