Sat Feb 17 2002 Tomas Junnonen <majix@sci.fi>
* src/firestarter.c:
- Existing firewall is not stopped when running Firestarter
for the first time (until we are ready to start the new one).
- 'Allow all connections' rules are now located above the
'Deny all..' on the dynrules tab, to reflect new chain order.
* src/util.c: Scripts from older program versions are now
backed up, not removed.
Thu Feb 14 2002 Paul Drain <pd@cipherfunk.org>
* src/portfw.c:
- Forwarding rules should be "A"dded to the list, not
"I"nserted.
Thu Feb 08 2002 Paul Drain <pd@cipherfunk.org>
* src/portfw.c:
- Added forwarding :|
Wed Jan 16 2002 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Moved the 'Allow All' chain above the 'Deny All' chain
Mon Jan 14 2002 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, netfilter-script.c:
- Removed 10.0.0.x and 192.168.0.x from the IANA
blocklist
(until we make it dynamic or the FAQ is updated to
include information on how to remove your detected range
from the firewall script output)
Sun Jan 13 2001 Tomas Junnonen <majix@sci.fi>
* src/ipchains-script.c, netfilter-script.c:
- Latest IANA nonroutable block list implemented. (Nick Hill)
Mon Jan 07 2001 Tomas Junnonen <majix@sci.fi>
* !ipchains.init, !netfilter.init, firestarter.spec:
- The init scripts now have their own files
- Fixed init scripts being deleted when upgrading
to a newer RPM.
* src/druid.h, druid.c, druid-choices.c, service.c,
netfilter-script.c, ipchains-script.c:
- uPNP is now a known service. Blocked by default.
Mon Jan 07 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Fixed the loading of the
connection tracking modules - these modules are
now loaded as part of the masquerading chain, as
opposed to *only* being loaded if the user had
enabled FTP or IRC as a specific service.
Sat Jan 05 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Added IRC connection
tracking and NAT configuration.
Fri Jan 04 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c: Moved the loading of the
external files to later in the script. Fixes the bug
of clering the NAT table right after the rules being
loaded. Allows usage of default result chains in the
external files.
* src/firestarter.c: New command line options to
manage firewall, start without applet support. Fixes
CORBA errors when running remotely. (Simone Contini)
Tue Jan 01 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c,ipchains-script.c:
Some previously nonroutable ip blocks are now
allowed.
Thu Dec 20 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: fixed TTL mangling being
used in the postrouting chain instead of the OUTPUT
chain.
Tue Dec 18 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c: ' character used where
` needed
* src/ipchains-script.c: fixed -y option being used
together with the UDP protocol
* src/preferences.c: fixed some already removed objects
still being referenced, causing GTK errors
Sun Dec 16 2001 Tomas Junnnonen <majix@sci.fi>
* src/preferences.c:
- Fixed the logfile being set to null
- Autosizing of all frames (Roy-Magne Mo)
* src/portfw.c:
- Fixed only last portfw entry showing in the GUI
* src/druid.c,druid-choices.c:
- The advanced druid setting is now saved and loaded
* src/netfilter-script.c:
- Outbound traffic (!syn, state new) on high connections
that get caught is no longer logged. If we implement
a destination field in the GUI we start logging.
Sat Dec 15 2001 Tomas Junnonen <majix@sci.fi>
* src/preferences.c, src/firestarter.c:
- All options and features to do with
sound playing removed
- Renamed Do Not Log port option to
"Block and stop logging this port"
- Removed the option to specify the logfile manually
* src/util.c:
- Linux 2.5 kernels default to iptables
* src/netfilter-script.c:
- Rules for tcp and protocol 50 ipsec handling
* pixmaps/top.png,left.png: New watermarks
* src/firestarter.src:
- Removed Paul's fixes for the stop firewall
function. When stopped traffic flow freely.
The Halt function drops packets.
Sun Dec 09 2001 Paul Drain <pd@cipherfunk.org>
* src/firestarter.c:
- Fixes to deny / drop packets
correctly when the firewall script is
stopped.
