User contributions
Jump to navigation
Jump to search
- 16:32, 20 February 2021 diff hist +473 Scripting Added section noting ability to use script languages to construct nft-format file to be loaded atomically.
- 16:04, 18 February 2021 diff hist +14 Main Page Added News link to help track latest activity.
- 15:56, 18 February 2021 diff hist +276 News →Code Releases: Reformat, move each codebase to own table.
- 15:28, 18 February 2021 diff hist +621 News →Code Releases: Added conntrack-tools
- 15:18, 18 February 2021 diff hist +60 News Added netfilter news.
- 15:13, 18 February 2021 diff hist +484 News Added links to recent bug activity and mailing list discussion.
- 14:13, 18 February 2021 diff hist +1,224 N News Created page with "== Code Releases == {| class="wikitable" !colspan="6"|nftables |- style="vertical-align:bottom;" ! style="text-align:left;" | Date ! style="text-align:left;" | Component ! sty..."
- 12:51, 18 February 2021 diff hist +49 m Main differences with iptables linked nft update page current
- 12:45, 18 February 2021 diff hist +598 Moving from ipset to nftables Edited for clarity. Added note about missing ipset nomatch equivalent. Used CIDR notation in ending examples, with link to work-around for earlier nft/kernels.
- 05:06, 18 February 2021 diff hist 0 m Concatenations →Examples: typo
- 20:16, 17 February 2021 diff hist +57 Further documentation Added Debian nftables wiki. current
- 20:07, 17 February 2021 diff hist −192 Adoption Edited page intro for clarity. current
- 19:53, 17 February 2021 diff hist −31 Main differences with iptables Edited for clarity.
- 18:26, 17 February 2021 diff hist +70 m Main differences with iptables parenthetical note that tables contain objects other than just chains
- 15:56, 17 February 2021 diff hist +41 Data types →Data types used in Netfilter: Improved 'time' entry.
- 15:51, 17 February 2021 diff hist +8 Data types →Data types used in Netfilter: Improved 'hour' entry.
- 15:38, 17 February 2021 diff hist +89 Data types →Data types used in Netfilter: Improved 'day' description.
- 15:25, 17 February 2021 diff hist −22 m Data types →Data types used in Netfilter: Put multiple nft expressions into lists
- 15:12, 17 February 2021 diff hist +492 Data types →Data types used in Netfilter: Added mark
- 14:29, 17 February 2021 diff hist +266 Data types →Data types used in Netfilter: Added values for inet_proto.
- 14:02, 17 February 2021 diff hist +848 Data types →Data types used in Netfilter: Added ether_addr, inet_proto, internal links.
- 13:33, 17 February 2021 diff hist +37 m Data types →Data types used in Netfilter: 'selectors' -> 'expressions'
- 12:55, 17 February 2021 diff hist +562 Data types →Data types used in Netfilter: Added ipv6_addr
- 12:37, 17 February 2021 diff hist +1,416 Data types →Data types used in Netfilter: Specified particular meta matches
- 04:23, 17 February 2021 diff hist +67 Data types →Data types used in Netfilter: Added "tun" ifkind.
- 03:48, 17 February 2021 diff hist +5 m Data types →Data types used in Netfilter
- 03:41, 17 February 2021 diff hist −5 Data types →Data types used in Netfilter: devgroup_type -> devgroup
- 03:30, 17 February 2021 diff hist +177 Data types →Data types used in Netfilter: Added symbolic constants for ether_type and iface_type.
- 03:21, 17 February 2021 diff hist +68 Data types →Data types used in Netfilter: Fixed pkt_type
- 01:30, 17 February 2021 diff hist −5 Duplicating packets Edited for clarity. current
- 01:10, 17 February 2021 diff hist +39 m List of updates in the nft command line tool
- 01:08, 17 February 2021 diff hist +2,437 List of updates in the nft command line tool Added more releases, put them in table.
- 02:42, 16 February 2021 diff hist +121 N Talk:Concatenations Created page with "== Interfaces == When was support for ifname and other variable-length value concatenations added to nftables and kernel?" current
- 02:38, 16 February 2021 diff hist −124 Concatenations →Interfaces: Deleted sentence saying that iifname and oifname are not supported. They are now. When was support added?
