User contributions
Jump to navigation
Jump to search
- 16:32, 20 February 2021 diff hist +473 Scripting Added section noting ability to use script languages to construct nft-format file to be loaded atomically.
- 16:04, 18 February 2021 diff hist +14 Main Page Added News link to help track latest activity.
- 15:56, 18 February 2021 diff hist +276 News →Code Releases: Reformat, move each codebase to own table.
- 15:28, 18 February 2021 diff hist +621 News →Code Releases: Added conntrack-tools
- 15:18, 18 February 2021 diff hist +60 News Added netfilter news.
- 15:13, 18 February 2021 diff hist +484 News Added links to recent bug activity and mailing list discussion.
- 14:13, 18 February 2021 diff hist +1,224 N News Created page with "== Code Releases == {| class="wikitable" !colspan="6"|nftables |- style="vertical-align:bottom;" ! style="text-align:left;" | Date ! style="text-align:left;" | Component ! sty..."
- 12:51, 18 February 2021 diff hist +49 m Main differences with iptables linked nft update page current
- 12:45, 18 February 2021 diff hist +598 Moving from ipset to nftables Edited for clarity. Added note about missing ipset nomatch equivalent. Used CIDR notation in ending examples, with link to work-around for earlier nft/kernels.
- 05:06, 18 February 2021 diff hist 0 m Concatenations →Examples: typo
- 20:16, 17 February 2021 diff hist +57 Further documentation Added Debian nftables wiki. current
- 20:07, 17 February 2021 diff hist −192 Adoption Edited page intro for clarity. current
- 19:53, 17 February 2021 diff hist −31 Main differences with iptables Edited for clarity.
- 18:26, 17 February 2021 diff hist +70 m Main differences with iptables parenthetical note that tables contain objects other than just chains
- 15:56, 17 February 2021 diff hist +41 Data types →Data types used in Netfilter: Improved 'time' entry.
- 15:51, 17 February 2021 diff hist +8 Data types →Data types used in Netfilter: Improved 'hour' entry.
- 15:38, 17 February 2021 diff hist +89 Data types →Data types used in Netfilter: Improved 'day' description.
- 15:25, 17 February 2021 diff hist −22 m Data types →Data types used in Netfilter: Put multiple nft expressions into lists
- 15:12, 17 February 2021 diff hist +492 Data types →Data types used in Netfilter: Added mark
- 14:29, 17 February 2021 diff hist +266 Data types →Data types used in Netfilter: Added values for inet_proto.
- 14:02, 17 February 2021 diff hist +848 Data types →Data types used in Netfilter: Added ether_addr, inet_proto, internal links.
- 13:33, 17 February 2021 diff hist +37 m Data types →Data types used in Netfilter: 'selectors' -> 'expressions'
- 12:55, 17 February 2021 diff hist +562 Data types →Data types used in Netfilter: Added ipv6_addr
- 12:37, 17 February 2021 diff hist +1,416 Data types →Data types used in Netfilter: Specified particular meta matches
- 04:23, 17 February 2021 diff hist +67 Data types →Data types used in Netfilter: Added "tun" ifkind.
- 03:48, 17 February 2021 diff hist +5 m Data types →Data types used in Netfilter
- 03:41, 17 February 2021 diff hist −5 Data types →Data types used in Netfilter: devgroup_type -> devgroup
- 03:30, 17 February 2021 diff hist +177 Data types →Data types used in Netfilter: Added symbolic constants for ether_type and iface_type.
- 03:21, 17 February 2021 diff hist +68 Data types →Data types used in Netfilter: Fixed pkt_type
- 01:30, 17 February 2021 diff hist −5 Duplicating packets Edited for clarity. current
- 01:10, 17 February 2021 diff hist +39 m List of updates in the nft command line tool
- 01:08, 17 February 2021 diff hist +2,437 List of updates in the nft command line tool Added more releases, put them in table.
- 02:42, 16 February 2021 diff hist +121 N Talk:Concatenations Created page with "== Interfaces == When was support for ifname and other variable-length value concatenations added to nftables and kernel?" current
- 02:38, 16 February 2021 diff hist −124 Concatenations →Interfaces: Deleted sentence saying that iifname and oifname are not supported. They are now. When was support added?
- 01:28, 16 February 2021 diff hist +339 Maps Edited for clarity, linked NAT and data types pages.
