File: ChangeLog

package info (click to toggle)
netscript-2.4 5.5.5%2Bnmu3
  • links: PTS
  • area: main
  • in suites: forky, sid, trixie
  • size: 460 kB
  • sloc: sh: 2,166; makefile: 86
file content (410 lines) | stat: -rw-r--r-- 15,943 bytes parent folder | download | duplicates (11) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
 
netscript-2.4 (5.1.0) unstable; urgency=low

  * Added initial support for laptops and whereami.  

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri, 29 Oct 2004 08:38:27 +1300

netscript-2.4 (5.0.14) unstable; urgency=medium

  * Merge in work down for NMU.
  * Get rid of startup and shutdown init calls in maintainer scripts. 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Wed, 13 Oct 2004 08:40:55 +1300

netscript-2.4 (5.0.13-0.1) unstable; urgency=high

  * Non-maintainer upload.
  * High-urgency upload for (trivial,) sarge-targetted RC bugfix
  * Replace zebra with quagga in Recommends:, since the former is no
    longer available (closes: #273043).

 -- Steve Langasek <vorlon@debian.org>  Sat,  2 Oct 2004 03:07:00 -0700

netscript-2.4 (5.0.13) unstable; urgency=low
 
  * Added fix proposed by Bart Samwel <bart@samwel.tk>, fixing problem with
    saving of filters with  'netscript ipfilter save'  Local vars MANGLE and 
    FILTER were not initialised to zero in ipv4filter_check(). Also fixed
    ipv6filter_check(). (Closes: #267151)

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sat, 28 Aug 2004 19:12:06 +1200

netscript-2.4 (5.0.12) unstable; urgency=low

  * Fix  prerm script by editing out #DEBHELPER# This fixes problem
    where netscript closes down all interfaces on package remove or purge.
    Leaving proper clean up for a month to allow people to get rid of the
    bad prerm package maintainer scripts - will go to telling debhelper
    to only install /etc/rc.d startup/shutdown symlinks. (Closes: #241989)

 -- Matthew Grant <grantma@anathoth.gen.nz>  Wed,  9 Jun 2004 12:07:49 +1200

netscript-2.4 (5.0.11) unstable; urgency=low

  * Add support for iptables policy match module to close new ipsec
    packet injection hole.
  * Changed ipfilter-defs(5) man page for new IPSEC interface name
    directives.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri, 23 Apr 2004 14:28:40 +1200

netscript-2.4 (5.0.10) unstable; urgency=low

  * Initial work to  netscript to work with the 2.6 kernel.
  * Removed configuration samples for deprecated Free S/WAN support. Free
    S/WAN KLIPS is a real mess in terms of interfaces, routing and confg
    scripts!
  * Added mentions of 2.6 kernel in most places needed.  Man pages may need
    it.
  * Removed suggestion for vrrpd - this was a failed experiment.
  * Upgraded standards version to 3.6.1. 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri, 26 Mar 2004 08:03:43 +1200

netscript-2.4 (5.0.9) unstable; urgency=low

  * Fix default case in init script. 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 23 Dec 2003 15:48:23 +1300

netscript-2.4 (5.0.8) unstable; urgency=low

  * Basically a clean up to get ready to go into unstable.
  * Changed 'net' command to 'netscript' to stop a clash with samba-comon
    in sarge and sid.
  * Changed 'net-compile' to 'netscript-compile to match above.
  * Adjusted config files and other files to match above.
  * Removed conffile as this results in duplicate config file lintian
    warnings.
  * Fixed lintian warning about 'Upstream Author(s)'.
  * Updated Debian Standards version to 3.5.7 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Mon, 15 Dec 2003 22:05:30 +0000

netscript-2.4 (5.0.7) unstable; urgency=low

  * Added work around for kernel crash bug with psd and limit modules. 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sun,  8 Jun 2003 00:12:04 +1200

netscript-2.4 (5.0.6) unstable; urgency=low

  * Added support for adjusting portscan chain psd module parameters
    to deal with high traffic situations.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Thu,  5 Jun 2003 16:12:25 +1200

