Firewall Script History
Author:     Jamin W. Collins 
Web Site:   http://www.asgardsrealm.net/linux/firewall
E-Mail:     firewall@asgardsrealm.net

0.91 - 9/06/05
- Following patches applied by Gabor Funk [funk.gabor@hunetkft.hu]
   - patch: Jacob S - "trusted connection" patch [version 0.90-p1]
    	    Sat, 08 Jan 2005 14:54:42 -0800
            http://www.mail-archive.com/firewall@asgardsrealm.net/msg00262.html
   - patch: Pete Barnwell "A Few To-DOs" (check_system routines)
            Sat, 04 Oct 2003 17:59:39 -0700
            http://www.mail-archive.com/firewall@asgardsrealm.net/msg00206.html

0.9 - 6/20/03
- Added ability to restrict source IP on port forwards
- Added support for transparent squid proxy
- Added new variables to firewall.conf
   - PORT_FORWARDS_SRC
   - SQUID_ENABLED
   - SQUID_PORT
- Corrected status command to use $IPTABLES rather than literal command
- Added several entries to the FAQ

0.8.5 - 8/25/02
- Incorporated Friedemann Schorer's suggestion regarding usage output
- Corrected support for internal access to external IP
- Updated a few error messages (ipchains module notification)

0.8 - 5/25/02
- Renamed a few functions for clarity
- Reordered a few rule creations orders to be more efficient in packet
    checking
- Clarified a few variables in the firewall.conf
- Added variables to the firewall conf for
    - internal IP
    - external IP
    - PRE and POST hooks to START, STOP, and RESTART
    - blocking outgoing requests to specific ports
- Added support for internal networks accessing external IP for both
    natively hosted services (on the firewall) and those forwarded
    to internal machines.  Required addition of new required variables.
- removed dependancy on Red Hat's function script
- removed all tab characters from files, each replaced with 3 spaces

0.7.5.1 - 12/27/01
- Correct erroneous suggestion in FAQ file.
- Spell checked the history file ( =) )

0.7.5 - 12/15/01
- Added a basic FAQ file
- Added experimental support for DMZ networks
   - connections allowed in (if defined elsewhere)
   - no outbound connections can be made from any of these addresses
- Corrected major oversight concerning GPL licensing (forgot to include it)
- Corrected various spelling errors in firewall.conf
- Adjusted a few instructions in the README

0.7 - 7/22/01
- Complete layout reorganization
- Moved blocking to Nat-Prerouting and Mangle-Prerouting
- Increased verbosity of the status option to include interfaces
- Added debug startup option (logging of every packet at every chain)
- Now setting all policy to DROP on startup
- Added variables to firewall.conf for
    - trusted connections
    - blocked mac addresses
    - blocked source ips
    - blocked destination ips
    - blocked ports
    - connections from specific IPs for specific protocols
- Corrected module detection routines in sys_check function

0.5.5 - 6/23/01
- Corrected what appears to be a security flaw in how I was allowing
    for connections from the firewall machine to work.
   
0.5.01 - 6/22/01
- Corrected release comments in firewall main script

0.5 - 6/20/01
- Added README file containing some installation instructions
- Changed prefix to all logged items from "Firewall:" to "Dropped
    by Firewall:" to better indicate what happened.
- Added auto-loading of ip_tables module.  This appears to be needed
    on non RH 7.1 systems (curious)
- Added more detailed messages for script errors.
- Corrected a few spelling mistakes in comments (oops)
- Added more documentation to firewall.conf to better explain what
    the variables are used for.
- Added rule to allow firewall to mask traffic from it's own external
    interface
- Corrected visual error for tcp ports being reported as udp on
    startup.  Note: this was a visual problem only.

0.4 - 6/18/01
- Moved variable configurations to external file "/etc/firewall.conf"
- Added check for ip forwarding
- Corrected formatting of all lines so no lines are longer than 80 cols
- Added variable for external interface(s) "EXT_INTERFACES"
- Changed lock_down() to use external interface(s)

0.3 - 6/14/01
- First release to general public
- Basic firewall functionality
- Masq'ing functionality
- Port-Forward functionality
- Logging rule for unexpected packets
