Changes between Initial Version and Version 1 of Changelog2005

09/13/07 23:10:19 (14 years ago)
Victor Julien



  • Changelog2005

    v1 v1  
     1= Changelog for 2005 =
     30.5.69 (2005-11-21)
     4 * No changes since alpha 6.
     60.5.69 alpha 6 (2005-11-15)
     7 * Fix a bug with saving rule comments. Thanx for reporting TigerP@irc!
     8 * Fix building of debian packages.
     100.5.69 alpha 5 (2005-11-10)
     11 * Added a fix for systems without nat not working.
     12 * Fixed a bug where long chain names could cause a segmentation fault.
     13 * Added rc.vuurmuur and README.SLACKWARE files written for Slackware by Nicolas Dejardin.
     14 * Updated Brazilian Portuguese translation.
     160.5.69 alpha 4 (2005-11-06)
     17 * Updated russian translation.
     18 * Added a french translation.
     19 * Fix interfaces network_refcnt not being updated on network removal. If you removed a network with interfaces attached to it, you could no longer remove the interfaces.
     210.5.69 alpha 3 (2005-11-01)
     22 * Large translation update to reduce the number of translatable strings.
     240.5.69 alpha 2 (2005-10-20)
     25 * Hugo updated the Brazilian Portuguese translation.
     26 * Alex wrote spec files for rpm support.
     27 * Some changes to the build process to support the rpm-building.
     290.5.69 alpha 1 (2005-10-11)
     30 * Fixed a bug with renaming a network. It could cause an error when updating the rules with the new name. Thanx Hugo for the report.
     31 * Fixed another case where a portfw connection looked like an incoming connection.
     32 * Really fixed the "Broken Pipe" messages this time: let me know if the fix has negative side-effects.
     33 * Virtual interfaces are no longer shown in the status screen.
     34 * Fixed a bug with sometimes loglines beeing followed by an extra newline in the logviewer.
     35 * Real userid is now detemined on startup (the user before su/sudo).
     36 * Added a separate audit.log, in which all configuration changes are logged, including the username.
     39 * No changes since alpha 10.
     410.5.68 alpha 10
     42 * Hugo updated the Brazilian Portuguese translation.
     43 * Very minor update to the Dutch translation.
     44 * Fixed the status about the system not beeing properly updated.
     45 * Fixed debs not installing services properly.
     46 * Fixed a crash that would occur when switching on the 'draw status in main menu option'.
     47 * Alex updated the Russian translation.
     490.5.68 alpha 9
     50 * Fixed apply in vuurmuur_script hanging when vuurmuur and vuurmuur_log are not running.
     51 * Added the --list-blocked option to vuurmuur_script. Written by Adi Kriegisch.
     52 * Fixed the logging missing newline and thus making a mess of the logfiles.
     540.5.68 alpha 8
     55 * Added a --block and --unblock options to vuurmuur_script. Written by Adi Kriegisch.
     56 * Added a fix for vuurmuur_conf to compile on Fedora Core 4 (gcc4).
     57 * Fixed the autopackage installing the services in a wrong path.
     58 * Non-existing hosts/groups that are in the blocklist are now loaded into Vuurmuur_conf, so they can be removed there.
     59 * The traffic volume section now hides virtual interfaces to safe space for people with lots of them. No data was displayed for them anyway.
     60 * Added --apply option to vuurmuur_script, that tries to apply the changes immediately.
     620.5.68 alpha 7
     63 * Fixed a buggy indicator introduced in alpha 6.
     64 * Added logfunctions that both log and print to stdout.
     65 * Updated Dutch translation.
     66 * Really fixed the installer to copy the services this time.
     67 * Added a fix that should fix installing the autopackage on Suse 8.0 systems.
     690.5.68 alpha 6
     70 * Added indicators to lists with items that don't fit on the screen, so the user know there are more items.
     71 * Fixed the installing of the services in the config on a new source install.
     72 * Updated Brazilian Portuguese translation. Thanks Hugo!
     73 * Added input validation to vuurmuur_script.
     74 * Combined the three autopackages to one package.
     760.5.68 alpha 5
     77 * Fixed another bug with the rules, also introduced in alpha 3.
     78 * Disabled the 'old create method' because it is difficult to test and maintain.
     79 * Added support for binreloc which is needed in preparation of future Autopackage support. It can be enabled in ./configure with --enable-binreloc
     80 * The readme and install docs are now installed to (datadir)/doc/vuurmuur
     81 * Added russian translation of the docs. Thank you Alex!