Sat Nov 24 2001 Tomas Junnonen <majix@sci.fi>
* config.sub, config.guess
- Updated GNU config scripts
* po/*po: Updated translations from GNOME CVS
* doc/C/Makefile.am/in, firestarter.spec:
- Small fixes
Thu Nov 22 2001 Tomas Junnonen <majix@sci.fi>
* src/parse.c:
- The hitlog now tails (scrolls) as hits arrive
* src/logread.c: Fixed problem with hits arriving
even after firewall stopped (lag)
Wed Oct 31 2001 Paul Drain <pd@cipherfunk.org>
* src/netflter-script.c, src/ipchains-script.c:
- Changed references to GTK_RADIO_BUTTONS to
GTK_TOGGLE_BUTTONS (patch provided by Ali Akcaagac)
Mon Oct 29 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Added support for FTP connection tracking
- Added support for NAT-based FTP connection tracking
(you must define FTP as an available service for these
two options to work)
- Fixed syn mismatching in NEW connection state
- Fixed FIN timeout option
* src/ipchains-script.c:
- Fixed FIN timeout option
Sun Oct 28 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Removed reference to the
IPTables "mirror" module - formally only used for
compatibility anyway.
Fri Oct 26 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Reverted the --log-info
option from the log and {drop/reject} chains (as
of 1.2.3, the default is to log to whatever syslog
defines as info anyway)
Thu Oct 25 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
Removed duplicated 127.0.0. bans from the reserved
block list.
Wed Oct 24 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Fixed unclean packet
matching for the Outbound chain
(thanks to Paul Blackman for chasing it down)
Tue Oct 23 2001 Paul Drain <pd@cipherfunk.org>
* src/service.c: added MS-RPC to the list of known
problem ports
* src/ipchains-script.c, src/netfilter-script.c:
added default block for MS-RPC
Mon Oct 22 2001 Paul Drain <pd@cipherfunk.org>
* src/sort-clist.c:
- Removed duplicated g_free()
* src/druid.c:
- Enabled detection of AH-based ipsec
tunnels
* src/ipchains-script.c, src/netfilter-script.c:
- Fixed automatic blocking of DHCP port 67:68
Sat Oct 20 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Added logging state information to Log-and-Drop
and Log-and-Reject chains to allow logging to the
kernel specified logfile, rather than the console
(suggested by Marc van de Wert)
Wed Oct 17 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Fixed TCPMSS matching bug (reported by Paul Blackman)
- Fixed STATE chain flag reference
- Added support for filtering INVALID and UNCLEAN flags
for the Outbound and Forwarded chains.
* src/util.c:
- Fixed the 'insmod ip_tables.o' problem, now uses modprobe
with the autoclean flag instead.
Tue Oct 16 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Added stateful fixes for NEW packets that don't match a
given synflag
- Minor typo cleanups and documentation added to various
tunable parameters.
Fri Oct 12 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Added TTL Matching (defaults to 64, you have to change
the configuration manually, and it's probably broken
in IPTables <= 1.2.3 unless you use Patch-o-Matic)
* src/portfw.c:
- Added UDP support to port forwarding
Sun Sep 16 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
- Corrected proxy_arp sysctl variable (it's always 0)
* src/firestarter.c:
- locatesbins variable is true, formally always returned
false, meaning FS had difficulty establishing which firewall
utility to run (IPT vs IPC) at runtime.
- Fixed indents to be tabstop compliant
Sat Sep 15 2001 Paul Drain <pd@cipherfunk.org>
* src/portfw.c:
- Corrected ipmasqadm entry (was hardcoded to /usr/sbin)
Tue Sep 04 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Fixed SSH and FTP hotfixes to only be applied if support
for the protocol was included.
Mon Jul 16 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Added SYN ACK retry Sysctl
Tue Jul 10 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Restored blocking of packets with INVALID flags
Wed Jul 04 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c:
- The chains were being flushed after we had read the external
files. Moved the flushing code up in the script.
- Typo: input instead of INPUT in default policy section
Tue Jul 03 2001 Paul Drain <pd@cipherfunk.org>
* NEWS, README, TODO, INSTALL: Updated these to reflect
the impending 0.8.0 release.
* postinstall: Updated to 1.1.x - Changelog included at
the top of the file
* src/netfilter-script.c: Merged 'variables' (see top of
generated script file) section back in to main tree.
Tue Jul 03 2001 Tomas Junnonen <majix@sci.fi>
* src/firestarter.c: Display the hostname in the main
window title.
* src/util.c: Fixed detect_netfiler() spamming to the
console and constantly reloading the iptables module.
* src/service.c: Fixed all service lookups being made
with tcp as the protocol.
