iptables v1.3.2 Changelog
======================================================================
This version requires kernel >= 2.4.0
This version recommends kernel >= 2.4.18
Bugs fixed from 1.3.1:
- Fix TCPLAG version
[ Torsten Luettgert ]
- More error checking in SET target
[ Michal Pokrywka ]
- Fix optflags value for OPT_LINENUMBERS
[ Jonas Berlin ]
- Allow NULL init function in ip6tables plugins
[ Jonas Berlin ]
- Don't allow newlines in LOG prefix
[ Phil Oester ]
- Introduce ip_conntrack_old_tuple to userspace header copy
[ Pablo Neira ]
- Fix connbytes command line parsing bug
[ Piotrek Kaczmarek ]
- Ignore unknown arguments in libipt_ULOG
[ Patrick McHardy ]
- Correct error in multiport manpage wrt. "--ports"
[ Rusty Russell ]
- Fix CONNMARK save/restore
[ Tom Eastep, Pawel Sikora ]
- Make sure chain name doesn't start with '!'
[ Yasuyuki Kozakai ]
- Prevent user to specify negative ports in SNAT/DNAT
[ Yasuyuki Kozakai ]
- Fix deletion of targets where kernel size != userspace size
[ Pablo Neira ]
- Fix save/restore of '! --uid-owner squid' problem in ip6t_owner
[ Harald Welte ]
Changes from 1.3.1:
- Add ``--log-uid'' option to ip6t_LOG target
[ Patrick McHardy ]
- Improve REDIRECT manpage
[ Jonas Berlin ]
- Add a number of missing manpage snippets
[ Jonas Berlin ]
- Include FIN bit in mask of "--syn" bits
[ Harald Welte ]
- Release previously merged options from merge_opts(), reduces memory-usage of
ipt ables-restore dramatically
[ Pablo Neira ]
- OSF: changes to support connector notifications
[ Evgeniy Polyakov ]
- Reduce code replication of parse_interface()
[ Yasuyuki Kozakai ]
Please note: Since version 1.2.7a, patch-o-matic is now no longer part of
iptables but rather distributed as a separate package
(ftp://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot)
www.fiveanddime.net
