iptables v1.4.0

22 grudnia pojawiła się nowa wersja iptables. Dla nie zaznajomych w temacie:

iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.

Changes from 1.4.0rc1:

- Don't use dlfcn.h if NO_SHARED_LIBS is defined
 [ Mike Frysinger ]

- Fix showing help text for matches/targets with revision as user
 [ Patrick McHardy ]

- Print warnings to stderr
 [ Max Kellermann ]

- Fix sscanf type errors
 [ Patrick McHardy ]

- Always print mask in iptables-save
 [ Jan Engelhardt ]

- Don't silenty exit on failure to open /proc/net/{ip,ip6}_tables_names
 [ Victor Stinner ]

- Adds --table to iptables-restore
 [ Peter Warasin ]

- Make DO_MULTI=1 work for ip6tables* binaries
 [ Hann-huei Chiou ]

- Add ip6tables-{save,restore} to non-experimental target, fix strict aliasing
warnings
 [ Patrick McHardy ]

- Introducing libxt_*.man files. Sorted matches and modules
 [ Laszlo Attila Toth ]

- Install ip6tables-{save,restore} manpages
 [ Patrick McHardy ]

- Performance optimization in sorting chain during pull-out
 [ Jesper Dangaard Brouer ]

- Fix sockfd use accounting for kernels without autoloading
 [ Patrick McHardy ]

- use 
 [ Jan Engelhardt ]

- Fix make/compile error for iptables-1.4.0rc1
 [ Jesper Dangaard Brouer ]

- Fix for --random option in DNAT and REDIRECT
 [ Tom Eastep ]

- Document xt_statistic
 [ Stefano Sabatini ]

- sctp: fix - mistake to pass a pointer where array is required
 [ Li Zefan ]

- Fix connlimit output for inverted --connlimit-above: ! > is <=, not <
 [ Patrick McHardy ]

- Add NFLOG manpage
 [ Patrick McHardy ]

- Move libipt_DSCP.man to libxt_DSCP.man for ip6tables.8
 [ Yasuyuki Kozakai ]

- Unifies libip[6]t_CONNSECMARK.man to libxt_CONNSECMARK.man
 [ Yasuyuki Kozakai ]

- Moves libipt_CLASSYFY.man to libxt_CLASSYFY.man for ip6tables.8
 [ Yasuyuki Kozakai ]

- fix check_inverse() call
 [ Jan Engelhardt ]

- Bump version to 1.4.0 final
 [ Pablo Neira Ayuso ]