* src/druid.c: Changed the advanced/simple druid flow
Mon Jul 02 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Fixed some of the outbound
interface chains that were causing IPTables to bomb out
at runtime (specifically the outbound SMB check)
Sun Jul 01 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
Added new Sysctl checks from the -fnk tree including:
- Fragmented packets (including time-to-live)
- Packet Redirection (arp, accept, reject and secure_redirects)
- SYN Cookies (buffers, retry-in-memory attempts)
- ECN (IPTables only - defaults to off)
- 'Odd' Packet Logging (logging martians, interface changes)
- TCP Timeouts (timestamping, redirections, timeouts, retry counts)
- TCP Scaling (window scaling, FIN checking, ACK counts)
- ICMP Checking (group membership(s))
- Routing (FIB scaling, RFC-Compliant rp_filter checking)
Thu Jun 28 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
- Added descriptive help to some sections of the generated script
that were causing confusion.
Tue Jun 26 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
- Merged changes to the layout of the generated script
from the -fnk tree
Fri Jun 22 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Added rate limiting to the
fragmentation check
Wed Jun 20 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Removed the logging options
for broadcasting and stuffed routing packets. Resolves
request #413720 in the Sourceforge Tracker
Tue Jun 19 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
- Added block for SMB on the default Outbound chain
Thu Jun 14 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
- Added TCP Timestamping Sysctl check
Mon Jun 11 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
Fixed FTP via NAT rule (was commented out)
Mon Jun 04 2001 Paul Drain <pd@cipherfunk.org>
* src/druid.c, src/ipchains-script.c, src/netfilter-script.c:
- Removed 'Outbound Filtering' Rules
* src/preferences.c:
- Added "Experimental Rulesets' Options
(this allows advanced users to play with iptables patch-o-matic
options without breaking functionality for existing users)
Fri Jun 01 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Cleaned up references to chain creation
- Added new chains for unclean, stateful & sanity
checks (enables use of newer netfilter modules to
cut down on code)
- Fixed 'stuffed routing' double-space check
Mon May 28 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c:
- Fixed the reference to rmmod so it unloads the ipchains
module on systems that don't have their 'rmmod' in /sbin.
- Added TCPMSS fix from -fnk tree to help broken PPPO{A/E}
clients masquerade properly.
Sat May 20 2001 Tomas Junnonen <majix@sci.fi>
* src/druid.c: Added a branch page for either simple
or advanced mode and accompanying branch logic code.
Sat May 19 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c: Now unloads the ipchains module
correctly on 2.4 systems (mostly for RH 7.1)
* src/util.c,logread.c,portfw.c: Fixed the problem with
the never ending script detection
* src/sort-clist.c: Fixed crash when sorting as
non-root user
Wed May 02 2001 Tomas Junnonen <majix@sci.fi>
* src/*.c: proper checks for fopen + errno messages
on failure, by Mattias Eriksson
Fri Apr 20 2001 Tomas Junnonen <majix@sci.fi>
* firestarter.spec: The manual is now properly installed
when using RPM.
Sun Apr 08 2001 Tomas Junnonen <majix@sci.fi>
* src/portfw.c: Portforwarding feature is now complete.
Works both in Linux 2.2 (with ipmasqadm) and in Linux 2.4.
Sat Mar 31 2001 Tomas Junnonen <majix@sci.fi>
* !/src/portfw.c/h, /src/druid.c: Started
work on port forwarding configuration interface.
* /src/firestarter.c, /src/sort-clist.c: Sorting
of the dynamic clists is messing up the rules.
Removed the sorting for now.
Thu Mar 22 2001 Paul Drain <pd@cipherfunk.org>
* Makefile.in: added doc/ directory
* src/menus.c: added "Manual" option to Help Menu
* src/ipchains-script.c: one too many -y's in the Subseven
detection options - removed.
Thu Mar 22 2001 Paul Drain <pd@cipherfunk.org>
* configure.in: updated to include hooks for
documentation.
* src/druid.c: typo cleanup.
Wed Mar 21 2001 Paul Drain <pd@cipherfunk.org>
* doc/*: everything added - beginnings of a proper
manual, in Docbook format. Anyone who can work with
SGML is encouraged to send me patches to it.
Tue Mar 20 2001 Paul Drain <pd@cipherfunk.org>
* src/service.c: added other known trojan ports
* src/ipchains-script.c, src/netfilter-script.c:
- Updated the known trojan listing (now includes subseven &
stacheldraht)
- Added outbound port filtering for all known trojans
- Fixed port filtering for Multicast addresses
- Added support for stuffed routing packets (0.0.0.0, etc)
- Added support for fragmented packet filtering
Sun Mar 18 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c:
- Updated the block IP address range listing.
