New features
- A cryptographically secure checksum of the configuration file is now transmitted to letmeinfwd and checked between the letmeind and letmeinfwd daemons to ensure they have the same view of the configuration.
- A timeout individual to resources has been added. See
timeoutconfiguration option in resources. - The generated
nftablesrules now havecounterstatements added. This makes it easier to check/debug which rules are actually executed. - Support for specifying the resource ID instead of the port number on the client side has been added.
Incompatible changes
- The length of the nftables chain name is now restricted to 64 bytes. If you have an nftables chan name length longer than 64 bytes, you should shorten it now. I believe that chain names longer than 64 bytes are the exception. Therefore, I think this incompatible change is Ok. This change is necessary to make future changes possible. If you think different, please open an issue.