squidGuard is a combined filter, redirector and access controller plugin
for Squid. It can be used to:
* limit the web access for some users to a list of accepted/well known web
servers and/or URLs only.
* block access to some listed or blacklisted web servers and/or URLs
for some users.
* block access to URLs matching a list of regular expressions or words
for some users.
* enforce the use of domainnames/prohibit the use of IP address in URLs.
* redirect blocked URLs to an "intelligent" CGI based info page.
* redirect unregistered user to a registration form.
* redirect popular downloads like Netscape, MSIE etc. to local copies.
* redirect banners to an empty GIF.
* have different access rules based on time of day, day of the week, date etc.
* have different rules for different user groups.
* and much more..
* Added protocol scan (-sO), which determines what IP protocols
(TCP, IGMP, GRE, UDP, ICMP, etc) are supported by a given host.
This uses a clever technique designed and implemented by Gerhard
Rieger .
* Nmap now recognizes more than 700 operating system versions and
network devices (printers, webcams, routers, etc) thanks to
thousands of contributions from the user community! Many
operating systems were even recognized by Nmap prior to their
official release. Nmap3 also recognizes 2148 port assignments,
451 SunRPC services, and 144 IP protocols.
* Added Idlescan (-sI), which bounces the scan off a "zombie"
machine. This can be used to bypass certain (poorly configured)
firewalls and packet filters. In addition, this is the most
stealthy Nmap scan mode, as no packets are sent to the target
from your true IP address.
* The base Nmap package now builds and functions under Windows! It
is distributed in three forms: build-it-yourself source code, a
simple command-line package, or along with a nice GUI interface
(NmapWin) and a fancy installer. This is due to the hard work of
Ryan Permeh (from eEye), Andy Lutomirski, and Jens Vogt.
* Mac OS X is now supported, as well as the latest versions of
Linux, OpenBSD, Solaris, FreeBSD, and most other UNIX platforms.
Nmap has also been ported to several handheld devices -- see the
Related Projects page for further information.
* XML output (-oX) is now available for smooth interoperability
between Nmap and other tools.
* Added ICMP Timestamp and Netmask ping types (-PP and -PM). These
(especially timestamp) can be useful against some hosts that do
not respond to normal ping (-PI) packets. Nmap still allows TCP
"ping" as well.
* Nmap can now detect the uptime of many hosts when the OS Scan
option (-O) is used.
* Several new tests have been added to make OS detection more
accurate and provide more granular version information.
* Removed 128.210.*.* addresses from Nmap man page examples due to
complaints from Purdue security staff.
* The --data_length option was added, allowing for longer probe
packets. Among other uses, this defeats certain simplistic IDS
signatures.
* You can now specify distinct port UDP and TCP port numbers in a
single scan command using a command like 'nmap -sSU -p
U:53,111,137,T:21-25,80,139,515,6000,8080 target.com'. See the
man page for more usage info.
* Added mysterious, undocumented --scanflags and --fuzzy options.
* Nmap now provides IPID as well as TCP ISN sequence
predictability reports if you use -v and -O.
* SYN scan is now the default scan type for privileged (root)
users. This is usually offers greater performance while reducing
network traffic.
* Capitalized all references to God in error messages.
* Added List scan (-sL) which enumerates targets without scanning
them.
* The Nmap "random IP" scanning mode is now smart enough to skip
many unallocated netblocks.
* Tons of more minor features, bugfixes, and portability enhancements.
The goal of the Subversion project is to build a version control system that
is a compelling replacement for CVS in the open source community. The software
is released under an Apache/BSD-style open source license.
Submitted by Joel Wilsson <joelw@unix.se> in PR 17813.
The Apache Portable Run-time mission is to provide a library of
routines that allows programmers to write a program once and be
able to compile it anywhere.
Submitted by Joel Wilsson <joelw@unix.se> in PR 17811.
Changes in release 0.21.3:
* Fix segfault if using proxy server with SSL session and server
certificate verification fails.
* Fix leak of proxy hostname once per session (if a proxy is used).
* Add --with-libs configure argument; e.g. --with-libs=/usr/local picks
up any support libraries in /usr/local/{lib,include}
Changes in release 0.21.2:
* Fix 'make install' for VPATH builds.
* Use $(mandir) for installing man pages (Rodney Dawes).
* Follow some simple (yet illegal) relativeURI redirects.
* Always build ne_compress.obj in Win32 build (Branko Èibej).
* Fix decompression logic bug (Justin Erenkrantz <jerenkrantz@apache.org>)
(could give a decompress failure for particular responses)
* Fix ne_proppatch() to submit lock tokens for available locks.
* More optimisation of ne_sock_readline.
Changes in release 0.21.1:
* Don't include default SSL port in Host request header, which can
help interoperability with misbehaving servers (thanks to Rodney Dawes
<dobey@ximian.com>).
* Don't give a "truncated response" error from ne_decompress_destroy if
the acceptance function returns non-zero.
* Fix for Win32 build (Sander Striker <striker@apache.org>).
* Fix for cookie name/value being free()d (thanks to Dan Mullen).
* Optimisation of ne_sock_readline.
Changes in release 0.21.0:
* Socket layer implements read buffering; efficiency and performance
improvement. Based on work by Jeff Johnson <jbj@redhat.com>
* Cleanup of socket interface:
- renamed everything, s/sock_/ne_sock_/, s/SOCK_/NE_SOCK_/
- removed unused and inappropriate interfaces.