- Added block for Trinity v3 DDoS attacks
(was meant to go in 0.6.0, but got lost in the
patch queue)
- Added support for blocking and rate-limiting
various trojan ports.
Fri Mar 16 2001 Paul Drain <pd@cipherfunk.org>
* src/service.c/h: Added AH (protocol 51) to the services
list to support IPSec.
Thu Mar 15 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c, src/netfilter-script.c: Added
IPSec / KLIPS support to default rulesets.
Sat Mar 10 2001 Tomas Junnonen <majix@sci.fi>
* src/firestarter.src, src/sort-clist.c: Proper clist arrows
by Joaquin.
Fri Mar 02 2001 Tomas Junnonen <majix@sci.fi>
* !src/sort-clist.c/h, src/firestarter.c: Merged clist sort
patch from Joaquin.
* src/sort-clist.c: Added small + and - signs to the hitlist
to mark the sorting order.
Thu Mar 01 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter.c: Fixed severe backward compatibility bug
in the final input rules - now only doing RELATED checks on
the protocols that need it, rather than everything > 513.
Mon Feb 25 2001 Tomas Junnonen <majix@sci.fi>
* src/firestarter.c: Added session managment
* !util.c/h !logread.c/h: Spring cleaning time! :)
Big code exodus from firestarter.c
Work in progress.
Sun Feb 25 2001 Tomas Junnonen <majix@sci.fi>
* src/ipchains-script.c: The policies for the input and output
chains are restored to ACCEPT at the end.
Thu Feb 22 2001 Tomas Junnonen <majix@sci.fi>
* src/lookup.c: Error dialogs for various lookup failures (Joaquín)
Tue Feb 20 2001 Tomas Junnonen <majix@sci.fi>
* src/ipchains-script.c: if statement checking for bsd_comp
was missing a ending fi. Effect: The script was left in a
deny all state.
* src/firestarter.c: Don't g_print out every line when reloading
the hit list.
* po/: Translation updates
Mon Feb 19 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: TOS rules upgraded for
IPTables 1.2.
Sun Feb 18 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c: Fixed lowercase table names
in the TOS rules (output).
Sat Feb 17 2001 Tomas Junnonen <majix@sci.fi>
* Lots of translation changes
* Bumped version for 0.6.0 release
Wed Feb 14 2001 Tomas Junnonen <majix@sci.fi>
* po/various: Brought a lot of translations up to date.
Tue Feb 13 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Resolved a spacing problem in the
incoming TCP high-port chain.
Mon Feb 12 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c: Disabling ICMP filtering really,
truly, 100% sure, allows all ICMP packets. Honest this time.
Sun Feb 11 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter.c: Added TOS configuration options
(yes!, finally - the script will DO ToS configurations)
* src/ipchains-script.c: Same
Sat Feb 10 2001 Tomas Junnonen <majix@sci.fi>
* src/druid.c: The masq intrange was not being loaded
from the GNOME registry
* src/firestarter.c: When detecting old scripts, now asks
for confirmation before removing anything. Only removes
firestarter files (instead of entire directory!)
* src/netfilter-script.c: Forward policy is now DROP
($STOP wasn't working). Minor cleanups here and there.
Fri Feb 09 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter.c: ip_conntrack module cleanups, limit increases for
ip_conntrack.
Thu Feb 08 2001 Tomas Junnonen <majix@sci.fi>
* src/ipchains-script.c, src/netfilter-script.c: Some
brackets were not properly closed.
Mon Feb 05 2001 Tomas Junnonen <majix@sci.fi>
* src/preferences.c, src/druid.c: Merged the "show masq" &
"show tos" options into a single "show all" wizard option.
* src/ipchains-script.c, src/netfilter-script.c: The Disable
ICMP Filtering wizard option REALLY disables ICMP filtering.
* src/firestarter.c: Fixed a crash problem when reloading the
hitlist. Added Paul Drain to the about box.
Sat Feb 02 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Changed the Dynamic IP hack rule in
/proc to only be active if the PPP interface is loaded.
* src/netfilter-script.c: Same
Sat Jan 27 2001 Tomas Junnonen <majix@sci.fi>
* src/firestarter.c: stop_firewall() & halt_firewall() now
checks for the locatesbin option
* src/netfilter-script.c: removed the lines setting the default
chain policy to DROP
Fri Jan 26 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Added location checks for system
binaries.
