     1= Changelog =
     30.5.73 alpha 7 (2007-09-08)
     4Memory problems (corruption & leaks) in the connection viewer were fixed.
     5Russian translation updated by Alex.
     70.5.73 alpha 6 (2007-09-01)
     8Add a separate message for when a user wants to apply changes when the Vuurmuur daemon is not running.
     9Add support for conntack 'unknown' lines with unreplied state.
     110.5.73 alpha 5 (2007-08-23)
     12Fix in_int and out_int not working in rules from and to the firewall. Thanks for reporting Jorijn.
     13Updated Dutch translation.
     150.5.73 alpha 4 (2007-07-22)
     16Add the option to limit rules per minute, hour and day.
     17Allow limit option for all rules.
     18Fix for the prevention of duplicate NFQUEUE rules.
     19Make sure only one set of rules is created per queue number in the NFQUEUE chains. This prevents lot's of unneeded and uneffective rules.
     210.5.73 alpha 3 (2007-06-01)
     22Added support for NFQUEUE
     23Fixed loading of modules and checking of capabilities on more recent systems.
     24Removed the obsolete markiptstate option.
     260.5.73 alpha 2 (2007-01-21)
     27Fixed the killing of grouped connections.
     28Fixed the Debian initscript for systems not linking /bin/sh to /bin/bash
     300.5.73 alpha 1 (2007-01-08)
     31Fixed the killing of DNAT/PORTFW connections.
     330.5.72 (2007-01-05)
     34No changes since alpha7.
     360.5.72 alpha 7 (2006-12-23)
     37Hide 'wait window' after the logmanagement was called on an empty logviewer.
     38Updated Russian translation.
     39Make grouplist window wider so long names work correctly.
     410.5.72 alpha 6 (2006-12-15)
     42Added a work-around to the install script for issues with older versions of automake and newer versions of gettext.
     43Make a few cosmetic changes to Vuurmuur_conf
     44Updated Russian (thanx Alex!) and Dutch translations.
     460.5.72 alpha 5 (2006-11-18)
     47Fixed a 'post error' for the log- and connection management.
     48The top menu is now properly restored after the log management has been used.
     49Added a wait-window for loading the log management.
     50Addition of a new string creation function, one that allows limiting the length.
     51Update helpfile for connection and log management.
     52Add support for help in the code for the log and connection management.
     53Small cosmetic manpage updates by Alex.
     54Fix connection killing for unknown objects. Handle filtered connections and logs better.
     55NL translation update.
     56Updated pt_BR translation by Hugo
     580.5.72.alpha 4 (2006-11-07)
     59Connection viewer will now also do reverse lookup of the service name if the service is unrecognized. This matches the behaviour of vuurmuur_log.
     60Don't set an inactive rule to active because the 'in_int' is active.
     61Don't show 'kill this connection' for DROP and REJECT logs.
     62Added nicer error message for removal failure of a non-empty zone. Fixed connection killing when the connection viewer was set to grouping.
     63Fixed new parts of the gui not being translatable. Updated Russian translation.
     650.5.72.alpha 3 (2006-10-31)
     66Extended the connection management GUI to the logviewer.
     67Applied patch by Alerandre SIMON that adds pre vuurmuur chains to all tables.
     690.5.72.alpha 2 (2006-09-03)
     70Switched SCM from Bazaar 1.4 to Bazaar-NG 0.8.
     71Changed page up and page down behaviour in logview. It now scrolls an entire page instead of just 1/3.
     72Prepared support for pre-vuurmuur chains in non-filter tables.
     73Cosmetic updates to connection management.
     74Updated nl and ru translations.
     760.5.72 alpha 1 (2006-08-16)
     77Add a function to the library to search an interface by its ip address.
     78Don't try to open a plugin if the plugin name is not set.
     79Don't use the mac addres in the postrouting rule for the bounce action since it makes the ruleset fail.
     80Dhcp rules fixes and cleanups.
     81Add support for pre-vuurmuur chains. Patch and idea by Alexandre Simon.
     82Replace all strcpy calls with memset and strlcpy just to be sure, although there was no real risk.
     83Added initial version of new gui abstraction functions, still in development.
     84Added connection killing option to the connection viewer. Needs the conntrack tool.
     860.5.71 (2006-04-30)
     87No changes since 0.5.71 alpha 5.
     890.5.71 alpha 5 (2006-04-28)
     90Hide mark option for SNAT, DNAT and MASQ. Show listen- and remoteport options for DNAT.
     91Fix a race condition where a logline that was to big caused vuurmuur_log and vuurmuur_conf to keep retrying to read it.
     92Fix showing traffic volume for the previous month.
     940.5.71 alpha 4 (2006-04-21)
     95Add anti-spoof and bad packet checks also to outgoing traffic. Bad packet checks are now also enforced for incoming forwarded traffic.
     96Updated Russian translation.
     97Small cosmetic fixes.
     990.5.71 alpha 3 (2006-04-18)
     100fix a crash in setting up the rule description when not in bash mode
     101changed the way it is prevented that multiple identical iptables are created for one vuurmuur rule. This is especially relevant for setups with many virtual interfaces.
     102more topmenu changes
     103updated Russian translation by Alex.
     104made the description in the helpfile of the via-option more clear. Thanx for the suggestion Alex.
     105hide (more) indication on an empty ruleslist
     106added a translatable check and warning for the presence of the via-option when using the bounce action and the redirectport option for the redirect action.
