| Bart De Schuymer | 5fd425b | 2003-06-01 16:41:01 +0000 | [diff] [blame] | 1 | 20030601 |
| 2 | * added --Lmac2 |
| 3 | * <csv_at_bluetail.com> Chris Vitale: basic 802.3/802.2 filtering |
| 4 | (experimental, kernel files are in the CVS) |
| 5 | |
| 6 | 20030503 |
| 7 | * added negative rule counter support |
| 8 | * bugfix: bcnt was not updated correctly |
| 9 | * <blancher_at_cartel-securite.fr> Cedric Blancher: add ARP MAC |
| 10 | matching support |
| 11 | * added pkttype match |
| Bart De Schuymer | 36aee75 | 2003-04-01 16:59:57 +0000 | [diff] [blame] | 12 | 20030402 |
| 13 | * fixed check bug in ebt_ip.c (report from |
| 14 | joe_judge_at_guardium.com). |
| 15 | 20030111 |
| 16 | * fixed problem when removing a chain (report from |
| 17 | ykphuah_at_greenpacket.com). |
| 18 | * Added --help list_extensions which, well, lists the extensions |
| Bart De Schuymer | 27b121c | 2002-12-03 20:53:19 +0000 | [diff] [blame] | 19 | 20021203 |
| 20 | * changed the way to use the atomic operations. It's now possible |
| 21 | to use the EBTABLES_ATOMIC_FILE environment variable, so it's no |
| 22 | longer necessary to explicitly state the file name. See the man. |
| Bart De Schuymer | 832f09c | 2002-11-20 19:40:28 +0000 | [diff] [blame] | 23 | 20021120 |
| 24 | * changed the way of compiling. New releases will now contain their |
| 25 | own set of kernel includes. No more copying of kernel includes to |
| 26 | /usr/include/linux |
| 27 | * added getethertype.c (Nick) and use it. Removed name_to_number() |
| 28 | and number_to_name(). |
| 29 | 20021106 |
| 30 | * added possibility to specify a rule number interval when deleting |
| 31 | rules |
| 32 | 20021102 |
| 33 | * added ! - option possibility, which is equivalent to - ! option |
| 34 | 20021102 |
| 35 | * since last entry: added byte counters and udp/tcp port matching |
| Bart De Schuymer | b44c5f4 | 2002-08-30 20:33:36 +0000 | [diff] [blame] | 36 | 20020830 |
| 37 | * updated the kernel files for 2.4.20-pre5 and 2.5.32 |
| 38 | * last big cleanup of kernel and userspace code just finished |
| 39 | 20020820 |
| 40 | * ARP module bugfix |
| 41 | * IP module bugfix |
| 42 | * nat module bugfix |
| Bart De Schuymer | b2c4e37 | 2002-07-30 20:59:17 +0000 | [diff] [blame] | 43 | 20020730 |
| 44 | * other things done before 2.0-rc1 that I can think of, |
| 45 | including kernel: |
| 46 | * cache align counters for better smp performance |
| 47 | * simplify snat code |
| 48 | * check for --xxxx-target RETURN on base chain |
| 49 | * cleanup code |
| 50 | * minor bugfixes |
| 51 | 20020724 |
| 52 | * code cleanup |
| 53 | * bugfix for --atomic-commit |
| Bart De Schuymer | a501b78 | 2002-07-20 16:15:39 +0000 | [diff] [blame] | 54 | 20020720 |
| 55 | * added mark target+match |
| Bart De Schuymer | 52b6fd2 | 2002-07-14 19:23:56 +0000 | [diff] [blame] | 56 | 20020714 |
| 57 | * added --atomic options |
| 58 | 20020710 |
| 59 | * some unlogged changes (due to lazyness) |
| 60 | * added --Lc, --Ln, --Lx |
| Bart De Schuymer | fc62a34 | 2002-06-25 21:11:40 +0000 | [diff] [blame] | 61 | 20020625 |
| 62 | * user defined chains support: added -N, -X, -E options. |
| Bart De Schuymer | 41e8a19 | 2002-06-23 08:03:12 +0000 | [diff] [blame] | 63 | 20020621 |
| 64 | * some unlogged changes (due to lazyness) |
| 65 | * change the output for -L to make it look like it would look when |
| 66 | the user inputs the command. |
| 67 | * try to autoload modules |
| 68 | * some minor bugfixes |
| 69 | * add user defined chains support (without new commands yet, |
| 70 | deliberately) |
| 71 | * comparing rules didn't take the logical devices into account |
| Bart De Schuymer | 1abc55d | 2002-06-01 19:23:47 +0000 | [diff] [blame] | 72 | 20020520 |
| 73 | * update help for -s and -d |
| 74 | * add VLAN in ethertypes |
| 75 | * add SYMLINK option for compiling |
| 76 | 20020501 |
| 77 | * allow -i and --logical-in in BROUTING |
| 78 | * update the manual page |
| 79 | * rename /etc/etherproto into /etc/ethertypes (seems to be a more |
| 80 | standard name) |
| 81 | * add MAC mask for -s and -d, also added Unicast, Multicast and |
| 82 | Broadcast specification for specifying a (family of) MAC |
| 83 | addresses. |
| 84 | 20020427 |
| 85 | * added broute table. |
| 86 | * added redirect target. |
| 87 | * added --redirect-target, --snat-target and --dnat-target options. |
| 88 | * added logical_out and logical_in |
| 89 | * snat bugfix (->size) |
| 90 | 20020414 |
| 91 | * fixed some things in the manual. |
| 92 | * fixed -P problem. |
| 93 | 20020411 |
| 94 | * -j standard no longer works, is this cryptic? good :) |
| 95 | * lots of beautification. |
| 96 | - made some code smaller |
| 97 | - made everything fit within 80 columns |
| 98 | * fix problems with -i and -o option |
| 99 | * print_memory now prints useful info |
| 100 | * trying to see the tables when ebtables is not loaded in kernel |
| 101 | no longer makes this be seen as a bug. |
| 102 | 20020403 |
| 103 | ebtables v2.0 released, changes: |
| 104 | * A complete rewrite, made everything modular. |
| 105 | * Fixed a one year old bug in br_db.c. A similar bug was present |
| 106 | in ebtables.c. It was visible when the number of rules got |
| 107 | bigger (around 90). |
| 108 | * Removed the option to allow/disallow counters. Frames passing |
| 109 | by are always counted now. |
| 110 | * Didn't really add any new functionality. However, it will be |
| 111 | _alot_ easier and prettier to do so now. Feel free to add an |
| 112 | extension yourself. |
| 113 | * There are 4 types of extensions: |
| 114 | - Tables. |
| 115 | - Matches: like iptables has. |
| 116 | - Watchers: these only watch frames that passed all the matches |
| 117 | of the rule. They don't change the frame, nor give a verdict. |
| 118 | The log extension is a watcher. |
| 119 | - Targets. |
| 120 | * user32/kernel64 architectures like the Sparc64 are unsupported. |
| 121 | If you want me to change this, give me access to such a box, |
| 122 | and don't pressure me. |