Thu Jan 25 2001 Tomas Junnonen <majix@sci.fi>
* src/netfilter-script.c: Quick fix for NAT and SSH
* src/menus.c: Added homepage url link to the Help menu
Wen Jan 24 2001 Tomas Junnonen <majix@sci.fi>
* !src/druid-choices.h, !src/druid-choices.c, src/druid.c,
src/scriptwriter.c, src/Makefile.am: Druid now remembers
choices between sessions
* src/firestarter.c: fixed segfault when removing old scripts and
running the druid again
Tue Jan 23 2001 Tomas Junnonen <majix@sci.fi>
* src/modrules.c: deny-all rules now always drop/deny
* po/ca.po configure.in: added Catalan translation from Pablo Saratxaga
* po/: fixes for es, fr, ga, and hu pot file headers
* firestarter.c: fixed a string format issue
Sat Jan 20 2001 Tomas Junnonen <majix@sci.fi>
* src/firestarter.c, src/firestarter.h, src/menus.c:
Added "Halt all network traffic" option. Needs icon.
Small appbar messaging changes.
* src/firestarter.c, src/parse.h, src/parse.c
Added proper script checks at startup:
If made for wrong kernel or a program version older than
the current version, remove scripts and start fresh.
* firestarter.spec: Removed ipchains dependency
Sun Jan 07 2001 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Finished modprobe detection, also fixed
some of the standard rules (flushing shouldn't only apply for the
filter table for example)
Mon Jan 01 2001 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c
* src/netfilter-script.c: Seperated INPUT & OUTPUT default rules
Mon Jan 01 2001 Paul Drain <pd@cipherfunk.org>
* src/preferences.c: Added Outbound Filtering checkbox. If you are
using a dialup firewall, or don't need the facility - leave this
option off.
Sun Dec 31 2000 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c
* src/ipchains-script.c: Added variables for modprobe and lsmod (some
distributions do not ship modprobe in /sbin either)
* src/preferences.c: altered the description for locate
ipchains/iptables to reflect the change above.
Sat Dec 30 2000 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c
* src/ipchains-script.c: Implemented first revision of OUTBOUND packet
filtering. NOTE: This severely breaks dial-up firewalls at present, it
will be changed into an advanced option (as it is useful for filtering
hosts) at a later date.
Sat Dec 30 2000 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: mangle & NAT tables are now only loaded
and / or flushed when the modules exist.
Fri Dec 29 2000 Paul Drain <pd@cipherfunk.org>
* src/druid.*: Merged with Tomas's changes to the wizard control panel
* src/preferences.c: Same
Thu Dec 28 2000 Tomas Junnonen <majix@sci.fi>
* src/preferences.c: moved some options around
Thu Dec 28 2000 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Removed X Windows auto reject to allow ToS
testing to work
* src/netfilter-script.c: Same
Thu Dec 28 2000 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Added standard policy rules before piping
in the modrules rules - eliminated possible security flaw.
* src/netfilter-script.c: Added initial ruleset of ToS pages.
Thu Dec 28 2000 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Added initial ruleset for ToS pages.
Wed Dec 27 2000 Tomas Junnonen <majix@sci.fi>
* src/druid.c: did some major work on the wizard, it's now white with
small graphics on each page and large graphics on splash and end
screen. Many string changes
* pixmaps/card.png
* pixmaps/left.png
* pixmaps/masq.png
* pixmaps/top.png: Added
Tue Dec 26 2000 Paul Drain <pd@cipherfunk.org>
* src/druid.c: More ToS merges - fixed the services_next page to
skip over the ToS selection if it wasn't explicitly selected in the
advanced settings
Mon Dec 25 2000 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: reverted LOADER variable fix,
completely rewrote the module autoloader hack.
* src/netfilter-script.c
* src/ipchains-script.c: changed bsd_comp / ppp_deflate loader
Mon Dec 25 2000 Tomas Junnonen <majix@sci.fi>
* src/ipchains-script.c: merged LOADER variable fix from Claudio Bley
* src/netfilter-script.c: fixed do-not-log-port not being parsed
Sun Dec 24 2000 Paul Drain <pd@cipherfunk.org>
* Changelog: Created standardized changelog to satisfy CVS requirements
Sat Dec 23 2000 Paul Drain <pd@cipherfunk.org>
* src/ipchains-script.c: Fixed 2.2 IP Masquerading Module loader
(hopefully)
* src/preferences.c: Fixed secondary occurance of destoy_filesel to
avoid killing GTK if a second version of Firestarter was loaded.