- 01:28, 16 February 2021 diff hist +339 Maps Edited for clarity, linked NAT and data types pages.
- 00:36, 16 February 2021 diff hist +37 Intervals Edited for clarity, grammar. current
- 00:23, 16 February 2021 diff hist +78 Sets →Named sets: Edited for clarity, added example of negating set match.
- 23:53, 15 February 2021 diff hist −2 m Connection Tracking System removd spurious space
- 23:52, 15 February 2021 diff hist +499 Connection Tracking System Added link to Magnus Boye's paper, improved intro text.
- 22:15, 15 February 2021 diff hist +91 Further documentation Add netfilter man page
- 17:07, 15 February 2021 diff hist +174 Connection Tracking System Added brief conntrackd description
- 16:51, 15 February 2021 diff hist +60 m Performing Network Address Translation (NAT) link Wikipedia NAT page
- 16:45, 15 February 2021 diff hist +29 m Bridge filtering →Stateful filtering: link connection tracking system page current
- 16:29, 15 February 2021 diff hist −12 m Setting packet connection tracking metainformation →notrack: rename example table to remove 'raw' that might be confused with priority
- 16:28, 15 February 2021 diff hist +45 m Setting packet connection tracking metainformation →notrack: link netfilter hooks
- 14:52, 15 February 2021 diff hist +82 Setting packet connection tracking metainformation →notrack: Rewrote, combining examples and explaining choice of priority in detail.
- 14:21, 15 February 2021 diff hist −129 Matching connection tracking stateful metainformation →Matching the state information: Edited for clarity, removed link now included in Connection Tracking System page.
- 14:12, 15 February 2021 diff hist +351 Connection Tracking System Added Oskar Andreasson's detailed into to conntrack
- 14:03, 15 February 2021 diff hist +50 m Matching connection tracking stateful metainformation Reword intro, link Wikipedia stateful firewall article.
- 13:50, 15 February 2021 diff hist +49 Configuring chains →Base chain priority: Improved descriptions of NF_IP_PRI_CONNTRACK, NF_IP_PRI_CONNTRACK_CONFIRM
- 13:16, 15 February 2021 diff hist +46 m Configuring chains →Base chain priority: improved description of NF_IP_PRI_CONNTRACK_HELPER
- 13:09, 15 February 2021 diff hist +90 Configuring chains →Base chain priority: Added hook for NF_IP_PRI_CONNTRACK, link to conntrack refs
- 13:00, 15 February 2021 diff hist +274 Configuring chains →Base chain priority: Added NF_IP_PRI_CONNTRACK_CONFIRM
- 12:14, 15 February 2021 diff hist +32 m Setting packet connection tracking metainformation link Connection Tracking System; grammar
- 01:28, 15 February 2021 diff hist +29 m Matching connection tracking stateful metainformation link Connection Tracking System
- 01:25, 15 February 2021 diff hist +1,263 N Connection Tracking System Brief summary of using nftables and conntrack together, and short list of conntrack refs.
- 23:58, 14 February 2021 diff hist +798 Matching packet headers →Matching ICMP traffic: Added icmp code matching
- 23:41, 14 February 2021 diff hist +972 Matching packet headers →Matching ICMP traffic: Use nft describe to list available nft type keywords
- 19:20, 13 February 2021 diff hist +172 Configuring chains →Adding non-base chains: Add note about using vmaps to construct efficient branched rulesets
- 19:12, 13 February 2021 diff hist +100 Configuring chains →Adding non-base chains: Clarify non-base chain, compare with iptables user chain
- 18:58, 13 February 2021 diff hist +173 Configuring chains Rewrite intro section
- 17:46, 13 February 2021 diff hist +3 m Atomic rule replacement →Atomic Rule Replacement: rule-set -> ruleset current
- 17:41, 13 February 2021 diff hist −41 Simple rule management →Replacing rules: clarity, touched up nft list ruleset comparison
- 17:21, 13 February 2021 diff hist −21 Configuring tables →Deleting tables: clarity
- 17:03, 13 February 2021 diff hist +129 Configuring chains →Base chain priority: Noted ability to specify integral offset of priority keywords
- 15:21, 13 February 2021 diff hist −59 Configuring chains →Flushing chain: clarity
- 15:18, 13 February 2021 diff hist −21 m Configuring chains →Deleting chains: grammar
- 15:14, 13 February 2021 diff hist +235 Configuring chains →Adding non-base chains: Expanded a bit on using trees of chains; added goto action.
