conntrack (1:1.0.1-2+vyatta35+hydrogen1) unstable; urgency=low
* New branch
-- Daniil Baturin <daniil@baturin.org> Sat, 16 Nov 2013 23:25:53 +0100
conntrack (1:1.0.1-2+vyatta35+daisy4) unstable; urgency=low
* force release: build failed due to race with libnetfilter-conntrack
build
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Fri, 14 Dec 2012 13:27:38 -0800
conntrack (1:1.0.1-2+vyatta35+daisy3) unstable; urgency=low
* patch to allow tracking dying and unconfirmed lists in conntrack to
detect leaks
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Thu, 13 Dec 2012 11:50:30 -0800
conntrack (1:1.0.1-2+vyatta35+daisy2) unstable; urgency=low
* create daisy branch
* 1:1.0.1-2+vyatta35+daisy1
-- John Southworth <john.southworth@vyatta.com> Sat, 13 Oct 2012 13:33:50 -0700
conntrack (1:1.0.1-2+vyatta35+daisy1) unstable; urgency=low
* create daisy branch
-- John Southworth <john.southworth@vyatta.com> Sat, 13 Oct 2012 13:29:19 -0700
conntrack (1:1.0.1-2+vyatta35) unstable; urgency=low
[ Pablo Neira Ayuso ]
* conntrackd: parse: fix wrong maximum length for ATTR_EXP_FN
[ Gaurav Sinha ]
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Wed, 12 Sep 2012 14:06:02 -0700
conntrack (1:1.0.1-2+vyatta34) unstable; urgency=low
* fixing 8243: fix will selectively flush the conntrack table on
master, ignoring ignored addresses during flush
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Tue, 31 Jul 2012 10:25:55 -0700
conntrack (1:1.0.1-2+vyatta33) unstable; urgency=low
[ Pablo Neira Ayuso ]
* conntrackd: add bugtrap notice in case of flush while commit in
progress
* conntrackd: fix commit operation, needs to be synchronous
[ Gaurav Sinha ]
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Fri, 06 Jul 2012 17:04:58 -0700
conntrack (1:1.0.1-2+vyatta32) unstable; urgency=low
[ Pablo Neira Ayuso ]
* conntrackd: add cthelper infrastructure (+ example FTP helper)
[ Jozsef Kadlecsik ]
* conntrackd: RPC helper added to cthelper
* conntrackd: TNS helper added to cthelper
[ Pablo Neira Ayuso ]
* tests: conntrackd: add cthelper-test infrastructure
[ Gaurav Sinha ]
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Thu, 07 Jun 2012 10:37:08 -0700
conntrack (1:1.0.1-2+vyatta31) unstable; urgency=low
* Debian package conntrack-helpers to package helpers in user space
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Tue, 05 Jun 2012 14:01:51 -0700
conntrack (1:1.0.1-2+vyatta30) unstable; urgency=low
* forced release:cttimeout refreshed on build machine
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Mon, 04 Jun 2012 21:31:24 -0700
conntrack (1:1.0.1-2+vyatta29) unstable; urgency=low
* Add nfct debian package to this submodule.
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Mon, 04 Jun 2012 21:07:05 -0700
conntrack (1:1.0.1-2+vyatta28) unstable; urgency=low
[ Pablo Neira Ayuso ]
* conntrackd: add cthelper infrastructure (+ example FTP helper)
[ Jozsef Kadlecsik ]
* conntrackd: RPC helper added to cthelper
* conntrackd: TNS helper added to cthelper
[ Pablo Neira Ayuso ]
* tests: conntrackd: add cthelper-test infrastructure
[ Gaurav Sinha ]
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Fri, 01 Jun 2012 13:10:21 -0700
conntrack (1:1.0.1-2+vyatta27) unstable; urgency=low
* forced release
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Wed, 30 May 2012 14:48:09 -0700
conntrack (1:1.0.1-2+vyatta26) unstable; urgency=low
* forced release
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Wed, 30 May 2012 13:03:49 -0700
conntrack (1:1.0.1-2+vyatta25) unstable; urgency=low
* force release:dependency fix on build machine
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Wed, 30 May 2012 10:55:48 -0700
conntrack (1:1.0.1-2+vyatta24) unstable; urgency=low
* force release:post build dependency fix on build machine
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Wed, 30 May 2012 09:47:46 -0700
conntrack (1:1.0.1-2+vyatta23) unstable; urgency=low
[ Pablo Neira Ayuso ]
* conntrack: allow to filter by mark from kernel-space
* conntrackd: allow using lower/upper case in ExpectationSync
* doc: add ras, q.931 and h.245 to examples configuration file
* doc: fix example on how to filter events via iptables CT target
[ Adrian Bridgett ]
* src: manpage and help display improvements
[ Pablo Neira Ayuso ]
* icmp[v6]: --icmp[v6]-[type|code] are optional for updates and
deletes
[ Florian Westphal ]
* conntrack: flush stdout for each expectation event, too
[ Pablo Neira Ayuso ]
* src: integrate nfct into the conntrack-tools tree
* tests: add nfct tests for cttimeout
* build: bump version to 1.2.0
* nfct: fix compilation warning in cttimeout support
* build: update dependencies with libnetfilter_conntrack (>= 1.0.1)
* move qa directory to tests/conntrack/
* tests: conntrack: add run-test.sh script
* add nfct(8) manpage
* add README.nfct
* nfct: fix compilation of timeout extension
* bump version to 1.2.1
[ Jan Engelhardt ]
* update .gitignore
[ Pablo Neira Ayuso ]
* conntrackd: simplify TCP connection handling logic
* conntrackd: generalize file descriptor infrastructure
* conntrackd: move ctnetlink code to ctnl.c (removed from run.c)
* conntrackd: add cthelper infrastructure (+ example FTP helper)
[ Jozsef Kadlecsik ]
* conntrackd: RPC helper added to cthelper
* conntrackd: TNS helper added to cthelper
[ Pablo Neira Ayuso ]
* tests: conntrackd: add cthelper-test infrastructure
[ Gaurav Sinha ]
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Wed, 30 May 2012 07:59:05 -0700
conntrack (1:1.0.1-2+vyatta22) unstable; urgency=low
* force release:i386 vm build environ fixed
-- Gaurav <gaurav.sinha@vyatta.com> Mon, 09 Apr 2012 17:05:19 -0700
conntrack (1:1.0.1-2+vyatta21) unstable; urgency=low
* new branch
-- Deepti Kulkarni <deepti@vyatta.com> Sat, 03 Mar 2012 02:24:17 -0800
conntrack (1:1.0.1-2+vyatta20) unstable; urgency=low
[ Pablo Neira Ayuso ]
* conntrackd: add support expectation class synchronization
* conntrackd: add NAT expectation support
* conntrackd: add support to synchronize helper name
* conntrackd: support expectfn synchronization for expectations
* conntrackd: fix parsing of expectation class, helper name and NAT
[ Gaurav Sinha ]
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Wed, 08 Feb 2012 11:53:16 -0800
conntrack (1:1.0.1-2+vyatta19) unstable; urgency=low
* reset epoch
* 1:1.0.1-2+vyatta18
-- Stephen Hemminger <stephen.hemminger@vyatta.com> Fri, 03 Feb 2012 09:01:41 -0800
conntrack (1:1.0.1-2+vyatta18) unstable; urgency=low
* add epoch to version number to match Debian numbering
-- Stephen Hemminger <shemminger@vyatta.com> Tue, 31 Jan 2012 11:15:50 -0800
conntrack (1.0.1-2+vyatta18) unstable; urgency=low
[ Pablo Neira Ayuso ]
* conntrackd: fix expectation filtering if ExpectationSync On is used
* conntrack: add expectation support for `-o' option
* conntrackd: support `-i exp -x' and `-e exp -x' options
* conntrack: fix setting fixed-timeout status flag
[ Gaurav Sinha ]
* Merge of conntrack-tools from netfilter.org with support for dumping
expectations in XML format.