Thu Dec 21 2000 Paul Drain <pd@cipherfunk.org>
* src/druid.c: remerged NLS notebook fix from Takeshi Aihana
Wed Dec 20 2000 Paul Drain <pd@cipherfunk.org>
* src/druid.c
* src/druid.h
* src/preferences.c: First attempt at Type of Service dialog merge.
No Rulesets yet just the wizard.
Mon Dec 11 2000 Paul Drain <pd@cipherfunk.org>
* src/netfilter-script.c: Changed default rule for forwarding from DROP
to the $STOP variable
2000-11-20
* merged netfilter minor fixes and cleanups from Paul Drain
* allowing icmp echo-reply packets
* cosmetic fixes
2000-11-01
* merged netfilter target, traceroute fix and casesensitivty fix
patches from Paul Drain
* merged preference window browse buttons/frames patch Joaquín
2000-10-25
* merged icmp filtering, cleanups and iptables patches from Paul Drain
* merged reject/deny patch from Joaquín
2000-10-24
* merged smb, synflag and typo patches from Paul Drain
2000-10-21
* small cleanups here and there
2000-10-20
* added proper column optimizing and progress tailing of the hitlog
* don't query gnome_config for netfilter status anymore
2000-10-17
* added "Do not log this port" modifier
* added Logging preference sheet
2000-10-16
* restarted development....
* small build enviroment fixes here and there
* fixed RH7 i18N parse error bug
* small gfx changes
* removed some duplicate code in addrules.c
* fixed #!/bin/sh not being first line in scripts
2000-09-07
* put in the new icon set by Susan Emery
* lots of small changes here and there
* finished up the iptables support
2000-08-23
* added sound support
* preferences dialog remake
2000-08-17
* finally fixed that DHCP/IP Masquerade hostname bug
2000-08-13
* new better service determination scheme, uses /etc/services
2000-08-07
* added option to launch firewall on ppp connect
* added DHCP button to the device page
* tooltips in the wizard and preferences menu
* fixed problem with NFS and Xwindows ports
2000-08-06
* don't display masq page if only one device in the machine
* device on masq page defaults to second device in machine
2000-08-01
* firestarter now stores its scripts in the default config
file dir, for example "/etc/firestarter"
2000-07-31
* fixed the translations some more
* program now resizes itself to minimize space needed
2000-07-30
* fixed IP/Masquerade detection code
* fixed translations, honestly
2000-07-29
* added autodection of masqueraded net
* small changes to the wizard
2000-07-26
* fixed translations not working
* hitlog clist is now 'tails', i.e. the focus stays at the bottom
2000-07-24
* fixed DNS lookup crash
* fixed the dynamic rules defaulting to TCP
2000-07-21
* added a DNS lookup feature
2000-07-19
* major cleanup of firestarter.c
* added mini window icons
* added a popup menu to the docklet
* finally tracked down and fixed the segfault on exit,
looks like a bug in GNOME.
2000-07-17
* now runs the druid on the first startup.
* added "remove identical firewall hit lines" preference
* changed by default allowed upper port limit to 49151
2000-07-16
* must start using the ChangeLog again. Lazy me.
* marked a lot of strings for translation
* cleanups and code comments
* previously: released 0.3.0beta1
finished the dynamic rules functionality
added a statusbar
removed the applet code and put in a docklet
some other things I've since forgotten
2000-06-01
* added root password query using consolehelper
2000-05-31
* fixed segault that occured with malformed log entries
* fixed not closing properly when not running the applet
* fixed logs not being saved to disk properly
2000-05-30
* fixed segfault problem with older gnome libs
* code cleanup
* fixed spawning multiple wizards or pref. windows
* added option not to display applet on panel
* script now sets the TCP/IP address hacking option in proc
* other minor changes to the script and interface
2000-05-29
* second release, version 0.2.0
* firewall monitoring tool working
2000-05-12
* first public release, version 0.1
* firewall creation wizard working
distrib
>
Mandriva
>
8.2
>
i586
>
media
>
contrib
>
by-pkgid
>
73832822ba0f36f8ff21982c8e6f7a83
>
files
>
8
