Linux下的防火墙软件Iptables发布1.4.21 2013-11-22 上一个版本是2013-08-06的1.4.20.修正了一些BUG以及一些扩展的增强。 不过据说新的防火墙/包过滤引擎 Nftables(2008年诞生)将在 Linux 3.13 中替代有十多年历史的iptables。建议关注一下。
完全改进:
Eric Dumazet (1):
xt_socket: add --nowildcard flag
Florian Westphal (3):
extensions: libxt_socket: update man page
doc: add libnetfilter_queue pointer to libxt_NFQUEUE.man
doc: merge ip6table man pages into ipv4 ones
Jozsef Kadlecsik (1):
extensions: libxt_set, libxt_SET: check the set family too
Kevin Cernekee (1):
ip6tables: Use consistent exit code for EAGAIN
Laurence J. Lane (8):
iptables: libxt_hashlimit.man: correct address
iptables: libxt_conntrack.man extraneous commas
iptables: libip(6)t_REJECT.man default icmp types
iptables: iptables-xm1.1 correct man section
iptables: libxt_recent.{c,man} dead URL
iptables: libxt_string.man add examples
extensions: libxt_LOG: use generic syslog reference in manpage
iptables: extensions/GNUMakefile.in use CPPFLAGS
Lutz Jaenicke (1):
iptables: correctly reference generated file
Pablo Neira Ayuso (7):
Merge branch 'stable-1.4.20'
Merge branch 'stable-1.4.20'
ip[6]tables: fix incorrect alignment in commands_v_options
build: add software version to manpage first line at configure stage
extensions: libxt_cluster: add note on arptables-jf
utils: nfsynproxy: fix error while compiling the BPF filter
iptables 1.4.21 release
Patrick McHardy (2):
extensions: add SYNPROXY extension
utils: add nfsynproxy tool
Phil Oester (4):
iptables: state match incompatibilty across versions
libxtables: xtables_ipmask_to_numeric incorrect with non-CIDR masks
iptables: improve chain name validation
iptables: spurious error in load_extension
stephen hemminger (1):
xtables: trivial spelling fix
下载:http://ftp.netfilter.org/pub/iptables/iptables-1.4.21.tar.bz2
推荐阅读:
iptables—包过滤(网络层)防火墙 http://www.linuxidc.com/Linux/2013-08/88423.htm
Linux防火墙iptables详细教程 http://www.linuxidc.com/Linux/2013-07/87045.htm
iptables+L7+Squid实现完善的软件防火墙 http://www.linuxidc.com/Linux/2013-05/84802.htm
