Commit graph

7 commits

Author SHA1 Message Date
bad
94809ece46 Update libfwbuilder and fwbuilder to 2.0.12. Bugfixes only.
2.0.12:
Bugs fixed in this release:
bug #1455772: Implement more portable fix for converting UTF-8 in
comments. The previous one broke the Windows installer.

2.0.11:
Bugs fixed in this release:
* fixes to make code compile with g++ 4.1.
* bug #1455772: Properly convert comments to/from UTF-8 to ensure the
script is not corrupted when copied to the firewall
* bug #1455748: "make firewall script executable".

Bugs fixed in policy compiler for iptables:
* bug #1375432: avoid using '-m state' twice for stateless rules with
with custom services.
* bug#1364060: change shell pattern to match names of conntrack modules
in Linux 2.6.

Bugs fixed in policy compiler for ipfilter:
* bug #1386226: removed nat.conf when nat rules are removed.
* bug #1393004: use 'egrep -s' on Solaris.
2006-07-13 17:37:34 +00:00
minskim
790a8ca2fc Use the updated qt3-tools to use the libtool mode of qmake, and remove
runtime dependency on qt3-tools.

Bump PKGREVISION.
2006-03-12 06:58:42 +00:00
bad
ab83ae98bf Update fwbuilder and libfwbuilder to 2.0.10.
Bugs fixed since 2.0.9:

    * bug #1349326 "ulogd option does not work". There was a typo in the
      class iptAdvancedDialog ( 'useULOG' instead of 'use_ULOG' )
    * bug #1315892: "fwbuilder crashes on missing OS template" The GUI
      crashed if user added new hostOS or firewall platform template under
      resources/os or resources/platforms, then reinstalled the package (and
      therefore lost their custom template files), then tried to open
      firewall or host OS settings dialog for the object using new template.
    * bug #1305933: "fwbuilder/Solaris: compilation errors". Another case of
      implicit type conversion QString->string which does not compile on
      systems with QT built w/o STL support.
    * bug #1304878: fwbuilder: signal.h required (Solaris). Using
      'AC_CHECK_HEADERS([signal.h])' in configure.in to check for the
      appropriate #include.
    * bug #1304764: "configure script: Sun make check fails". Need to use
      ${MAKE-make} instead of $ac_make when checking for GNU make.
    * bug #1304785: "fwbuilder - Solaris has no libutil". Using better way
      to check whether we need to link with libutil.



Bugs fixed in policy compiler for iptables since 2.0.9:

    * bug #1342495: "SNAT with address range". Compiler used to print
      warning "Adding virtual addresses for NAT is not supported for
      address range" even if adding virtual addresses for NAT was turned off.
    * bug #1313420: "OUTPUT chain is built wrong under certain conditions."
      Rules that have firewall in SRC and DST, while DST has negation,
      should be split so that the second generated rule goes into OUTPUT
      chain rather than FORWARD
2005-12-12 20:25:09 +00:00
bad
bdb4605203 Upgrade fwbuilder and libfwbuilder to version 2.0.9.
Changes since version 2.0.6:

Version 2.0.9 -- This is a bug fix release

What's new:

* support for Cisco FWSM.
* Print comments on objects.
* Add "commit" menu item.
* Spanish translation has been added.

Bugs fixed in the GUI:

* bug #1254775: "RCS checkin fails on Windows when data file is too
  big".
* bug #1226069: "Segfault: Drag&Drop between two instances".
* bugs #1233165: "Illegal Logging-Limit string" and #1287755: "i18n is
  breaking iptables script".
* bug #1240205: "Iilegal --log-level Information".
* bug #1277129: "script is truncated when installed by the GUI running
  on Mac".

Bugs fixed in policy compiler for PF:

* bug #1276083: "Destination NAT rules". Old restriction on "rdr" rules.

Version 2.0.8 -- This is a bug fix release

What's new:

* Improvements in the GUI:

* Included updated German translation by Hans Peter Dittler.
* Print RCS Log".
* Code changes to make the code compile and work on Solaris.

* Improvements in policy compilers for pf, ipf, ipfw:

* implemented support for subnets for backup ssh access for
  pf,ipf,ipfw.

* Improvements in compiler for ipfw:

* using rule sets to atomically swap old and new rules.
* added "established" rule on top of the regular backup ssh access rule.

