summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2011-02-03 13:40:23 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2011-02-03 13:40:23 +0100
commitd6ee5bb4e5346b84efa33858091ba4add2b26de2 (patch)
tree33393efd16497674fdb5786dd71d502a7f0af4e6
parent8d3ea3476cec69b31423e34bc5b7576198c37668 (diff)
ipset 6.0 releasedv6.0
-rw-r--r--ChangeLog17
-rw-r--r--README18
-rw-r--r--UPGRADE10
-rw-r--r--configure.ac2
-rw-r--r--kernel/ChangeLog26
5 files changed, 59 insertions, 14 deletions
diff --git a/ChangeLog b/ChangeLog
index c6b1297..cbb193b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,20 @@
+6.0
+ - Print protocol version together with ipset version
+ - Testsuite compatibility with debugging enabled
+ - Allow "new" as a commad alias to "create"
+ - ipset: improve command argument parsing (Holger Eitzenberger)
+ - ipset: avoid the unnecessary argv[] loop (Holger Eitzenberger)
+ - ipset: pass ipset_arg argument pointer (Holger Eitzenberger)
+ - Separate ipset errnos completely from system ones and bump protocol
+ version
+ - Fix the spelling error fix :-) (Ferenc Wagner)
+ - Resolving IP addresses did not work at listing/saving sets, fixed
+ - ipset: fix spelling error (Holger Eitzenberger)
+ - ipset: fix the Netlink sequence number (Holger Eitzenberger)
+ - ipset: turn Set name[] into a const pointer (Holger Eitzenberger)
+ - Check ICMP and ICMPv6 with the set match and target in the testsuite
+ - Avoid possible syntax clashing at saving hostnames
+
5.3
- Set the non-debug compiling the default
- Testsuite fix of ospf replaced with vrrp.
diff --git a/README b/README
index 73c9cb0..a7ef16c 100644
--- a/README
+++ b/README
@@ -61,16 +61,18 @@ ipset and its match and target from iptables.
Compatibilities and incompatibilities:
-- The ipset 5.x userspace utility contains a backward compatibility
+- The ipset 6.x userspace utility contains a backward compatibility
interface to support the commandline syntax of ipset 4.x.
-- The ipset 5.x userspace utility can't talk to the kernel part of ipset 4.x.
-- The ipset 5.x kernel part can't talk to the userspace utility from
- ipset 4.x.
-- The ipset 5.x kernel part can work together with the set match and SET
+ The commandline syntax of ipset 6.x is fully compatible with 5.x.
+- The ipset 6.x userspace utility can't talk to the kernel part of ipset 5.x
+ or 4.x.
+- The ipset 6.x kernel part can't talk to the userspace utility from
+ ipset 5.x or 4.x.
+- The ipset 6.x kernel part can work together with the set match and SET
target from iptables 1.4.7 and below, however if you need the IPv6 support
- from ipset 5.x, then you have to use iptables 1.4.8 or above.
+ from ipset 6.x, then you have to use iptables 1.4.8 or above.
-The ipset 5.x can interpret the commandline syntax of ipset 4.x, however
+The ipset 6.x can interpret the commandline syntax of ipset 4.x, however
some internal changes mean different behaviour:
- The "--matchunset" flag for the macipmap type is ignored and not used
@@ -82,5 +84,5 @@ some internal changes mean different behaviour:
- The hash types are not resized when new entries are added by the SET
target. If you use a set together with the SET target, create it with
the proper size because it won't be resized automatically.
-- The iptree, iptreemap types are not implemented in ipset 5.x. The types
+- The iptree, iptreemap types are not implemented in ipset 6.x. The types
are automatically substituted with the hash:ip type.
diff --git a/UPGRADE b/UPGRADE
index f20810d..dfa677d 100644
--- a/UPGRADE
+++ b/UPGRADE
@@ -1,19 +1,19 @@
-ipset 5.x upgrade notices
+ipset 6.x, 5.x upgrade notices
-- From ipset 5.0-5.3 to 5.4:
+- From ipset 5.0-5.3 to 5.4 or above:
Due to the source code reorganization, some macros were moved to
the netlink.patch. Therefore when upgrading, you have two choices:
a. force the application of the new netlink.patch
- kernel-source-dir # patch -p1 -f < ipset-5.4-dir/netlink.patch
+ kernel-source-dir # patch -p1 -f < ipset-curr-dir/netlink.patch
b. remove the earlier netlink.patch and apply the new one:
kernel-source-dir # patch -p1 -R < ipset-before-5.4-dir/netlink.patch
- kernel-source-dir # patch -p1 < ipset-5.4-dir/netlink.patch
+ kernel-source-dir # patch -p1 < ipset-curr-dir/netlink.patch
You do not need to recompile your kernel.
- Of course the kernel modules in ipset-5.4 must be compiled and installed.
+ Of course the kernel modules in ipset must be compiled and installed.
diff --git a/configure.ac b/configure.ac
index 6273c79..fe31a22 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,5 @@
dnl Boilerplate
-AC_INIT([ipset], [5.4.1], [kadlec@blackhole.kfki.hu])
+AC_INIT([ipset], [6.0], [kadlec@blackhole.kfki.hu])
AC_CANONICAL_HOST
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_HEADER([config.h])
diff --git a/kernel/ChangeLog b/kernel/ChangeLog
index 8a5b307..086fe43 100644
--- a/kernel/ChangeLog
+++ b/kernel/ChangeLog
@@ -1,3 +1,29 @@
+6.0
+ - Reorganized kernel/ subdir
+ - netfilter: ipset: fix linking with CONFIG_IPV6=n (Patrick McHardy)
+ - netfilter: ipset: send error message manually
+ - netfilter: ipset: add missing break statemtns in
+ ip_set_get_ip_port() (Patrick McHardy)
+ - netfilter: ipset: add missing include to xt_set.h (Patrick McHardy)
+ - netfilter: ipset: remove unnecessary includes (Patrick McHardy)
+ - netfilter: ipset: use nla_parse_nested() (Patrick McHardy)
+ - Separate ipset errnos completely from system ones and bump protocol
+ version
+ - Use better error codes in xt_set.c
+ - Fix sparse warning about shadowed definition
+ - bitmap:ip type: flavour specific adt functions (Patrick McHardy's review)
+ - bitmap:port type: flavour specific adt functions (Patrick McHardy's
+ review)
+ - Move the type specifici attribute validation to the core
+ (suggested by Patrick McHardy)
+ - Use vzalloc() instead of __vmalloc() (Eric Dumazet, Patrick McHardy)
+ - Use meaningful error messages in xt_set.c (Patrick McHardy's review)
+ - Constified attribute cannot be written (Patrick McHardy's review)
+ - Send (N)ACK at dumping only when NLM_F_ACK is set
+ (Patrick McHardy's review)
+ - Correct the error codes: use ENOENT and EMSGSIZE (Patrick McHardy's
+ review)
+
5.4
- Fixed broken ICMP and ICMPv6 handling
- Fix trailing whitespaces and pr_* messages