fwsnort

Release Notes: This release adds a new comprehensive test suite, a faster iptables/ip6tables capabilities testing routine, and fixes for hex string encoding for some Snort content matches with syntax-busting characters.

Release Notes: This release switches the default policy load stance to load all translated Snort rules into the running iptables policy by default. This was made possible after fwsnort made use of the iptables-save format for policy instantiation. Updated to use the NetAddr::IP module from CPAN. A bugfix for translated ICMP rules and ICMP type requirements in recent versions of iptables.

Release Notes: A bugfix for the 'Couldn't load target' error seen on some Linux systems. A bugfix for interpreting pattern ordering in Snort rules with relative pattern matches. Updated to the latest Emerging Threats rule set.

Release Notes: Snort fast_pattern support and iptables multiport match support were added. The --QUEUE and --NFQUEUE modes were enhanced. Support was added for the conntrack module for connection tracking. Case-insensitive pattern matching was added via the --icase argument to the iptables string match extension. A couple of minor bugs were fixed.

Release Notes: Support for ip6tables was added so that fwsnort can apply Snort rules to IPv6 traffic. The ability to create Perl commands that print application layer data that matches Snort rules was added via a new "--include-perl-triggers" argument. Better support for configuration variables within the fwsnort.conf file was added.