* Revert "Merge of conntrack-tools from netfilter.org with support for
dumping expectations in XML format."
* updating version string for conntrack-tools to 1.0.1
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Mon, 23 Jan 2012 15:23:34 -0800
conntrack (1.0.1-2+vyatta17) unstable; urgency=low
* Bumping version to 1.0.1
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Fri, 20 Jan 2012 16:09:58 -0800
conntrack (0.9.14-2+vyatta16) unstable; urgency=low
* Fixing build issue in debian/rules
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Fri, 20 Jan 2012 16:09:58 -0800
conntrack (0.9.14-2+vyatta15) unstable; urgency=low
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* add pablo's conntrack tool
* - add support for new list-conntrack-and-zero-counters flag (-z)
* add GPL
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* Major resync
* o Created changelog file
* Kill hardcoded CONNTRACK_LIB_DIR=/usr/local/lib, now it uses $prefix
value
* Simplify event_handler
* Completed some stuff related to protocol helpers:
* o Added descriptive error messages.
* Fix wrong handler number in expectation dumping
* Added missing libct_proto_icmp file
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* o Fixed syntax error (tab/space issue) in help message
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* o Use conntrack netlink attributes: Major change
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* major re-sync with current names/definitions in libctnetlink and
kernel
* libctnetlink now called libnfnetlink_conntrack
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* More re-sync to work fine with current ip_conntrack_netlink
implementation
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* use new header file
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* Resync to current libnfnetlink_conntrack and 2.6.14 tree
* Resync to 2.6.14 and libnfnetlink_conntrack
* Bumped version to 0.80
* kill TODO file
* o Fix packet and bytes counters (use __be64_to_cpu)
* Fix ip_conntrack_netlink load-on-demand
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* make sure we build against KERELDIR!
* get rid of old "-A" stuff
* get rid of c++ style comments
* major update (See ChangeLog)
* fix "dist-bzip2" for firt reelase
* make sure manpage is included in dist
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* o Fix up counters
* See Changelog
* See ChangeLog
* See ChangeLog
* See ChangeLog
* See ChangeLog
* See ChangeLog
* See ChangeLog
* See ChangeLog
* See ChangeLog
* See ChangeLog
* See ChangeLog. This fixes an indentation problem in conntrack.c,
I've separated
* See ChangeLog
* See ChangeLog
* o Add --id to the conntrack manpage
* o Fix --id parameter parsing
* See ChangeLog
* See ChangeLog
* See ChangeLog
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* add extra argument to nfct_register_callback() to accomodate change
in libnetfilter_conntrack
* update changelog
* we don't use libnfnetlink directly, so we don't link it explicitly
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* See ChangeLog
* See ChangeLog
* See ChangeLog
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* - rename plugisn to remove 'lib' prefix
* don't use library versioning for extensions
* we don't use libnfnetlink directly, so there is no need for having
configure script checking for it
* - don't install the header files when 'make install' is run. they're
private
* update changelog to reflect recent changes
* - get rid of KERNELDIR
* use AM_CFLAGS, not CFLAGS
* update revision to 0.99
* linke with libnetfilter_conntrack
* some libc's don't have IPPROTO_SCTP yet
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* Fixed oversized number of options (Marcus Sundberg)
* o Add support to filter events. ie: -p tcp --orig-port-dst 80 in
* o Restore include "conntrack.h" in ICMP handler
* We only support ipv4 at the moment, set l3protonum to AF_INET
* More changes to prepare upcoming ipv4 support
* <pablo@netfilter.org>
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* add debian package support (Max Kellermann)
* use '1.00' instead of '1.0' as version number
* make 'rules' executable, remove 'tarball' from cdbs
* add 'debian' to EXTRA_DIST
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* o Added missing parameters to set the ports of an expectation tuple
* o Add support to filter dumped entries. ie:
* fix ICMP protocol extension parse callback
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org ]
* [PATCH] conntrack: Fix option parsing for ARM (Philip Craig
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org ]
* [PATCH] fix conntrack compilation (Eric Leblond <eric@inl.fr>)
* [PATCH]: Userspace code related to fixed timeout patch (Eric Leblond
<eric@inl.fr>)
* [PATCH 5/6] conntrack pkt-config changes (KOVACS Krisztian
<hidden@balabit.hu>)
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org ]
* comment `autoheader' invocation from autogen.sh, we don't need any
config.h file to compile the conntrack tool
[ /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org ]
* [patch] conntrack compile fix (Thomas Jarosch
<thomas.jarosch@intra2net.com>)
* [patch] conntrack tool: Fix loading of protocol helpers (Thomas
Jarosch <thomas.jarosch@intra2net.com>)
[ /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org ]
* initial import of the conntrack daemon to Netfilter SVN
* first step forward to merge conntrackd and conntrack into the same
building chain
* del initial daemon and cli directories
* - Merge conntrack and conntrackd changelogs, even if it will be
dropped from SVN soon.