     830.5.68 alpha 4
     84 * Fixed a bug introduced in aplha 3 that caused the rulesfile to become unreadable.
     860.5.68 alpha 3
     87 * The installer should no longer fail to --install when the etcdir already exists.
     88 * Renamed sepparator to separator.
     89 * The 'interface up' information should be more reliable.
     90 * Added a warning to the edit_host screen when no ipaddress is filled in.
     91 * The device of an interface is now stored as 'DEVICE' instead of as 'INTERFACE'.
     92 * Changes made to an interface in Vuurmuur_conf are now logged.
     93 * Renamed Bandwidth to Traffic Volume.
     94 * Fixed an broken pipe error in the Vuurmuur_conf Status Section on Gentoo systems. Thanks for the report Sebastian.
     95 * Added some input validation to vuurmuur_script.
     970.5.68 alpha 2
     98 * Plugins are now stored in (libdir)/vuurmuur/plugins, the plugin config in (sysconfdir)/vuurmuur/plugins. Removed the plugindir option.
     99 * Helpfiles are now stored in (datadir)/vuurmuur/help.
     100 * If you are using a translation of vuurmuur_conf, the helpfunction will try to open a translated helpfile first.
     101 * When creating a new service, it is now checked if a service with the same name already exists.
     102 * Fixed some bogus warnings when creating the hash-table for the connections section.
     103 * The status section no longer loads the hash, because it wasn't used at all.
     104 * Fixed portfw/dnat connections looking like incoming connections in the connection viewer.
     105 * Slight cosmetic fixes to the helpfile.
     106 * Moved the backupscript from the libvuurmuur to the vuurmuur debian package.
     1080.5.68 alpha 1
     109 * Implemented the 'print', 'add', 'delete', 'rename' and 'modify' command in vuurmuur_script.
     110 * When the rules are stored all " are encoded to \" and decoded when they are loaded.
     111 * Fixed a bug where a item added to the blocklist from the logviewer was not saved.
     112 * Added support for rules for acting as a dhcp-server or as a dhcp client.
     1140.5.67 (2005-06-03)
     115 * Added support for protocol ipv6-over-ipv4 passthrough (protocol number 41).
     116 * After changes were made to the services, the backend status is updated.
     117 * All protocols are now logged in the trafficlog.
     118 * Fixed a bogus 'internal error' message when trying to add a new group. Reported by Alex. Thanx!
     119 * The mangle and nat table are now properly cleaned on reloading. Thanx for the report Adi.
     120 * Changed the screen update function in the logviewer from wrefresh() to update_panels() + doupdate().
     121 * Added a per-rule options to limit the rules. A burst rate can also be supplied.
     122 * Vuurmuur_conf now checks if an interface is up every time you enter the 'edit interface' screen. The interface up? is also displayed a little different.
     123 * A german translation was contributed by Holger Ohmacht. Thank you Holger!
     124 * Implemented the list command in vuurmuur_script.
     125 * Some of the services supplied with Vuurmuur had malformed comments, which could cause an 'buffer overflow' error message. Thanx for reporting Adi!
     126 * Installation should no longer fail if the command 'which' is not installed.
     127 * The main menu, config menu's and the select boxes in the edit rule screen now all remember the position of the cursor.
     128 * Added gettext to the build-depends of the vuurmuur_conf debian package.
     129 * Cut off all lines in the helpfile at 80 chars to aid translators.
     130 * The Debian packages and the source installer now first backup your current config. Contributed by Adi Kriegisch.
     131 * Fixed memory leaks in Vuurmuur and Vuurmuur_conf.
     132 * Vuurmuur no longer detects changes in the rules when there are none.
     1340.5.66 (2005-05-19)
     135 * Rules and blocklist files are now created if missing. This should fix bugs introduced in 0.5.65.
     136 * Trying to add a host or group to the blocklist while no hosts/groups have been defined yet no longer results in a crash.
     137 * Fixed the installer checking the wrong etc-dir.
     138 * Added 'F6:interfaces' to the menu in edit network, so it is clear that the interface of a network can be editted using F6.
     139 * Updated the Russian translation. Thanx Alex!
     140 * Fixed setting the wrong plugin path when installing the Debian packages.
     141 * Change priority of permission warnings to info, so they appear in the log, but no longer as annoying popups.
