3 * fixed a few reported bugs
4 * ebt_among --among-dst-file and --among-src-file: allow
5 the list to be given in a file (circumvents command line max.
7 * ebt_nat --snat-arp: if it's an arp packet, also change the source
8 address in the arp header
9 * ebt_mark --mark-or, --mark-xor, --mark-and
12 * ebtables modules are now located in /usr/lib/ebtables/
13 * added '/sbin/service ebtables' support
14 * added ebtables-save (thanks to Rok Papez <rok.papez@arnes.si>)
15 and ebtables-restore (the first one a perl script, the second
16 one written in c (fast))
17 * optimized the code for the '-A' command, making ebtables-restore
19 * ebtablesd/ebtablesu is deprecated and not compiled by default
20 the ebtables-save/ebtables-restore scheme is much better
24 * made the ebtables code modular (make library functions).
25 * added the ebtablesd/ebtablesu scheme to allow faster
26 addition of rules (and to test the modular code).
28 * added -c option (initialize counters)
29 * added -C option (change counters)
32 * <grzes_at_gnu.univ.gda.pl> added arpreply and among modules
33 * <tommy_at_home.tig-grr.com> added limit match
35 * added (automatic) Sparc64 support, thanks to Michael Bellion and
36 Thomas Heinz from hipac.org for providing a test-box.
38 * added stp frames match type
40 * added support for deleting all user-defined chains (-X option
41 without specified chain)
44 * <csv_at_bluetail.com> Chris Vitale: basic 802.3/802.2 filtering
45 (experimental, kernel files are in the CVS)
48 * added negative rule counter support
49 * bugfix: bcnt was not updated correctly
50 * <blancher_at_cartel-securite.fr> Cedric Blancher: add ARP MAC
54 * fixed check bug in ebt_ip.c (report from
55 joe_judge_at_guardium.com).
57 * fixed problem when removing a chain (report from
58 ykphuah_at_greenpacket.com).
59 * Added --help list_extensions which, well, lists the extensions
61 * changed the way to use the atomic operations. It's now possible
62 to use the EBTABLES_ATOMIC_FILE environment variable, so it's no
63 longer necessary to explicitly state the file name. See the man.
65 * changed the way of compiling. New releases will now contain their
66 own set of kernel includes. No more copying of kernel includes to
68 * added getethertype.c (Nick) and use it. Removed name_to_number()
71 * added possibility to specify a rule number interval when deleting
74 * added ! - option possibility, which is equivalent to - ! option
76 * since last entry: added byte counters and udp/tcp port matching
78 * updated the kernel files for 2.4.20-pre5 and 2.5.32
79 * last big cleanup of kernel and userspace code just finished
85 * other things done before 2.0-rc1 that I can think of,
87 * cache align counters for better smp performance
89 * check for --xxxx-target RETURN on base chain
94 * bugfix for --atomic-commit
96 * added mark target+match
98 * added --atomic options
100 * some unlogged changes (due to lazyness)
101 * added --Lc, --Ln, --Lx
103 * user defined chains support: added -N, -X, -E options.
105 * some unlogged changes (due to lazyness)
106 * change the output for -L to make it look like it would look when
107 the user inputs the command.
108 * try to autoload modules
109 * some minor bugfixes
110 * add user defined chains support (without new commands yet,
112 * comparing rules didn't take the logical devices into account
114 * update help for -s and -d
115 * add VLAN in ethertypes
116 * add SYMLINK option for compiling
118 * allow -i and --logical-in in BROUTING
119 * update the manual page
120 * rename /etc/etherproto into /etc/ethertypes (seems to be a more
122 * add MAC mask for -s and -d, also added Unicast, Multicast and
123 Broadcast specification for specifying a (family of) MAC
126 * added broute table.
127 * added redirect target.
128 * added --redirect-target, --snat-target and --dnat-target options.
129 * added logical_out and logical_in
130 * snat bugfix (->size)
132 * fixed some things in the manual.
135 * -j standard no longer works, is this cryptic? good :)
136 * lots of beautification.
137 - made some code smaller
138 - made everything fit within 80 columns
139 * fix problems with -i and -o option
140 * print_memory now prints useful info
141 * trying to see the tables when ebtables is not loaded in kernel
142 no longer makes this be seen as a bug.
144 ebtables v2.0 released, changes:
145 * A complete rewrite, made everything modular.
146 * Fixed a one year old bug in br_db.c. A similar bug was present
147 in ebtables.c. It was visible when the number of rules got
149 * Removed the option to allow/disallow counters. Frames passing
150 by are always counted now.
151 * Didn't really add any new functionality. However, it will be
152 _alot_ easier and prettier to do so now. Feel free to add an
154 * There are 4 types of extensions:
156 - Matches: like iptables has.
157 - Watchers: these only watch frames that passed all the matches
158 of the rule. They don't change the frame, nor give a verdict.
159 The log extension is a watcher.
161 * user32/kernel64 architectures like the Sparc64 are unsupported.
162 If you want me to change this, give me access to such a box,
163 and don't pressure me.