File jool.changes of Package jool
-------------------------------------------------------------------
Sun Jun 23 19:19:58 UTC 2024 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.1.12
* Fix several joold bugs. Also, add joold stats.
* Add support for kernels 6.8, 6.9, 6.10(-rc4), RHEL 8.10 and
9.4.
* Patch some rust in the "graybox" testing framework.
-------------------------------------------------------------------
Sun Dec 24 09:08:03 UTC 2023 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.1.11
* When running into an untranslatable address, print it clearly
in the logs.
* Enhance validations of pool4, BIB and session userspace
requests.
* Add support for kernel 6.4, 6.5, 6.6 and 6.7-rc6.
- Update to version 4.1.10
* Clean up skb->tstamp during translation to prevent dropped
packets.
* Improve validations for userspace requests.
* Add support for kernels 6.2 and 6.3.
* Modernize references to libxtables shared object functions.
- Drop patch
* 0001-Modernize-the-iptables-shared-object-exports.patch
-------------------------------------------------------------------
Wed Feb 8 12:54:39 UTC 2023 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.1.9
* Allow new Jool binaries to interact with other binaries
sharing the same major and minor number versions.
* Fix randomly incomplete stats display table print.
* Add support for kernels 5.17, 5.18, 5.19, 6.0, 6.1, RHEL8.6,
RHEL8.7, RHEL9.0 and RHEL9.1. Drop support for RHEL8.5.
* Fix sample atomic configuration in the documentation.
* Allow (and fix during translation, adding mandated padding)
ICMP errors containing both ICMP extensions and internal
packets measuring less than 128 bytes.
- Add patch:
* 0001-Modernize-the-iptables-shared-object-exports.patch
-------------------------------------------------------------------
Mon May 9 16:51:24 UTC 2022 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.1.8
* Fix checksums in Slow Path.
This is a fairly critical bug; please upgrade. It affects
packets that fulfill the following conditions:
+ IPv4-to-IPv6
+ Not ICMP error
+ Incoming packet’s DF was disabled
+ Packet was large, or GRO-aggregated
* Add validation to more verbosely reject IPv6 packets that
contain more than one fragment header.
* Add validation to more verbosely reject fragmented (and
notreassembled by nf_defrag_ipv*) ICMP errors.
* (Aside from being fairly illegal, these packets cannot be
translated because the "ICMPv6 length" of the ICMP pseudoheader
is unknown.)
* Bugfix: When routing TCP/UDP fragments, the code was including
header ports even though nonzero fragment-offset packets lack
TCP/UDP headers.
* This bug probably doesn't affect you, unless your routing is
somehow port-based.
- Update to version 4.1.7
* iptables dependency now optional.
- Upstream website moved
-------------------------------------------------------------------
Sat Dec 11 16:01:35 UTC 2021 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.1.6
* Fix joold in kernels 5.10+.
* Improve performance of EAMT table insertions during atomic
configuration.
* Tweak the TCP state machine so --handle-rst-during-fin-rcv
works in both translation directions (IPv4 -> IPv6,
IPv6 -> IPv4).
* Fix kernel crash during pool4 flush.
* Fix localhost traffic on Netfilter SIIT mode.
* Fix ICMP errors bounced back as responses from echo requests
or echo replies.
* Update the kernel support table.
-------------------------------------------------------------------
Sat Mar 6 11:48:04 UTC 2021 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.1.5
* Patch several joold bugs.
* Improve some documentation.
* Remove CAP_NET_ADMIN requirement from stats display.
- Update to version 4.1.4
* Deprecate "blacklist4," add replacement "denylist4."
* Add /32 to the generic denylist again. (And remove secondary
addresses, since nobody has actually requested them.)
-------------------------------------------------------------------
Wed Sep 2 18:20:56 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.1.3
-------------------------------------------------------------------
Thu May 7 06:02:08 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.9
* Patch userspace compilation error triggered when different
versions of Jool's libraries are already installed in the
system.
* Patch userspace-kernel communication on newer kernels. (This
bug was introduced in Jool 4.0.8.)
* Add support for kernel 5.6.
-------------------------------------------------------------------
Tue Mar 31 20:42:45 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.8
* Fix modprobe -r memory leak
* Modernize the Netlink code to prevent alignment issues during
userspace client requests.
-------------------------------------------------------------------
Sat Dec 21 18:49:44 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.7
* RFC 7915 review (Compliance status has been updated)
* Patch communication between 64-bit kernels and 32-bit userspace
* Fix iptables-save
* Kbuild: Remove usage of (deprecated) SUBDIRS (for kernel 5.4)
-------------------------------------------------------------------
Thu Oct 24 19:47:23 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.6
* Publish standalone Debian packages
* Patch documentation and build bugs
* Add support for kernel 5.4, RHEL7.7 and RHEL8.0
* Mirror Netfilter packet return mechanism on iptables mode
- Drop not longer needed patches:
* fix-build.patch
-------------------------------------------------------------------
Wed Jul 31 20:22:13 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.4
* Add support for kernel 5.3
* Remove file remove from argp2, add more versatile
replacement -f to argp1
* Add instance status operation, for the benefit of init scripts
-------------------------------------------------------------------
Sat Jul 20 08:52:57 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.3
* Export license properly during dist build
* Better messages on file read errors
-------------------------------------------------------------------
Fri Jul 12 20:14:14 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.2
Improvements since 4.0.1:
* Patches lots of build bugs
* Add support for kernels 5.1 and 5.2
* Add operation file remove (For the benefit of the systemd units)
* Add operation eamt query (But shh; don't well anyone. I haven't set
this in stone yet because I want to turn it into something more
generic, such as address translate, so as to not limit it to EAMT
queries.)
- Drop not longer needed patches:
* 0001-Add-support-for-kernel-5.1.patch
* 0002-Add-support-for-kernel-5.2.patch
-------------------------------------------------------------------
Tue Jul 2 21:10:26 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Add patches:
* 0001-Add-support-for-kernel-5.1.patch
* 0002-Add-support-for-kernel-5.2.patch
-------------------------------------------------------------------
Fri Apr 26 20:28:39 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0.1
* Patch kernel panic on malformed userspace requests
* Patch two bottlenecks
+ Remove unnecessary spinlock
+ reduce consumption of random numbers
- Update patches:
* fix-build.patch (partly fixed upstream)
-------------------------------------------------------------------
Fri Jan 18 22:49:32 UTC 2019 - mardnh@gmx.de
- Update to version 4.0.0
New features:
* iptables mode
* Instance naming
* stats
* Support for kernels 4.17, 4.18, 4.19, 4.20 and RHEL 7.5.
* Bash autocompletion
* BIB on Atomic Configuration (But only on new instances)
Fixes:
* Fix low performance on virtual interfaces.
* Patch incorrect fragment handling on newer kernels.
- Remove not longer needde patches:
* 0001-Add-support-for-RHEL-7.5.patch
* 0002-Add-support-for-kernel-4.17.patch
* 0003-packet-rename-offset_to_ptr-to-skb_offset_to_ptr-to-.patch
- Add patch:
* fix-build.patch
-------------------------------------------------------------------
Sat Dec 1 17:32:33 UTC 2018 - mardnh@gmx.de
- Initial package, version 3.5.7
