All releases of FireHOL
Release Notes: This release has an improved error handler that detects most mis-configurations, improved core for handling quoted expressions better, better handling of negative expressions for optimum (near hand-made quality) iptables rules generation, new improved help on the command line, binary RPM package for Red Hat systems, support for Debian systems, and many more services: UUCP, MULTICAST, VNC, WEBCACHE, SQUID, IMAPS, POP3S, IKE, SMTPS, SUBMISSION, SWAT, SNMPTRAP, and PRIVOXY.
Release Notes: This release adds better iptables code generation and a new command line argument (try) to leave the new firewall active only if the administrator types the word "commit" within 30 seconds. Otherwise, it restores the previous firewall and exits.
Release Notes: Protection from ICMP floods and bad TCP flags has been added. Protection now works on router configurations too (same syntax). Some minor changes have been made on the generated iptables code in order to be clearer and more human readable.
Release Notes: FireHOL now supports MASQUERADE on interfaces, the IRC service (client, server, router), control on iptables logging, control on required kernel modules, and shortcuts to IANA reserved IPs and RFC 3330 private IPs. Ready-to-use examples for ADSL and dialup home routers were also added.
Release Notes: The TFTP service operates on UDP instead of TCP.
Release Notes: This release adds support for RNDC, NNTP, FINGER, ECHO, and DAYTIME.
Release Notes: Multiple negative expressions per FireHOL statement are now ANDed, while positive are ORed. This way the firewall can have multiple exceptions per FireHOL statement. DNS service has been configured to be stateless on UDP and stateful on TCP, to prevent entries on the syslog when the name server fails to answer within the stateful time limits. Rsync service has been added. VMware GSX (vmware, vmwareauth, vmwareweb) services have been added. There are various other minor fixes and enhancements.
Release Notes: This release should now run on non-Red Hat systems. Server/Client/Route now accept more than one service at once.
No changes have been submitted for this release.
