Version 1.6.3 of fwsnort

Release Notes: This release adds a new comprehensive test suite, a faster iptables/ip6tables capabilities testing routine, and fixes for hex string encoding for some Snort content matches with syntax-busting characters.

    Other releases

    •  05 Feb 2014 23:33

      Release Notes: A bugfix for vulnerability CVE-2014-0039, in which an attacker-controlled fwsnort.conf file could be read by fwsnort when not running as root. This was caused by fwsnort reading './fwsnort.conf' when not running as root, and when a path to the config file was not explicitly set with -c on the command line. This behavior has been changed to require the user to specify a path to fwsnort.conf with -c when not running as root.

      •  22 Dec 2012 04:27

        Release Notes: This release adds a new comprehensive test suite, a faster iptables/ip6tables capabilities testing routine, and fixes for hex string encoding for some Snort content matches with syntax-busting characters.

        •  29 Apr 2012 17:53

          Release Notes: This release switches the default policy load stance to load all translated Snort rules into the running iptables policy by default. This was made possible after fwsnort made use of the iptables-save format for policy instantiation. Updated to use the NetAddr::IP module from CPAN. A bugfix for translated ICMP rules and ICMP type requirements in recent versions of iptables.

          •  02 Sep 2011 22:04

            Release Notes: A bugfix for the 'Couldn't load target' error seen on some Linux systems. A bugfix for interpreting pattern ordering in Snort rules with relative pattern matches. Updated to the latest Emerging Threats rule set.

            •  29 Jul 2011 06:04

            Release Notes: Snort fast_pattern support and iptables multiport match support were added. The --QUEUE and --NFQUEUE modes were enhanced. Support was added for the conntrack module for connection tracking. Case-insensitive pattern matching was added via the --icase argument to the iptables string match extension. A couple of minor bugs were fixed.

            Screenshot

            Project Spotlight

            Samba

            Tools to access to a server's filespace and printers via SMB.

            Screenshot

            Project Spotlight

            Fresh IDE

            A flat assembler RAD IDE.