firewall-easy (0.41-1) unstable; urgency=low

  * firewall-easy debug (start with debug=yes)
  * allow RST inputs in lo for testfw go fast when RSTALLDENY & RST_TO=0/0
  * "debug  "  ->  " debug " to indent
  * outputs of nmap in testfw to /dev/null
  * Load firewall-easy.conf first (no import needed) to USERCONN to work
  * Order in conntrack by time, source IP & port, position
  * Added config vars USERCONN, USERREPLY to filter outputs by packet's owner
  *    allowing starting connections or just reply.
  *    Possible values "", ALL, NO, user
  * replace my email to manel3@wanadoo.es everywhere
  * TEST: 'owner gid' does not work with normal users added to a group
  *    so I only use USERCONN and USERREPLY
  * firewall-easy-mon:Bug fixed with icmp "packet [another packet]" log entries
  * lo:0 down after use (three minutes)
  * man conntrack: bug /proc/net/ip_conntrack 2.4.18/19 not showing connections

 -- Manel Marin <manel3@wanadoo.es>  Sun, 10 Nov 2002 19:48:23 +0100

firewall-easy (0.40-1) unstable; urgency=low

  * Debian compliant, everything in English, bugs and enhacements release
  *!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  *!! WARNING: firewall-easy.conf var names changing to English breaks previous
  *!!     config files: IT MUST BE REPLACED AND RECONFIGURED
  *!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  * Split scripts between /usr/bin, /usr/sbin, and /usr/lib/firewall-easy
  *	depending on no-root-user usability
  * Created a wrapper for root "firewall-easy" which must be called with an
  *	argument:  /usr/sbin/firewall-easy {start|stop|reload|resetc|list|mon}
  * Separated config files check to regen from firewall-easy to fwgen-checkcfg
  * Complete rewrotte of firewall mon script in perl (now firewall-easy-mon)
  *	including monitor in a easy format (as in firewall-easy-lib),
  *	detection of log rotation, beep when packets are detected and
  *	output to a tty possibility
  * Studied dependences (see "dependences" file)
  * Added antispoof additional for 2.4 ppp
  * Detect no root in runfwscript, iptables/ipchains do not list if not root
  * Config firewall-easy.conf to debian conffiles and to doc/examples
  * Added (English) man pages (servers, firewall-easy-mon, ...)
  * Reviewed descrip of package (now 2.4 available) and only in English
  *    I put Spanish description in doc/es/description-es
  * Messages in Spanish to English (scripts/antispoofppp-down, ...-up)
  * Config files to English
  *    I keep versions in Spanish in /usr/share/doc/firewall-easy/es
  * Doc test of firewall from lo alias lo:0 (home user could not have eth0)
  * Support for more than one ADSL in different interfaces
  * Closing lo:0 alias testing iface in firewall start/reload
  * Support for private network to ADSL router passing NO_PRIV to the .conf
  * Moved config vars TESTFW, NOLOG, LOGALLDENY, DEBUG to firewall-easy.conf
  * implement var RSTALLDENY to reject all NO rules easily
  * implement RST_TO to allow outputs to reject tcp (RST) & udp (icmp 3 dest-un)
  * RST & RSTLOG returning nothing for icmp
  * command debug showing rules with  debug "#  TEXT"  & man debug
  * implement TESTFW after firewall start doing /usr/lib/firewall-easy/testfw
  * implement firewall-easy test & man page
  * added conntrack: monitor of 2.4 /proc/net/ip_conntrack & man page
  *
  *------Asked by JFS real Debian maintainer:---
  * moved most scripts to /usr/lib/firewall-easy and created a wrapper as
  *	/usr/sbin/firewall-easy {start|stop|list|resetc|mon}
  * build depend on debhelper
  * merge firewall-easy man page with firewall man page (make a page per file,
  *     remove man firewall)
  *
  *------Asked by Fumitoshi UKAI:---
  * messages in Spanish (scripts/antispoofppp-down..., -up)
  * package description only in English (traslation using ddts)
  *    I put Spanish description in doc/es/description-es
  * If architecture all, then you must not need ${shlib:Depends} in depends:
  * provided dependences in Potato and Woody -> create "dependences" file
  * "awk -W interactive" seems to work only in mawk.
  *    gawk complains as "gawk: option `-W interactive' unrecognized, ignored"
  * Added man servers, firewall-easy-mon
  * written manual pages, lintian warned
  *
  * - Many thanks by their suggestions to JFS (the real debian mantainer) and
  *	to Fumitoshi UKAI -

 -- Manel Marin <manel3@wanadoo.es>  Fri,  1 Nov 2002 20:31:16 +0100

firewall-easy (0.39-1) unstable; urgency=low

  * Bug in list-iface-gw it returns the gw and several 0.0.0.0 not wanted

 -- Manel Marin <manel3@apdo.com>  Fri, 31 Aug 2001 22:12:48 +0200

firewall-easy (0.38-1) unstable; urgency=low

  * 2.4 enhacements release
  * 2.4 log prefix in DROP, ACCEPT, and REJECT
  * Updated GUIDELINES
  * Enhaced aditional antispoof including all the IPs via autodetection
  * Added command "servers" to see processes listening

