IPtables-TNG ( The Next Generation of IPtables) is An environment that can use from different packet classification algorithm (eg. tuple) with "iptables" to support large rulesets (more than 10,000 rules) for high bandwidth networks. Interactivity is one of the best feature of this version. Like of any open source project, this git repository has been prepared to share project source and activities with others. You can see recent & ongoing works on IPtablestng.... read more
IPtables-TNG (The Next Generation of iptables) is an environment that can use from different packet classification algorithms (eg. tuple) to support large rulesets (more than 10,000 rules) for high bandwidth networks. This release fixes some bugs in IPtablestng-V2.1.
After release of V2.1 with new architecture and also a new classifier (url classifier to filter http packets base on domain name) for kernel2.6.25, this release fixes some bugs in V2.1. As a summary, this fixes contain:
- solve alignment bug in 64bit systems(now Iptablestng is ready for 64 bit systems),
- satisfy unsigned rank comparison and next_match rule traverse (in url classifier) bugs
- forbidden manage of returned XT_CONTINUE from some targets like MARK (his affect was packets drops when packets reach targets like MARK) and ....
This release also uses better hash function for tuple classifier.... read more
URL Classifier; an special purpose classifier for IPtablestng-V2.1 (kernel2.6.25.*), for filtering "http packets" traffics base on their domain names is ready.
You can filter http packets with one iptables rule: e.g. to filter www.xxx.com on MY_CHAIN:
# iptables -A MY_CHAIN -m url --url www.xxx.com -j DROP
iptables-TNG ( The Next Generation of iptables) An environment that can use from different packet classification algorithm (eg. tuple) to support large rulesets (more than 10,000 rules) for high bandwidth networks.
New release of iptables-tng for kernel-2.6.25 and iptables-1.4.1 is ready.
i hope that You can use kernel patches for 2.6.25.* (i test on .9 and .10).
A brief description of "How to write a classifier for iptables-tng?" is ready.
you can find him here (http://iptablestng.wiki.sourceforge.net/WriteClassifier-HOWTO).
base on the previous news (https://sourceforge.net/forum/forum.php?forum_id=840909) the beta version-2.0 of "new version of iptables" is ready. see the wiki page for more information and also features of this version.
Special thanks for new ideas or any bug reports.
After three year from the first release of the "new version of iptables (iptables-tng)" i implement the new version of iptables base on the ability of the first release and also some bug fixes and new features to easy deploying IPv6 to the iptables-tng.
I hope that put this new beta version in the next week on the sf.net.