root/fwsnort/tags/fwsnort_0_7_0/ChangeLog

Revision 191, 3.3 kB (checked in by mbr, 4 years ago)

version 0.7.0

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1 fwsnort-0.7.0 (06/05/2005):
2     - Added support for the Snort pass action by using the ACCEPT target.
3     - Added support for the Snort log action by using the ULOG target
4       (which can then log the packet via the pcap writer).
5     - Added support for all fwsnort alerts to be logged via the ULOG
6       target instead of the LOG target.
7     - Added support for the "resp" keyword to allow it to drive the
8       Netfilter argument to the REJECT target.
9     - Added "pcre" to the unsupported list... this knocks the fwsnort
10       translation rate down to about 50% for Snort-2.3 rules (pcre is
11       heavily utilized).
12     - Added "priority" and "rev" to comment lines.
13
14 fwsnort-0.6.5 (03/20/2005):
15     - Updated to not attempt to download Snort rules from snort.org
16       because the rules are no longer available for automatic downloads
17     - Changed the install.pl script and the --update-rules mode for
18       fwsnort to download the latest signature set from
19       http://www.bleedingsnort.com/.
20       (Snort.org is now offering pay-service around their rule sets).
21     - Added signature test for the "flowbits" keyword.
22
23 fwsnort-0.6.4 (12/18/2004):
24     - Updated to Snort-2.3 rules.  FWSnort can convert a total of 1710
25       out of 2559 total Snort-2.3 rules.
26     - Updated to new Snort rules download link for --update-rules mode:
27       http://www.snort.org/dl/rules/snortrules-snapshot-CURRENT.tar.gz
28     - Updated to standard [+], [-], and [*] prefixes for info, warning
29       and die logging messages.
30     - Added --replace-string patches.
31
32 fwsnort-0.6.3 (04/04/2004):
33     - Added ignore functionality for both IPs and networks
34     - Split --ipt-block into --ipt-drop and --ipt-reject to add DROP
35       or REJECT rules respectively.
36     - Added --add-deleted option to allow rules in the "deleted.rules"
37       file to be added.
38
39 fwsnort-0.6.2 (03/19/2004):
40     - Added --internal-net and --dmz-net options so that internal and
41       dmz networks can be manually specified without having to parse
42       the output of ifconfig.  This is most useful for running fwsnort
43       on a linux system that is acting as a bridge where no ip addresses
44       are assigned to the interfaces.
45     - Bugfix for missing icmp-port-unreachable rejects for UDP packets.
46
47 fwsnort-0.6.1 (02/01/2004):
48     - Bugfix for not adding dmz interface rules to INPUT chain.
49     - Bugfix for not getting the DMZ interface network.
50
51 fwsnort-0.6 (01/04/2004):
52     - Speed increase and disk access decrease by writing iptables
53       commands to the iptables script only after all lines have been
54       generated.
55     - Bugfix for DMZ interface.
56     - Bugfix for multiple ip_proto fields.
57     - Removed the ip protocol as an allowed protocol for translation.
58     - Bugfix for negated port numbers.
59     - Removed "<-" rule direction since not even snort supports this.
60     - Fixed snort rule updates from snort.org.
61
62 fwsnort-0.5 (12/21/2003):
63     - Added "-j REJECT --reject-with tcp-reset" for tcp sessions
64       if the --ipt-block option is specified.
65     - Added ability to download latest snort rules from snort.org.
66     - Added --no-ipt-jumps.
67     - Added better checking for iptables build characteristics such
68       as the LOG target and wether or not the ipv4options extension
69       is compiled in.
70     - Added config preservation code from psad in install.pl.
Note: See TracBrowser for help on using the browser.