arno-iptables-firewall-v2.1.1a

• Fixed newer kernels no longer provide sysctl net.netfilter.nf_conntrack_helper. Workaround by performing kernel version check
• Move start script handling from configure script to install script
• Added missing LAN_LAN_OPEN_ICMP setting

arno-iptables-firewall-v2.1.1

• Improve stdout/stderr handling in ip4tables/ip6tables/ip4tables_restore/ip6tables_restore functions
• Fixed ip4tables/ip6tables functions were broken for multiline result since 2.1.0 breaking eg. the traffic-accounting-plugin
• Cleanup log handling + rename /var/log/firewall.log to /var/log/arno-iptables-firewall + enable logrotate
• Fixed stale lock file removal didn't work properly
• Get rid of ENV_FILE/PLUGIN_CONF_PATH/PLUGIN_BIN_PATH setting in config file and improve autodetection

2.1.0

• Fixed systemd script had private tmp enabled causing problems with the job manager
• Use start-stop-daemon to start the job manager. Hopefully fixes the issue of it sometimes terminating suddenly
• Some tweaks/cleanups for the job manager
• Fixed potential systemd service file shutdown problem (thanks to Sven Geuer from Debian upstream)
• Have installer install rsyslog config file, if rsyslog is available
• Fixed (dynamic) host multi IP handling in plugins
• Default FRAG_DROP to off
• Tweaks in the job manager process

2.1.0-RC2

• Fixed ipt_if() expansion didn't work as it should
• Improve copy/overwrite logic in install.sh
• Tweak job manager start/stop logic

2.1.0-RC1

• Various fixes/tweaks in the job manager
• Various fixes/tweaks for use with iptables-compat/nftables
• Various misc. fixes/tweaks
• Get rid of BAD_TCP_FLAGS option
• Replace FRAG_LOG option with FRAG_DROP

2.1.0-BETA1

• Move dynamic host handling (no longer via DynDNS-host-open plugin but handled internally)
• Added capability for host names resolving to multiple IPs in dynamic host support
• New job manager to accommodate improved (plugin) helper support (replaces cron jobs)
• Move duplicate code from some of the plugins to environment (like locking for instance)
• Various other tweaks/refactoring

2.0.3

• Various fixes in the installer
• Improvements in the parasitic net plugin
• Various tweaks

2.0.2a

• Fixed log line being too long (>28 chars)
• Fixed systemd installation failed on some systems
• Service file should start AIF after network is up and local filesystems are mounted
• Tweaks/improvements in configure/install scripts

2.0.2

• Added new Parasitic Network plugin, allows "clients" on the same subnet to use this device as a gateway upstream.

• Improve lock-file handling in the "DynDNS Host Open" and "Traffic Accounting" plugins.

• Disable nf_conntrack automatic helper assignment when possible, attach with CT target, Issue #35
• Fixed IPv6 NAT table was not flushed on start/stop/restart, Issue #36
• Added EXT_IF_DHCPV6_IPV6 config variable supporting DHCPv6 when DHCP is not enabled, Issue #34
• Added ability to selectively log blocked hosts by inbound and outbound direction.
  BLOCKED_HOST_LOG Options: 0 = Disable, 1 = Inbound & Outbound, 2 = Inbound, 3 = Outbound

2.0.2-RC1

tag: 2.0.2-RC1