Hi all,
Small release with some breaking changes. Filter (for filtering dump/flush) had relatively limited usefulness, and the API design didn't make much sense for how filtering works in newer kernels. The examples have been updated, but here's the tl;dr to match the previous mark/mask filtering:
conntrack.NewFilter().Mark(0xff00).MarkMask(0xffff)
Create a filter, then call methods on it until it represents your desired state. Make sure to read the API documentation for the features you want to use, since not all of them are available on older kernels, where unsupported filters will simply be ignored.
Another breaking change: StatusFlag has been renamed to Status, and the latter's previous definition has been removed. This leads to much simpler usage, especially when specifying them in filters, e.g.: conntrack.NewFilter().Status(conntrack.StatusConfirmed|conntrack.StatusDying).
Also, the IP family (v4/v6) is now correctly set in (*Conn).Get() when specifying only the original or reply tuple.
Please report any issues on the issue tracker.
What's Changed
- Fix Conn.Get to correctly set IP family for partial IPv6 filters by @milan-zededa in #46
- filter: overhaul API to allow for optional fields by @ti-mo in #49
- filter: support filtering dump/flush by conntrack zone by @ti-mo in #50
- filter: support filtering dump/flush by flow status by @ti-mo in #51
- filter: support filtering dump/flush by L3 protocol family (v4/v6) by @ti-mo in #52
- flow: remove surrounding struct from StatusFlag, rename to Status by @ti-mo in #53
- filter: clone Filters after each method call by @ti-mo in #54
New Contributors
- @milan-zededa made their first contribution in #46
Full Changelog: v0.5.2...v0.6.0
