iptables v1.4.1-rc1 Changelog: ====================================================================== Changes from 1.4.0: Peter Warasin: Fix CONNMARK mask initialisation Jesper Dangaard Brouer: Inline functions iptcc_is_builtin() and set_changed() Introduce a counter for number of user defined chains Solving scalability issue: for chain list "name" searching Patrick McHardy: Add RATEEST target extension Add rateest match extension Remove obsolete file Add netfilter.h Remove compiler.h inclusions Retry ruleset dump when kernel returns EAGAIN Pablo Neira Ayuso: Cleanup several code wraparounds Check for malloc() return value in merge_opts() Check for merge_opts() return value Jan Engelhardt: Converts the iptables build infrastructure to autotools Introduce strtonum() Introduce common error messages Add libxt_owner Add libxt_tos Add libxt_TOS Add libxt_MARK r2 Add libxt_connmark r1 Print warning when dlopen fails Add libxt_conntrack r0 Bunch o' renames Rename overlapping function names Add more libxt_hashlimit checks Add libxt_mark r1 Add libxt_iprange r0 Add libxt_iprange r1 Give preference to iptables header files Build adjustments Add libxt_CONNMARK revision 1 Add libxt_conntrack revision 1 libxt_owner: UID/GID range support Fix compilation of iptables-static build Correct the family member value of libxt_mark revision 1 Makefile: add a "tarball" target Drop -W from CFLAGS and some tiny code cleanups Fix -Wshadow warnings and clean up xt_sctp.h Update the libxt_owner manpage with the UID/GID-range feature Fix all remaining warnings (missing declarations, missing prototypes) xtables.h: move non-exported parts to internal.h Add support for xt_hashlimit match revision 1 Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR manpages: fix broken markup (missing close tags) manpages: grammar and spelling manpages: update to reflect fine-grained control configure: split --enable-libipq from --enable-devel Import iptables-apply Add all necessary header files - compilation fix for various cases Install libiptc header files because xtables.h depends on it iptables: use C99 lists for struct options RATEEST: add manpage Implement AF_UNSPEC as a wildcard for extensions Combine ipt and ip6t manpages Resolve warnings on 64-bit compile Wrap dlopen code into NO_SHARED_LIBS Remove support for compilation of conditional extensions Resolve libipt_set warnings Update documentation about building the package configure.ac: AC_SUBST must be separate Dynamically create xtables.h.in with version configure.ac: remove already-defined variables Remove old functions, constants Properly initialize revision for ip6tables targets Makefile.am: use PACKAGE_TARNAME iptables out-of-tree build directory Sven Schnelle: Add libxt_TCPOPTSTRIP Max Kellermann: Fix REDIRECT manpage Whitespace cleanup Use size_t Escape strings Unescape parameters Allow empty strings in argument parser Fix gcc warnings Naohiro Ooiwa: Fix define value of SCTP chunk type Filippo Zangheri: Remove useless white spaces from iptables-xml manpages James King: libxt_iprange: Fix IP validation logic Shan Wei: iptables-save: remove unnecessary code Henrik Nordstrom: Make iptables-restore usable over a pipe Add support for --set-counters to iptables -P iptables --list-rules command iptables --list chain rulenum Make --set-counters (-c) accept comma separated counters Jamie Strandboge: Fix ip6tables dest address printing