     142 * Fixed another bug in the installer which cause the rules- and blocklistcovert functions to be called unneeded and with wrong parameters.
     1440.5.65 (2005-05-18)
     145 * Added support for transparant proxy's by allowing redirect rules to have a non-firewall destination as well.
     146 * Merged the libvuurmuur and plugins source trees, and vuurmuur and vuurmuur_log source trees.
     147 * Improved detection and reporting of problems in the configuration.
     148 * If opening the backends failed when starting Vuurmuur_conf, the user can now edit the config instead of just exitting.
     149 * Moved the rules and the blocklist into the pluginstructure.
     150 * Added a new 'Chain' action, which enables support for chains left alone by Vuurmuur. Only packets with state NEW will be sent there. The chains will be created if they don't exist.
     151 * Fixed a crash with trying to add a member to a group when there are no hosts in that network. Thanx for the report Heiko!
     152 * Added an about screen in Vuurmuur_conf.
     153 * Added 'firewall(any)' which is useful for creating INPUT rules where you need to connect to the external ipaddress of the firewall from your lan.
     154 * In the rules section you can now add horizontal lines with the L key. Press enter on a line to add a comment to it.
     155 * Fixed some bugs in the rule parser.
     156 * Changed the way the topmenu is drawn, so it will be easier to change it.
     157 * Removed the ESC key in Vuurmuur_conf as a key to quit because there is a delay between pressing it and the action that needs to follow it.
     158 * Fixed a confusing error message when not all required fields of a rule are filled in. Thanx for the report Edgar.
     159 * Vuurmuur now creates the logdir if it doesn't exist.
     160 * Vuurmuur_log now removes it's pidfile when it receives a sigterm. Thanx for the report Holger.
     161 * The macaddress is now properly checked and saved in Vuurmuur_conf. Thank you for reporting Heiko.
     162 * Added the ability to show the loglines that don't match the filter string.
     163 * Added the possibility to filter in the connections screen.
     164 * Snat rules can now also limit the interface which will be used.
     165 * Disabled the --test run of iptables-restore, since it did not work correctly on Debian Woody, and iptables-restore works atomicly, so there is no real need for the  * test.
     166 * Added a Brazilian Portuguese translation contributed by Hugo Ribeiro. Thanx Hugo!
     1680.5.64 (2005-04-19)
     169 * Vuurmuur_log no longer fails to create a logfile.
     170 * Really fixed the MASQ action this time.
     171 * Fix compilation on Mandrake 10.0 and possibly on other distro's with older versions of automake. Thanx for the report Raldnor.
     172 * Fixed a bug where setting the Mark option caused Vuurmuur to create to many iptables rules.
     173 * Fixed a bug where a rule with action LOG also had log option set, resulting in double iptables rules.
     174 * Fixed some bogus warnings when reloading the blocklist.
     175 * Fixed a crash in the Zones Section of Vuurmuur_conf. Thanks for reporting Hugo and Edgar.
     176 * Support on the system for the mangle table and the nat table is no longer a requirement.
     177 * Renamed special service 'all' to 'any'.
     178 * Added a special zone 'any'.
     179 * Fixed a bug where adding a network gave an error while it actually succeeded.
     180 * Fixed two tiny memory leaks in Vuurmuur_conf.
     181 * Added a Russian translation for Vuurmuur_conf. Thanx for your contribution Aleksander!
     182 * Changed logrotate script to send a SIGHUP to vuurmuur_log after rotating.
     183 * Fixed a bug in the install script. Thanx for the report Alex.
     184 * Fixed a bug where adding a host to the blocklist crashed vuurmuur_conf if the blocklist location was not set.
     1860.5.63 (2005-04-11)
     187 * Fixed a bug with a loading a malformed traffic.log in Vuurmuur_conf
     188 * A portrange can now also be changed.
     189 * Updated the helpfile for the services.
     190 * Improved reliability of vuurmuur_log.
     191 * Fixed two possible crashcases in libvuurmuur. Thanks for the report Raldnor!
     192 * Improved the checking of the name entered when adding or renaming a host, group, network or zone. Thanks for the report Raldnor!
     193 * Fixed a bug where a MASQ rule ignored the service, and thus applied to all services.
     194 * All important modules are now on the MODULES_TO_LOAD line in the vuurmuur initscript.
     195 * '?' can now also be used to call the help screen.
     196 * Logging of blocklist violations can now be disabled.
