root/fwsnort/tags/fwsnort_0_7_0/ChangeLog

Revision 191, 3.3 KB (checked in by mbr, 5 years ago)

version 0.7.0

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1fwsnort-0.7.0 (06/05/2005):
2    - Added support for the Snort pass action by using the ACCEPT target.
3    - Added support for the Snort log action by using the ULOG target
4      (which can then log the packet via the pcap writer).
5    - Added support for all fwsnort alerts to be logged via the ULOG
6      target instead of the LOG target.
7    - Added support for the "resp" keyword to allow it to drive the
8      Netfilter argument to the REJECT target.
9    - Added "pcre" to the unsupported list... this knocks the fwsnort
10      translation rate down to about 50% for Snort-2.3 rules (pcre is
11      heavily utilized).
12    - Added "priority" and "rev" to comment lines.
13
14fwsnort-0.6.5 (03/20/2005):
15    - Updated to not attempt to download Snort rules from snort.org
16      because the rules are no longer available for automatic downloads
17    - Changed the install.pl script and the --update-rules mode for
18      fwsnort to download the latest signature set from
19      http://www.bleedingsnort.com/.
20      (Snort.org is now offering pay-service around their rule sets).
21    - Added signature test for the "flowbits" keyword.
22
23fwsnort-0.6.4 (12/18/2004):
24    - Updated to Snort-2.3 rules.  FWSnort can convert a total of 1710
25      out of 2559 total Snort-2.3 rules.
26    - Updated to new Snort rules download link for --update-rules mode:
27      http://www.snort.org/dl/rules/snortrules-snapshot-CURRENT.tar.gz
28    - Updated to standard [+], [-], and [*] prefixes for info, warning
29      and die logging messages.
30    - Added --replace-string patches.
31
32fwsnort-0.6.3 (04/04/2004):
33    - Added ignore functionality for both IPs and networks
34    - Split --ipt-block into --ipt-drop and --ipt-reject to add DROP
35      or REJECT rules respectively.
36    - Added --add-deleted option to allow rules in the "deleted.rules"
37      file to be added.
38
39fwsnort-0.6.2 (03/19/2004):
40    - Added --internal-net and --dmz-net options so that internal and
41      dmz networks can be manually specified without having to parse
42      the output of ifconfig.  This is most useful for running fwsnort
43      on a linux system that is acting as a bridge where no ip addresses
44      are assigned to the interfaces.
45    - Bugfix for missing icmp-port-unreachable rejects for UDP packets.
46
47fwsnort-0.6.1 (02/01/2004):
48    - Bugfix for not adding dmz interface rules to INPUT chain.
49    - Bugfix for not getting the DMZ interface network.
50
51fwsnort-0.6 (01/04/2004):
52    - Speed increase and disk access decrease by writing iptables
53      commands to the iptables script only after all lines have been
54      generated.
55    - Bugfix for DMZ interface.
56    - Bugfix for multiple ip_proto fields.
57    - Removed the ip protocol as an allowed protocol for translation.
58    - Bugfix for negated port numbers.
59    - Removed "<-" rule direction since not even snort supports this.
60    - Fixed snort rule updates from snort.org.
61
62fwsnort-0.5 (12/21/2003):
63    - Added "-j REJECT --reject-with tcp-reset" for tcp sessions
64      if the --ipt-block option is specified.
65    - Added ability to download latest snort rules from snort.org.
66    - Added --no-ipt-jumps.
67    - Added better checking for iptables build characteristics such
68      as the LOG target and wether or not the ipv4options extension
69      is compiled in.
70    - Added config preservation code from psad in install.pl.
Note: See TracBrowser for help on using the browser.