* introduce conntrack(8) manpage
* - bump version to 0.9.3
* - remove overkill recursive Makefile.am definition in examples/ (use
EXTRA_DIST)
* move test.sh into examples/
* fix MODULE_DIR enviroment variable
* - add warning note to ctnl_test.c: old API is deprecated
* - update changelog
* o introduce '--output xml,extended,timestamp' option for '-L', '-G'
and '-E'
* add script for keepalived fault state (eg. unplugged cable/link
down)
* - remove dead code sync-mode.c
* - introduce cache_iterate
* add missing ignore_conntrack in the overrun handler
* - update TODO list
* simplify checksum code: use UDP/multicast checksum facilities
* conntrack --output requires one parameter (Krzysztof Oledzki)
* fix silly bug in build_network_message: out of bound memset
* fix error message in configure.in (Eric Leblond)
* o remove useless backlog parameter in multicast sockets
* o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt
* add aliases --sport and --dport to make it more iptables-like
* commit phase: if conntrack exists, update it
* - add support for `-L --src-nat' and `-L --dst-nat' to show natted
connections
* add library dependency checking
* remove dlopen infrastructure: simplification, it was too much for it
* - local requests return EXIT_FAILURE if it can't connect to the
daemon
* - more cleanups and code refactorization
* fork when internal/external dump and commit requests are received
* fix dyslexia bug in Changelog (Pablo... we live in 2007, not in
2006) and
* do not include .svn directories in tarballs
* - conntrack-tools requires libnetfilter_conntrack >= 0.0.81
* conntrackd:
* include protocol filter parameters in the manpage
* minor fix in the last commit: check conf->mtu instead of mtu that is
< 0
* - simplify cache_flush function: use cache_del()
* fix NAT in changes committed in r6904
* prepare 0.9.5 release
* remove script_fault.sh script
* conntrackd requires the connection tracking event API: insist more
in INSTALL
* conntrack-tools compilation problem (K.Kovacs)
* improve INSTALL file
* Remove window tracking disabling limitation (requires Linux kernel
>= 2.6.22)
* bump libnetfilter_conntrack version dependency
* add syslog support and bump version
* Add CacheWriteThrough clause: external cache write through policy.
This feature is particularly useful for active-active setup without
connection persistency, ie. you cannot know which firewall would
filter a packet that belongs to a connection.
* = conntrack =
* raise ignorepoll limit from 1024 to INT_MAX
* o Use more appropriate names for the existing synchronization modes:
* fix minor typo in warning message
[ Ayuso/emailAddress=pablo@netfilter.org ]
* rename `examples' directory to `doc'
* o add support for related conntracks (requires Linux kernel >=
2.6.22)
[ /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org ]
* show error and warning messages to stderr
* - hash lookup speedups based on comments from netdev's discussions
* o add support for connection logging to the statistics mode via
Logfile
* add more descriptive information to the conntrackd.conf example file
for the stats mode
* update TODO file: logging for the statistics has been implemented
* Ben Lentz <BLentz@channing-bete.com>:
* Ben Lentz <BLentz@channing-bete.com>:
* obsolete `-S' option: Use information provided by the config file
* update conntrackd(8) manpage last update reference
* daemonize conntrackd after initialization
* rename class `buffer' to `queue' which is what it really implements
* implement buffered connection logging to improve performance
* fix logfiles permissions, do not default to umask
* fix make distcheck
* fix segfaul in the exit path for the statistics mode (introduced in
r7175)
* wake up the daemon iff there are real events to handle instead of
polling (Based on comments from Max Kellerman)
* fix statistics mode CPU sucks up (broken with 7178)
* fix buffer flush before exiting
* add support for tagged vlan interfaces in the config file, e.g.
eth0.1
* o remove -lpthread during compilation
* add support for `conntrack -E -o xml,timestamp'
* set up the configuration flags when defaulting
* improve alarm framework based on suggestions from Max Duempel
* make sure add_alarm() and mod_alarm() insert sorted by due time
* fix overflow in usecs in mod_alarm()
* fix broken next alarm calculation in the run loop
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* constify queue_iterate()
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Add include/netlink.h and include/traffic_stats.h
* add traffic_stats.h and netlink.h to include/Makefile.am
* merge several *_alarm() functions into init_alarm()
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* minor constification fixes
* use list_del_init() and list_empty() to check if a node is in the
list
* more list_empty() use instead of directly check the header
* Max Kellermann <max@duempel.org>:
* fix missing bracket
* remove unrequired list_del_init in alarm.c
* remove unix socket file on exit
* use umask() to set up file permissions
* fix missing command initialization (breakage introduced in r7208)
* Max Kellermann <max@duempel.org>:
* enable C99 mode
* Max Kellermann <max@duempel.org>:
* Max Kellerman <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Fix wrong dlog call
* yet another rework of the alarm scheduler
* Based on patch from Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* remove alarm counter
* minor cleanups
* fix inconsistent alarm update in cache_alarm_update
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* add comment to clarify handle_msg()
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* missing casting to keep -Werror happy
* Max Kellermann <max@duempel.org>:
* Max Kellermann <max@duempel.org>:
* remain is size_t instead of ssize_t to remove the cast
* implement a rb-tree based alarm framework
* add IPv6 support to conntrackd
* remove leftover line referring old -S option
* o add IPv6 information to synchronization messages
* add missing bits for NAT sequence adjusment support
* From: Max Kellermann <max@duempel.org>
* From: Max Kellermann <max@duempel.org>
* From: Max Kellermann <max@duempel.org>
* From: Max Kellermann <max@duempel.org>
* From: Max Kellermann <max@duempel.org>
* compose the file descriptor set at initialization stage to save some
cycles
* cleanup: remove config_set from main(), use config_file variable
instead
* relicense conntrack-tools as GPLv3+, so far the most significant
contributor has been Max Kellermann and has no issues with
relicensing their contributions.
* revert relicensing... still we use linux_list.h code which seems to
be GPLv2 only which is incompatible AFAIK
* update changelog with 0.9.6 release date
* remove .svn from doc/ in tarballs (reported by Gilad Benjamini)
* Pablo Neira Ayuso <pablo@netfilter.org>:
* Krzysztof Oledzki <ole@ans.pl>:
* add missing libct_proto_icmpv6.c
* fix minor compilation issue in amd64 with gcc4.3 (reported by Daniel
Schepler
* fix compilation in ARM (reported by Thiemo Seufer via Max
Kellermann)
* fix asymmetric path support (still some open concerns)
* improve netlink overrun handling
* update manpages with the new URL
* o simplify parameter-handling code
* This is a major improvement of the conntrack command line tool:
* add initial automated qa testing for the conntrack cli
* check for pkg-config before anything (fix bogus missing libraries
failure)
* relax parameter checking for UDP and TCP
* fix conntrack -U -p tcp [...]
