Arturo Borrero Gonzalez (1):
      py: load the SONAME-versioned shared object

Benjamin Poirier (1):
      doc: Fix typo in IGMP section

Duncan Roe (1):
      doc: Clarify conditions under which a reject verdict is permissible

Florian Westphal (22):
      parser: add a helper for concat expression handling
      src: store expr, not dtype to track data in sets
      src: add "typeof" build/parse/print support
      mnl: round up the map data size too
      tests: add typeof test cases
      evaluate: print a hint about 'typeof' syntax on 0 keylen
      doc: mention 'typeof' as alternative to 'type' keyword
      meta: add slave device matching
      xfrm: spi is big-endian
      src: maps: update data expression dtype based on set
      evaluate: print correct statement name on family mismatch
      tests: 0034get_element_0: do not discard stderr
      tests: shell: avoid spurious failure when running in host namespace
      expression: use common code for expr_ops/expr_ops_by_type
      tests: add initial nat map test
      evaluate: process concat expressions when used as mapped-to expr
      netlink: handle concatenations on set elements mappings
      evaluate: add two new helpers
      src: allow nat maps containing both ip(6) address and port
      tests: nat: add and use maps with both address and service
      expressions: concat: add typeof support
      tests: update nat_addr_port with typeof+concat maps

Jan Engelhardt (1):
      src: compute mnemonic port name much easier

Jeremy Sowden (28):
      evaluate: fix expr_set_context call for shift binops.
      include: nf_tables: correct bitwise header comment.
      Update gitignore.
      src: white-space fixes.
      netlink_delinearize: fix typo.
      netlink_delinearize: remove commented out pr_debug statement.
      include: update nf_tables.h.
      netlink: add support for handling shift expressions.
      parser: add parenthesized statement expressions.
      evaluate: correct variable name.
      evaluate: change shift byte-order to host-endian.
      tests: shell: add bit-shift tests.
      tests: py: add missing JSON output.
      tests: py: add bit-shift tests.
      evaluate: add separate variables for lshift and xor binops.
      evaluate: simplify calculation of payload size.
      evaluate: don't evaluate payloads twice.
      evaluate: convert the byte-order of payload statement arguments.
      evaluate: no need to swap byte-order for values of fewer than 16 bits.
      netlink_delinearize: set shift RHS byte-order.
      src: fix leaks.
      main: add more information to `nft -V`.
      main: remove duplicates from option string.
      parser_bison: fix rshift statement expression.
      main: include '-d' in help.
      main: include '--reversedns' in help.
      main: interpolate default include path into help format-string.
      main: use one data-structure to initialize getopt_long(3) arguments and help.

Laurent Fasnacht (7):
      scanner: move the file descriptor to be in the input_descriptor structure
      scanner: move indesc list append in scanner_push_indesc
      scanner: remove parser_state->indescs static array
      Inclusion depth was computed incorrectly for glob includes.
      scanner: fix indesc_list stack to be in the correct order
      scanner: remove parser_state->indesc_idx
      tests: shell: add test for glob includes

Luis Ressel (1):
      netlink: Show the handles of unknown rules in "nft monitor trace"

Pablo Neira Ayuso (53):
      include: add nf_tables_compat.h to tarballs
      build: nftables 0.9.3 depends on libnftnl 1.1.5
      segtree: don't remove nul-root element from interval set
      proto: add proto_desc_id enumeration
      expr: add expr_ops_by_type()
      parser: add typeof keyword for declarations
      meta: add parse and build userdata interface
      exthdr: add exthdr_desc_id enum and use it
      exthdr: add parse and build userdata interface
      socket: add parse and build userdata interface
      osf: add parse and build userdata interface
      ct: add parse and build userdata interface
      numgen: add parse and build userdata interface
      hash: add parse and build userdata interface
      rt: add parse and build userdata interface
      fib: add parse and build userdata interface
      xfrm: add parse and build userdata interface
      main: enforce options before commands
      scanner: incorrect error reporting after file inclusion
      tests: shell: delete flowtable after flushing chain
      main: restore --debug
      evaluate: better error notice when interval flag is not set on
      tests: shell: set lookup and set update
      tests: shell: update list of rmmod modules
      tests: shell: validate error reporting with include and glob
      scanner: use list_is_first() from scanner_pop_indesc()
      parser: incorrect handle location
      src: initial extended netlink error reporting
      src: combine extended netlink error reporting with mispelling support
      mnl: extended error support for create command
      src: improve error reporting when setting policy on non-base chain
      src: improve error reporting when remove rules
      parser_bison: memleak in device parser
      mnl: do not use expr->identifier to fetch device name
      src: nat concatenation support with anonymous maps
      tests: shell: adjust tests to new nat concatenation syntax
      evaluate: stmt_evaluate_nat_map() only if stmt->nat.ipportmap == true
      src: support for offload chain flag
      netlink: remove unused parameter from netlink_gen_stmt_stateful()
      src: support for restoring element counters
      evaluate: add range specified flag setting (missing NF_NAT_RANGE_PROTO_SPECIFIED)
      src: support for counter in set definition
      tests: py: update nat expressions payload to include proto flags
      include: resync nf_tables.h cache copy
      src: add support for flowtable counter
      evaluate: display error if set statement is missing
      rule: add hook_spec
      parser_bison: store location of basechain definition
      evaluate: improve error reporting in netdev ingress chain
      evaluate: check for device in non-netdev chains
      parser_bison: simplify error in chain type and hook
      main: swap json and gmp fields in nft -V
      build: Bump version to v0.9.4

Phil Sutter (20):
      monitor: Do not decompose non-anonymous sets
      monitor: Fix for use after free when printing map elements
      tests: monitor: Support running individual test cases
      monitor: Fix output for ranges in anonymous sets
      tests: shell: Search diff tool once and for all
      cache: Fix for doubled output after reset command
      netlink: Fix leak in unterminated string deserializer
      netlink: Fix leaks in netlink_parse_cmp()
      netlink: Avoid potential NULL-pointer deref in netlink_gen_payload_stmt()
      tests: json_echo: Fix for Python3
      tests: json_echo: Support testing host binaries
      tests: monitor: Support testing host's nft binary
      tests: py: Support testing host binaries
      doc: nft.8: Describe element commands in their own section
      doc: nft.8: Mention wildcard interface matching
      scanner: Extend asteriskstring definition
      tests/py: Fix JSON output for changed timezone
      parser_json: Support ranges in concat expressions
      tests/py: Add tests involving concatenated ranges
      tests/py: Move tcpopt.t to any/ directory

Stefano Brivio (5):
      include: resync nf_tables.h cache copy
      src: Add support for NFTNL_SET_DESC_CONCAT
      src: Add support for concatenated set ranges
      tests: Introduce test for set with concatenated ranges
      tests: shell: Introduce test for insertion of overlapping and non-overlapping ranges

nl6720 (1):
      doc: Remove repeated paragraph and fix typo