     1080.5.71 alpha 2 (2006-04-15)
     109add build script for creating slackware package. By Nicolas Dejardin.
     110separator rules are now also printed in the bash output mode
     111fix capabilities checking on kernel 2.6.16 with the xt_tcpudp module.
     112dont save log option for separator rule
     113fix dhcp-server rules. Thanks to Danny for the patch and the report.
     114fix rule numbers in bash out sometimes being wrong.
     115fix renaming an interface would not update in_int and out_int options in rules. Also via_int is now also updated.
     116fix error when adding a host to a network that has no network address and/or netmask set.
     117fixed the try-load-modules-question not being displayed right on a 80-column screen.
     118fix wrong titles and topmenu being shown in log selection dialog.
     119fix portfw and bounce not looking yellow in the logviewer
     120updated translations for Russian, French and Brazilian Portuguese! Thanx to Alex, Nicolas and Hugo.
     121add descriptions for new actions to helpfile
     1230.5.71 alpha 1 (2006-04-10)
     124Added a description to the Debian default file.
     125Added a separate DNAT action, which acts like the PORTFW action, but it creates rules in the nat table only. In the logs PORTFW rules now say 'PORTFW' instead of 'DNAT'.
     126Added a new action 'Bounce'. Bounce solves the problem that it isn't it possible to access NATed services by the public IP address from LAN. Normally this should be solved on dns-level, but that is not always possible in every environment.
     127Fixed a problem with rules from a group to the firewall where the firewall has more than one interface in the groups network.
     128Fixed two cosmetic issues in vuurmuur_conf.
     1300.5.70 (2006-03-29)
     131Fix small issue with 'Mark IptState' toggle in Edit Rule window.
     132Fix typo in error message in Debian initscript.
     1340.5.70 alpha 8 (2006-03-27)
     135Fix scrolling issue in vuurmuur_conf logview.
     136Fix log parsing issues on Ubuntu Breezy and with some syslog-ng setups.
     137Fix portfw and redirect not using NEWACCEPT for rules in filter table.
     1390.5.70 alpha 7 (2006-03-12)
     140Fix interface filters for rules with both firewall and any in them.
     141fix wrong d_list_append calls
     142fixed a few memoryleaks in vuurmuur_script
     143add option --list-devices to vuurmuur_script so we can list the devices _and_ their ipaddresses in the wizard which will be created for 0.5.71. The ip command can also do this but on many systems it is not installed by default. The ifconfig command has different output with different localizations, which has bitten me in the past...
     144splint fixes for textdir
     145Show interfaces in the right order in interface filter selection (was in reverse order).
     146updated Russian translation by Alex.
     147fix an error in status window with getting system load.
     148Filter window is now also translateble.
     149Updated Dutch translation.
     150Small cosmetic fix to status screen to indicate that memory is in megabytes.
     1520.5.70 alpha 6 (2006-03-08)
     153updated default dns service to include server to server communications as well.
     154fixed errors with creating dhcp rules for virtual interfaces
     155fixed udp connections always showing state 'disconnecting' in the connection viewer.
     156updated the Dutch translation.
     157interfaces are now in a sorted list, which means they are sorted in the GUI
     158fixed many mostly harmless issues found by the splint source code checker
     159fixed the interface filter for incoming rules (destination firewall)
     160fixed two memoryleaks in bashout mode
     1620.5.70 alpha 5 (2005-02-14)
     163fix a crash with parsing 'unknown' connections.
     164only start vuurmuur when vuurmuur is configured (Adi Kriegisch)
     165improved initscript so we dont try to kill vuurmuur if it is not running (Adi Kriegisch)
     166Russian manual pages added (Aleksandr Shubnik)
     167fixed another widec/utf-8 issue
     1690.5.70 alpha 4 (2006-01-28)
     170Gentoo ebuilds
     171an improved connection viewer (including accounting data if your system supports it)
     172the possibility to filter on interface for all rules, not just snat/portfw
     173improved verbose output for vuurmuur and vuurmuur_script
     174SIGTERM support for vuurmuur
     175traffic volume bug with showing data for the last month if is was in the previous year.
     1770.5.70 alpha 3 (2005-12-27)
     178Many fixes for UTF-8 support in vuurmuur_conf.
     179Improved connection viewer, which supports showing accounting data per connection.
     180Vuurmuur, vuurmuur_log and vuurmuur_conf now also have long options thanx to Stefan Ubbink!
     181Added manual pages for vuurmuur, vuurmuur_log, vuurmuur_script and vuurmuur_conf.
     182Many fixes for manipulating an empty ruleset.
     1840.5.70 alpha 2 (2005-12-18)
     185UTF-8 support for translations in vuurmuur_conf
     1870.5.70 alpha 1 (2005-12-07)
     188Made the logging of INVALID packets, SCAN probes, new TCP no SYN and fragments optional.
     189Synlimits and udplimits are now enforced against accepted and queue'd connections, not against all packets.
     190Added a -k (keep) option to the 'vuurmuur'-command, that does not remove the input file for iptables-restore. Useful for debugging.
     191If you change the devicename, the interface will automaticly be set 'virtual' if the devicename contains a ":"-character.
     192Added a fix for vuurmuur_conf not being able to use any other path for its config than /etc/vuurmuur/vuurmuur_conf.conf
     193The rpm specs now also support Fedora Core, Mandriva and Redwall. Thanx Alex!
     194Added Norwegian translation. Thanx Per Olav Siggerud!
     195Fixed a crash in saving the vuurmuur_conf settings if the configfile could not be found.