Releases: ti-mo/conntrack
v0.6.0: New dump/flush filtering
Hi all,
Small release with some breaking changes. Filter (for filtering dump/flush) had relatively limited usefulness, and the API design didn't make much sense for how filtering works in newer kernels. The examples have been updated, but here's the tl;dr to match the previous mark/mask filtering:
conntrack.NewFilter().Mark(0xff00).MarkMask(0xffff)
Create a filter, then call methods on it until it represents your desired state. Make sure to read the API documentation for the features you want to use, since not all of them are available on older kernels, where unsupported filters will simply be ignored.
Another breaking change: StatusFlag has been renamed to Status, and the latter's previous definition has been removed. This leads to much simpler usage, especially when specifying them in filters, e.g.: conntrack.NewFilter().Status(conntrack.StatusConfirmed|conntrack.StatusDying).
Also, the IP family (v4/v6) is now correctly set in (*Conn).Get() when specifying only the original or reply tuple.
Please report any issues on the issue tracker.
What's Changed
- Fix Conn.Get to correctly set IP family for partial IPv6 filters by @milan-zededa in #46
- filter: overhaul API to allow for optional fields by @ti-mo in #49
- filter: support filtering dump/flush by conntrack zone by @ti-mo in #50
- filter: support filtering dump/flush by flow status by @ti-mo in #51
- filter: support filtering dump/flush by L3 protocol family (v4/v6) by @ti-mo in #52
- flow: remove surrounding struct from StatusFlag, rename to Status by @ti-mo in #53
- filter: clone Filters after each method call by @ti-mo in #54
New Contributors
- @milan-zededa made their first contribution in #46
Full Changelog: v0.5.2...v0.6.0
Contributors
Assets 2
v0.5.2: Bugfix release, require Go 1.23
Small bugfix release for starting/stopping listeners. The minimum required Go version is now 1.23.
What's Changed
- Add to wait group prior to starting event worker by @enocom in #42
- ci: upgrade golangci-lint config, bump x/sys, address some linter errors, Go 1.23/1.24 by @ti-mo in #43
- go.mod: upgrade x/sys to 0.33.0, netfilter to 0.5.3 by @ti-mo in #44
New Contributors
Full Changelog: v0.5.1...v0.5.2
Contributors
Assets 2
v0.5.1: export Event.Unmarshal, bump minimum Go version to 1.21
Contributors
Assets 2
Convert API to package netip
This is a breaking change across the board, but one that is necessary for long-term maintainability and resource efficiency. Upgrading net.IP for netip.Addr is straightforward, so I won't document that here.
If you want to stay on the old API, you can continue using v0.4.1, but note that the 0.4.x series will not receive any further updates.
What's Changed
- Use netip.Addr instead of net.IP by @antoninbas in #36
New Contributors
- @antoninbas made their first contribution in #36
Full Changelog: v0.4.1...v0.5.0
Contributors
Assets 2
Linux 5.11 support, marshal flow labels, require Go 1.20
After a long radio silence, it was time to cut another release since 0.4.0 no longer works on recent Linux LTS releases.
This is the final release supporting the net.IP type. 0.5.0 onwards will require netip, introduced in #36.
What's Changed
- conn: Add conntrack dump while zeroing all counters by @linosgian in #25
- errors: replace errors.Wrap() with errors.Is() by @ti-mo in #30
- event: correctly parse TCP DESTROY events on kernels 5.11 and later by @ti-mo in #31
- Marshal flow labels, automatically set SequenceAdjust.Direction by @ti-mo in #37
- Bump to Go 1.20 and all dependencies to latest by @ti-mo in #38
New Contributors
- @linosgian made their first contribution in #25
Full Changelog: v0.4.0...v0.4.1
Contributors
Assets 2
Improve Netlink i/o performance
- Significant performance improvements in all Netlink i/o: mdlayher/netlink#171
- This version drops support for Go 1.11 and earlier. See mdlayher/netlink#170 for context.
Control Read/Write buffer sizes of netlink socket
- First tagged release ¯_(ツ)_/¯
- Added
Conn.Set{Read,Write}Buffer()to control buffer size of the underlying netlink socket. Make sure to read the godoc of the functions as well asman 7 socketonSO_RCVBUFandSO_SNDBUF.