Revision history for Perl extension IPTables::Parse.

1.6 Sat Nov 07 08:45:15 2015
    - (Miloslav Trma─Ź) Fixed a vulnerability to not use predictable names for
      temporary files. This vulnerability would allow an attacker on a multi-
      user system to set up symlinks to overwrite any file the current user has
      write access to. If a user manually overrides the temporary file
      locations with the 'iptout' and 'ipterr' hash keys, it is recommended to
      not use predictable names either.
    - Updated to use the '-w' argument on the iptables command line (a test is
      performed to see if it is supported). This acquires an exclusive lock on
      iptables command execution. This can be disable by the user if necessary
      by setting the new lockless_ipt_exec hash key.

1.5 Mon Sep 07 20:18:16 2015
    - Bug fix to support additional characters in iptables chain names such as
      dashes and special characters. Stuart Schneider reported this bug and
      submitted a patch. Closes github issue #1.
    - Added 'rule_num' hash key to chain_rules() results (suggested by Stuart
    - Updated _iptout and _ipterr tmp file paths to use the current PID as an
      extension by default if these files are not set when instantiating an
      IPTables::Parse object.  Also added a DESTROY block to clean these tmp
      files up. Patch submitted by Stuart Schneider.

1.4 Sun Mar 01 15:30:29 2015
    - Bump version to 1.4 so that CPAN recognizes it as a new version.

1.3.1 Sat Feb 28 07:15:55 2015
    - Fix version number in META.json and META.yml files.

1.3 Thu Feb 19 20:09:55 2015
    - Added support for systems with 'firewalld' via the 'firewall-cmd'
      command. Such systems include Fedora 21 for example.
    - Added list_table_chains() to return an array reference of all chains
      within the specified table. This feature was submitted as a patch by
      Fabien Mazieres
    - Added 'use_ipv6' and 'ipt_rules_file' keys to object constructor. These
      force ip6tables usage and specify a path to a file where
      'iptables -nL -v' output is included.
    - Updated perldoc documentation.

1.2 Sun Mar 04 21:21:11 2012
    - Major update to add a new 'parse_keys' hash to IPTables::Parse objects so
      that other modules can easily see what portions of iptables rules can be
      parsed into the data returned by chain_rules().
    - Added 'mac_source' into extended hash for parsed iptables rules.
    - Added support for the iptables 'length' match.

1.1 Fri Mar 02 22:31:12 2012
    - Minor update to print the iptables binary name in 'croak' error
      conditions.  The binary name is either 'iptables' or 'ip6tables'.
    - Minor perldoc updates to render links better (two spaces at the beginning
      of lines).

1.0 Tue Feb 28 21:45:19 2012
    - Added META.{yml,json} files to fix this bug:
    - Added the ability to specify 'ip6tables' when instantiating an
      IPTables::ChainMgr object via 'new'.
    - Updated license to the Artistic license.

0.9 Sun Feb 26 21:01:45 2012
    - Applied slightly modified patch from SSIMON to properly pick up usage of
      state tracking in rule extended information as shown in this bug:
      Rule 'extended' hash now includes the 'state' or 'ctstate' key
      depending on which iptables state tracking module is being used (if

0.8 Sun Feb 26 14:03:24 2012
    - Major update to support ip6tables policies.
    - Added test suite script t/ to exercise major functions for
      both iptables and ip6tables.
    - Bugfix for default_log() and default_drop() functions to ensure that
      a proper return value is given in addition to the return of a results
    - Migrated to git for source control:

0.7 Fri Oct 17 11:55:01 2008
    - Completely re-worked the manner in which iptables commands are executed
      so that they are sent through a single function with various options
      (described below) for controlling execution.
    - Added the ability to control iptables execution model.  The default is to
      use waitpid(), but other options are to use system() or popen().
    - Added the ability to introduce a configurable time delay between each
      iptables command.
    - Added the ability to use a function reference for the SIGCHLD signal
    - Added the ability to configure the number of seconds used as the alarm
      timeout for iptables command execution in the waitpid() execution model.

0.6 Mon May 19 10:15:01 2008
    - Added perldoc documentation for 0.6 release.

0.3  12/18/2005
    - Added test for ULOG target
    - Update to allow -v iptables output (which may be supplied in a file).

0.01  Sat Feb  5 15:18:37 2005
    - original version; created by h2xs 1.23 with options
        -A -X -b 5.6.0 -n IPTables::Parse