Ahmed Abdelsalam (2): src: handle rt0 and rt2 properly src: Adding support for segment routing header 'srh' Duncan Roe (3): doc: nft.8 aim for consistent synopses throughout (again) doc: nft.8 more spelling fixes src: fix --debug mnl not producing output Florian Westphal (34): doc: add set information and example for run-time blackhole netlink: use nftnl_flowtable_get/set src: fix routing header support tests: add srh test cases tests: add test cases for vmap binop transfer src: netlink_delinearize: don't assume element contains a value src: segtree: use value expression length evaluate: handle binop adjustment recursively src: evaluate: add preliminary binop transfer support for vmaps doc: describe table dormant flag remove todo list src: avoid errouneous assert with map+concat tests: meta: icmp, icmpv6: don't kill required dependencies payload: don't remove icmp family dependency in special cases proto: permit icmp-in-ipv6 and icmpv6-in-ipv4 Revert "payload: don't remove icmp family dependency in special cases" statement: print space before "{" in set add netlink_delinearize: kill dependency before eval of 'redirect' stmt tests: redirect: fix tests for upcoming nft-test.py fix tests: mh: fix expected test output tests: ct, meta: fixes for upcoming nft-test.py fix nft-test: check start of rule with sets too tests: ip6: fix 'missing payload' error evaluate: move lhs fixup to a helper evaluate: split binop xfer to separate function evaluate: handle EXPR_MAPPING evaluate: use recursive call for SET_REF handling configure: don't enable xtables when --without-xtables is passed scanner: add helpers token src: rename ibrportname, obrportname evaluate: reset eval context when evaluating set definitions evaluate: clear expression context before cmd evaluation doc: reword insert position, this expects rule handle to insert, not a relative postition build: Bump version to v0.8.4 Harsha Sharma (13): src: print 'handle' attribute in tables parser_bison: delete table via table handle src: Print handle attribute in chains parser_bison: delete chain via chain handle src: list set handle and delete set via set handle tests/shell: add tests for deletion of chains via chain handle tests/shell: add tests for deletion of sets via set handle src: extend nft to list object handle and delete objects via handle doc/nft.xml: Add deletion for objects via handles tests/shell: add tests for deletion of objects via object handle rule: print handle attribute in more clearer manner tests: shell: fix tests for deletion via handle attribute src: Updates for mini-gmp.{c,h} Laura Garcia Liebana (2): tests: shell: autogenerate dump verification src: support of dynamic map addition and update of elements Pablo Neira Ayuso (42): src: add variable expression and use it to allow redefinitions tests: shell: redefine and undefine tests: shell: set timeout and size combination coverage src: support for flowtable listing src: add support to add flowtables src: delete flowtable src: flow offload support tests: shell: add flowtable tests doc: nft: document flowtable netlink: print chain handle with --echo --handle netlink: print table handle with --echo --handle rule: print object handle with --echo --handle rule: broken handle listing of table and named objects tests: shell: missing redirection to file configure: bump libnftnl dependency src: support for get element command src: move monitor code to src/monitor.c src: remove unused batch support checks src: don't not dump set content from netlink_get_setelems() src: update dynamic set updates from packet path syntax Revert "src: update dynamic set updates from packet path syntax" src: revisit syntax to update sets and maps from packet path tests: update to new syntax to add/update set from packet path rule: reset cache iff there is an existing cache src: use mini-gmp 6.1.2 stable release evaluate: do not inconditionally update cache from flush command evaluate: propagate binop_transfer() adjustment to set key size netlink: floating point exception with concatenations tests: py: remove object ID from payload file parser_bison: missing rules for IBRIDGENAME and OBRIDGENAME src: use ibrname and obrname mnl: remove non-batch netlink code netlink: remove dead netlink_io_error() calls netlink: pass cmd object to netlink function calls netlink: netlink_list_chains() callers always wants all existing chains netlink: don't pass location to netlink_list_*() function netlink: remove unused function declarations src: simplify netlink_get_setelems() and rename it to netlink_list_setelems() src: centralize netlink error reporting netlink: no EINTR handling from netlink_get_setelem() evaluate: missing flowtable evaluation from nested notation rule: do not hardcode ingress when printing flowtable Phil Sutter (35): tests/shell: Use custom nft binary for ruleset listing relational: Eliminate meta OPs netlink: Fold netlink_gen_cmp() into netlink_gen_relational() Combine redir and masq statements into nat Support 'nft -f -' to read from stdin tests/shell: Fix dump of chains/0016delete_handle_0 tests/shell: Fix flowtable test cases flowtable: Make parsing a little more robust tests/shell: Fix sporadic fail of include/0007glob_double_0 tests/shell: Allow to specify multiple testcases tests/shell: Test flush and nat chain recreate in one go Export libnftables (again) ct: Fix output_fp bypass in ct_print() libnftables: Fix for input without trailing newline libnftables: Introduce nft_ctx_set_error() libnftables: Support buffering output and error libnftables: Simplify cookie integration tests/py: Use libnftables instead of calling nft binary tests/py: Review print statements in nft-test.py tests/py: Allow passing multiple files to nft-test.py cli: Drop String termination workaround erec: Review erec_print() libnftables: Fix forgotten bit after introducing error_fp rule: Free table->objs in table_free() segtree: Fix memory leaks Review raw payload allocation points segtree: Fix for last elem at interval end tests/py: rt.t: Drop needless rule output tests/py: Fix differences printing for rules with sets Review .gitignore files contents ct: Remove duplicate include of gmputil.h libnftables: Keep cmds list outside of parser_state parser_bison: Pass struct nft_ctx to parser_init() rule: Free flowtable in handle_free() statement: Fix get_rate() for zero byte_rate Sabrina Dubroca (1): expression: fix constant expression allocation on big endian with partial bytes