* o fix NAT filtering via --src-nat and --dst-nat (reported by
K.Oledzki)
* minor update of the manpages
* add more verbose error notification when the injection of a
conntrack fails
* rework of the FT-FW approach
* Fix reorder possible reordering of destroy messages under message
omission. This patch introduces the TimeoutDestroy clause to
determine how long a conntrack remains in the internal cache once it
has been destroy from the kernel table.
* minor fix of the manpage (Max Wilhelm)
[ Pablo Neira Ayuso ]
* - remove (misleading) counters and use information from the
statistics mode
* improve network message sanity checkings
* add Mcast[Snd|Rcv]SocketBuffer clauses to tune multicast socket
buffers
* Updates (-U) show the effect of the operation in the conntrack entry
* check for missing IPv6 address before hashing
* only allow the use of --secmark for listing (filtering)
* add flex version warning (better with >= 2.5.33)
* add eventfd emulation to communicate receiver -> sender
* add best effort replication protocol (aka NOTRACK)
* rework the HELLO logic inside FT-FW
* fix leak in cache_destroy(): release objects before destroying the
cache
* remove secmark support for conntrackd
* fix make distcheck
* define SO_[RCV|SND]BUFFORCE if not set
* increase deletion stats when the timer is scheduled in
cache_del_timeout()
* delay the closure of the dump descriptor to fix assertion with
cache_wt
* check if entries already exist in kernel before injection
[ Albin Tonerre ]
* fix unsecure usage of printf and include limits.h (PATH_MAX and
INT_MAX)
[ Pablo Neira Ayuso ]
* do not include Changelog in tarballs, user git shortlog for
changelog instead
* use only the original tuple to check if a conntrack is present
* fix xml output: wrap output with one root element
* Major rework of the user-space event filtering
* add support for kernel-space filtering via BSF
* log: syslog displays the entry that triggers the error
* filter: skip protocol state filtering if state not present
* CLI: add new option --buffer-size for -E
* add more sanity checks in the input path
[ Eric Leblond ]
* commit: retry at least once if we hit ETIME or ENOMEM
[ Pablo Neira Ayuso ]
* fix: use %zu instead of %u for size_t
* cleanup: remove obsolete clause Replicate in the example conffiles
* fix: wrong information related to default logging action
* fix: wrong use of timersub in cache_timer
* fix broken normal deletion in caches
* ftfw: show consistent information to users for problem diagnosing
* doc: remove duplicated example files
* script: rework scripts that enable interaction with keepalived
* conntrackd: add -t option to shorten conntrack timeouts
* fix missing updates in the example files
* script: fix broken if branches
* cache_iterators: do not report ENOENT in cache_reset_timers
* script: yet another minor fix
* netlink: add getter and check existence functions
* cache iterators: rework cache_reset_timers
* cache iterators: commit master entries before related ones
* netlink: avoid errors related to the expected bit handling
* cli: remove duplicated optarg checking
* cli: remove unrequired \n in error message
* cli: check for missing arguments in getopt_long
* cli: insert `conntrack-tools' string in help and error messages
* compilation: relax too strict warning checking
* ftfw: check for malformed ack and nack messages
* filter: fix NAT detection tweak
* cleanup: Linux kernel version checking
* filter: check if kernel-space filtering is available
* cleanup: remove some debug messages from sync-ftfw.c
* config: use /var/run to create the UNIX socket file
* fix: remove node from tx_list when the state-entry is destroy
* ftfw: fix race that triggers a double insertion into tx_list
* ftfw: fix race condition in the helloing routine
* ftfw: reset window and flush the resend queue during helloing
* conntrack: cleanup for the update path
* conntrack: cleanup XML header handling
* conntrack: fix mark-based filtering for event display
* conntrack: fix filtering for unsupported protocol
* conntrack: fix dump counter displayed with -L expect
* manual: add initial user manual
* doc: update INSTALL file
* conntrack: cleanup for NAT filtering
* cache: fix update of scheduled-to-timeout entries
* cache-iterators: improve committing
* config: fix usage of 'PurgeTimeout' in Sync NOTRACK
* notrack: fix double receival of resync requests
* doc: rise default size of the hashtable in the example file
* netlink: report when kernel-space event filtering is in use
* filter: fix segfault if the Filter clause is unused
* cache: use jhash2 instead of double jhash+jhash_2words
* filter: do not filter in user-space if kernel supports BSF
* doc: remove example about CacheWriteTrough
* doc: update conntrackd manpage
* conntrackd: add missing information on -t to the help
* conntrackd: bump version to 0.9.8
* ftfw: rise the size of the acknowledgment window in the example
* conntrack: add missing -U in conntrack(8) manpage
* ftfw: add option `-v' to output debugging information (if any)
* ftfw: remove bottleneck in ack/nack handling
* network: remove message omission test-code
* network: add protocol version field (breaks backward compatibility)
* network: rework TLV-based protocol
* filter: use XOR instead of branches
* filter: use jhash2 instead of jhash for IPv6 addresses
* filter: remove useless branch in the check functions
* conntrack: --status should not be mandatory with -I
* filter: choose the filtering method via configuration file
* conntrack: cleanup command line tool protocol extensions
* build: add attribute header size to total attribute length
* filter: CIDR-based filtering support
* run: release fds structure in the exit path
* fds: remove unused array of file descriptors
* ftfw: remove useless ftfw_run invocation in the alive alarm handler
* src: move callbacks to run.c for better readability
* conntrack: do_parse_parameter show warning to stderr (not to stdout)
* conntrack: remove hardcoded buffer size, use sizeof instead
* conntrack: support diminutives for -L
* conntrack: move release options code to free_options()
* config: move `Checksum' inside `Multicast' clause
* network: make tx buffer initialization independent of mcast config
* manpage: add notice about conntrackd version incompatibilities
