arno-iptables-firewall-v2.1.2a

This is a minor bug-fix release which mainly fixes a regression bug with the dig()-wrapper function which was introduced with 2.1.2

arno-iptables-firewall-v2.1.2

• Enable IPv6 name record lookups for dig-wrapper. This indirectly enables IPv6/AAAA-record support for dyndns-host-open (& traffic-accounting) plugin
• Prevent systemd from terminating the job manager when some rules fail
• Renamed xxx_OUTPUT to INET_OUTPUT_xxx for clarity/consistency + Additional INET_OUTPUT_xxx settings to have better control of internet access on this machine
• Reorder some code/settings for clarity/consistency

arno-iptables-firewall-v2.1.1a

• Fixed newer kernels no longer provide sysctl net.netfilter.nf_conntrack_helper. Workaround by performing kernel version check
• Move start script handling from configure script to install script
• Added missing LAN_LAN_OPEN_ICMP setting

arno-iptables-firewall-v2.1.1

• Improve stdout/stderr handling in ip4tables/ip6tables/ip4tables_restore/ip6tables_restore functions
• Fixed ip4tables/ip6tables functions were broken for multiline result since 2.1.0 breaking eg. the traffic-accounting-plugin
• Cleanup log handling + rename /var/log/firewall.log to /var/log/arno-iptables-firewall + enable logrotate
• Fixed stale lock file removal didn't work properly
• Get rid of ENV_FILE/PLUGIN_CONF_PATH/PLUGIN_BIN_PATH setting in config file and improve autodetection

2.1.0

• Fixed systemd script had private tmp enabled causing problems with the job manager
• Use start-stop-daemon to start the job manager. Hopefully fixes the issue of it sometimes terminating suddenly
• Some tweaks/cleanups for the job manager
• Fixed potential systemd service file shutdown problem (thanks to Sven Geuer from Debian upstream)
• Have installer install rsyslog config file, if rsyslog is available
• Fixed (dynamic) host multi IP handling in plugins
• Default FRAG_DROP to off
• Tweaks in the job manager process

2.1.0-RC2

• Fixed ipt_if() expansion didn't work as it should
• Improve copy/overwrite logic in install.sh
• Tweak job manager start/stop logic

2.1.0-RC1

• Various fixes/tweaks in the job manager
• Various fixes/tweaks for use with iptables-compat/nftables
• Various misc. fixes/tweaks
• Get rid of BAD_TCP_FLAGS option
• Replace FRAG_LOG option with FRAG_DROP

2.1.0-BETA1

• Move dynamic host handling (no longer via DynDNS-host-open plugin but handled internally)
• Added capability for host names resolving to multiple IPs in dynamic host support
• New job manager to accommodate improved (plugin) helper support (replaces cron jobs)
• Move duplicate code from some of the plugins to environment (like locking for instance)
• Various other tweaks/refactoring

2.0.3

• Various fixes in the installer
• Improvements in the parasitic net plugin
• Various tweaks

2.0.2a

• Fixed log line being too long (>28 chars)
• Fixed systemd installation failed on some systems
• Service file should start AIF after network is up and local filesystems are mounted
• Tweaks/improvements in configure/install scripts