Firewall Configuration Tool
 
$Id: CHANGES,v 1.1.5.1 2000/07/16 12:00:02 root Exp root $
$Date: 2000/07/16 12:00:02 $

Author: Jens Friedrich
E-mail: jens@friedrich-net.de

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2, or (at your option)
   any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

(c) 2000 J. Friedrich

1.1.5   - a lot of fixes from RWTH Aachen (Jens Hektor) to work
          better in a mixed network
          some little security fixes for the forms
          
1.1.4   - fixed missing input-rules for ICMP.
          new options status and list for 'firewall' command.
          some new hints in FAQ.

1.1.3   - security fix: moved temporary files from /tmp/service_*.htm
1.1.2     to FCT/etc/tmp/service_*.htm
          syntax bug: Linux-Version test for ICMP-Masquerading produced syntax error
          on Linux 1.x and 2.0.x Systems (worked on 2.2)

1.1.1   - changes for Linux 2.2: removed ipchains syntax error (option -M)
          fixes for changed bash behaviour (ignores case within for-loop)
          some fixes with logging

1.1.0   - Support IP-Masquerading (ipfwadm, ipchanis) for
          every service from internal and perimeter networks

1.0.9   - changed Installation possibilities:
          Install.sh [-cgi] [-strict] [userid]
        - save_config: option for installation of config_files!
          save_config -i [-cgi] <tarfile>
        - renamed fw-rules -> fw_rules
        - fixed bug in "Configuration" Mask ("finger" wasnt sorted)
        - denied TRUSTED and PERIMETER IPs on external Interface
          in rules/General.rules
        - logfile now works better with option -s
        - delete logfiles with start of firewall
        - cleanup of rcs versions
        - removed RCS dirs from distributet FCT package
          (i think you don't need this)
        - moved etc/default to samples

1.0.8   - added possibility for logging of services, trusted host connections
        - splittet extracted ipfilter-functions in separate files
          (these implement the syntax for different filters)
          etc/ipfwadm.sh, etc/ipchains.sh and etc/ipFilter.sh

1.0.7   - added option -h (help) to commands
          firewall, fw-rules, create_rules, save_config
        - create_rules:
          added argument <service> to specify which rules are to be
          created (analog to fw-rules)
          e.g.: create_rules telnet   (telnet rules)
                create_rules Firewall (all rules for Firewall)
        - removed double entries in logfile (only 1.+2. command)
        - URL "see logfile" now points to correct logfile log/$ip_cmd.log
        - added "create all rules files" in the "Rules" section
        - removed skipping of blocking commands with Linux/IP-Filter
          (dont know if IP-Filter + isdn4linux works)
        - General.rules:
          added deny rules for logging before policy deny

1.0.6   - added syntax for ipchains (Linux)
        - setup DENY rules with logging on (ipfwadm,ipchains)
        - formatted output in verbose mode (ipfwadm,ipchains)
        - fw-rules now handles Firewall-service
          e.g.: ./fw-rules Firewall/telnet del
         # exec. rules/Firewall/telnet.rules with option delete
        - fixed a bug in forwarding rules, where interface is empty (-W):
          forward -W -b -> forward -b

1.0.5   - inserted option -s (setup)
          The option -s executes the scripts in the setup-directory instead
          of re-generating all rules from the configuration files
          Usage: firewall -s start
          -> INCREASES THE SPEED OF THE "FIREWALL" SCRIPT BY FACTOR 10 OR MORE !!!
        - added Syntax for IP-Filter by Darren
        - new scripts: create_rules, save_config

1.0.3	- inserted 'Install.sh' skript to set up the access-rights for FCT

1.0.2	- WWW-Interface now runs also on Solaris 2.x!
          Needed to use FCT on other OS in future with tools like 'IP-Filter'.
	- fixed links in man.htm to use relativ paths instead of http://localhost