* conntrack: add new --status EXPECTED to filter expected connections
* manpage: add --status FIXED_TIMEOUT and EXPECTED
* build: do not include NTA_TIMEOUT in the replication messages
* netlink: clone conntrack object while creation/update
* netlink: use NFCT_Q_[CREATE|UPDATE] instead of NFCT_Q_CREATE_UPDATE
* netlink: constify conntrack object parameter of nl_*_conntrack()
* netlink: remove unnecessary whitespace lines in netlink.h
* netlink: unset ATTR_HELPER_NAME to avoid EBUSY in
nl_update_conntrack()
* parse: fix missing master layer 4 protocol number assignation
* network: remove unused function mcast_send_netmsg()
* network: remove length parameter of mcast_buffered_send_netmsg()
* network: remove __do_send() function
* network: remove the netpld header from the messages
* network: fix data offset alignment returned by NTA_DATA macro
* parse: strict attribute size checking
* src: recover conntrackd -F operation
* run: better wait() error handling
* netlink: fix EILSEQ error messages due to process race condition
* cache_iterators: use a cloned object while resetting timers
* netlink: build TCP flags/mask only if this is a TCP connection
* netlink: conditional build of TCP flags/mask for updates
* netlink: do not build the reply tuple in update messages
* configure: conntrack-tools requires libnetfilter_conntrack 0.0.99
* network: use NET_T_* instead of NFCT_Q_*
* ftfw: do not check for data messages in tx_queue_xmit
* ftfw: resync messages can be retransmitted
* network: do more strict message type checking
* ftfw: shrink alive message size
* sync-mode: check if message type is >= NET_T_STATE_MAX before
parsing
* src: cleanup, rename hashtable_test() by hashtable_find()
* cache: cleanup, rename __del2() by __del()
* netlink: log report initial netlink event socket buffer size
* doc: fix typo SocketBufferSizeMaxGrowth in example conffiles
* doc: document the netlink buffer size clauses
* doc: better documentation about ResendBufferSize
* x
* doc: revert commit 9bc7d7f8f333e79323495a193f92c9d4f1708da9
* doc: add note on McastSndSocketBuffer and McastRcvSocketBuffer
* netlink: fix type in warning message on SocketBufferSizeMaxGrowth
* configure: bump version to 0.9.9
* automake: add missing cidr.h
* headers: delete unused flags in conntrackd.h
* src: add network statistics via `-s network'
* src: add cache statistics via `-s cache'
* src: add run-time statistics via `-s runtime'
* sync-mode: remove unnecessary split lines
* conntrackd: fix missing \n in conntrackd -h
* cache_iterators: display the commit time taken in the logs
* cache_iterators: add total entries available in the cache to stats
* cache: fix ENOSPC errors due to over-population of inactive entries
* filter: skip filtering by state if the event has no state info
* run: show current netlink buffer size in `-s runtime'
* netlink: don't double the netlink buffer twice during resize
* src: constify hashtable parameter in hash() callbacks
* hashtable: use calloc instead of malloc + memset
* hashtable: check NULL instead of ! for pointers
* filter: add prefix ct_filter_ to hash and compare functions
* run: limit the number of iterations over the event handling
* src: rework of the hash-cache infrastructure
* cache: add status field to store the object status
* run: relax resynchronization algorithm when netlink overruns
* sync: unify tx_list and tx_queue into one single tx_queue
* ftfw: move helloing to ftfw_xmit()
* sync: add generic tx_queue for all synchronization modes
* sync: enqueue state updates to tx_queue
* network: do not re-set the message type in nethdr_set* functions
* src: support for redundant dedicated links
* src: rename overrun handler to resync handler
* src: remove register_fds hooks
* src: add state polling support (oppossed to current event-driven)
* cache: add objects statistics
* ftfw: add ResendQueueSize and deprecate ResendBufferSize clauses
* src: add `-s queue' and change `-v' behaviour
* conntrack: add -C command to display the counter
* src: obsolete `DestroyTimeout' clause
* conntrack: fix use of -u which is optional with -I
* cache_iterators: start a clean session if commit finds an entry
* cache: remove nl_exist_conntrack() function
* cache: mangle timeout inside nl_*_conntrack() functions
* src: don't clone when calling nl_*_conntrack functions
* src: change behaviour of `-t' option
* cache: move lifetime feature to main cache code
* src: add support for approximate timeout calculation during commit
* src: increase default PurgeTimeout value
* netlink: set IP_CT_TCP_FLAG_CLOSE_INIT for TIME_WAIT states
* doc: unset CommitTimeout by default
* doc: use 'From' instead of 'from' in the example configfiles
* doc: increase hashtable bucket size and limits in example files
* configure: bump version to 0.9.10
[ Jan Engelhardt ]
* build: upgrade build system
[ Pablo Neira Ayuso ]
* build: replace INCLUDES by AM_CPPFLAGS according to autoreconf
* configure: conntrack-tools >= 0.9.10 requires libnfnetlink >= 0.0.40
* netlink: refactorize several nl_init_*_handler() functions
* src: re-work polling strategy
* netlink: add new option NetlinkOverrunResync
* sync-mode: flush also internal cache after reset PurgeTimeout
* conntrack: allow use of --state with -D
* src: add Nice clause to set the nice value
* config: nl_overrun must be signed int instead of unsigned
* cache_iterators: fix wrong printf format in commit-time message
* src: use resync handler for polling instead of dump handler
* stats-mode: fix polling based logging
* conntrackd: add `-f internal' and `-f external' options
* conntrackd: display help information with `-h'
* conntrackd: don't initialize logging for client request
* doc: unset ACKWindowSize in example configuration files
* doc: add new primary-backup.sh script for >= 2.6.29
* doc: add bulk update to primary-script.sh script
* headers: don't use NFCT_DIR_MAX in statistics structure
* network: fix endianess issue in synchronization network header
* network: fix endianess issue in acknowledgment network header
* sync-mode: change current link if message is correct
* src: remove obsolete debug() and debug_ct() calls
* doc: revert primary-backup-2.6.29-and-higher.sh script
* mcast: fix compilation warning due missing header
* config: add NetlinkBufferSize and NetlinkBufferSizeMaxGrowth