netscript-2.4 (5.0.5) unstable; urgency=low

  * Previous change lost chaings in 5.0.3 with ipfilter-defs.conf.  Fixed. 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue,  3 Jun 2003 15:45:20 +1200

netscript-2.4 (5.0.4) unstable; urgency=low

  * Fixed problem with startup getting order of chains in iplcl and ipfwd 
    in correct.  This was due to 2 ways of adding chains into these, a simple
    add on start up, and then indexing for manual incremental add ins.  Gone
    to indexing mode for all additions, and made function that returns index
    into iplcl and ipfwd a lot faster (O(n) instead of O(n2).). The change
    is only in /etc/netscript/ipfilter-defs.conf, has been tested carefully, 
    and does nto affect the rest of the netscript system.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue,  3 Jun 2003 14:16:41 +1200

netscript-2.4 (5.0.3) unstable; urgency=low

  * Fixed problem with REJECT_UDP_NET - '-m STATE' should be '-m state'.
  * Added new alternative FreeS/WAN start up code for multiple interfaces.
    network.conf needs a cleanup for next release that is backwards
    compatible.
  * Fixed --pkt-type argmuents in ipfilter-defs.conf.  Fixes dropping
    of BROADCAST packets for INPUT and FORWARD chains.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Thu, 29 May 2003 09:47:28 +1200

netscript-2.4 (5.0.2) unstable; urgency=low

  * Updated ipfilter-defs.5 manpage for new compile rules below. 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Wed, 23 Apr 2003 07:58:08 +1200

netscript-2.4 (5.0.1) unstable; urgency=low

  * Added support for more logging targets, for each type of new coonnection,
    so that strings can be prepended to log messages.  New compile targets
    are LOG_BROADCAST, LOG_PROTO, LOG_UDP, LOG_TCP, LOG_UDP_NET, LOG_TCP_NET,
    LOG_NET, LOG_IFACE, LOG. The new LOG_MSG and LOG_MSG_RESET are used to 
    set the log text.
  * Added support for network addresses for UDP, and TCP.  Targets are 
    ACCEPT_TCP_NET, ACCEPT_UDP_NET, REJECT_TCP_NET, REJECT_UDP_NET,
    DROP_TCP_NET, and DROP_UDP_NET, as well as above log targets.
  * Fixed spelling bug with the net-compile run messages.
  * Fixed net-compile bug where script would compile then give up with and
    error exit, and not complete compiling when there where no rules
    defined in ipfilter-defs files.
  * Manpages left to next minor release as this one has to get out the door...

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 15 Apr 2003 11:30:46 +1200

netscript-2.4 (5.0.0) unstable; urgency=low

  * Changed netscript so that it can support compiling and configuring 
    from ipfilter-defs on start up.
  * Added type checking as much as practical to the net-compile command.
  * Updated manpages for existing commands.
  * Created manpages for ipfilter-defs.
  * Moved net-compile to /sbin from /usr/sbin.
  * Set permissions on install to 700 for ipfilter-defs directory as it
    contains security information.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Mon, 24 Mar 2003 15:09:50 +1200

netscript-2.4 (4.23) unstable; urgency=low

  * Added MARTIAN_BYPASS to ipf4_martians so that some source addresses
    can be by passed in martians check.
  * Fixed some of the examples in ipfilter-defs configuration.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Wed, 26 Feb 2003 15:36:08 +1300

netscript-2.4 (4.22) unstable; urgency=low

  * Made some corrections for missing files etc.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 25 Feb 2003 14:08:57 +1300

netscript-2.4 (4.21) unstable; urgency=low

  * Initial packaging of net compile functionality for IPv4.
    Documentation will be in next one, this is a trial build an run package.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 25 Feb 2003 13:38:46 +1300

netscript-2.4 (4.20) unstable; urgency=low

  * Fix bug with interface type stop functions not execuiting due to 
    missing 'type' keyword.
  * Made /sbin/net work with non modular kernels, in the case where lsmod
    is not installed, and where it is.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sat,  1 Feb 2003 17:03:45 +1300