- 00:36, 16 February 2021 diff hist +37 Intervals Edited for clarity, grammar. current
- 00:23, 16 February 2021 diff hist +78 Sets →Named sets: Edited for clarity, added example of negating set match.
- 23:53, 15 February 2021 diff hist −2 m Connection Tracking System removd spurious space
- 23:52, 15 February 2021 diff hist +499 Connection Tracking System Added link to Magnus Boye's paper, improved intro text.
- 22:15, 15 February 2021 diff hist +91 Further documentation Add netfilter man page
- 17:07, 15 February 2021 diff hist +174 Connection Tracking System Added brief conntrackd description
- 16:51, 15 February 2021 diff hist +60 m Performing Network Address Translation (NAT) link Wikipedia NAT page
- 16:45, 15 February 2021 diff hist +29 m Bridge filtering →Stateful filtering: link connection tracking system page current
- 16:29, 15 February 2021 diff hist −12 m Setting packet connection tracking metainformation →notrack: rename example table to remove 'raw' that might be confused with priority
- 16:28, 15 February 2021 diff hist +45 m Setting packet connection tracking metainformation →notrack: link netfilter hooks
- 14:52, 15 February 2021 diff hist +82 Setting packet connection tracking metainformation →notrack: Rewrote, combining examples and explaining choice of priority in detail.
- 14:21, 15 February 2021 diff hist −129 Matching connection tracking stateful metainformation →Matching the state information: Edited for clarity, removed link now included in Connection Tracking System page.
- 14:12, 15 February 2021 diff hist +351 Connection Tracking System Added Oskar Andreasson's detailed into to conntrack
- 14:03, 15 February 2021 diff hist +50 m Matching connection tracking stateful metainformation Reword intro, link Wikipedia stateful firewall article.
- 13:50, 15 February 2021 diff hist +49 Configuring chains →Base chain priority: Improved descriptions of NF_IP_PRI_CONNTRACK, NF_IP_PRI_CONNTRACK_CONFIRM
- 13:16, 15 February 2021 diff hist +46 m Configuring chains →Base chain priority: improved description of NF_IP_PRI_CONNTRACK_HELPER
- 13:09, 15 February 2021 diff hist +90 Configuring chains →Base chain priority: Added hook for NF_IP_PRI_CONNTRACK, link to conntrack refs
- 13:00, 15 February 2021 diff hist +274 Configuring chains →Base chain priority: Added NF_IP_PRI_CONNTRACK_CONFIRM
- 12:14, 15 February 2021 diff hist +32 m Setting packet connection tracking metainformation link Connection Tracking System; grammar
- 01:28, 15 February 2021 diff hist +29 m Matching connection tracking stateful metainformation link Connection Tracking System
- 01:25, 15 February 2021 diff hist +1,263 N Connection Tracking System Brief summary of using nftables and conntrack together, and short list of conntrack refs.
- 23:58, 14 February 2021 diff hist +798 Matching packet headers →Matching ICMP traffic: Added icmp code matching
- 23:41, 14 February 2021 diff hist +972 Matching packet headers →Matching ICMP traffic: Use nft describe to list available nft type keywords
- 19:20, 13 February 2021 diff hist +172 Configuring chains →Adding non-base chains: Add note about using vmaps to construct efficient branched rulesets
- 19:12, 13 February 2021 diff hist +100 Configuring chains →Adding non-base chains: Clarify non-base chain, compare with iptables user chain
- 18:58, 13 February 2021 diff hist +173 Configuring chains Rewrite intro section
- 17:46, 13 February 2021 diff hist +3 m Atomic rule replacement →Atomic Rule Replacement: rule-set -> ruleset current
- 17:41, 13 February 2021 diff hist −41 Simple rule management →Replacing rules: clarity, touched up nft list ruleset comparison
- 17:21, 13 February 2021 diff hist −21 Configuring tables →Deleting tables: clarity
- 17:03, 13 February 2021 diff hist +129 Configuring chains →Base chain priority: Noted ability to specify integral offset of priority keywords
- 15:21, 13 February 2021 diff hist −59 Configuring chains →Flushing chain: clarity
- 15:18, 13 February 2021 diff hist −21 m Configuring chains →Deleting chains: grammar
- 15:14, 13 February 2021 diff hist +235 Configuring chains →Adding non-base chains: Expanded a bit on using trees of chains; added goto action.
