root/fwknop/tags/fwknop-1.9.3/ChangeLog.svn

Revision 1052, 6.3 kB (checked in by mbr, 8 months ago)

ipt SNAT fix

Line 
1 ------------------------------------------------------------------------
2 r1051 | mbr | 2008-04-05 22:55:25 -0400 (Sat, 05 Apr 2008) | 1 line
3 Changed paths:
4    M /fwknop/tags/fwknop-1.9.3/fwknopd
5
6 merged in iptables SNAT fix for parsed ipt config vars from fwknop.conf
7 ------------------------------------------------------------------------
8 r1049 | mbr | 2008-04-05 00:11:47 -0400 (Sat, 05 Apr 2008) | 1 line
9 Changed paths:
10    A /fwknop/tags/fwknop-1.9.3 (from /fwknop/branches/fwknop-1.9.3:1048)
11
12 tagged fwknop-1.9.3 release
13 ------------------------------------------------------------------------
14 r1048 | mbr | 2008-04-05 00:11:13 -0400 (Sat, 05 Apr 2008) | 1 line
15 Changed paths:
16    A /fwknop/branches/fwknop-1.9.3/ChangeLog.svn
17
18 Added ChangeLog.svn file to track -r 1047:1031
19 ------------------------------------------------------------------------
20 r1047 | mbr | 2008-04-05 00:04:23 -0400 (Sat, 05 Apr 2008) | 1 line
21 Changed paths:
22    A /fwknop/branches/fwknop-1.9.3 (from /fwknop/trunk:1046)
23
24 created fwknop-1.9.3 branch
25 ------------------------------------------------------------------------
26 r1046 | mbr | 2008-04-05 00:03:29 -0400 (Sat, 05 Apr 2008) | 1 line
27 Changed paths:
28    M /fwknop/trunk/ChangeLog
29    M /fwknop/trunk/VERSION
30    M /fwknop/trunk/fwknop
31    M /fwknop/trunk/fwknopd
32    M /fwknop/trunk/knoptm
33    M /fwknop/trunk/knopwatchd.c
34    M /fwknop/trunk/packaging/fwknop.spec
35    M /fwknop/trunk/test/fwknop_test.pl
36
37 version 1.9.3
38 ------------------------------------------------------------------------
39 r1045 | mbr | 2008-03-30 15:51:03 -0400 (Sun, 30 Mar 2008) | 3 lines
40 Changed paths:
41    M /fwknop/trunk/ChangeLog
42    M /fwknop/trunk/fwknop
43
44 - Added hex_dump() feature for fwknop client so that raw encrypted SPA
45 packet data can be displayed in --verbose mode.
46
47 ------------------------------------------------------------------------
48 r1044 | mbr | 2008-03-30 15:46:47 -0400 (Sun, 30 Mar 2008) | 1 line
49 Changed paths:
50    M /fwknop/trunk/ChangeLog
51
52 SNAT blurb update
53 ------------------------------------------------------------------------
54 r1043 | mbr | 2008-03-30 15:42:23 -0400 (Sun, 30 Mar 2008) | 1 line
55 Changed paths:
56    M /fwknop/trunk/fwknop.conf
57
58 minor typo fix
59 ------------------------------------------------------------------------
60 r1042 | mbr | 2008-03-30 15:42:06 -0400 (Sun, 30 Mar 2008) | 1 line
61 Changed paths:
62    M /fwknop/trunk/fwknop.conf
63    M /fwknop/trunk/fwknopd
64
65 updated to only apply SNAT rules if ENABLE_IPT_SNAT is enabled, since usually internal systems will have a route back out through the default gateway
66 ------------------------------------------------------------------------
67 r1041 | mbr | 2008-03-24 22:20:37 -0400 (Mon, 24 Mar 2008) | 1 line
68 Changed paths:
69    M /fwknop/trunk/ChangeLog
70
71 minor spelling fix
72 ------------------------------------------------------------------------
73 r1039 | mbr | 2008-03-24 22:17:24 -0400 (Mon, 24 Mar 2008) | 1 line
74 Changed paths:
75    M /fwknop/trunk/VERSION
76    M /fwknop/trunk/fwknop
77    M /fwknop/trunk/fwknopd
78    M /fwknop/trunk/knoptm
79    M /fwknop/trunk/knopwatchd.c
80    M /fwknop/trunk/test/fwknop_test.pl
81
82 1.9.3-pre1
83 ------------------------------------------------------------------------