netscript-2.4 (4.19) unstable; urgency=low

  * Install missing changelog... 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Thu, 16 Jan 2003 11:43:13 +1300

netscript-2.4 (4.18) unstable; urgency=low

  * Removed Debian sub versioning as the debian package is maintained in 
    parallel to the source.
  * Removed vrrpd code as the daemon is unstable.  Included example of how
    to get package going with heartbeat.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Thu, 16 Jan 2003 10:53:45 +1300

netscript-2.4 (4.17-1) unstable; urgency=low

  * Fixed bug with /32 and /128 netmasks not being given in ethx_IPADDR.
  * Made VRRPD code work properly... - stopped new address code removing 
    VRRPD IP addresses.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Wed,  8 Jan 2003 10:13:03 +1300

netscript-2.4 (4.16-1) unstable; urgency=low

  * Adjusted module loading for ipt_helper module in 2.4.20
  * Fixed bug with deleting extraneous bridges where interfaces
    on running bridges were assumed to be disused bridges.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri,  3 Jan 2003 12:10:38 +1300

netscript-2.4 (4.15-1) unstable; urgency=low

  * Add support for vrrpd daemon.
  * Revamp the handling of the forwarding switch, and add commands to help 
    handle it.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Mon, 30 Dec 2002 15:38:56 +1300

netscript-2.4 (4.14-1) unstable; urgency=low

  * Add ingress check rule and portscan chan for psd module to ipfilter.conf
  * Make ipfilter.conf test for and load /etc/netscript/ipfilter-local.conf
    if present.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 26 Nov 2002 13:12:19 +1300

netscript-2.4 (4.13-1) unstable; urgency=low

  * Fix ipsec modules not unloading on 'net stop'.  Function
    call was missing in stop_mod().

 -- Matthew Grant <grantma@anathoth.gen.nz>  Mon, 18 Nov 2002 15:00:34 +1300

netscript-2.4 (4.12-1) unstable; urgency=low

  * Fixed ipsec startup to deal with Free S/WAN .pid files if the machine
    went off because of power failure - ipsec0 was not starting
  * Fixed problem with source blocking in the IPv4 inbrdr chain creation
    - inbound source blocking was setting the destination instead of the 
    source address.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sun, 10 Nov 2002 10:03:49 +1300

netscript-2.4 (4.11-1) unstable; urgency=low

  * Added support to load and unload Free S/WAN ipsec module, and extension
    modules as found in Debian Woody, and used in the Debian Router Project.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 29 Oct 2002 22:57:36 +1300

netscript-2.4 (4.10-2) unstable; urgency=low

  * Fixed some of the comments in the network.conf file to make things 
    clearer.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 29 Oct 2002 06:55:51 +1300

netscript-2.4 (4.10-1) unstable; urgency=low

  * New Upstream Version
  * Fix problem with mangling set up preventing Free S/WAN from working 
    properly - packet mangling was causing rerouting of ESP packets back
    into ipsec0 tunnel device...
  * Added support for adding static routes/static ARPs on interface 
    start/reload.
  * Added support for subordinate interfaces (for controlling
    tunnels etc).

 -- Matthew Grant <grantma@anathoth.gen.nz>  Mon, 28 Oct 2002 23:22:56 +1300

netscript-2.4 (4.04-2) unstable; urgency=low

  * Fix up Free S/WAN start up so that rp_filter can be used...

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri, 18 Oct 2002 10:24:24 +1300

netscript-2.4 (4.04-1) unstable; urgency=low

  * Fix IPv4 icmp chain creation barfing because of conflict with protocol 
    name... go figure.
  * Add support for Free S/WAN ipsec on one interface.
  * Add support for interface shutdown to chain shutdown of tunnel interfaces
    with manual manipulation...