* netlink: use u8 getter for TCP states
* build: bump version to 0.9.11
* src: fix compilation issue in gentoo due to missing include limits.h
[ Jan Engelhardt ]
* build: add m4 directory
[ Pablo Neira Ayuso ]
* doc: fix broken link to ulogd2 in the manual
* extensions: remove use of old libnetfilter API flags
* src: remove debian/ directory
* sync-mode: rename mcast_send_sync() to sync_send()
* sync-mode: rename mcast_iface structure to interface
* sync-mode: add abstract layer to make daemon independent of
multicast
* sync-mode: rename mcast_track_*() by nethdr_track_*()
* sync-mode: add unicast UDP support to propagate state-changes
* sync-mode: fix wrong output stats refering lost/malformed packets
* sync-mode: save one tab inside switch, cleanup
* sync-mode: cleanup reminiscent of multicast dependency
* mcast: mcast_send() takes a const pointer to buffer
* sync-mode: change `multicast' by `link' for `-s' option
* parse: fix broken destination port address translation
* udp: fix missing scope_id in the socket creation
* mcast: remove several unused structure fields
* config: obsolete `ListenTo' clause
* sync-mode: fix broken dedicated-link change in multichannel layer
* conntrack: fix missing bits in `-C' command
* conntrack: add `-S' command to display kernel statistics
* conntrack: remove broken command checking code
* doc: set nice to -20 in example config files
* config: cleanup error reporting during config file parsing
* build: bump version to 0.9.12
* daemon: remove unused constants in header file
* conntrack: remove hardcoded iteration in TCP support
* conntrack: cleanup error output with `-p tcp --state'
* conntrack: save one indent in the TCP support
* conntrack: fix coupled-options sanity checkings
* conntrack: add UDPlite support
* conntrack: add SCTP support
* conntrack: add DCCP support
* conntrackd: change scheduler and priority via configuration file
* conntrack: fix English typo in output message
* conntrack: add GRE support
* sync: add support for SCTP state replication
* conntrack: add DCCP role parameter for conntrack creation
* sync: add support for DCCP state replication
[ Samuel Gauthier ]
* build: use uint16_t instead of uint32_t for uint16_t attributes
[ Pablo Neira Ayuso ]
* conntrackd: add child process infrastructure
* conntrackd: detect where the events comes from
* conntrackd: flush operation use the child process and origin
infrastructure
* conntrackd: remove the cache write-through policy
* conntrackd: remove redudant declaration of Port in the parser
* conntrackd: remove an unused extern declaration in cache.h
[ Thomas Jarosch ]
* build: Added "m4" directory to make dist
[ Pablo Neira Ayuso ]
* src: remove obsolete changelog file
* conntrackd: remove unused request nfct handler
* conntrackd: add missing initialization of PID in process
infrastructure
* conntrackd: block signals during the access to the process list
* conntrackd: allow to limit the number of simultaneous child
processes
* conntrackd: use a permanent handler for flush operations
* conntrackd: use a permanent handler for commit operations
* conntrackd: add support to display statistics on existing child
processes
* build: use TLV format for SCTP/DCCP protocol information
* conntrackd: rename `-s queue' option by `-s rsqueue'
* conntrackd: add the name field to queues
* conntrackd: add `-s queue' to display queue statistics
* conntrackd: add statistics about queue node objects
* conntrackd: add statistics for enospc errors in queues
* conntrackd: fix memory leak in cache_update_force()
* conntrackd: fix wrong TCP handling in unused nl_update_conntrack()
* conntrack: fix English typo in documentation
* build: bump version to 0.9.13
* build: update library version requirements
[ Jan Engelhardt ]
* doc: spell fix in conntrack(8) manpage
[ Pablo Neira Ayuso ]
* local: add LOCAL_RET_* return values for UNIX sockets callbacks
* conntrackd: add iterators with limited steps in hash and cache types
* conntrackd: rework commit not to fork a child process
* conntrackd: improve handling of external messages
* conntrackd: reset event limit iteration counter
* conntrackd: add clause to enable ctnetlink reliable event delivery
* conntrackd: add support for IPv6 kernel-space filtering via BSF
* conntrackd: use conntrack ID in the cache lookup
* conntrackd: fix crash for unubuffered channel on exit path
* conntrackd: more robust sanity checking on synchronization messages
* conntrackd: add `DisableExternalCache' clause
* conntrackd: reduce the number of gettimeofday() syscalls
* conntrackd: allow to remove file descriptors from set
* conntrackd: add support state-replication based on TCP
* conntrackd: net message memory allocation is unsafe
[ Samuel Gauthier ]
* conntrackd: better parse_payload protection against corrupted
packets
* conntrackd: fix bad configuration file for DisableExternalCache
statement
[ Pablo Neira Ayuso ]
* conntrackd: fix MTU for TCP channels
* conntrackd: fix return value in notrack_local()
* conntrackd: improve error handling in tcp_send
* conntrackd: fix `conf' local variable in channel.c that shadows
global
* conntrackd: fix re-connect with multiple TCP channels
* conntrackd: break lines at 80 characters in example config files
* conntrackd: rate-limit the amount of connect() calls
* conntrackd: add retention queue for TCP errors
* conntrackd: add alive control messages to notrack mode
* conntrackd: fix wrong calculation of new maxfd on unregister_fds()
[ Hannes Eder ]
* conntrack: fix output when no arguments are passed
* conntrack: avoid error with expectations when using 'conntrack -E -e
ALL ...'
* conntrack: use fscanf() instead of read() for showing counter
[ Pablo Neira Ayuso ]
* conntrackd: add statistics when the external cache is disabled
* conntrackd: add missing external statistics
* conntrackd: add `DisableInternalCache' clause
* conntrackd: use indirect call to build layer 4 protocol information
* conntrackd: add ICMP support for state-synchronization
* conntrackd: fix flow-state filtering for TCP
* conntrackd: document internal cache disabling and TCP-based
synchronization
* conntrack: fix manually created TCP entries with window tracking
enabled
* conntrackd: document `-B' command
* build: bump version to 0.9.14
