The Netfilter HomePage: iptables 1.2.2
This version requires kernel 2.4.1 or above.
This version recommends kernel 2.4.4 or above.
Bugs Fixed from 1.2.1a:
-  fixes for SAME Target
 [ Martin Josefsson ]
-  fixes for iplimit match in combination with iptables-save/-restore
 [ Gerd Knorr ]
-  fix for TCP match in combination with iptables-save/-restore
 [ Ian Lynagh ]
-  iptables-restore now deals correclty with spaces in --log-prefix
 [ Harald Welte ]
-  fix in 'isapplied' script. It used to give false negatives
 [ Harald Welte ]
-  fix in BALANCE target, target now uses full ip address range
 [ Martin Josefsson ]
-  fix for NETLINK target, was sending wrong interface name
 [ Gianni Tedesco ]
-  fix for collision of ftp and irc NAT helpers
 [ Harald Welte ]
-  ip6tables brought in sync with iptables
 [ Kis-Szabo Andras ]
-  Kernel bugfixes in patch-o-matic:
  
	-  Fix possible security vulnerability in ip_conntrack_ftp
 [ Cristiano Lincoln Mattos, James Morris and Rusty ]
 
Changes from 1.2.1a:
-  libiptc should now be usable from C++ applications
 [ Fabrice MAURIE ]
-  seqoffset-,ftp-security, ... patches are combined in 2.4.4.patch
 [ Rusty Russell ]
-  lots of old pre-2.4.1 patches now combined in 2.4.1.patch
 [ Rusty Russel ]
-  IRC conntrack + nat cleanup
 [ Harald Welte ]
-  string match cleanup
 [ Gianni Tedesco ]
-  ULOG cleanup, new version. Fixes 'unable to send nflink' bug
 [ Harald Welte ]
-  New patch-o-matic patches:
  
-  New NETMAP Target for mapping whole networks 1:1 to other addresses
 [ Svenning Soerensen ]
-  New length Target for matching packet length
 [ James Morris ]
-  New ipv4options match for matching IPv4 header options
 [ Fabrice MARIE ]
-  New IPv6 agr match for matching IPv6 global aggregatable unicast adresses
 [ Andras Kis-Szabo ]
-  New pkttype match for matching link-layer multicast / broadcast packets
 [ Michal Ludvig ]
-  New time match for matching the packet's receive time
 [ Fabrice MARIE ]
-  New talk conntack + NAT helper module
 [ Jozsef Kadlecsik ]