84 r1038 | mbr | 2008-03-24 22:16:44 -0400 (Mon, 24 Mar 2008) | 1 line
85 Changed paths:
86    M /fwknop/trunk/ChangeLog
87
88 more 1.9.3 additions
89 ------------------------------------------------------------------------
90 r1037 | mbr | 2008-03-24 22:15:35 -0400 (Mon, 24 Mar 2008) | 1 line
91 Changed paths:
92    M /fwknop/trunk/fwknop
93    M /fwknop/trunk/knoptm
94
95 Id + Revision tag expansion
96 ------------------------------------------------------------------------
97 r1036 | mbr | 2008-03-24 22:15:03 -0400 (Mon, 24 Mar 2008) | 1 line
98 Changed paths:
99    M /fwknop/trunk/fwknopd
100
101 Id + Revision tag expansion
102 ------------------------------------------------------------------------
103 r1035 | mbr | 2008-03-24 22:11:34 -0400 (Mon, 24 Mar 2008) | 1 line
104 Changed paths:
105    M /fwknop/trunk/fwknopd
106
107 Id + Revision tag expansion test
108 ------------------------------------------------------------------------
109 r1034 | mbr | 2008-03-24 21:49:34 -0400 (Mon, 24 Mar 2008) | 16 lines
110 Changed paths:
111    M /fwknop/trunk/ChangeLog
112    M /fwknop/trunk/TODO
113    M /fwknop/trunk/fwknop.conf
114    M /fwknop/trunk/fwknopd
115    M /fwknop/trunk/knoptm
116    M /fwknop/trunk/test/conf/blacklist_fwknop.conf
117    M /fwknop/trunk/test/conf/default_fwknop.conf
118    M /fwknop/trunk/test/conf/forward_chain_fwknop.conf
119    M /fwknop/trunk/test/conf/md5_fwknop.conf
120    M /fwknop/trunk/test/conf/no_promisc_fwknop.conf
121    M /fwknop/trunk/test/conf/output_chain_fwknop.conf
122    M /fwknop/trunk/test/conf/pcap_file_fwknop.conf
123    M /fwknop/trunk/test/conf/sha1_fwknop.conf
124    M /fwknop/trunk/test/conf/sha256_fwknop.conf
125    M /fwknop/trunk/test/conf/spa_aging_fwknop.conf
126
127 - Added MASQUERADE and SNAT support to compliment inbound DNAT connections
128 for SPA packets that request --Forward-access to internal systems.  This
129 functionality is only enabled when ENABLE_IPT_FORWARDING is set, and is
130 governed by two new variables IPT_MASQUERADE_ACCESS and IPT_SNAT_ACCESS
131 which define the iptables interface to creating SNAT rules.  By default,
132 the MASQUERADE target is used because this means that the external IP
133 does not have to be manually defined.  However, is ENABLE_IPT_SNAT is
134 enabled, then the IPT_SNAT_ACCESS definitions are used, and the external
135 SNAT IP is defined by the SNAT_TRANSLATE_IP variable.
136 - When ENABLE_IPT_FORWARDING is set, added a check for the value of the
137 /proc/sys/net/ipv4/ip_forward file to ensure that the local system
138 allows packets to be forwarded.  Unless ENABLE_PROC_IP_FORWARD is
139 disabled, then fwknopd will automatically set the ip_forward file to "1"
140 if it is set to "0" (again, only if ENABLE_IPT_FORWARDING is enabled).
141 - Minor bugfix to remove sys_log() call in legacy port knocking mode.
142
143 ------------------------------------------------------------------------
144 r1033 | mbr | 2008-03-24 19:06:40 -0400 (Mon, 24 Mar 2008) | 1 line
145 Changed paths:
146    M /fwknop/trunk/test/fwknop_test.pl
147
148 updated to always reference the default_fwknop.conf file for fwknopd commands control commands (--fw-list, etc.)
149 ------------------------------------------------------------------------
150 r1032 | mbr | 2008-03-24 19:05:41 -0400 (Mon, 24 Mar 2008) | 1 line
151 Changed paths:
152    M /fwknop/trunk/fwknop.h
153
154 removed unused check_import_config() function
155 ------------------------------------------------------------------------
Note: See TracBrowser for help on using the browser.