Bugs fixed in the Standard Objects library:

* bug #210518: 'Incorrect ending day in the standard object "weekends"'.

Bugs fixed in scripts and tools:

* bug #1200902: "fwb_compile_all does not work in 2.0".

Bugs fixed in GUI:

* bug #1072842: "fwbuilder: Solaris and forkpty".
* bug #1201406: "shutdown messages should be suppressed".
* bug #1204067: "incorrect timezone handling in RCS".
* bug #1207983: "incorrect size of "I" and "L" buttons in the group view
  dialog".
* bug #1212121: "sudo shutdown doesn't work".
* bug #1212123: "executing file below /tmp as root".
* bug #1212179: "tool tips for TCP services cuts off some services".
* bug #1213361: "PF on FreeBSD-5.4R".

Bugs fixed in policy compiler for iptables:

* bug #191423: "Weekend Time restriction not created correctly".
* bug #1205665: "Error with summer time when compiling script".
* bug #1215279: "rate limiting rule logs everything".

Bugs fixed in policy compiler for ipfw:

* bug #1155351: "Remote install of FW rulset fails due to race
  condition".
Version 2.0.7 -- This is a bug fix release

What's new:

* Improvements in the GUI:

* "Close" button should change is caption/title to "Install".
* "Search for IP Addresses".
* Support for SNMP operations has been added in Windows packages of
  Firewall Builder.

* Improvements in built-in installer:

User can specify additional command line parameters for ssh that
built-in installer runs to access firewall.

* Improvements in compiler for ipfilter fwb_ipf:

Added support for dynamic addresses in ipfilter.

* Improvements in compiler for iptables fwb_ipt:

Generated iptables script sets default policies to DROP in all ipv6
filter chains.

Bugs fixed in GUI:

* bug #1151052: "Not external interfaces marked as external".
* bug #1151212: "Collapsed sub-objects shouldn't be added if they are
  hidden".
* bug #1151243: "Maintain format of description text".
* bug #1155163: "print does not print group contents".
* bug #1172620: "Add tcp service object for icslap".
* bug #1184791: "can not copy/paste multiple objects into a group".

Bugs fixed in API:

* bug #1158870: "mutexes are not properly created on FreeBSD".
* bug #1151219: "New Host creation window is not well dimensioned".
* bug #1157976: "patches to make fwbuilder compile under NetBSD 1.6".
* bug #1173801: '"&" character in prolog/epilog'.

Bugs fixed in policy compiler for iptables fwb_ipt:

* bug #1123748: "busybox grep -E".
* bug #1160186: 'IPTables Compiler - Multiport Issue'.
* bug #1176890: "block IPv6".
* bug #1176890: "block IPv6".
* bug #1179103: 'compiled rules can not be installed'.
* bug #1181359: "Missing traling space in "INVALID state" syslog message".
* bug #1195201: "getaddr function return error ip address".

Bugs fixed in policy compiler for pf fwb_ipf:

* bug #1173067: "support for port ranges in NAT rules (ipfilter)".
* bug #1173064: "support for dynamic interfaces in ipfilter".

Bugs fixed in policy compiler for pf fwb_pf:

* bug #1176051: "incorrect rule generated for TCP service ftp-data".
2005-10-27 22:09:23 +00:00
bad
d86cccf8b6 Upgrade fwbuilder and libfwbuilder to 2.0.6.
The main change is support for printing policies and NAT rules for
firewall objects.  Also improvments in the iptables compiler and lots
of bug fixes, to numerous to mentions.  See the release notes at:
http://www.fwbuilder.org/archives/cat_release_notes.html#000185
2005-02-26 11:52:04 +00:00
bad
8a6f6cfbe8 Add RMD160 digests. 2005-02-24 11:34:22 +00:00
bad
f007c3ab9b Initial import of fwbuilder-2.0.5.
Firewall Builder is a multi-platform firewall configuration and
management tool.  It consists of a GUI and a set of policy compilers for
various firewall platforms.  Firewall Builder uses an object-oriented
approach, it helps administrators maintain a database of network
objects and allows policy editing using simple drag-and-drop
operations.  Firewall Builder currently supports

	iptables,
	IP Filter,
	ipfw,
	OpenBSD PF, and
	Cisco PIX

fwbuilder provides the GUI frontend and the policy compilers.
2005-02-24 11:03:22 +00:00