The Netfilter HomePage: iptables 1.2.5
This version requires kernel >= 2.4.4
This version recommends kernel > 2.4.14
Bugs Fixed from 1.2.4:
- make iptables-restore accept --table as well as -t option
[ Andreas Ferber ]
- make iptables-restore -v / --verbose option work
[ Marc Boucher ]
- fix iptables-save problems with saving "ppp+" style interface wildcards
[ Harald Welte ]
- make iptables accept '_' and '.' in interface names
[ Harald Welte ]
- Kernel bugfixes in patch-o-matic:
- Fix IRC NAT srcaddr fix (we used to nat DCC connectios to the
address of the IRC server
[ Bob Hockney ]
- Fix potential Oops in TOS target module
[ Edward Killips ]
- Fix problem when raw socket has cloned skb while netfilter doing
payload modification
[ Rusty Russell ]
- Fix memory leak in ipchains redirect code
[ Rusty Russell ]
- Fix reintroduced ECN problem with unclean match
[ Guillaume Morin ]
- Fix MAC adress match problem with small udp packets
[ Harald Welte ]
Changes from 1.2.4:
- Whole patch-o-matic system restructured - now supports multiple
patch repositories (submitted, pending, base, extra, newnat).
[ Jozsef Kadlecsik ]
- Add IPv6 support to the QUEUE target and libipq
[ Fernando Anton / James Morris ]
- New patch-o-matic patches:
- New IPV4OPTSSTRIP target to strip IP options
[ Fabrice Marie ]
- New ipv6header match to match IPv6 header options
[ Brad Chapman / Andras Kis-Szabo ]
- New helper match to match RELATED connections on their conntrack helper
[ Martin Josefsson ]
- New quota match to have fixed IP quotas
[ Sam Johnston ]
- New recent match to match recently seen packets
[ Stephen Frost ]
-