* conntrackd: fix UDP filtering in configuration file
* conntrackd: add support for TCP window scale factor synchronization
* conntrackd: cleanup port addition in the message building path
* conntrackd: fix `conntrackd -c' if external cache is disabled
* conntrack: option `-t' in on the same line as `-m' in manpage
* conntrackd: PollSecs goes in the General clause for statistics
* conntrackd: split __run() routine for poll and event-driven modes
* doc: description on how to block traffic with conntrack was
incomplete
* conntrack: fix `-L --src-nat --dst-nat'
[ Mohit Mehta ]
* conntrackd: `-i -x' does not display internal cache in XML
[ Pablo Neira Ayuso ]
* conntrack: revert fix `-L --src-nat --dst-nat'
* conntrack: fix `conntrack -L --src-nat --dst-nat' (second try)
* conntrack: `-L --src-nat --dst-nat' filter using AND, not OR logic
* conntrackd: complete TCP window scale support
* conntrack: expand array that maps option-flags to option-names
* conntrack: put all the commands and options code together
* conntrack: fix port filter with `--src-nat' and `--dst-nat'
* conntrack: add `--any-nat' to filter any NATted flow
* conntrack: add testsuite for NAT filtering options
* conntrack: re-fix inconsistent display with `--src-nat' and `--dst-
nat'
* conntrack: fix bogus NATted flows in filtering
* conntrack: fix `conntrack --src-nat 3.3.3.3' and similar
* conntrack: fix `conntrack --src-nat 1.1.1.1' if PAT applied
* conntrack: fix `conntrack --any-nat 1.1.1.1' filtering
* conntrack: --[src|dst|any]-nat requires IP:PORT as argument
* conntrack: fix `conntrack --[src|dst|any]-nat IP:PORT' if port
mismatches
* conntrack: cleanup parsing of the NAT arguments
[ Mohit Mehta ]
* conntrackd: update error message for max netlink socket size reached
[ Pablo Neira Ayuso ]
* conntrackd: fix ICMPv6 support
* conntrack: add zone support
[ Mohit Mehta ]
* conntrackd: enforce strict logic for NetlinkBufferSize[*] clauses
[ Pablo Neira Ayuso ]
* conntrackd: open event handler once cache has been populated
* conntrackd: setup event reliability after handler creation
[ Mohit Mehta ]
* conntrackd: replace cryptic `mfrm' by `malformed' in `-s'
[ Pablo Neira Ayuso ]
* conntrackd: fix parsing of NAT sequence adjustment in
synchronization messages
* conntrackd: warn on TCPWindowTracking option (it requires kernel >=
2.6.35)
* build: update libnetfilter_conntrack dependency (>= 0.0.102)
* build: bump version to 0.9.15
* conntrackd: fix wrong kernel requirements for TCPWindowTracking in
example files
* conntrackd: minor documentation update (two new questions in the
FAQ)
* conntrack: fix missing line break in conntrack(8) manpage
* conntrack: allow to listen to all kind of expectation events
[ Jan Engelhardt ]
* build: use autoconf-suggested naming of files
* build: use modern call syntax for AM_INIT_AUTOMAKE
* build: drop unused $(all_includes)
* build: remove statements without effect
* build: remove unused $(all_libraries)
* build: no need for error message in PKG_CHECK_MODULES
* Add .gitignore files
* build: resolve automake warning
* build: default to not building static libraries
* build: run autoupdate to replace obsolete constructs
* build: use AM_YFLAGS instead of overriding YACC
* build: remove redundant bison/lex tests
[ Pablo Neira Ayuso ]
* doc: update conntrack-tools manual
* doc: remove reference to the CT target
* local: don't override initial return value
* sync: don't override initial return value of local handler
* cache: close commit request if we already have one in progress
* cache: log if we received a commit request while already one in
progress
* conntrackd: event iteration limiter is already reset in main select
loop
* conntrackd: rise number of committed entries per step
* conntrack: add -o ktimestamp option (it requires linux >= 2.6.38)
* conntrackd: use nfct_copy() with override flag in cache_object_new()
* conntrack: allocate template objects in the heap
* conntrackd: remove use of deprecated nfct_maxsize()
* doc: document -s option of conntrackd in the manual
* doc: document redundant link support for conntrackd
* conntrack: display informative message if expectation table is
flushed
* conntrack: support SYN_SENT2 TCP state as --state parameter
* doc: add reference to the CT target again
* doc: add missing conntrackd -s invocation with options
* build: conntrack-tools now requires libnetfilter_conntrack >= 0.9.1
* doc: prepare 1.0.0 release in conntrack-tools manual
* build: bump version to 1.0.0
* build: Linux kernel-style for compilation messages
[ Florian Westphal ]
* conntrack: add support for mark mask
* conntrack: skip sending update message to kernel if conntrack is
unchanged
[ Pablo Neira Ayuso ]
* conntrack: remove unused variable with -S
[ Florian Westphal ]
* testsuite: add tests for --mark option
* conntrack: add missing break when parsing --id/--secmark options
[ Pablo Neira Ayuso ]
* conntrackd: add missing initial caching of gettimeofday()
[ Jan Engelhardt ]
* Update .gitignore
* build: use AC_CONFIG_AUX_DIR and stash away tools
* build: disable implicit .tar.gz archive generation and use POSIX
mode
[ Pablo Neira Ayuso ]
* conntrackd: fix filtering of dump output if internal cache is
disabled
* doc: primary-backup.sh: clarify licensing terms (GPLv2+)
* conntrackd: fix checking of return value of queue_add()
* build: bump version to 1.0.1
* conntrackd: generalize caching infrastructure
* conntrackd: generalize external handlers to prepare expectation
support
* conntrackd: generalize/cleanup network message building/parsing
* conntrackd: generalize local handler actions
* conntrackd: simplify cache_get_extra function
* conntrackd: remove cache_data_get_object and replace by direct
pointer
* conntrackd: constify ct parameter of ct_filter_* functions
* conntrackd: relax checkings in ct_filter_sanity_check
* conntrackd: minor cleanup for commit
* conntrackd: support for expectation synchronization
* doc: update conntrack-tools manual to detail expectation support
[ Gaurav Sinha ]
* updating changelog for merge of expect-sync and oxnard
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Fri, 20 Jan 2012 15:55:05 -0800
conntrack (0.9.14-2+vyatta14) unstable; urgency=low
* Collapse of expect-sync branch to oxnard. Brings in support for expect table sync.