 -- Manel Marin <manel3@apdo.com>  Sun,  8 Jul 2001 21:55:37 +0200

firewall-easy (0.37-1) unstable; urgency=low

  * 2.4 enhacements release
  * Added TOS mangle with iptables
  * Restrict pasive FTP to HI <> HI to restrict TOS aplication
  * Doc TOS and 2.4 to man firewall-easy-lib
  * firewall-easy-lib: 2.4 ftp using RELATED state ">>"
  * Modified fwgen-ipchains to >> = *
  * Modified fwgen-iptables to >> = ESTABLISHED,RELATED but not "! --syn"
  * Force regen of firewall scripts on install (postinst), to use new fwgen-*
  * Autoload module ip_conntrack_ftp when rules ">> ftp-data"

 -- Manel Marin <manel3@apdo.com>  Sun, 24 Jun 2001 12:00:10 +0200

firewall-easy (0.36-1) unstable; urgency=low

  * Enhacements release
  * Stopped firewall when halt or reboot ". stop 99 0 6 ." to have counters
  *	of packets/bytes when switching off the system
  * Enhaced firewall to not give several errors when firewalling not supported
  * Enhaced firewall to handle when rules file does not exist
  * Enhaced runfwscript to show full firewall support with "-i" and without arg
  * Silence errors of "ipmasqadm portfw -f" in fwgen-ipchains and
  *	firewall-stop-ipchains when no kernel support for port forwarding
  * Avoid warning when forward is not active in fwgen-ipchains in log rule
  * Doc iptables bug in man firewall-easy-lib: It needs ->port number not name

 -- Manel Marin <manel3@apdo.com>  Thu, 21 Jun 2001 23:01:30 +0200

firewall-easy (0.35-1) unstable; urgency=low

  * Bugfix/enhacements release
  * Added /var/log/firewall-list.lastppp as info
  * Added /var/log/firewall-list.laststop as info
  * bug: installing old firewall-easy-lib does not regenerate firewall script
  * Added firewall-mon-iptables
  * Updated firewall-stop-iptables to flush mangle and nat tables
  * bug in Makefile symlinks for redundant antispoof created inside directories
  * bug fixed in firewall-mon-* by using "awk -W interactive"

 -- Manel Marin <manel3@apdo.com>  Mon, 18 Jun 2001 23:47:46 +0200

firewall-easy (0.34-1) unstable; urgency=low

  * Bugfix/enhacements release
  * fwgen-ipchains: Flush ipmasqadm portfw in starting
  * firewall-list-ipchains: -n in portforwarding list to avoid names lookup
  * Port forwarding to the end (due to ipchains/ipmasqadm interaction)
  * $SSH var added to allow optional ssh access from outside
  * Replaced REDIR by PROXY in my rules to avoid confussion
  * Show error when local IP == 0/0 in FORWARD in 2.2
  * Doc DEBUG mode use in firewall man page
  * Try to fix firewall-mon-ipchains not showing some packet logging
  *	by detecting "Packet log" words
  * Firewall modules ready to load (uncommenting them) in firewall.conf

 -- Manel Marin <manel3@apdo.com>  Sun, 17 Jun 2001 22:16:49 +0200

firewall-easy (0.33-1) unstable; urgency=low

  * Enhacements/doc release.
  * Doc FTP="0/0" as LOW SECURITY OPTION to allow easy active ftp use
  * Doc LEEME with HIGH/MEDIUM/LOW SECURITY OPTION for active ftp
  * Doc GUIDELINES of development added
  * Added firewall-list-iptables, firewall-resetcounters-iptables
  * Added firewall-stop-iptables
  * fwgen-ipchains comments also in English
  * Added port forwarding support
  * Added secure-kernel-24
  * Added 2.4 support (alpha) in fwgen-iptables
  * Modified runfwscript to detect kernel via list rules command or /proc

 -- Manel Marin <manel3@apdo.com>  Wed, 13 Jun 2001 23:08:01 +0200

firewall-easy (0.32-1) unstable; urgency=low

  * Bugfix release.
  * Fixed Makefile symlinks /etc/ppp/ip-up.d/00antispoofppp-up and *down
  * Adding NO! xfstt (7101) from inet to firewall-easy-lib
  *	*** Thanks to Paco (Francisco Lopera Morlas) by the two previous bugs
  *	***  reports. He is my first betatester!!!
  * Moved symlinks for man pages to Makefile.
  * Moved doc to dir doc, and added to debian/doc.
  * Improved man firewall page.
  * Added count rule for https
  * Added sample of FTP IP in firewall-easy.conf
  * Added LEEME for first configuration
  * Converted TODO in a ROADMAP of development

 -- Manel Marin <manel3@apdo.com>  Mon, 14 May 2001 23:00:18 +0200

firewall-easy (0.31-1) unstable; urgency=low

  * Initial Release.

 -- Manel Marin <manel3@apdo.com>  Tue, 31 Dec 2000 11:22:45 +0100

Local variables:
mode: debian-changelog
End:
