vyatta-conntrack (0.54+hydrogen2) unstable; urgency=low * Bug #185: ensure nf_conntrack_netlink module is loaded. -- Daniil Baturin Sun, 27 Apr 2014 02:28:51 +0200 vyatta-conntrack (0.54+hydrogen1) unstable; urgency=low * New branch -- Daniil Baturin Sun, 17 Nov 2013 00:22:36 +0100 vyatta-conntrack (0.54+daisy2) unstable; urgency=low * Change timer to timeout value -- Gaurav Sinha Thu, 18 Oct 2012 16:32:27 -0700 vyatta-conntrack (0.54+daisy1) unstable; urgency=low * create daisy branch -- John Southworth Sat, 13 Oct 2012 13:30:55 -0700 vyatta-conntrack (0.54) unstable; urgency=low * new branch -- John Southworth Fri, 12 Oct 2012 19:47:15 -0700 vyatta-conntrack (0.53) unstable; urgency=low * re-order src/dest rules if multiport used -- Gaurav Sinha Mon, 10 Sep 2012 15:27:07 -0700 vyatta-conntrack (0.52) unstable; urgency=low * 8325: do port check on negated protocol input -- Gaurav Sinha Mon, 10 Sep 2012 15:14:35 -0700 vyatta-conntrack (0.51) unstable; urgency=low * fixing 8338: support multiport options in conntrack timeouts -- Gaurav Sinha Mon, 10 Sep 2012 13:04:37 -0700 vyatta-conntrack (0.50) unstable; urgency=low * Fixing rule minimal checks, fixing tcp / udp checks * remove tcp_udp from help in protocols -- Gaurav Sinha Tue, 04 Sep 2012 13:39:03 -0700 vyatta-conntrack (0.49) unstable; urgency=low * Dont allow shim6 among other ipv6 protocols in list of allowed protocols for conntrack ignore -- Gaurav Sinha Wed, 29 Aug 2012 16:54:12 -0700 vyatta-conntrack (0.48) unstable; urgency=low * Fix 8308, use C version of vyatta-validate-type, also fixing handling negation as per iptables in script -- Gaurav Sinha Wed, 29 Aug 2012 16:32:14 -0700 vyatta-conntrack (0.47) unstable; urgency=low * initial commit for 8067 * Initial conntrack-ignore rule handling script. * fixing rule creation * fix rule deletion and modification * Fixed protocols allowed script, use same as NAT, fixed protocol parsing * Add show conntrack ignore command for showing conntrack ignore rules with packet, byte statistics * changed any to 0.0.0.0, all based on field, minor modifications in show script * remove numerically sort function, not needed anymore. * Fix bug with statistics, count should double increment * 0.46 -- Gaurav Sinha Wed, 22 Aug 2012 17:41:31 -0700 vyatta-conntrack (0.46) unstable; urgency=low * initial commit for 8067 * Initial conntrack-ignore rule handling script. * fixing rule creation * fix rule deletion and modification * Fixed protocols allowed script, use same as NAT, fixed protocol parsing * Add show conntrack ignore command for showing conntrack ignore rules with packet, byte statistics * changed any to 0.0.0.0, all based on field, minor modifications in show script * remove numerically sort function, not needed anymore. * Fix bug with statistics, count should double increment -- Gaurav Sinha Wed, 22 Aug 2012 17:40:53 -0700 vyatta-conntrack (0.45) unstable; urgency=low * check protocol timers are configured on commit: bug 8216 -- Gaurav Sinha Wed, 25 Jul 2012 17:10:40 -0700 vyatta-conntrack (0.44) unstable; urgency=low * fix bug 8165 * 0.42 * 0.43 -- Gaurav Sinha Wed, 20 Jun 2012 19:37:47 -0700 vyatta-conntrack (0.43) unstable; urgency=low * fix bug 8165 * 0.42 -- Gaurav Sinha Wed, 20 Jun 2012 16:18:58 -0700 vyatta-conntrack (0.42) unstable; urgency=low * fix bug 8165 -- Gaurav Sinha Wed, 20 Jun 2012 16:18:28 -0700 vyatta-conntrack (0.41) unstable; urgency=low * fix 8112 -- Gaurav Sinha Mon, 18 Jun 2012 15:25:39 -0700 vyatta-conntrack (0.40) unstable; urgency=low * 0.39 -- Gaurav Sinha Thu, 14 Jun 2012 11:22:28 -0700 vyatta-conntrack (0.39) unstable; urgency=low * remove unwanted functions -- Gaurav Sinha Thu, 14 Jun 2012 11:19:41 -0700 vyatta-conntrack (0.38) unstable; urgency=low * re-factored deletion code, disabling module scripts fixed -- Gaurav Sinha Thu, 07 Jun 2012 23:20:41 -0700 vyatta-conntrack (0.37) unstable; urgency=low [ Gaurav ] * initial CLI for NFS and SQLnet modules [ Gaurav Sinha ] * CLI to add nfs/SQLnet module helpers * ensure single reload of conntrackd daemon * fix help strings * remove SQLnet * change default behavior, added vyatta-cthelper.pl * add vyatta-cthelper.pl, disable nodes, add/remove functions for chain * delete enable config node -- Gaurav Sinha Wed, 06 Jun 2012 21:03:37 -0700 vyatta-conntrack (0.36) unstable; urgency=low * Fix nfct path as per new packaging due to cthelper -- Gaurav Sinha Tue, 05 Jun 2012 22:05:11 -0700 vyatta-conntrack (0.35) unstable; urgency=low * fixing 7998 -- Gaurav Sinha Mon, 16 Apr 2012 11:11:07 -0700 vyatta-conntrack (0.34) unstable; urgency=low * fixing bug 7861, resolve protocol name from /etc/protocols. -- Gaurav Mon, 09 Apr 2012 18:07:47 -0700 vyatta-conntrack (0.33) unstable; urgency=low * introducing CT_TIMEOUT chain with related fixes. * 0.28+oxnard4 -- Gaurav Fri, 23 Mar 2012 18:04:51 -0700 vyatta-conntrack (0.32) unstable; urgency=low [ Gaurav Sinha ] * 0.31 [ Gaurav ] -- Gaurav Tue, 20 Mar 2012 20:41:08 -0700 vyatta-conntrack (0.31) unstable; urgency=low [ Gaurav Sinha ] * Initial commit for per-flow timeout CLI * Removed unwanted address-group/network group etc. from CLI * adding an initial version of conntrack-timeouts script * timeouts script, and new nodes [ Gaurav ] * timeout script, similar to firewall one, with a few differences. * Adding rule and address setup/parsing libraries * Removing newly added file AddressFilterCT.pm. * removing AddressFilterCT.pm * modified to use AddressFilter from IpTables * adding various timers in custom rule template * changing structure of hashes kept for timeouts * Add function to create nfct-timeout policy * Fixing templates to avoid defaults since these rules override the global defaults * Fixing nfct-command string:only modified timer is included in the command * Removed default timeouts for override udp/icmp/other, fixed minor bugs * Error checks for ports with other/icmp, as not allowed * Adding deletion, error handling etc. * adding apply/remove policy function, still dummy * add run_cmd function with error checking * re-factored * handle modification, disabled error handling for now as iptables does not support timeout target yet * do_protocol_check function, mandates one protocol subtree per rule max * Updated help strings to avoid confusion with global timeouts * check presence of protocol config subtree * Using connection instead of flow to refer to 5 tuple in help strings * changing nfct-timeout to nfct timeout * use right path of the nfct executable [ Gaurav Sinha ] * use add instead of create, use inet, pre-pend protocol to iptables rule * fixed generic timeout, udp stream->replied and other->unreplied, fixed bug with protocol string comparision * delete nfct fixed, use only policy name, modified deletion function -- Gaurav Sinha Sat, 17 Mar 2012 13:08:57 -0700 vyatta-conntrack (0.30) unstable; urgency=low * fixing 7866 -- Gaurav Sinha Fri, 16 Mar 2012 15:42:47 -0700 vyatta-conntrack (0.28+oxnard1) unstable; urgency=low * new branch -- Deepti Kulkarni Sat, 03 Mar 2012 02:23:06 -0800 vyatta-conntrack (0.28) unstable; urgency=low * reset epoch * Make sure all node.def files have newline at end of file -- Stephen Hemminger Thu, 16 Feb 2012 08:40:17 -0800 vyatta-conntrack (0.27) unstable; urgency=low * Force release -- Daniil Baturin Wed, 04 Jan 2012 01:56:07 +0700 vyatta-conntrack (0.26) unstable; urgency=low [ Stephen Hemminger ] * Fix compiler warnings [ Daniil Baturin ] * Something looking like a real fix for SIP port update problem. -- Daniil Baturin Thu, 29 Dec 2011 01:27:44 +0700 vyatta-conntrack (0.25) unstable; urgency=low * Corrected incorrect malloc. -- Deepti Kulkarni Wed, 21 Dec 2011 10:16:27 -0800 vyatta-conntrack (0.24) unstable; urgency=low * Improved validation of command syntax. -- Deepti Kulkarni Mon, 19 Dec 2011 15:04:30 -0800 vyatta-conntrack (0.23) unstable; urgency=low * Updating references to ConntrackUtil perl module -- Gaurav Sinha Fri, 16 Dec 2011 13:15:44 -0800 vyatta-conntrack (0.22) unstable; urgency=low * Resolved merge errors from Makefile. -- Deepti Kulkarni Fri, 16 Dec 2011 04:22:07 -0800 vyatta-conntrack (0.21) unstable; urgency=low * Fixing broken build as a result of merge -- Gaurav Sinha Thu, 15 Dec 2011 17:46:10 -0800 vyatta-conntrack (0.20) unstable; urgency=low [ Daniil Baturin ] * Add default value for SIP port. * Dirty hack for SIP port option. [ Gaurav Sinha ] * Bug 7676: including unstaged changes for 7677 -- Gaurav Sinha Thu, 15 Dec 2011 17:26:32 -0800 vyatta-conntrack (0.19) unstable; urgency=low * Fix version check on boot, doesn't depend on version string -- Daniil Baturin Thu, 15 Dec 2011 04:16:07 +0700 vyatta-conntrack (0.18) unstable; urgency=low * Add messages to syslog on daemon start, stop or crash. -- Deepti Kulkarni Tue, 13 Dec 2011 14:28:35 -0800 vyatta-conntrack (0.17) unstable; urgency=low * Bug fix 7397 - Conntrack log creation and deletion. -- Deepti Kulkarni Tue, 13 Dec 2011 02:50:50 -0800 vyatta-conntrack (0.16) unstable; urgency=low * Bug 7680: Fixed sentence displayed in deletion -- Gaurav Sinha Mon, 12 Dec 2011 15:34:37 -0800 vyatta-conntrack (0.15) unstable; urgency=low [ Daniil Baturin ] * Fix year in package copyright file. * Handle the case of missing config version on reboot properly. [ Gaurav Sinha ] * Bug 7677:Allow quiet mode for delete conntrack command to -- Gaurav Sinha Mon, 12 Dec 2011 15:09:59 -0800 vyatta-conntrack (0.14) unstable; urgency=low * Bug 7675:Allow any and combination of any with port in conntrack entry show / deletion commands -- Gaurav Sinha Fri, 09 Dec 2011 14:06:07 -0800 vyatta-conntrack (0.13) unstable; urgency=low * Fix a mistype in conntrack top-level node.def (1638 instead of 16384) * Add a case for pre-oxnard config boot to check-params-on-reboot -- Daniil Baturin Fri, 02 Dec 2011 08:00:42 +0700 vyatta-conntrack (0.12) unstable; urgency=low * Move check-params-on-reboot script from firewall, change paths acordingly. * Update automake rules to include check-params-on-reboot script. * Get conntrack default values to sync with kernel defaults. -- Daniil Baturin Wed, 23 Nov 2011 21:43:40 +0700 vyatta-conntrack (0.11) unstable; urgency=low * bug 7411: IPv6 check added to show / delete -- Gaurav Sinha Mon, 21 Nov 2011 15:04:09 -0800 vyatta-conntrack (0.10) unstable; urgency=low * bug 7411: IPv6 conntrack delete code, updated formatting -- Gaurav Sinha Thu, 17 Nov 2011 17:08:03 -0800 vyatta-conntrack (0.9) unstable; urgency=low * bug ID 7411: added output format for IPv6 show command -- Gaurav Sinha Thu, 17 Nov 2011 14:07:18 -0800 vyatta-conntrack (0.8) unstable; urgency=low * bug 7411:IPv6 show command: validation added -- Gaurav Sinha Wed, 16 Nov 2011 17:00:43 -0800 vyatta-conntrack (0.7) unstable; urgency=low * bug 7411:IPv6 show command without port -- Gaurav Sinha Wed, 16 Nov 2011 13:54:01 -0800 vyatta-conntrack (0.6) unstable; urgency=low * bug 7411:Added initial code for IPv6, templates and script -- Gaurav Sinha Wed, 16 Nov 2011 11:50:11 -0800 vyatta-conntrack (0.5) unstable; urgency=low * Bug 7411: improving validations for IPv4 address / port combinations for conntrack -- Gaurav Sinha Tue, 15 Nov 2011 11:40:19 -0800 vyatta-conntrack (0.4) unstable; urgency=low * Bug 7411: Initial commit for conntrack entry deletion / show op mode commands -- Gaurav Sinha Mon, 14 Nov 2011 16:33:04 -0800 vyatta-conntrack (0.3) unstable; urgency=low * Remove files mistakanly inherited from vyatta-cfg-system. * Move templates t templates-cfg to let op mode templates also exist. * Fix dependencies. * Fix mistake in dependencies. * Fix debian control not to break update of vyatta-cfg-firewall * Fix automake rules to match new name of cfg templates directory. * Move conntrack modprobe config from firewall. -- Daniil Baturin Sat, 05 Nov 2011 06:11:05 +0700 vyatta-conntrack (0.2) unstable; urgency=low * Force build -- Daniil Baturin Fri, 04 Nov 2011 05:42:18 +0700 vyatta-conntrack (0.1) unstable; urgency=low * Initial Release. -- Daniil Baturin Thu, 3 Nov 2011 12:31:53 -0700