- renaming done by Olof Oberg <mill@pedgr571.sn.umu.se>
- see src/ChangeLog for the gory details.
* Fix typoed 'ne_destroy_fn' typedef (Olof Oberg).
* Support OpenSSL/ENGINE branch.
* Bogus ne_utf8_encode/decode functions removed.
* ne_base64() moved to ne_string.[ch].
* ne_token drops 'quotes' parameter; ne_qtoken added.
* ne_buffer_create_sized renamed to ne_buffer_ncreate.
* ne_xml_get_attr takes extra arguments and can resolve namespaces.
* ne_accept_response function type takes const ne_status pointer.
* Drop support for automatically following redirects:
- ne_redirect_register just takes a session pointer
- ne_redirect_location returns an ne_uri pointer
* configure changes: --with-ssl and --with-socks no longer take a directory
argument. To use SOCKS or SSL libraries/headers in non-system locations,
use ./configure CPPFLAGS=-I/... LDFLAGS=-L/...
* Reference documentation included for most of ne_alloc.h and ne_string.h,
and parts of ne_session.h and ne_request.h.
- see installed man pages, HTML documentation.
Changes in release 0.20.0:
* Major changes to DAV lock handling interface (ne_locks.h):
- struct ne_lock uses a full URI structure to identify locked resource
- ne_lock() requires that owner/token fields are malloc-allocated (or NULL)
on entry
- introduce a "lock store" type, ne_lock_store, to replace the lock session;
accessor functions all renamed to ne_lockstore_*.
- ne_lock_iterate replaced with a first/next "cursor"-style interface
- If: headers use an absoluteURI (RFC2518 compliance fix).
- fix for handling shared locks on DAV servers which return many active locks
in the LOCK response (thanks to Keith Wannamaker)
* Moved URI/path manipulation functions under ne_* namespace (ne_uri.h):
- path handling functions renamed to ne_path_*
- URI structure handling to ne_uri_*; struct uri becomes ne_uri.
- ne_uri_parse doesn't take a 'defaults' parameter any more
- if URI port is unspecified, ne_uri_parse sets port to 0 not -1.
- added ne_uri_unparse and ne_uri_defaultport functions.
* New 'ne_fill_server_uri' function to initialize a URI structure with
the server details for a given session (useful with locks interface).
* ne_decompress_{reader,destroy} are defined as passthrough-functions
if zlib support is not enabled.
* API change: ne_ssl_provide_fn returns void not int.
* Added NE_SSL_FAILMASK for verify failure sanity check.
* Removed return codes NE_SERVERAUTH and and NE_AUTHPROXY; correct
documentation, NE_PROXYAUTH is given for proxy auth failure.
* Require zlib >= 1.1.4 to avoid possible vulnerability in earlier versions.
See http://www.gzip.org/zlib/advisory-2002-03-11.txt for more details.
(version check can be skipped by passing --with-force-zlib to configure)
* New 'ne_ssl_readable_dname' function to create a human-readable string
from an X509 distinguished name.
* Fix support for newer versions of libxml2 (thanks to Jon Trowbridge
<trow@gnu.org>).
* Fix corruption of reason_phrase in status object returned by
ne_propset_status.
* More lenient handling of whitespace in response headers.
* ne_content_type_handler will give a charset of "ISO-8859-1" if no charset
parameter is specified for a text/* media type (as per RFC2616).
* Miscellaneous cleanups and fixes (Jeff Johnson <jbj@redhat.com>).
Changes in release 0.19.4:
* Support bundled build of expat 1.95.x (Branko Èibej).
Update submitted by Joel Wilsson <joelw@unix.se> in PR 17812.
* move redundant sed expression into variable to only maintain it once
* properly catch grep return code in *both* cases (makes substitution
of pkg variables in @dirrm statements / directory names work)
Ensure reset message is flushed before restart starts, and fix volume
control to correctly report new value so 'volume -' and 'volume +'
will always reduce/increase the volume by the minimum value.
scannell at slu dot edu in PR pkg/17787. As the name suggests, this
package provides a gaeilge dictionary for aspell.
Package reviewed and approved by wiz.
1.3.2 (small feature release)
- added the 'multi-patchset' feature to the -s option, provided in its
entirety by Daiki Ueno <ueno@unixuser.org>
1.3.1 (bugfix release mostly)
- fix bug with updating cache (-u) having to do with matching new and old
revisions
- fix timestamp_fuzz_factor bug where the fuzz was applied to loading
from cache by mistake.
- add a spec file (from Jan IVEN <Jan.Iven@cern.ch>)
- improve the parameterization of Makefile, and make things relocatable
(from many people, esp. Amitai Schlair <schmonz@schmonz.com>)
- fix strip_path_len calculation (again - I had munged the prior fix)
Jeffrey Ebert <ebert@sonicsinc.com>
PTHREAD_OPTS. This allows us to ignore the "require" inherited from the
glib/buildlink.mk file, which was originally causing "require native" to
be used for mozilla and was causing build problems on platforms without
native pthreads.
will override the effects of any instance of the word "require". This
should _only_ be used by those packages that can be built with or
without pthreads _independently_ of whether any of its dependencies need
pthreads. Currently, this only only www/mozilla, which uses its own
threading library if native pthreads is unavailable, despite that it
uses GTK+, which _does_ need pthreads.
Lubomir Sedlacik (salo at Xtrmntr dot org) in PR pkg/17802.
As the name suggests, this package contains the slovak dictionary for
ispell, and can be used by invoking ispell with the '-d slovak' flag.