-- Gaurav Sinha <gaurav.sinha@vyatta.com> Thu, 07 Jul 2011 20:52:06 -0700
conntrack (0.9.14-2+vyatta13) unstable; urgency=low
* new branch
-- Deepti Kulkarni <deepti@vyatta.com> Thu, 07 Jul 2011 20:52:06 -0700
conntrack (0.9.14-2+vyatta12) unstable; urgency=low
* new branch
-- An-Cheng Huang <ancheng@vyatta.com> Tue, 28 Dec 2010 20:41:51 +0000
conntrack (0.9.14-2+vyatta11) unstable; urgency=low
* UNRELEASED
-- An-Cheng Huang <ancheng@vyatta.com> Thu, 02 Sep 2010 18:25:52 -0700
conntrack (0.9.14-2+vyatta10) unstable; urgency=low
* remove debian patching from build
-- An-Cheng Huang <ancheng@vyatta.com> Tue, 31 Aug 2010 15:58:54 -0700
conntrack (0.9.14-2+vyatta9) unstable; urgency=low
* UNRELEASED
-- An-Cheng Huang <ancheng@vyatta.com> Thu, 22 Jul 2010 17:20:32 -0700
conntrack (0.9.14-2+vyatta8) unstable; urgency=low
* conntrackd: replace cyptic 'mfrm' with 'malformed' in '-s'
-- Mohit Mehta <mohit.mehta@vyatta.com> Fri, 09 Jul 2010 10:35:04 -0700
conntrack (0.9.14-2+vyatta7) unstable; urgency=low
* Enforce strict logic for NetlinkBufferSize,
NetlinkBufferSizeMaxGrowth clauses
-- Mohit Mehta <mohit.mehta@vyatta.com> Wed, 07 Jul 2010 12:01:52 -0700
conntrack (0.9.14-2+vyatta6) unstable; urgency=low
* update error message for max netlink socket size reached
-- Mohit Mehta <mohit.mehta@vyatta.com> Thu, 01 Jul 2010 10:40:06 -0700
conntrack (0.9.14-2+vyatta5) unstable; urgency=low
[ Mohit Mehta ]
* Revert "fix `conntrack -L --src-nat --dst-nat`"
[ Pablo Neira Ayuso ]
* conntrack: fix `conntrack -L -n -g` (second try)
* conntrack: fix `conntrack -L -n -g` filter using AND, not OR logic
[ Mohit Mehta ]
* update dh_gencontrol for dev build
-- Mohit Mehta <mohit.mehta@vyatta.com> Tue, 22 Jun 2010 11:53:55 -0700
conntrack (0.9.14-2+vyatta4) unstable; urgency=low
[ Pablo Neira Ayuso ]
* fix `conntrack -L --src-nat --dst-nat`
[ Mohit Mehta ]
* fix `conntrackd -i -x`
[ Pablo Neira Ayuso ]
* This patch move the ports addition to the layer 4 functions, instead
[ Mohit Mehta ]
-- Mohit Mehta <mohit.mehta@vyatta.com> Tue, 15 Jun 2010 12:23:35 -0700
conntrack (0.9.14-2+vyatta3) unstable; urgency=low
* add missing m4 files
* update .gitignore
* remove generated files, apply debian patch 10-fix_udp_support.dpatch
* remove files for applied patch
-- Mohit Mehta <mohit.mehta@vyatta.com> Mon, 14 Jun 2010 20:34:06 -0700
conntrack (0.9.14-2+vyatta2) unstable; urgency=low
* UNRELEASED
-- Mohit Mehta <mohit.mehta@vyatta.com> Mon, 14 Jun 2010 16:07:51 -0700
conntrack (0.9.14-2+vyatta1) unstable; urgency=low
* vyatta conntrack-tools
-- Mohit Mehta <mohit.mehta@vyatta.com> Mon, 14 Jun 2010 16:05:05 -0700
conntrack (1:0.9.14-2) unstable; urgency=low
* Integrate lost NMU from Stefan Fritsch. Thanks Stefan
* Prevent dpkg conffile prompt for unmodified conntrackd.conf when upgrading
from pre 1:0.9.12-1 (closes: #542662).
-- Alexander Wirt <formorer@debian.org> Sat, 13 Feb 2010 11:17:59 +0100
conntrack (1:0.9.14-1) unstable; urgency=low
* New upstream version
* Add ${misc:Depends} to all binary packages
* Add dpatch support
* Bump standards version (no changes)
* Remove Max from Uploaders. Thanks for your work!
* Backport patch from HEAD to fix UDP filtering.
Thanks tino for the hint
-- Alexander Wirt <formorer@debian.org> Sat, 30 Jan 2010 18:34:09 +0100
conntrack (1:0.9.13-1) unstable; urgency=low
[ Max Kellermann ]
* new upstream release (Closes: #537896, #545918)
- require libnfnetlink 1.0.0, libnetfilter_conntrack 0.0.100
- ChangeLog was removed by upstream
* updated home page in the copyright file (Closes: #533583)
* correct LSB dependencies in init script, patch by Petter Reinholdtsen
(Closes: #541079)
[ Alexander Wirt ]
* Bump standards version
-- Alexander Wirt <formorer@debian.org> Thu, 17 Sep 2009 12:32:19 +0200
conntrack (1:0.9.12-1) unstable; urgency=low
[ Max Kellermann ]
* new upstream release
- build-depend on libnfnetlink 0.0.40, libnetfilter-conntrack 0.0.99
- fixes FTBS (undeclared variable)
(Closes: #522181, #518891)
* moved conntrackd.conf to /etc/conntrackd/conntrackd.conf (Closes: #477679)
* updated sample configuration file
* updated home page to http://conntrack-tools.netfilter.org/
* restart conntrackd after logrotate (Closes: #513079)
[ Alexander Wirt ]
* Bump standards version
-- Alexander Wirt <formorer@debian.org> Thu, 02 Apr 2009 11:37:25 +0200
conntrack (1:0.9.7-1) unstable; urgency=low
[ Max Kellermann ]
* new upstream release
- dropped all patches because they have been merged by upstream
- depend on libnfnetlink 0.0.33, libnetfilter-conntrack 0.0.94
[ Alexander Wirt ]
* Bump standards version (No changes)
-- Alexander Wirt <formorer@debian.org> Tue, 22 Jul 2008 23:33:30 +0200
conntrack (1:0.9.6-4) unstable; urgency=low
[ Max Kellermann ]
* fix compilation on SPARC (printf argument mismatch)
-- Alexander Wirt <formorer@debian.org> Mon, 14 Apr 2008 23:09:22 +0200
conntrack (1:0.9.6-3) unstable; urgency=low
[ Max Kellermann ]
* fix gcc 4.3 compilation errors:
- "large integer implicitly truncated to unsigned type" (Closes: #472812)
- "'input' defined but not used" (Closes: #474768)
-- Alexander Wirt <formorer@debian.org> Tue, 08 Apr 2008 22:08:10 +0200
conntrack (1:0.9.6-2) unstable; urgency=low
* Build depend on bison (Closes: #472442)
-- Alexander Wirt <formorer@debian.org> Mon, 24 Mar 2008 12:35:44 +0100
conntrack (1:0.9.6-1) unstable; urgency=low
[ Max Kellermann ]
* new upstream release
* added package "conntrackd"
* updated watchfile for new upstream name "conntrack-tools" (Closes:
#449899)
* removed "-Wall" from CFLAGS override
* moved DH_COMPAT to debian/compat
* don't ignore "make distclean" errors
* bumped Standards-Version to 3.7.3
* install upstream changelog
* added Homepage header to debian/control
* call dh_install with -X.svn because upstream accidently distributed
the .svn directories
-- Alexander Wirt <formorer@debian.org> Fri, 21 Mar 2008 22:46:22 +0100
conntrack (1.00~beta2-1) unstable; urgency=low
* initial debian release (Closes: #388615)
-- Max Kellermann <max@duempel.org> Thu, 21 Sep 2006 18:04:51 +0200