Project for firewall-related sources, sources from the Netfilter group, and for iproute.

NOTE: Automatically created during Factory devel project migration by admin.

The conntrack-tools are a set of tools targeted at system administrators. They are conntrack, the userspace command line interface, and conntrackd, the userspace daemon. The tool conntrack provides a full featured interface that is intended to replace the old /proc/net/ip_conntrack interface. Using conntrack, you can view and manage the in-kernel connection tracking state table from userspace. On the other hand, conntrackd covers the specific aspects of stateful firewalls to enable highly available scenarios, and can be used as statistics collector as well.

This package provides the tools ip, tc, and rtmon needed to use the new
and advanced routing options of the Linux kernel. The SUSE Linux
distribution has used this package for network setup since SuSE Linux
8.0.

ipset 6.x for kernel >= 2.6.39

Iptables is used to set up, maintain, and inspect the tables of IP
packet filter rules in the Linux kernel. This version requires kernel
2.4.0 or newer.

libmnl is a minimalistic user-space library oriented to Netlink developers. There are a lot of common tasks in parsing, validating,constructing of both the Netlink header and TLVs that are repetitive and easy to get wrong. This library aims to provide simple helpers that allows you to re-use code and to avoid re-inventing the wheel.

libnetfilter_conntrack is a userspace library providing a programming interface (API) to the in-kernel connection tracking state table. The library libnetfilter_conntrack has been previously known as libnfnetlink_conntrack and libctnetlink. This library is currently used by conntrack-tools among many other applications.

libnetfilter_log is a userspace library providing interface to packets that have been logged by the kernel packet filter. It is is part of a system that deprecates the old syslog/dmesg based packet logging. This library has been previously known as libnfnetlink_log.

libnetfilter_queue is a userspace library providing an API to packets that have been queued by the kernel packet filter. It is is part of a system that deprecates the old ip_queue / libipq mechanism.
--
Build disabled for < 12.1 due to hitting make bug (Savannah bug #33125 (bnc #681108))

libnfnetlink is the low-level library for netfilter related kernel/userspace communication. It provides a generic messaging infrastructure for in-kernel netfilter subsystems (such as nfnetlink_log, nfnetlink_queue, nfnetlink_conntrack) and their respective users and/or management tools in userspace.

This library is not meant as a public API for application developers. It is only used by other netfilter.org projects, such as libnetfilter_log, libnetfilter_queue or libnetfilter_conntrack.

ulogd is a userspace logging daemon for netfilter/iptables related logging. This includes per-packet logging of security violations, per-packet logging for accounting purpose as well as per-flow logging.

Xtables is used to set up, maintain, and inspect the tables of IP
packet filter rules in the Linux kernel.

Xtables-addons is the successor to patch-o-matic(-ng). Likewise, it
contains extensions that were not, or are not yet, accepted in the
main kernel/iptables packages.

LibreSSL is an open-source implementation of the Secure Sockets Layer
(SSL) and Transport Layer Security (TLS) protocols. It derives from
OpenSSL, with the aim of refactoring the OpenSSL code so as to
provide a more secure implementation.