| blob | c5683502b33074c37bdb2d71ab00fd50f6b2bdac |
1 20110710
2 Changelog for v2.0.10-2
3 * enable compiler optimizations (-O3)
4 * small changes to remove the compiler warnings due to optimization being
5 turned on (thanks to Peter Volkov)
6 * respect LDFLAGS in Makefiles (Peter Volkov)
7 20110710
8 Changelog for v2.0.10-1
9 * fix --among-dst-file, which translated to --among-src
10 (reported by Thierry Watelet)
11 * fix bug in test_ulog.c example
12 * Makefile: respect LDFLAGS during ebtables build (Peter Volkov)
13 * Makefile: create directories to avoid build failure when DESTDIR is
14 supplied (Peter Volkov)
15 * incorporate fixes for possible issues found by Coverity analysis
16 (thanks to Jiri Popelka)
17 * define __EXPORTED_HEADERS__ to get access to the Linux kernel headers
18 * extend ebt_ip6 to allow matching on ipv6-icmp types/codes (by Florian
19 Westphal)
20 * Print a more useful error message when an update of the kernel table
21 failed.
22 * Add --concurrent option, which enables using a file lock to support
23 concurrent scripts updating the ebtables kernel tables
24 20100203
25 Changelog for v2.0.9-2
26 * fix unwanted zeroing of counters in the last user-defined chain
27 (reported by Jon Lewis)
28 * fix hidden symbol compilation error when using ld directly
29 * fix return value checking of creat to give a correct error
30 message if the atomic file couldn't be created
31 * correct info in INSTALL about compilation of ulog
32 20090621
33 Changelog for v2.0.9 vs v2.0.8-2
34 * added ip6 module for filtering IPv6 traffic (Kuo-Lang Tseng,
35 Manohar Castelino)
36 * added --log-ip6 option for logging IPv6 traffic (Kuo-Lang Tseng,
37 Manohar Castelino)
38 * added nflog watcher for logging packets to userspace (Peter Warasin)
39 * bugfix in ebtables.sysv (Michal Soltys)
40 * bugfix for among match on x86-64 (reported by Pavel Emelyanov)
41 20061217
42 Since last entry:
43 * fixed a few reported bugs
44 * ebt_among --among-dst-file and --among-src-file: allow
45 the list to be given in a file (circumvents command line max.
46 line length
47 * ebt_nat --snat-arp: if it's an arp packet, also change the source
48 address in the arp header
49 * ebt_mark --mark-or, --mark-xor, --mark-and
50 20051020
51 Since last entry:
52 * ebtables modules are now located in /usr/lib/ebtables/
53 * added '/sbin/service ebtables' support
54 * added ebtables-save (thanks to Rok Papez <rok.papez@arnes.si>)
55 and ebtables-restore (the first one a perl script, the second
56 one written in c (fast))
57 * optimized the code for the '-A' command, making ebtables-restore
58 very fast.
59 * ebtablesd/ebtablesu is deprecated and not compiled by default
60 the ebtables-save/ebtables-restore scheme is much better
61 20050117
62 Since last entry:
63 * added ulog watcher
64 * made the ebtables code modular (make library functions).
65 * added the ebtablesd/ebtablesu scheme to allow faster
66 addition of rules (and to test the modular code).
67 * some small fixes
68 * added -c option (initialize counters)
69 * added -C option (change counters)
70 20031102
71 Since last entry:
72 * <grzes_at_gnu.univ.gda.pl> added arpreply and among modules
73 * <tommy_at_home.tig-grr.com> added limit match
74 20030724
75 * added (automatic) Sparc64 support, thanks to Michael Bellion and
76 Thomas Heinz from hipac.org for providing a test-box.
77 20030717
78 * added stp frames match type
79 20030713
80 * added support for deleting all user-defined chains (-X option
81 without specified chain)
82 20030601
83 * added --Lmac2
84 * <csv_at_bluetail.com> Chris Vitale: basic 802.3/802.2 filtering
85 (experimental, kernel files are in the CVS)
87 20030503
88 * added negative rule counter support
89 * bugfix: bcnt was not updated correctly
90 * <blancher_at_cartel-securite.fr> Cedric Blancher: add ARP MAC
91 matching support
92 * added pkttype match
93 20030402
94 * fixed check bug in ebt_ip.c (report from
95 joe_judge_at_guardium.com).