- 15:03, 13 February 2021 diff hist −23 Configuring chains →Base chain hooks: Clarity
- 14:50, 13 February 2021 diff hist +6 m Configuring chains →Base chain types: Grammar, clarity
- 14:43, 13 February 2021 diff hist −22 m Configuring chains →Adding base chains: Grammar
- 14:32, 13 February 2021 diff hist +158 m Configuring chains →Base chain priority: Added link to Pablo's connection tracking paper.
- 14:17, 13 February 2021 diff hist +42 Configuring chains →Base chain priority: Added hook locations for defrag, a few others (some still missing).
- 13:52, 13 February 2021 diff hist +2,752 Configuring chains →Base chain priority: Moved base chain priorities to table, emphasized that relative numerical order within a hook is what matters.
- 13:40, 12 February 2021 diff hist −3 What is nftables? clarify that xtables is legacy; some minor grammar changes
- 13:33, 12 February 2021 diff hist +1 m Legacy xtables tools →In Linux distributions: grammar current
- 12:56, 12 February 2021 diff hist +62 Moving from ipset to nftables dictionaries -> verdict maps
- 12:53, 12 February 2021 diff hist +32 Moving from iptables to nftables dictionaries -> verdict maps current
- 12:52, 12 February 2021 diff hist +28 Sets dictionaries -> verdict maps
- 12:50, 12 February 2021 diff hist +28 Intervals dictionaries -> verdict maps
- 12:49, 12 February 2021 diff hist +23 Main differences with iptables another dictionary -> vmap
- 12:47, 12 February 2021 diff hist +28 Main differences with iptables dictionaries -> verdict maps
- 12:45, 12 February 2021 diff hist +23 Main Page →Advanced data structures for performance packet classification: dictionaries -> verdict maps
- 12:43, 12 February 2021 diff hist −6 Portal:DeveloperDocs/nftables internals →expressions: dictionary -> vmap
- 12:42, 12 February 2021 diff hist −3 Setting packet connection tracking metainformation →helpers: dictionary -> map
- 12:37, 12 February 2021 diff hist −55 Concatenations dictionary -> verdict map
- 12:08, 12 February 2021 diff hist +38 m Verdict Maps (vmaps) →Valid vmap Verdicts: Link nft man page current
- 12:06, 12 February 2021 diff hist +306 Verdict Maps (vmaps) Added section to clarify that each vmap element must map to a simple verdict statement.
- 11:57, 12 February 2021 diff hist −157 Verdict Maps (vmaps) Changed refs dictionary -> vmap (while still noting synonym). Renamed sections anonymous & named vmaps. Modified nft describe example to correspond to immediately preceding example.
- 11:22, 12 February 2021 diff hist +34 N Dictionaries Fmyhr moved page Dictionaries to Verdict Maps (vmaps): clarity / preventing confusion: nft man page refers to these exclusively as vmaps; verdict statements are only valid action current
- 11:22, 12 February 2021 diff hist 0 m Verdict Maps (vmaps) Fmyhr moved page Dictionaries to Verdict Maps (vmaps): clarity / preventing confusion: nft man page refers to these exclusively as vmaps; verdict statements are only valid action
- 00:32, 12 February 2021 diff hist +311 Netfilter hooks Added reminder that nftables does not predefine any base chains.
- 00:19, 12 February 2021 diff hist +22 m Configuring chains →Base chain hooks: link Netfilter hooks page
- 01:34, 11 February 2021 diff hist −376 Netfilter hooks Tightened up description of network flow diagram, added some comments about using ingress hook.
- 21:48, 10 February 2021 diff hist +201 Data types →Data types used in Netfilter: Added note about endianness.
- 21:25, 10 February 2021 diff hist +984 Data types Added section on nft describe.
- 19:21, 7 February 2021 diff hist −47 Matching packet metainformation →Matching by time: specify data types more precisely
- 19:14, 7 February 2021 diff hist −290 Matching packet metainformation Combined mark & routing sections
- 19:09, 7 February 2021 diff hist 0 m Matching packet metainformation →Matching by interface: Fix types of iifkind, oifkind
- 18:56, 7 February 2021 diff hist +277 Matching packet metainformation →Matching by time: Add details of specifying time values, from man page.