     197 * UDP-limit and SYN-limit can now be disabled.
     198 * Files with invalid names in the backend are now silently ignored.
     199 * Vuurmuur_log no longer misses loglines added to the log while reloading.
     200 * Speeded up Vuurmuur_log reloading.
     201 * If applying the changes failed, vuurmuur_conf now prints an error and updates the status to 'warn'.
     202 * All configuration changes made in Vuurmuur_conf are now logged.
     203 * Added a nfmark option to the rules. Rules can now be marked for use with traffic shaping tools. Use 0 - 9 999 999 for accept rules, and 20 000 000 - 29 999 997 for QUEUE rules.
     204 * Because of this, the marks used with markiptstate are also changed: 29 999 998 for new,related, 29 999 999 for established.
     205 * Vuurmuur_conf now supports internationalisation, and comes with a full Dutch translation. Translators for other languages are welcome!
     206 * Vuurmuur now has a -t commandline switch that will disable the capability checking. This will asume all iptables features are supported.
     207 * Using REJECT with tcp-reset together with the protocol 'all' now works correctly, tcp connections will be reset, others result in a icmp-port-unreachable.
     208 * Fixed portfw rules with the remoteport option set. Thanks for the report Phil!
     2100.5.62 (2005-03-01)
     211 * In Vuurmuur_conf in the rules section '+' and '-' can now be use to move a rule down and up.
     212 * Added an option to copy (duplicate) the current rule in the rulessection.
     213 * Fixed an obscure bug when forwarding a service with the broadcast option set to a group.
     214 * If Vuurmuur cannot determine all caps, ip_queue is now still checked.
     215 * Added a network reference counter to the interfaces. It must be 0 before an interface can be removed.
     216 * Added -m tcp, -m udp or -m icmp to rules so iptables-restore should now work on Debian Woody.
     217 * Zones, networks, groups, hosts, interfaces and services can be renamed.
     218 * Fixed the status section not being displayed on a small screen with too many interfaces.
     219 * The interfaces section can now handle more interfaces that will fit on the screen.
     220 * The bandwidth usage can now be viewed in Vuurmuur_conf.
     221 * Vuurmuur now uses -D for daemon-mode instead of -l (-l can still be used though).
     222 * Performance of the rulessection when using a filter was much improved.
     223 * Fixed compilation warnings on Mandrake 10.1.
     224 * When a ruleset failes to load the tempfile is no longer removed, so it can be inspected.
     2260.5.61 (2005-02-08)
     227 * The iptables option --log-tcp-options is now supported, for use with PSAD 1.4.0.
     228 * Vuurmuur now tries to send a SIGHUP to vuurmuur_log when the interfaces have changed.
     229 * Groups and Hosts now have a blocklist referencecounter, so adding it more than once will result in a warning. Also you must now remove it first from the blocklist before the host/group can be removed.
     230 * libvuurmuur's ./configure now takes an option --with-config-dir=DIR which can be used to set the default config dir.
     231 * Fixed a tiny memory-leak in the capability-checking code.
     232 * Added support for creating debian packages from the source. This makes building debs for other archs possible.
     233 * Added support for bandwidth monitoring using IP Traffic Volume:
     234 * Fixed a bug with virtual devices and the markiptstate option.
     235 * Vuurmuur-log now also does a reverse check on the service if no service is found by a normal check.
     236 * A new interface by default now has all protection rules set.
     237 * Created a wrapper for set_field_buffer() because on Mandrake 10.1 it didn't accept our input.
     238 * Added '-m tcp' to all rules containing '--tcp-flags' and '--syn' because otherwise iptables-restore didn't work on Debian Woody.
     239 * If the vuurmuur_conf.conf file is missing, a default is now used.
     240 * Big updates to the helpfile.
     2420.5.60 (2005-01-11)
     243 * The backend no longer acts weird if it encounters a directory where it expected a file.
     244 * The version of the backendplugin is now passed to Vuurmuur.
     245 * Fixed loglevel again :-( this time the changed log-level (in ruleset-mode) was not applied.
     246 * Hosts now have a reference counter for groupmembership. When a host is still a member of a group, it can't be deleted.
     247 * The option that checks for changed dynamic interfaces now also checks if the interface was just brought up or down.
     248 * A dynamic ipaddress that is down, is not longer set inactive by Vuurmuur.
     249 * Increased the default udplimit-burst value to 45.
     250 * Added several new services.