summaryrefslogtreecommitdiff
path: root/ChangeLog
AgeCommit message (Collapse)Author
2008-01-03o add support for connection logging to the statistics mode via Logfile/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o minor irrelevant fixes for uncommon error paths and fix several typos o use LOG_INFO for connection logging, use LOG_NOTICE for other information o minor error handling updates
2007-12-31- hash lookup speedups based on comments from netdev's discussions/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- minor fix for hash6 in cache.c (however, ipv6 support is still broken - several updates in the TODO file
2007-12-24show error and warning messages to stderr/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-12-23o add support for related conntracks (requires Linux kernel >= 2.6.22)Ayuso/emailAddress=pablo@netfilter.org
o update leftover references to `persistent' and `nack' modes
2007-12-23rename `examples' directory to `doc'Ayuso/emailAddress=pablo@netfilter.org
2007-12-21o Use more appropriate names for the existing synchronization modes:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm
2007-12-21raise ignorepoll limit from 1024 to INT_MAX/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-12-21= conntrack =/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o fix missing `-g' and `-n' options in getopt_long control string o add support for secmark (requires Linux kernel >= 2.6.25) o add mark and secmark information to the manpage o cleanup error message = conntrackd = o add support for secmark (requires Linux kernel >= 2.6.25) o add conntrackd (8) manpage
2007-11-25Add CacheWriteThrough clause: external cache write through policy. This ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
feature is particularly useful for active-active setup without connection persistency, ie. you cannot know which firewall would filter a packet that belongs to a connection.
2007-09-12add syslog support and bump version/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-09-12Remove window tracking disabling limitation (requires Linux kernel >= 2.6.22)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-08-08improve INSTALL file/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-08-06conntrack-tools compilation problem (K.Kovacs)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-29conntrackd requires the connection tracking event API: insist more in INSTALL/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-28remove script_fault.sh script/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-28prepare 0.9.5 release/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-19- simplify cache_flush function: use cache_del()/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-18include protocol filter parameters in the manpage/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-07-18conntrackd:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- use buffer of MTU size conntrack: - better protocol argument checkings - fix per-protocol filtering, eg. conntrack -[L|E] -p tcp now works - show per-protocol help, ie. conntrack -h -p tcp - add alias --src for --orig-src and alias --dst for --orig-dst
2007-07-09- conntrack-tools requires libnetfilter_conntrack >= 0.0.81 /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- add len field to nethdr - implement buffered send/recv to batch messages - stop using netlink format for network messages: use similar TLV-based format - reduce synchronization messages size up to 60% - introduce periodic alive messages for sync-nack protocol - timeslice alarm implementation: remove alarm pthread, remove locking - simplify debugging functions: use nfct_snprintf instead - remove major use of libnfnetlink functions: use libnetfilter_conntrack API - deprecate conntrackd -F, use conntrack -F instead - major rework of the network infrastructure: much simple, less messy
2007-07-02fix dyslexia bug in Changelog (Pablo... we live in 2007, not in 2006) andsvn_t_conntrack-tools-0.9.4/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
update release date of conntrack-tools 0.9.4
2007-06-25fork when internal/external dump and commit requests are received/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-19- more cleanups and code refactorization/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- remove several debug calls - create a child to dispatch dump requests: this will help to simplify the current locking schema. Later.
2007-06-13- local requests return EXIT_FAILURE if it can't connect to the daemon/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- several cleanups
2007-06-09remove dlopen infrastructure: simplification, it was too much for it/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-09add library dependency checking/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-09- add support for `-L --src-nat' and `-L --dst-nat' to show natted connections/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- update conntrack(8) manpage
2007-06-07commit phase: if conntrack exists, update it/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-04add aliases --sport and --dport to make it more iptables-like/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-06-04o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o remove bogus option to get a conntrack in test.sh example file
2007-06-04o remove useless backlog parameter in multicast sockets/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o remove reminiscents of delay destroy message and relax transitions o remove confusing StripNAT parameter: NAT support enabled by default o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o lots of cleanups
2007-05-31fix error message in configure.in (Eric Leblond)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-05-30fix silly bug in build_network_message: out of bound memset/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-05-24simplify checksum code: use UDP/multicast checksum facilities/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-05-15add script for keepalived fault state (eg. unplugged cable/link down)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2007-05-07o introduce '--output xml,extended,timestamp' option for '-L', '-G' and '-E'/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
o several fixes for the output of usage messages
2007-05-06- update changelog/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
- use positive logic in error handling
2007-04-16- Merge conntrack and conntrackd changelogs, even if it will be dropped from ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
SVN soon. - Update INSTALL documentation
2007-04-16first step forward to merge conntrackd and conntrack into the same building ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
chain
2007-04-16initial import of the conntrack daemon to Netfilter SVN/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org
2006-03-19fix ICMP protocol extension parse callback/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2006-01-15o Add support to filter dumped entries. ie:/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
- display all the connections to IMAPS servers conntrack -L -p tcp --orig-port-dst 993 - display all the connection marked with 2 conntrack -L -m 2
2006-01-15o Added missing parameters to set the ports of an expectation tuple/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o Bumped version to 1.00beta2
2005-12-26<pablo@netfilter.org>/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o add IPv6 support: main change o removed dead code: iptables_insmod and get_modprobe o compact the commands vs. options table o move working vars from the stack to the BSS section o update manpage o Bumped version to 1.0beta1 <yasuyuki.kozakai@toshiba.co.jp> o check address family mismatch o fix incomplete copying IPv6 addresses
2005-12-19More changes to prepare upcoming ipv4 supportsvn_t_conntrack-0.991/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-12-19We only support ipv4 at the moment, set l3protonum to AF_INET/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-12-04o Restore include "conntrack.h" in ICMP handler/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
o Add missing flags coversion in SCTP handler
2005-12-03o Add support to filter events. ie: -p tcp --orig-port-dst 80 in/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
conjuction with -E to get all the requests to HTTP servers o Update manpage o Missing static function declaration in the protocol handlers o Use protocol flags defined in libnetfilter_conntrack o Kill leftover #include "conntrack.h" in the ICMP helper o Bumped version to 0.991
2005-11-22Fixed oversized number of options (Marcus Sundberg)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org
2005-11-11update changelog to reflect recent changes/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-07 14:03:36 +0000