The Netfilter HomePage: iptables 1.2.5

This version requires kernel >= 2.4.4 This version recommends kernel > 2.4.14

Bugs Fixed from 1.2.4:

make iptables-restore accept --table as well as -t option
[ Andreas Ferber ]
make iptables-restore -v / --verbose option work
[ Marc Boucher ]
fix iptables-save problems with saving "ppp+" style interface wildcards
[ Harald Welte ]
make iptables accept '_' and '.' in interface names
[ Harald Welte ]
Kernel bugfixes in patch-o-matic:
- Fix IRC NAT srcaddr fix (we used to nat DCC connectios to the address of the IRC server
  [ Bob Hockney ]
- Fix potential Oops in TOS target module
  [ Edward Killips ]
- Fix problem when raw socket has cloned skb while netfilter doing payload modification
  [ Rusty Russell ]
- Fix memory leak in ipchains redirect code
  [ Rusty Russell ]
- Fix reintroduced ECN problem with unclean match
  [ Guillaume Morin ]
- Fix MAC adress match problem with small udp packets
  [ Harald Welte ]

Changes from 1.2.4:

Whole patch-o-matic system restructured - now supports multiple patch repositories (submitted, pending, base, extra, newnat).
[ Jozsef Kadlecsik ]
Add IPv6 support to the QUEUE target and libipq
[ Fernando Anton / James Morris ]
New patch-o-matic patches:
- New IPV4OPTSSTRIP target to strip IP options
  [ Fabrice Marie ]
- New ipv6header match to match IPv6 header options
  [ Brad Chapman / Andras Kis-Szabo ]
- New helper match to match RELATED connections on their conntrack helper
  [ Martin Josefsson ]
- New quota match to have fixed IP quotas
  [ Sam Johnston ]
- New recent match to match recently seen packets
  [ Stephen Frost ]