 -- Matthew Grant <grantma@anathoth.gen.nz>  Wed, 16 Oct 2002 11:28:30 +1300

netscript-2.4 (4.03-1) unstable; urgency=low

  * New upstream release with fix for dynamic interfaces that don't exist 
    at boot, otherwise you cannot manually start them.
  * Fix minor problem with hlp output and long interface lists.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri,  4 Oct 2002 11:26:08 +1200

netscript-2.4 (4.02-1) unstable; urgency=low

  * New upstream release with tweaks and support for new 2.4.18-ac3 router
    kernels.
  * Added support for having iptables base modules compiled into the kernel
    by putting test into /sbin/net load_module() to test if base module
    is on the file system.
  * Added support for the following iptables 1.2.6a modules which have special
    dependencies:
    ipt_conntrack, ipt_NETMAP, ipt_SAME, ipt_POOL, ip_pool, and ipt_pool.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Tue, 26 Mar 2002 12:17:56 +1200

netscript-2.4 (4.01-1) unstable; urgency=low

  * Added corrected ppp interface stuff to network.conf
  * Corrected some documentation in network.conf about QoS

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri, 28 Dec 2001 14:25:27 +1300

netscript-2.4 (4.0-4) unstable; urgency=low

  * Changed permissions of /etc/netscript/network.conf and ipfilter.conf 
    to 0644 from 0600  as they do not contain information that is that 
    sensitive anymore.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Mon, 10 Dec 2001 20:52:24 +1300

netscript-2.4 (4.0-3) unstable; urgency=low

  * Fixed problems with build depends by switching to 'Build-Depends-Indep'. 

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sat,  8 Dec 2001 11:26:46 +1300

netscript-2.4 (4.0-2) unstable; urgency=low

  * Fixed problem with Build-Depends being in binary section of control file,
    and not being in the Source section as required.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Wed,  5 Dec 2001 15:05:02 +1300

netscript-2.4 (4.0-1) unstable; urgency=low

  * New version 4.0 with the following major changes
  * Converted to kernel 2.4.x, and iptables
  * Added IPv6 support, ip6tables and IPv6 interface configuration.
  * Removed filter and masquerade listing support as people should be using 
    the iptables commands
  * All the old ipchains filtering scripts have been removed and
    replaced with shell script fragments via the ipfilter exec command.
  * Configuration is now saved to disk using the iptables-restore 
    and iptables save commands (IPv4 and IPv6).
  * Converted output messages to Debian format
  * Added code to load/unload iptables and QoS modules on start
    and stop.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sat,  1 Dec 2001 14:33:21 +1300

netscript-2.2 (3.03-0potato1) unstable; urgency=low

  * Added ability to set/override multicast fflag and mtu of interface
  * Added IP source IP/network specification to DMZ_OPEN_DEST and 
    DMZ_CLOSED_DEST lists for DMZ network access control filters

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sun, 21 Jan 2001 22:54:16 +1300

netscript-2.2 (3.02-0potato1) unstable; urgency=low

  * Fixed problem with OSPF multicasts being blocked by the external 
    interface filtering.  The obstruction could cause problems with 
    Zebra ospfd and other OSPF daemons in general.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Thu,  7 Dec 2000 08:35:49 +1300

netscript-2.2 (3.01-0potato1) unstable; urgency=low

  * Removed unused INTERN_IF variable from network.conf
  * Fixed QoS reload for PPP interfaces
  * Reworked QoS loading for PP interfaces to make it nicer

 -- Matthew Grant <grantma@anathoth.gen.nz>  Sun,  3 Dec 2000 17:41:22 +1300

netscript-2.2 (3.0-0.9) unstable; urgency=low

  * Initial Release.
  * first release in a tar ball format.  This basically a
    rehash of what is in LRP Eiger.
  * More chains used to reduce CPU load on router filtering
    operations,
  * QoS made usable b y adding reload commands and providing
    facility to set aside lumps of bandwidth
  * More options provided to net command to make it more
    intiuitive to use
  * Added ability to list individual chains
  * Adapted for Debian and overhauled it to increase effeciency.
  * As this package will change rapidly, man pages are not available but
    will be written when stabilised.

 -- Matthew Grant <grantma@anathoth.gen.nz>  Fri, 24 Nov 2000 17:07:15 +1300

Local variables:
mode: debian-changelog
End: