- Do not perform namespace detection for aardvark-dns updates as it is not needed
- Fixed condition where ignored errors were being returned as real
- With nftables, only dump netavark table rules
- Fix port forward with strict RPF and multi-networks
- updated dependencies
- updated nftables to 0.3
- added an nftables backend that allows its use on systems without iptables installed
- added command line option to change firewall driver
- show error if process is in wrong netns
- removed unessesary unlock lockfile calls
- updated dependencies
- add firewalld-reload subcommand
- bridge: force static mac on bridge interface
- dependency updates
- numerous fixes to test suite
- iptables: improve error when ip6?tables commands are missing
- docs: Convert markdown with go-md2man instead of mandown
- iptables: drop invalid packages
- bump rust edition to 2021
- Add ACCEPT rules in firewall for bridge network with internal dns
- Add vrf support for bridges
- Fix misleading dns disabled log
- Dependency updates
- --config is now required when dns is used
- netavark dhcp-proxy correctly renews the lease after dhcp time-out
- bridge: isolate=strict option has been added
- macvlan: bclim option has been added
- "no_default_route" option has been added
- static routes can now be configured
- Now supports a driver plugin module for user defined network drivers
- Initial MACVLAN DHCP support (additional unit file required for packagers)
- Dependency updates
- Removed crossbeam-utils
- Dependency updates
- Preliminary macvlan dhcp support (not fully supported yet)
- Addition of ipvlan support
- Added network update command
- Corrected issue #491 to only teardown network forwarding when on complete teardown only
- Fixed some rust documentation
- Housekeep and code cleanup
- macvlan: remove tmp interface when name already used in netns
- Add support for route metrics
- netlink: return better error if ipv6 is disabled
- macvlan: fix name collision on hostns
- Ignore dns-enabled for macvlan (BZ2137320)
- better errors on teardown
- allow customer dns servers for containers
- do not set route for internal-only networks
- do not use ipv6 autoconf
- Reworked how netavark calls aardvark
- Implemented locking when committing
- Remove bridge only when no containers are attached
- Updated versions of libraries where possible
- Netavark is now capable of starting Aardvark on a port other than 53 (controlled by
dns_bind_portincontainers.conf). Firewall rules are added to ensure DNS still functions properly despite the port change. - Added the ability to isolate networks. Networks with the isolate option set cannot communicate with other networks with the isolate option set.
- Improved the way Aardvark is launched to avoid potential race conditions where DNS would not be ready when containers were started.
- Fixed a bug where Aardvark could not be run in environments with a read-only
/proc(e.g. inside a container).
- Updated dependenciess
- Simplified option parsing for bridge/macvlan
- Added support for an ipam
nonedriver
- Fix issue #13533 - only use systemd when present
- Dropped vergen dependency
- Updated several dependency libraries
- Allow macvlans to not require a default gateway
- core,macvlan: add gateway as default route to macvlan interface
- Add host_ip and container_ip version matching to iptables portforwardinhg
- Remove vendor directory from upstream github repo
- First official release of netavark
- RC2 containers several bug fixes and code cleanup
- This is the first release candidate of Netavark. All functionality should be working.