- 15:03, 13 February 2021 diff hist −23 Configuring chains →Base chain hooks: Clarity
- 14:50, 13 February 2021 diff hist +6 m Configuring chains →Base chain types: Grammar, clarity
- 14:43, 13 February 2021 diff hist −22 m Configuring chains →Adding base chains: Grammar
- 14:32, 13 February 2021 diff hist +158 m Configuring chains →Base chain priority: Added link to Pablo's connection tracking paper.
- 14:17, 13 February 2021 diff hist +42 Configuring chains →Base chain priority: Added hook locations for defrag, a few others (some still missing).
- 13:52, 13 February 2021 diff hist +2,752 Configuring chains →Base chain priority: Moved base chain priorities to table, emphasized that relative numerical order within a hook is what matters.
- 13:40, 12 February 2021 diff hist −3 What is nftables? clarify that xtables is legacy; some minor grammar changes
- 13:33, 12 February 2021 diff hist +1 m Legacy xtables tools →In Linux distributions: grammar current
- 12:56, 12 February 2021 diff hist +62 Moving from ipset to nftables dictionaries -> verdict maps
- 12:53, 12 February 2021 diff hist +32 Moving from iptables to nftables dictionaries -> verdict maps current
- 12:52, 12 February 2021 diff hist +28 Sets dictionaries -> verdict maps
- 12:50, 12 February 2021 diff hist +28 Intervals dictionaries -> verdict maps
- 12:49, 12 February 2021 diff hist +23 Main differences with iptables another dictionary -> vmap
- 12:47, 12 February 2021 diff hist +28 Main differences with iptables dictionaries -> verdict maps
- 12:45, 12 February 2021 diff hist +23 Main Page →Advanced data structures for performance packet classification: dictionaries -> verdict maps
- 12:43, 12 February 2021 diff hist −6 Portal:DeveloperDocs/nftables internals →expressions: dictionary -> vmap
- 12:42, 12 February 2021 diff hist −3 Setting packet connection tracking metainformation →helpers: dictionary -> map
- 12:37, 12 February 2021 diff hist −55 Concatenations dictionary -> verdict map
- 12:08, 12 February 2021 diff hist +38 m Verdict Maps (vmaps) →Valid vmap Verdicts: Link nft man page current
- 12:06, 12 February 2021 diff hist +306 Verdict Maps (vmaps) Added section to clarify that each vmap element must map to a simple verdict statement.
- 11:57, 12 February 2021 diff hist −157 Verdict Maps (vmaps) Changed refs dictionary -> vmap (while still noting synonym). Renamed sections anonymous & named vmaps. Modified nft describe example to correspond to immediately preceding example.
- 11:22, 12 February 2021 diff hist +34 N Dictionaries Fmyhr moved page Dictionaries to Verdict Maps (vmaps): clarity / preventing confusion: nft man page refers to these exclusively as vmaps; verdict statements are only valid action current
- 11:22, 12 February 2021 diff hist 0 m Verdict Maps (vmaps) Fmyhr moved page Dictionaries to Verdict Maps (vmaps): clarity / preventing confusion: nft man page refers to these exclusively as vmaps; verdict statements are only valid action
- 00:32, 12 February 2021 diff hist +311 Netfilter hooks Added reminder that nftables does not predefine any base chains.
- 00:19, 12 February 2021 diff hist +22 m Configuring chains →Base chain hooks: link Netfilter hooks page
- 01:34, 11 February 2021 diff hist −376 Netfilter hooks Tightened up description of network flow diagram, added some comments about using ingress hook.
- 21:48, 10 February 2021 diff hist +201 Data types →Data types used in Netfilter: Added note about endianness.
- 21:25, 10 February 2021 diff hist +984 Data types Added section on nft describe.
- 19:21, 7 February 2021 diff hist −47 Matching packet metainformation →Matching by time: specify data types more precisely
- 19:14, 7 February 2021 diff hist −290 Matching packet metainformation Combined mark & routing sections
- 19:09, 7 February 2021 diff hist 0 m Matching packet metainformation →Matching by interface: Fix types of iifkind, oifkind
- 18:56, 7 February 2021 diff hist +277 Matching packet metainformation →Matching by time: Add details of specifying time values, from man page.
- 18:42, 7 February 2021 diff hist +33 m Matching packet metainformation →Matching by interface
- 15:23, 7 February 2021 diff hist +17 m Matching packet metainformation →Matching by security selectors
- 15:22, 7 February 2021 diff hist +15 m Matching packet metainformation →Matching by miscellaneous selectors
- 15:20, 7 February 2021 diff hist +7 m Matching packet metainformation →Matching by security selectors
- 15:17, 7 February 2021 diff hist +181 Matching packet metainformation →Matching by interface: Added sdif, sdifname
- 15:13, 7 February 2021 diff hist +43 Matching packet metainformation →Matching by security selectors: note obsolete secpath match
- 15:11, 7 February 2021 diff hist −39 Matching packet metainformation →Matching by interface: Mark ibriport and obriport as obsolete
- 15:02, 7 February 2021 diff hist +175 Matching packet metainformation →Matching by interface: Added iifkind, oifkind
- 13:50, 5 February 2021 diff hist +48 m Further documentation Add kernel.org link
- 13:46, 5 February 2021 diff hist +122 Further documentation Added Arch links
- 13:39, 5 February 2021 diff hist +51 How to obtain help/support Added link to further documentation wiki page
- 13:36, 5 February 2021 diff hist +465 N Further documentation Initial stub
- 13:18, 5 February 2021 diff hist +69 m Matching packet metainformation →Matching by routing class & realm: Link nexthop and fib selectors
- 13:03, 5 February 2021 diff hist +67 m Matching packet metainformation →Matching by routing class & realm: Linked meta priority example
- 12:43, 5 February 2021 diff hist +200 Data types →Data types used in Netfilter: Added routing realm refs
- 12:41, 5 February 2021 diff hist +200 Matching packet metainformation →Matching by routing class & realm: Add routing realm refs
- 12:36, 5 February 2021 diff hist +414 Matching packet metainformation Move remaining bridge selectors to interface section
- 12:25, 5 February 2021 diff hist +324 Matching packet metainformation Security selectors section
- 12:19, 5 February 2021 diff hist +297 Matching packet metainformation Move routing selectors to own section.
- 12:07, 5 February 2021 diff hist +290 Matching packet metainformation Move mark match to own section
- 12:03, 5 February 2021 diff hist +306 Matching packet metainformation Move time matching to own section
- 12:00, 5 February 2021 diff hist +295 Matching packet metainformation Move UID / GID from miscellaneous to own section.
- 11:56, 5 February 2021 diff hist +21 Matching packet metainformation Move miscellaneous selectors to end, bridge name to Interface section.
- 04:15, 5 February 2021 diff hist +318 Matching packet metainformation Began moving meta selectors to related groups in subsections.
- 03:50, 5 February 2021 diff hist −8 Matching packet metainformation →Matching packets by packet mark
- 03:50, 5 February 2021 diff hist −1 m Matching packet metainformation →Matching packet priority
- 03:49, 5 February 2021 diff hist −9 m Matching packet metainformation →Matching packets the socket UID
- 03:49, 5 February 2021 diff hist −8 Matching packet metainformation →Matching packets by interface
- 03:46, 5 February 2021 diff hist −5 m Matching packet metainformation →Matching packets by interface name
- 03:45, 5 February 2021 diff hist +109 m Matching packet metainformation Deleted redundant text.
- 03:30, 5 February 2021 diff hist +294 Data types Add ether_type
- 02:50, 5 February 2021 diff hist +3 m Data types →Data types used in Netfilter: alphabetized
- 01:45, 5 February 2021 diff hist +20 Matching packet metainformation →The meta selectors: Link data types
- 01:43, 5 February 2021 diff hist +3,125 N Data types Initial incomplete list, mostly copied from man page.
- 01:03, 5 February 2021 diff hist +599 Matching packet metainformation →The meta selectors
- 15:19, 4 February 2021 diff hist +1,446 Matching packet metainformation →The meta selectors: Put meta selectors into a table