96 20030111
97 * fixed problem when removing a chain (report from
98 ykphuah_at_greenpacket.com).
99 * Added --help list_extensions which, well, lists the extensions
100 20021203
101 * changed the way to use the atomic operations. It's now possible
102 to use the EBTABLES_ATOMIC_FILE environment variable, so it's no
103 longer necessary to explicitly state the file name. See the man.
104 20021120
105 * changed the way of compiling. New releases will now contain their
106 own set of kernel includes. No more copying of kernel includes to
107 /usr/include/linux
108 * added getethertype.c (Nick) and use it. Removed name_to_number()
109 and number_to_name().
110 20021106
111 * added possibility to specify a rule number interval when deleting
112 rules
113 20021102
114 * added ! - option possibility, which is equivalent to - ! option
115 20021102
116 * since last entry: added byte counters and udp/tcp port matching
117 20020830
118 * updated the kernel files for 2.4.20-pre5 and 2.5.32
119 * last big cleanup of kernel and userspace code just finished
120 20020820
121 * ARP module bugfix
122 * IP module bugfix
123 * nat module bugfix
124 20020730
125 * other things done before 2.0-rc1 that I can think of,
126 including kernel:
127 * cache align counters for better smp performance
128 * simplify snat code
129 * check for --xxxx-target RETURN on base chain
130 * cleanup code
131 * minor bugfixes
132 20020724
133 * code cleanup
134 * bugfix for --atomic-commit
135 20020720
136 * added mark target+match
137 20020714
138 * added --atomic options
139 20020710
140 * some unlogged changes (due to lazyness)
141 * added --Lc, --Ln, --Lx
142 20020625
143 * user defined chains support: added -N, -X, -E options.
144 20020621
145 * some unlogged changes (due to lazyness)
146 * change the output for -L to make it look like it would look when
147 the user inputs the command.
148 * try to autoload modules
149 * some minor bugfixes
150 * add user defined chains support (without new commands yet,
151 deliberately)
152 * comparing rules didn't take the logical devices into account
153 20020520
154 * update help for -s and -d
155 * add VLAN in ethertypes
156 * add SYMLINK option for compiling
157 20020501
158 * allow -i and --logical-in in BROUTING
159 * update the manual page
160 * rename /etc/etherproto into /etc/ethertypes (seems to be a more
161 standard name)
162 * add MAC mask for -s and -d, also added Unicast, Multicast and
163 Broadcast specification for specifying a (family of) MAC
164 addresses.
165 20020427
166 * added broute table.
167 * added redirect target.
168 * added --redirect-target, --snat-target and --dnat-target options.
169 * added logical_out and logical_in
170 * snat bugfix (->size)
171 20020414
172 * fixed some things in the manual.
173 * fixed -P problem.
174 20020411
175 * -j standard no longer works, is this cryptic? good :)
176 * lots of beautification.
177 - made some code smaller
178 - made everything fit within 80 columns
179 * fix problems with -i and -o option
180 * print_memory now prints useful info
181 * trying to see the tables when ebtables is not loaded in kernel
182 no longer makes this be seen as a bug.
183 20020403
184 ebtables v2.0 released, changes:
185 * A complete rewrite, made everything modular.
186 * Fixed a one year old bug in br_db.c. A similar bug was present
187 in ebtables.c. It was visible when the number of rules got
188 bigger (around 90).
189 * Removed the option to allow/disallow counters. Frames passing
190 by are always counted now.
191 * Didn't really add any new functionality. However, it will be
192 _alot_ easier and prettier to do so now. Feel free to add an
193 extension yourself.
194 * There are 4 types of extensions:
195 - Tables.
196 - Matches: like iptables has.
197 - Watchers: these only watch frames that passed all the matches
198 of the rule. They don't change the frame, nor give a verdict.
199 The log extension is a watcher.
200 - Targets.
201 * user32/kernel64 architectures like the Sparc64 are unsupported.
202 If you want me to change this, give me access to such a box,
203 and don't pressure me.